Build a DHCP Server






Build a DHCP Server

Use a DHCP server to automatically configure the network settings for all computers on your network.

DHCP (Dynamic Host Configuration Protocol) dramatically simplifies the connection of new computers to your network. With a properly configured DHCP server, any new computers you connect will automatically be assigned an IP address, the address of your router, and nameserver addresses. And, to really make things easy on yourself, you can link your DHCP server to the BIND9 DNS server and have new computers automatically assigned a hostname that maps correctly to its dynamically assigned IP address.

Install the DHCP Daemon

First, make sure you don't already have a DHCP server running on your network; two servers providing conflicting information is a recipe for obscure network problems! Install the Internet Software Consortium (ISC) DHCP server:

$ sudo apt-get install dhcp3-server
            

Basic Configuration

Open the configuration file /etc/dhcp3/dhcpd.conf, where you will see various configuration options that apply both globally and to specific subnets. The majority of the sample options included in the file are quite self-explanatory, so put appropriate entries in the global settings, and then add a basic stanza for your network:

subnet 192.168.0.0 netmask 255.255.255.0 {
        range 192.168.0.20 192.168.0.50;
        option routers 192.168.0.1;
}

The range setting specifies the pool of IP addresses to use when new computers connect to your network, and the routers option is passed on so they can add a default route to use to connect to the Internet.

Assign Addresses to Specific Hosts

Sometimes it can be helpful to force specific IP addresses to be associated with certain hosts, such as printers. When a host connects to the DHCP server, it provides the MAC (Media Access Control) address of the network interface, and the DHCP server can then use that to associate the host with a specific configuration.

If you don't know the MAC address of your computer, you can find it printed on a label on most Ethernet cards; network printers often have it labeled somewhere near the Ethernet connector. On Linux, you can obtain it using ifconfig:

$ /sbin/ifconfig eth0 | grep HWaddr
            

Back on the DHCP server, open /etc/dhcp3/dhcpd.conf and add a stanza near the end for each host:

host workstation51 {
  hardware ethernet 08:00:07:26:c0:a5;
  fixed-address 192.168.0.51;
}

Make sure the fixed-addresses you set don't fall within a range that has been nominated for general assignment.

Finally, restart the DHCP server so your configuration will take effect:

$ sudo /etc/init.d/dhcp3-server restart
            

Hacking the Hack

DNS provides a hostname-to-IP-address resolution service so you don't need to care what actual IP address has been assigned to a computer, but DHCP allows IP addresses to be dished out semi-randomly to machines on your network, which makes it very hard to maintain sensible DNS entries. However, if you use BIND9 to build a domain name server [Hack #100], you can link it to your DHCP server and have DNS records updated automatically each time a computer joins or leaves your network.

First, get your DNS and DHCP servers functioning correctly independently. Once you are happy that they are doing what they are meant to, open the BIND9 configuration file (/etc/bind/named.conf.options) and add a new stanza at the end:

controls {
        inet 127.0.0.1 allow {localhost; } keys { "rndc-key"; };
};

The localhost setting specifies that only local processes are allowed to connect, and rndc-key is the name of a secret key that will be used to authenticate connections. The actual key is stored in /etc/bind/rndc.key, which is pre-populated with a randomized key value when the bind9 package is installed. If your DNS and DHCP servers are on the same physical machine, these settings will work nicely, but if they are on different machines, you will need to tell BIND to allow connections from your DHCP host and copy the key file across. Open /etc/bind/named.conf.local, add forward and reverse zones for your local network, and specify that these zones can be updated by clients that know the secret key:

zone "example.com" {
        type master;
        file "/etc/bind/zones/example.com.hosts";
        allow-update { key "rndc-key"; };
        notify yes;
};

zone "0.168.192.in-addr.arpa" {
        type master;
        file "/etc/bind/zones/192.168.0.hosts";
        allow-update { key "rndc-key"; };
        notify yes;
};

Set up the zone files for example.com.hosts and 192.168.0.hosts as usual, including any statically assigned hostname values.

You also need to tell BIND to load the key file, so after the zone stanzas, add an include line:

include "/etc/bind/rndc.key";

Once you restart BIND, it will be ready to accept dynamic zone updates:

$ sudo /etc/init.d/bind9 restart
            

Your DHCP server now needs to be told to send update notifications to your DNS server. Open /etc/dhcp3/dhcpd.conf and add these entries to the top of the file:

server-identifier           server;
ddns-updates                on;
ddns-update-style           interim;
ddns-domainname             "example.com.";
ddns-rev-domainname         "in-addr.arpa.";
ignore                      client-updates;
include                     "/etc/bind/rndc.key";

zone example.com. {
    primary 127.0.0.1;
    key rndc-key;
}

You may need to comment out existing settings that conflict, such as the ddns-update-style none; option included in Ubuntu's default DHCP configuration.

Restart DHCP to apply your changes:

$ sudo /etc/init.d/dhcp3-server restart
            

From now on, any hosts that register themselves with DHCP will also be automatically added in-memory to your DNS zone.



 Python   SQL   Java   php   Perl 
 game development   web development   internet   *nix   graphics   hardware 
 telecommunications   C++ 
 Flash   Active Directory   Windows