Configuring a DHCP server on Linux

Objective

  1. Configure a Linux machine as a DHCP server

  2. Test the configuration by using Windows client

Background Information

We will use the virtual switch, VMnet2, to create a small LAN shared by the Linux and Windows servers.

Initially, we will set up the Linux server as a DHCP server, with the Windows Server as a DHCP client

Then we will do the opposite and use the Windows server as a DHCP server, with the Linux server as a DHCP client

Both will run under a slightly different network configuration

To set up the machines as DHCP clients refer to Lab 4a

Step 1: Install DHCP server on Linux

We can use either yum or the GUI to install the standard dhcp-server on linux (e.g. yum install dhcp-server)

# yum intall dhcp-server

Step 2: Configure DHCP server on Linux

Step: 2.1.

Design a subnet based on Lab 3a: We will use the 10.0.2.0/24 subnet with the default route going to the interface ens37 (Ethernet 1).

This interface will be allocated the IP address 10.0.2.1

We need the following:

Subnet: 10.0.2.0/24

Gateway: 10.0.2.1

DNS: 10.0.2.1

Reserved space for servers: 10.0.2.2 - 10.0.2.127

Dynamically allocated for workstations etc: 10.0.2.128 - 10.0.2.254

Step 2.2:

Read the sample dhcpd.conf file at:

/usr/share/doc/dhcp-server/dhcpd.conf.example


and then edit the real /etc/dhcp/dhcpd.conf file


Step 2.3:

Set Parameters to:

default-lease-time to 60 and

max-lease-time to 600 (10 minutes)

create a subnet (10.0.2.0 netmask 255.255.255.0) with range 10.0.2.129-10.0.2.254

options routers 10.0.2.1; domain-name-servers 10.0.2.1, domain-name whatever.localdomain


The following is a sample:


subnet 10.0.2.0 netmask 255.255.255.0 {

range 10.0.2.128 10.0.2.254;

option domain-name-servers 10.0.2.1;

option domain-name "localdomain";

}


Step 2.4: Set up the DHCP server on ens37


We need to set up the ens37 interface to a static address 10.0.2.1 with mask 255.255.255.0


(also edit the /etc/sysconfig/networking/devices/ifcfg-ens37 file to change BOOTPROTO=none)


Task 3: Start and monitor the DHCP server on Linux

We use systemctl to start the dhcpd service. For now there is no need to enable it to start at boot.

One of the simplest ways to monitor the DHCP (and other servers) is to use the –f option on the tail command to watch entries being written to the main system log file (/var/log/messages):

tail –f /var/log/messages

Verify from the log file that the DHCP server is listening on the correct interface (ens37 only, not the other network interfaces).

We can also view DHCP database (leases issued):

/var/lib/dhcpd/dhcpd.leases

Note that there are no leases recorded in here at the moment…

Task 4: Set up Windows DHCP client & test the DHCP server

1. Set up the Windows Server as a DHCP client (see Lab 4a) Hint: Basically you remove static network on Windows; set to automatic. (Network Connections → Ethernet1 → Properties →Internet Protocol Version 4 (TCP/IPv4) → Properties)

2. Refresh the network settings – this should be automatic, but sometimes you need to disable/enable the network interface to refresh the settings

3. You should see an IP address in the correct range and DNS and gateway settings correctly set (Hint: use the netstat /all command from a command prompt)

On the Linux DHCP server, check the following:

1. Check /var/lib/dhcpd/dhcpd.leases – you should see our windows machine hardware ethernet MAC address, IP address, Hostname and Start/End times.

2. Confirm our MAC address used on the ens37 interface by running:

arp -i ens37

You should also see the MAC address of the Windows Server machine.

3. View the log file (/var/log/messages) for DHCP messages. You should see the request/response sequence from the Windows Server, i.e.:

• DHCPDISCOVER

• DHCPOFFER

• DHCPREQUEST

• DHCPACK

4. You might also see a message from DHCPINFORM saying "not authoritative". Can you guess why?

(Hint: if you modify dhcpd.conf and add the keyword "authoritative", you won't see this message)

This might be a good time to make a backup of your working configuration files

Also it is a good time to record all the above into your engineering journal……

Task 5: Set up reserved addresses

Sometimes we need to allocate dedicated addresses for servers so they won’t be reused by a user workstation. We call this a reserved address (or static address, or a reservation) and we need a key (usually the network adapter MAC or hardware Ethernet ID – which is a set of hexadecimal digits)

1. Our first step is to find out what our Windows Server’s MAC address is.

Hint: On Linux you should find it in /var/lib/dhcpd/dhcpd.leases or use the arp command

2. Next step: modify the DHCP server configuration file, i.e. modify /etc/dhcp/dhcpd.conf and add a host entry eg:

host WinServer {

hardware ethernet 00:0c:29:xx:yy:zz;

fixed-address 10.0.2.20;

}

where 00:0c:29:xx:yy:zz; is the MAC address of the “Ethernet1” adapter on the Windows Server machine.

3. Restart the DHCP server

systemctl restart dhcpd

4. Testing Windows Server client:

after one minute (60 seconds) should see the new static address appear on the Windows machine

(recall: Use ipconfig command)

Check & ping Linux again (10.0.2.1)

5. Check Linux logs

On the Linux machine, check the lease again.

Also try

arp -i ens37

What do you notice?

What happens to the old lease?