|
|
| (20 intermediate revisions by the same user not shown) |
| Line 1: |
Line 1: |
| | + | [[Category:Linux]] |
| | | | |
| − | Sources:
| + | Dynamic Host Configuration Protocol. |
| − | * http://doc.ubuntu-fr.org/dhcp3-server
| |
| | | | |
| | | | |
| | + | Note: |
| | | | |
| − | =Requirement=
| + | Since Ubuntu 11.10 the DHCP3-server is available in the "isc-dhcp-server" package. |
| | | | |
| − | A DHCP server can provided static or dynamic address.
| |
| | | | |
| − | However, '''the DHCP server's IP @ must always be static!!'''
| |
| − |
| |
| | | | |
| | + | =Sources= |
| | | | |
| − | =Installation=
| + | You can find more information about that topic over here: |
| | + | * http://doc.ubuntu-fr.org/dhcp3-server |
| | + | * https://wiki.debian.org/PXEBootInstall |
| | | | |
| | | | |
| − | <syntaxhighlight lang="bash">
| |
| − | apt-get install dhcp3-server
| |
| − | </syntaxhighlight>
| |
| | | | |
| | + | =Requirement= |
| | | | |
| | + | A DHCP server can provided static or dynamic address. |
| | | | |
| − | =Configuration=
| + | However, '''the DHCP server's IP @ must always be static!!''' |
| − | | + | |
| | | | |
| − | The main configuration file is '''/etc/dhcp/dhcpd.conf'''
| + | If you want to use a DNS, then you can even setup the DNS server first. See [[DNS server]] |
| | | | |
| | | | |
| − | You can adjust the interface the server is listening on in /etc/dhcp/dhcp3-server
| |
| − | INTERFACES="eth0 eth1"
| |
| | | | |
| | | | |
| − | ==Random IP assignation== | + | =Installation= |
| | | | |
| − | The following configuration will accept all clients and give them a random IP @.
| + | DHCP server |
| | | | |
| | <syntaxhighlight lang="bash"> | | <syntaxhighlight lang="bash"> |
| − | # Sample /etc/dhcpd.conf
| + | apt-get install isc-dhcp-server |
| − | # (add your comments here)
| |
| − | default-lease-time 600;
| |
| − | max-lease-time 7200;
| |
| − | option subnet-mask 255.255.255.0;
| |
| − | option broadcast-address 192.168.100.255;
| |
| − | option routers 192.168.100.254;
| |
| − | option domain-name-servers 192.168.100.1, 192.168.100.2;
| |
| − | option domain-name "mydomain.lan";
| |
| − | option ntp-servers 192.168.100.254;
| |
| − | | |
| − | subnet 192.168.100.0 netmask 255.255.255.0 {
| |
| − | range 192.168.100.10 192.168.100.100;
| |
| − | range 192.168.100.150 192.168.100.200;
| |
| − | }
| |
| | </syntaxhighlight> | | </syntaxhighlight> |
| | | | |
| − | You have to adjust:
| |
| − | * Network parameters - instead of 192.168.100.*
| |
| − | * DHCP range(s). In the given example there are 2 ranges from 10-100 and 150-200
| |
| | | | |
| | + | You will be asked a few questions: |
| | + | * On what network interfaces should the DHCP server listen? <-- eth0 |
| | + | * Please configure the DHCP server as soon as the installation finishes. <-- Ok |
| | + | * The version 3 DHCP server is now non-authoritative by default <-- Ok |
| | | | |
| | | | |
| − | ==Static IP @==
| + | At the end of the installation you will see errors like these: |
| | + | ''* Generating /etc/default/dhcp3-server... |
| | + | * Starting DHCP server: dhcpd3 failed to start - check syslog for diagnostics. |
| | + | * invoke-rc.d: initscript dhcp3-server, action "start" failed.'' |
| | | | |
| − | This new configuration will ONLY accept known clients and give them a static IP @.
