Difference between revisions of "DHCP server installation"
(Created page with " Sources: * http://doc.ubuntu-fr.org/dhcp3-server =Requirement= A DHCP server can provided static or dynamic address. However, '''the DHCP server's IP @ must always be ...") |
|||
| Line 19: | Line 19: | ||
apt-get install dhcp3-server | apt-get install dhcp3-server | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | You will be asked a few questions: | ||
| + | * On what network interfaces should the DHCP server listen? <-- eth0 | ||
| + | * Please configure the DHCP server as soon as the installation finishes. <-- Ok | ||
| + | * The version 3 DHCP server is now non-authoritative by default <-- Ok | ||
| + | |||
| + | |||
| + | At the end of the installation you will see errors like these: | ||
| + | ''* Generating /etc/default/dhcp3-server... | ||
| + | * Starting DHCP server: dhcpd3 failed to start - check syslog for diagnostics. | ||
| + | * invoke-rc.d: initscript dhcp3-server, action "start" failed.'' | ||
| + | |||
| + | That's OK because we did not have the chance yet to configure our DHCP server. | ||
| + | |||
| Line 124: | Line 139: | ||
option domain-name "myDomain.lan"; | option domain-name "myDomain.lan"; | ||
# DNS IP @ (replace it by your IP server, Google DNS or your ISP DNS) | # DNS IP @ (replace it by your IP server, Google DNS or your ISP DNS) | ||
| − | option domain-name-servers XXX.XXX.XXX.XXX; | + | option domain-name-servers XXX.XXX.XXX.XXX, YYY.YYY.YYY.YYY; |
# DNS update system (disable) | # DNS update system (disable) | ||
ddns-update-style none; | ddns-update-style none; | ||
## IP lease settings | ## IP lease settings | ||
| − | default-lease-time | + | default-lease-time 86400; |
| − | max-lease-time | + | max-lease-time 86400; |
## Security | ## Security | ||
# Do not allow unknown clients | # Do not allow unknown clients | ||
deny unknown-clients; | deny unknown-clients; | ||
| + | # Do not forward DHCP request from this server to another one using a different Network Interface | ||
| + | option ip-forwarding off; | ||
# Use this to send dhcp log messages to a different log file | # Use this to send dhcp log messages to a different log file | ||
| Line 159: | Line 176: | ||
# Default gateway | # Default gateway | ||
option routers 192.168.100.1; | option routers 192.168.100.1; | ||
| + | # Set the NTP (time server) to use | ||
| + | option ntp-servers 192.168.100.1; | ||
| + | |||
#### DHCP range | #### DHCP range | ||
| Line 187: | Line 207: | ||
#filename "debian-installer/ia64/elilo.efi"; | #filename "debian-installer/ia64/elilo.efi"; | ||
# Set the TFTP server | # Set the TFTP server | ||
| − | # next-server 192.168.100.2; | + | #next-server 192.168.100.2; |
} | } | ||
# WEB server | # WEB server | ||
| Line 204: | Line 224: | ||
fixed-address 192.168.100.5; | fixed-address 192.168.100.5; | ||
} | } | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | ==Logs== | ||
| + | |||
| + | Logs are in '''/var/log/syslog''' | ||
| + | |||
| + | |||
| + | |||
| + | ==Leases== | ||
| + | |||
| + | All DHCP leases are available in: | ||
| + | |||
| + | <syntaxhighlight lang="bash"> | ||
| + | vim /var/lib/dhcp3/dhcpd.leases | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | |||
| + | ==Manage service== | ||
| + | |||
| + | |||
| + | You can start / restart service using: | ||
| + | |||
| + | <syntaxhighlight lang="bash"> | ||
| + | /etc/init.d/dhcp3-server restart | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | You can check the status using: | ||
| + | <syntaxhighlight lang="bash"> | ||
| + | ps aux | grep dhcp | ||
| + | netstat -uap | grep dhcp | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 16:00, 21 May 2014
Sources:
Contents
Requirement
A DHCP server can provided static or dynamic address.
However, the DHCP server's IP @ must always be static!!
Installation
apt-get install dhcp3-server
You will be asked a few questions:
- On what network interfaces should the DHCP server listen? <-- eth0
- Please configure the DHCP server as soon as the installation finishes. <-- Ok
- The version 3 DHCP server is now non-authoritative by default <-- Ok
At the end of the installation you will see errors like these:
* Generating /etc/default/dhcp3-server...
- Starting DHCP server: dhcpd3 failed to start - check syslog for diagnostics.
- invoke-rc.d: initscript dhcp3-server, action "start" failed.
That's OK because we did not have the chance yet to configure our DHCP server.
