DHCP server installation and configuration linux Debian; ISC DHCP Server

Posted on by
The Protocol

The Protocol

DHCP server basic principles; installation and configuration; ISC Server on a Debian Linux system.

This post is part of a bigger Debian material that you can access here.

Content

  1. The DHCP protocol
  2. Precautions before we start
  3. Installation of ISC DHCP Sever.
  4. Configuration of the server.
  5. Checking the results

The DHCP protocol

 


The DHCP protocol was created to configure computers automatically just by connecting them to the network. That means that thanks to this protocol you dont need to do any thing to be able to connect to certain networks. you connect a new computer and the computer it self is able to talk to a server and get what it need to be able to connect and use the network resources that are available. but tel’s leave the smart guys to define what is the protocol.

“DHCP (Dynamic Host Configuration Protocol) is a communications protocol that lets network administrators centrally manage and automate the assignment of Internet Protocol (IP) addresses in an organization’s network. Using the Internet Protocol, each machine that can connect to the Internet needs a unique IP address, which is assigned when an Internet connection is created for a specific computer. Without DHCP, the IP address must be entered manually at each computer in an organization and a new IP address must be entered each time a computer moves to a new location on the network. [The protocol] lets a network administrator supervise and distribute IP addresses from a central point and automatically sends a new IP address when a computer is plugged into a different place in the network.”

Taken from: http://searchunifiedcommunications.techtarget.com/definition/DHCP on 2014-03-04.

As a mater of fact what happens between the Client PC that wants to connect to the network and the server is a cert of conversation of messages until the client gets and IP addess. That is valid for a certain period of time defined by the server; check out the first picture. The messages include but not only the following.

  1. DHCPDISCOVER (taken from wikipedia) It is a message that marks the beginning of an interaction between client and server. This message is sent by a client (host or device connected to a network) that is connected to a local subnet. It’s a broadcast message that uses 255.255.255.255 as destination IP address while the source IP address is 0.0.0.0
  2. DHCPOFFER It is message that is sent in response to DHCPDISCOVER by a server to the client. This message contains the network configuration settings for the client that sent the DHCPDISCOVER message.
  3. DHCPREQUEST This message is sent in response to DHCPOFFER indicating that the client has accepted the  network configuration sent in DHCPOFFER message from the server.
  4. DHCPACK This message is sent by the server in response to DHCPREQUEST recieved from the client. This message marks the end of the process that started with DHCPDISCOVER. The DHCPACK message is nothing but an acknowledgement by the DHCP server that authorizes the DHCP client to start using the network configuration it received from the DHCP server earlier.

In the other hand we will use today ISC’s DHCP server. ISC’s DHCP (isc-dhcp-server in Debian) software is the most widely used open source DHCP implementation on the Internet. The same software can be used for LAN too. It is a carrier and enterprise grade solution for any host configuration needs.

But before we start I have to give some advise about precautions that we need to make sure of.

Precautions before start.

After installing the necessary packages isolate the server fragment of network fron the rest of the computers. If you have an error in your configuration you can prevent computers from connecting. After you finish configuring, once you are sure that the configuration is working join the DHCP server to the network and monitor the behavior of the computers.And also make sure that you always backup your initial configuration file.

Installation of ISC DHCP Sever.

As usual, installation is very simple with apt. As root simply run
  • # apt­get install isc­dhcp­server
or
  • # aptitude install isc­dhcp­server

Sample output.

Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
isc-dhcp-server-ldap
The following NEW packages will be installed:
isc-dhcp-server
0 upgraded, 1 newly installed, 0 to remove and 11 not upgraded.
Need to get 0 B/411 kB of archives.
After this operation, 938 kB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously deselected package isc-dhcp-server.
(Reading database ... 281728 files and directories currently installed.)
Unpacking isc-dhcp-server (from .../isc-dhcp-server_4.1.1-P1-15+squeeze8_amd64.deb) ...
Processing triggers for man-db ...
Setting up isc-dhcp-server (4.1.1-P1-15+squeeze8) ...
Generating /etc/default/isc-dhcp-server...
Starting ISC ... server: dhcpdcheck syslog for diagnostics. ... failed!
failed!
invoke-rc.d: initscript isc-dhcp-server, action "start" failed.

Configuration of the server.

The main configuration files are /etc/default/isc­-dhcp­-server. That stores the stating conditions and configurations for the software. And /etc/dhcp/dhcpd.conf that stores the actual configuration of the software.

Note: Remember to back up the original files as I advised before doing any work. To do that you can save the file on a different location or you can save it in the same place with a different name.

Edit isc-dhcp server default file

Edit isc-dhcp server default file

The first thing is to create the condition for the server to start. For that the only real requirement is to say the network interface to listen. Todo that first you should edit or create the file /etc/default/isc-dhcp-server with root permissions, either by running dpkg-reconfigure isc-dhcp-server or enter something like this into the file /etc/default/isc-dhcp-server:

INTERFACES="eth0"
Where Eth0 is the name of the only Ethernet interface that I have. If you have more that one then you need to decide if you are using only one or more than on for this service. In case  You can check out the picture for more information.
Homework A: research about the command dkpg.
After this we don’t really need to change any thing else, but for more advanced configurations you might need to modify this file again. Any way for normal organization requirements you do not really need to do it, so for now we leave like that. Now is the moment to create the actual configuration.
Note: As we are supposed to have backed up the original file. Now you can just create a new file from scratch, and I mean delete the original file (the one we have a back up already). And create a new file with the same name.
For a basic configuration on any real organization, you have to add/edit/create the following lines in /etc/dhcp/dhcpd.conf.
option domain­name "spices.org";
To specify the domain to use by the server and the clients. Also you should add this this line to the file:
 option domain­-name­-servers  213.191.92.86, 213.191.74.18;
This entry provides the IP addresses of two domain name servers (DNS), but one would be enough. You have to list here the DNS that work for your network, the addresses given here will most likely not work for you. So you should modify them to have your real DNS servers.
Now we are only missing with defining the network that we will use and the IP addresses that the server can use to give to the “customers”. Check it out:
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.1 192.168.1.10;
option routers pepper.spices.org;
}
This entry defines the LAN in the first line 192.168.1.0/255.255.255.0 is a /24 network. The IP addresses 192.168.1.1 to 192.168.1.255 are typical for an Intranets in many places. The second line defines the range of IP addresses to give to the clients 192.168.1.1 to 192.168.1.10. And lastly the gateway is defined in option routers, this name pepper.spices.org can be changed by any other name or IP address. And it will be the default gateway for the clients. Otherwise we are done with the configuration. Just to say that the ; is very important in the single lines and the {} defines a block of configuration parameters.
Now we just have to start the service and check that the service is working properly. To do that you just need to run the following command.
service isc-dhcp-server start
Or also you can use the old fashion method:
/etc/init.d/isc-dhcp-server start

Checking the results

Now, if it does not give an error we are likely to have finished configuring the server. But we need to double check that the configuration is working properly. For that I am going to introduce a few commands and concepts. Debian GNu Linux like a lot of Unix like systems has a lot of logs that record the things that happen on the system. But there is a really important file that stores the system logs. You can understand Kernel and other very important software’s logs. In Debian and many other Linux distributions you can find this info in the file /var/log/syslog. To check if the dhcp is working we should go to this file.
But if we open it with for instance with nano. We might be lost given the fact that this file records a lot of lines every hour and it might be hundreds of pages. Also nano and similar software show only the records (understand lines) that are in the file when you open it. So it does not update it self’s content dynamically. Then if the server is writing all the time and doing new jobs we will not be able to see it with nano unless we load again the page again and look for the new content. Which is fine for a small fine but not for hundreds of pages. So we need a new command that can show only the las part of the file and dynamically show it’s content as it is being created. Fortunately there is a really simple and nice command.the command is “tail”. and we can use if in this case in the following ways:
tail -f /var/log/syslog
and if we want to see the end of the file only statically we can use it this way:
tail -n100 /var/log/syslog
Where -n100 means the last 100 lines, so you can change this number to what ever you want.
Also we can use the “cat” command. What is does is that it shows the whole content of a file:
cat /var/log/syslog
Let me just show a sample of “tail -f” for a DHCP server that is working:
root@khs01sw10:~# tail -f /var/log/syslog 
Mar  5 09:31:05 khs01sw10 dhcpd: DHCPREQUEST for 10.175.1.164 from 00:0f:fe:c6:1f:76 (medimizer3) via eth0
Mar  5 09:31:05 khs01sw10 dhcpd: DHCPACK on 10.175.1.164 to 00:0f:fe:c6:1f:76 (medimizer3) via eth0
Mar  5 09:31:06 khs01sw10 dhcpd: DHCPREQUEST for 10.175.1.198 from 00:30:05:c0:99:22 (khs01wx0010) via eth0
Mar  5 09:31:06 khs01sw10 dhcpd: DHCPACK on 10.175.1.198 to 00:30:05:c0:99:22 (khs01wx0010) via eth0
Mar  5 09:31:07 khs01sw10 dhcpd: DHCPINFORM from 10.175.1.89 via eth0
Mar  5 09:31:07 khs01sw10 dhcpd: DHCPACK to 10.175.1.89 (d4:3d:7e:d3:ed:ba) via eth0
Mar  5 09:31:07 khs01sw10 dhcpd: DHCPINFORM from 10.175.1.97 via eth0
Mar  5 09:31:07 khs01sw10 dhcpd: DHCPACK to 10.175.1.97 (d4:3d:7e:d3:ee:8d) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPREQUEST for 10.175.1.96 from 00:02:e3:32:c4:4b (khs01wx0188) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPACK on 10.175.1.96 to 00:02:e3:32:c4:4b (khs01wx0188) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPREQUEST for 10.175.1.184 from f0:27:65:35:45:73 (android-7f4c9b6f9482a823) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPACK on 10.175.1.184 to f0:27:65:35:45:73 (android-7f4c9b6f9482a823) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPINFORM from 10.175.1.221 via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPACK to 10.175.1.221 (74:de:2b:ce:25:f4) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPREQUEST for 10.175.0.167 from 00:1e:79:28:5f:40 (Switch) via eth0
Mar  5 09:31:08 khs01sw10 dhcpd: DHCPACK on 10.175.0.167 to 00:1e:79:28:5f:40 (Switch) via eth0
^C
root@khs01sw10:~#
Homework B: How does the following command Works:  dhclient
In class we have seen a really simple configuration, but isc-dhcp-server is able to handle much more complex ones for different user requirements. Please bring different examples of configurations to the next class and try to explain a possible use case for that configuration.
Thank you for your time. That is it for today.

Leave a Reply

Your email address will not be published. Required fields are marked *