| + | That's OK because we did not have the chance yet to configure our DHCP server. |
| | | | |
| − | <syntaxhighlight lang="bash">
| |
| − | # Sample /etc/dhcpd.conf
| |
| − | # (add your comments here)
| |
| − | default-lease-time 600;
| |
| − | max-lease-time 7200;
| |
| − | option subnet-mask 255.255.255.0;
| |
| − | option broadcast-address 192.168.100.255;
| |
| − | option routers 192.168.100.254;
| |
| − | option domain-name-servers 192.168.100.1, 192.168.100.2;
| |
| − | option domain-name "mydomain.lan";
| |
| − | option ntp-servers 192.168.100.254;
| |
| | | | |
| − | deny unknown-clients;
| |
| | | | |
| − | subnet 192.168.100.0 netmask 255.255.255.0 {
| + | =Security= |
| − | host client1 {
| |
| − | hardware ethernet DD:GH:DF:E5:F7:D7;
| |
| − | fixed-address 192.168.100.20;
| |
| − | }
| |
| − | host client2 {
| |
| − | hardware ethernet 00:JJ:YU:38:AC:45;
| |
| − | fixed-address 192.168.100.21;
| |
| − | }
| |
| − | }
| |
| | | | |
| − | </syntaxhighlight>
| + | See [[Firewall INPUT filters#DHCP|Firewall rules for DHCP server]] |
| | | | |
| − | Note:
| |
| | | | |
| − | The ''deny unknown-clients;'' command is why only known clients are accepted.
| |
| | | | |
| | | | |
| − | For each client you have to adjust:
| + | =Configuration= |
| − | * MAC @
| |
| − | * Set a specific static IP @
| |
| | | | |
| | | | |
| − | ==Advanced configuration (name + netboot)== | + | ==Configuration file== |
| − | | |
| − | In the following scenario you will configure the server to accept only specific clients, use static IP @ and set names.
| |
| − | | |
| − | This configuration also allow NetBoot using PXE technology.
| |
| − | | |
| | | | |
| | + | The main configuration file is '''/etc/dhcp/dhcpd.conf''' |
| | | | |
| | <syntaxhighlight lang="bash"> | | <syntaxhighlight lang="bash"> |
| − | #### General options ####
| + | vim /etc/dhcp/dhcpd.conf |
| | + | </syntaxhighlight> |
| | | | |
| − | ## Network settings
| |
| − | # DHCP server name
| |
| − | server-name "dns.myDomain.lan";
| |
| − | # Authoritative server
| |
| − | authoritative;
| |
| − | # Subnet-mask
| |
| − | option subnet-mask 255.255.255.0;
| |
| | | | |
| − | ## Domain settings
| + | You can adjust the interface the server is listening on in /etc/dhcp/dhcp3-server |
| − | # name
| + | INTERFACES="eth0 eth1" |
| − | option domain-name "myDomain.lan";
| |
| − | # DNS IP @ (replace it by your IP server, Google DNS or your ISP DNS)
| |
| − | option domain-name-servers XXX.XXX.XXX.XXX;
| |
| − | # DNS update system (disable)
| |
| − | ddns-update-style none;
| |
| | | | |
| − | ## IP lease settings
| |
| − | default-lease-time 3600;
| |
| − | max-lease-time 7200;
| |
| | | | |
| − | ## Security
| + | ==Assign IP== |
| − | # Do not allow unknown clients
| |
| − | deny unknown-clients;
| |
| | | | |
| − | # Use this to send dhcp log messages to a different log file
| + | You can assign dynamic and / or static IP, you can also you NetBoot settings. |
| − | # you also have to hack syslog.conf to complete the redirection
| |
| − | log-facility local7;
| |
| | | | |
| − | ### NetBoot PXE
| + | See: |
| − | # Enable network boot using TFTP
| + | * [[DHCP dynamic IP assignation]] |
| − | allow bootp;
| + | * [[DHCP static IP assignation]] |
| − | allow booting;
| + | * [[DHCP netboot configuration]] |
| − | | |
| − | | |
| − | ## Available networks
| |
| − | | |
| − | # Your server can manage many network. Just add new subnet{} instruction
| |
| − | | |
| − | # Main LAN
| |
| − | subnet 192.168.100.0 netmask 255.255.255.0 {
| |
| − | #### Overall settings
| |
| − | # You can override the default domain set earlier
| |
| − | option domain-name "myDomain.lan";
| |
| − | # Broadcast address
| |
| − | option broadcast-address 192.168.100.255;
| |
| − | # Default gateway
| |
| − | option routers 192.168.100.1;
| |
| − | | |
| − | #### DHCP range
| |
| − | # Hint: if the range has only 1 address, and this is a bail (fixed address), then the range won't be used!