Configuration
The main configuration file is /etc/dhcp/dhcpd.conf
You can adjust the interface the server is listening on in /etc/dhcp/dhcp3-server
INTERFACES="eth0 eth1"
Random IP assignation
The following configuration will accept all clients and give them a random IP @.
# Sample /etc/dhcpd.conf
# (add your comments here)
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.100.255;
option routers 192.168.100.254;
option domain-name-servers 192.168.100.1, 192.168.100.2;
option domain-name "mydomain.lan";
option ntp-servers 192.168.100.254;
subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.10 192.168.100.100;
range 192.168.100.150 192.168.100.200;
}You have to adjust:
- Network parameters - instead of 192.168.100.*
- DHCP range(s). In the given example there are 2 ranges from 10-100 and 150-200
Static IP @
This new configuration will ONLY accept known clients and give them a static IP @.
# Sample /etc/dhcpd.conf
# (add your comments here)
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.100.255;
option routers 192.168.100.254;
option domain-name-servers 192.168.100.1, 192.168.100.2;
option domain-name "mydomain.lan";
option ntp-servers 192.168.100.254;
deny unknown-clients;
subnet 192.168.100.0 netmask 255.255.255.0 {
host client1 {
hardware ethernet DD:GH:DF:E5:F7:D7;
fixed-address 192.168.100.20;
}
host client2 {
hardware ethernet 00:JJ:YU:38:AC:45;
fixed-address 192.168.100.21;
}
}Note:
The deny unknown-clients; command is why only known clients are accepted.
For each client you have to adjust:
- MAC @
- Set a specific static IP @
Advanced configuration (name + netboot)
In the following scenario you will configure the server to accept only specific clients, use static IP @ and set names.
This configuration also allow NetBoot using PXE technology.
#### General options ####
## Network settings
# DHCP server name
server-name "dns.myDomain.lan";
# Authoritative server
authoritative;
# Subnet-mask
option subnet-mask 255.255.255.0;
## Domain settings
# name
option domain-name "myDomain.lan";
# DNS IP @ (replace it by your IP server, Google DNS or your ISP DNS)
option domain-name-servers XXX.XXX.XXX.XXX, YYY.YYY.YYY.YYY;
# DNS update system (disable)
ddns-update-style none;
## IP lease settings
default-lease-time 86400;
max-lease-time 86400;
## Security
# Do not allow unknown clients
deny unknown-clients;
# Do not forward DHCP request from this server to another one using a different Network Interface
option ip-forwarding off;
# Use this to send dhcp log messages to a different log file
# you also have to hack syslog.conf to complete the redirection
log-facility local7;
### NetBoot PXE
# Enable network boot using TFTP
allow bootp;
allow booting;
## Available networks
# Your server can manage many network. Just add new subnet{} instruction
# Main LAN
subnet 192.168.100.0 netmask 255.255.255.0 {
#### Overall settings
# You can override the default domain set earlier
option domain-name "myDomain.lan";
# Broadcast address
option broadcast-address 192.168.100.255;
# Default gateway
option routers 192.168.100.1;
# Set the NTP (time server) to use
option ntp-servers 192.168.100.1;
#### DHCP range
# Hint: if the range has only 1 address, and this is a bail (fixed address), then the range won't be used!
range 192.168.100.5 192.168.100.5;
#### NETBOOT settings
# PXE file to serve.
# >> elilo.efi => for ia64 clients;
# >> pxelinux.0 => for x86
# These files should be at the root of your TFTP server
# Note: The file name can be add in the "host" section too. Then, the "host" will override the current setting
filename "pxelinux.0";
# set the server that serve this NETBOOT file
next-server 192.168.100.2;
# Ensure that the new client (the one boot) is not stealing someone else IP @
ping-check = 1;
}
#### Managed host and fixed IP @
# FTP server
host ftp {
hardware ethernet 00:0f:75:af:eb:44;
fixed-address 192.168.100.2;
### NetBoot PXE settings
# dedicated file for the current machine:
#filename "debian-installer/ia64/elilo.efi";
# Set the TFTP server
#next-server 192.168.100.2;
}
# WEB server
host web {
hardware ethernet 00:02:0d:31:d1:cc;
fixed-address 192.168.100.3;
}
# EMAIL server
host mail {
hardware ethernet 00:02:55:d2:d1:cc;
fixed-address 192.168.100.4;
}
# LAPTOP workstation
host laptop {
hardware ethernet 00:0e:af:31:d1:cc;
fixed-address 192.168.100.5;
}
Logs
Logs are in /var/log/syslog
Leases
All DHCP leases are available in:
vim /var/lib/dhcp3/dhcpd.leases
Manage service
You can start / restart service using:
/etc/init.d/dhcp3-server restart
You can check the status using:
ps aux | grep dhcp
netstat -uap | grep dhcp
