Configuring a DHCP server on Linux
Objective
Configure a Linux machine as a DHCP server
Test the configuration by using Windows client
Background Information
We will use the virtual switch, VMnet2, to create a small LAN shared by the Linux and Windows servers.
Initially, we will set up the Linux server as a DHCP server, with the Windows Server as a DHCP client
Then we will do the opposite and use the Windows server as a DHCP server, with the Linux server as a DHCP client
Both will run under a slightly different network configuration
To set up the machines as DHCP clients refer to Lab 4a
Step 1: Install DHCP server on Linux
We can use either yum or the GUI to install the standard dhcp-server on linux (e.g. yum install dhcp-server)
# yum intall dhcp-server
Step 2: Configure DHCP server on Linux
Step: 2.1.
Design a subnet based on Lab 3a: We will use the 10.0.2.0/24 subnet with the default route going to the interface ens37 (Ethernet 1).
This interface will be allocated the IP address 10.0.2.1
We need the following:
Subnet: 10.0.2.0/24
Gateway: 10.0.2.1
DNS: 10.0.2.1
Reserved space for servers: 10.0.2.2 - 10.0.2.127
Dynamically allocated for workstations etc: 10.0.2.128 - 10.0.2.254
Step 2.2:
Read the sample dhcpd.conf file at:
/usr/share/doc/dhcp-server/dhcpd.conf.example
and then edit the real /etc/dhcp/dhcpd.conf file
Step 2.3:
Set Parameters to:
default-lease-time to 60 and
max-lease-time to 600 (10 minutes)
create a subnet (10.0.2.0 netmask 255.255.255.0) with range 10.0.2.129-10.0.2.254
options routers 10.0.2.1; domain-name-servers 10.0.2.1, domain-name whatever.localdomain
The following is a sample:
subnet 10.0.2.0 netmask 255.255.255.0 {
range 10.0.2.128 10.0.2.254;
option domain-name-servers 10.0.2.1;
option domain-name "localdomain";
}
Step 2.4: Set up the DHCP server on ens37
We need to set up the ens37 interface to a static address 10.0.2.1 with mask 255.255.255.0
(also edit the /etc/sysconfig/networking/devices/ifcfg-ens37 file to change BOOTPROTO=none)
Task 3: Start and monitor the DHCP server on Linux
We use systemctl to start the dhcpd service. For now there is no need to enable it to start at boot.
One of the simplest ways to monitor the DHCP (and other servers) is to use the –f option on the tail command to watch entries being written to the main system log file (/var/log/messages):
tail –f /var/log/messages
Verify from the log file that the DHCP server is listening on the correct interface (ens37 only, not the other network interfaces).
We can also view DHCP database (leases issued):
/var/lib/dhcpd/dhcpd.leases
Note that there are no leases recorded in here at the moment…
Task 4: Set up Windows DHCP client & test the DHCP server
1. Set up the Windows Server as a DHCP client (see Lab 4a) Hint: Basically you remove static network on Windows; set to automatic. (Network Connections → Ethernet1 → Properties →Internet Protocol Version 4 (TCP/IPv4) → Properties)
2. Refresh the network settings – this should be automatic, but sometimes you need to disable/enable the network interface to refresh the settings
3. You should see an IP address in the correct range and DNS and gateway settings correctly set (Hint: use the netstat /all command from a command prompt)
On the Linux DHCP server, check the following:
1. Check /var/lib/dhcpd/dhcpd.leases – you should see our windows machine hardware ethernet MAC address, IP address, Hostname and Start/End times.
2. Confirm our MAC address used on the ens37 interface by running:
arp -i ens37
You should also see the MAC address of the Windows Server machine.
3. View the log file (/var/log/messages) for DHCP messages. You should see the request/response sequence from the Windows Server, i.e.:
• DHCPDISCOVER
• DHCPOFFER
• DHCPREQUEST
• DHCPACK
4. You might also see a message from DHCPINFORM saying "not authoritative". Can you guess why?
(Hint: if you modify dhcpd.conf and add the keyword "authoritative", you won't see this message)
This might be a good time to make a backup of your working configuration files
Also it is a good time to record all the above into your engineering journal……
Task 5: Set up reserved addresses
Sometimes we need to allocate dedicated addresses for servers so they won’t be reused by a user workstation. We call this a reserved address (or static address, or a reservation) and we need a key (usually the network adapter MAC or hardware Ethernet ID – which is a set of hexadecimal digits)
1. Our first step is to find out what our Windows Server’s MAC address is.
Hint: On Linux you should find it in /var/lib/dhcpd/dhcpd.leases or use the arp command
2. Next step: modify the DHCP server configuration file, i.e. modify /etc/dhcp/dhcpd.conf and add a host entry eg:
host WinServer {
hardware ethernet 00:0c:29:xx:yy:zz;
fixed-address 10.0.2.20;
}
where 00:0c:29:xx:yy:zz; is the MAC address of the “Ethernet1” adapter on the Windows Server machine.
3. Restart the DHCP server
systemctl restart dhcpd
4. Testing Windows Server client:
after one minute (60 seconds) should see the new static address appear on the Windows machine
(recall: Use ipconfig command)
Check & ping Linux again (10.0.2.1)
5. Check Linux logs
On the Linux machine, check the lease again.
Also try
arp -i ens37
What do you notice?
What happens to the old lease?