| |
| − | range 192.168.100.5 192.168.100.5;
| |
| − | | |
| − | #### NETBOOT settings
| |
| − | # PXE file to serve.
| |
| − | # >> elilo.efi => for ia64 clients;
| |
| − | # >> pxelinux.0 => for x86
| |
| − | # These files should be at the root of your TFTP server
| |
| − | # Note: The file name can be add in the "host" section too. Then, the "host" will override the current setting
| |
| − | filename "pxelinux.0";
| |
| − | # set the server that serve this NETBOOT file
| |
| − | next-server 192.168.100.2;
| |
| − | # Ensure that the new client (the one boot) is not stealing someone else IP @
| |
| − | ping-check = 1;
| |
| − | }
| |
| − | | |
| − | #### Managed host and fixed IP @
| |
| − | # FTP server
| |
| − | host ftp {
| |
| − | hardware ethernet 00:0f:75:af:eb:44;
| |
| − | fixed-address 192.168.100.2;
| |
| − | | |
| − | ### NetBoot PXE settings
| |
| − | # dedicated file for the current machine:
| |
| − | #filename "debian-installer/ia64/elilo.efi";
| |
| − | # Set the TFTP server
| |
| − | # next-server 192.168.100.2;
| |
| − | }
| |
| − | # WEB server
| |
| − | host web {
| |
| − | hardware ethernet 00:02:0d:31:d1:cc;
| |
| − | fixed-address 192.168.100.3;
| |
| − | }
| |
| − | # EMAIL server
| |
| − | host mail {
| |
| − | hardware ethernet 00:02:55:d2:d1:cc;
| |
| − | fixed-address 192.168.100.4;
| |
| − | }
| |
| − | # LAPTOP workstation
| |
| − | host laptop {
| |
| − | hardware ethernet 00:0e:af:31:d1:cc;
| |
| − | fixed-address 192.168.100.5;
| |
| − | }
| |
| − | </syntaxhighlight>
| |
Dynamic Host Configuration Protocol.
Note:
Since Ubuntu 11.10 the DHCP3-server is available in the "isc-dhcp-server" package.
Sources
You can find more information about that topic over here:
Requirement
A DHCP server can provided static or dynamic address.
However, the DHCP server's IP @ must always be static!!
If you want to use a DNS, then you can even setup the DNS server first. See DNS server
Installation
DHCP server
apt-get install isc-dhcp-server
You will be asked a few questions:
- On what network interfaces should the DHCP server listen? <-- eth0
- Please configure the DHCP server as soon as the installation finishes. <-- Ok
- The version 3 DHCP server is now non-authoritative by default <-- Ok
At the end of the installation you will see errors like these:
* Generating /etc/default/dhcp3-server...
- Starting DHCP server: dhcpd3 failed to start - check syslog for diagnostics.
- invoke-rc.d: initscript dhcp3-server, action "start" failed.
That's OK because we did not have the chance yet to configure our DHCP server.
Security
See Firewall rules for DHCP server
Configuration
Configuration file
The main configuration file is /etc/dhcp/dhcpd.conf
You can adjust the interface the server is listening on in /etc/dhcp/dhcp3-server
INTERFACES="eth0 eth1"
Assign IP
You can assign dynamic and / or static IP, you can also you NetBoot settings.
See:
