ISC DHCP

From MattWiki
Jump to navigation Jump to search

This page explains how to install and use the ISC DHCP server.

Installing the ISC DHCP Server

First you need to install the dhcp server

yum -y install dhcp

Basic DHCP Server Configuration

This is a vary basic configuration. The below configuration will allow 20 hosts to connect via the 192.168.1.0 network. They will receive a example.com hostname and be confiured to use the 192.168.1.1 gateway and nameserver(DNS).

  • /etc/dhcpd.conf
allow bootp;
allow booting;
default-lease-time 1080000;  # The wait time before a client will start to renew, in seconds
max-lease-time 288000000;    # The Maximum time a client can keep it's IP before it MUST renew, in seconds
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;  # This is your clients default gateway
option domain-name-servers 192.168.1.1;   # This is your clients DNS server
option domain-name "example.com";   # This is your clients domain name
ddns-update-style ad-hoc;
option ip-forwarding off;
option nntp-server time.nist.gov;

subnet 192.168.1.0 netmask 255.255.255.0 {
   range 192.168.1.50 192.168.1.30;
}

# And here is the standard static IP system setup
host Samantha {
   hardware ethernet 00:b0:d0:db:02:bd;
   fixed-address 192.168.1.2;
}


Now lets make sure the dhcp demon is setup to auto start

/sbin/chkconfig dhcpd on

and to confirm it will start

/sbin/chkconfig --list dhcpd

If it is setup to start at boot you will see something like this:

dhcpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

And Start it

/sbin/service dhcpd start


Advanced DHCP Server Configuration

dnssec-keygen -a HMAC-MD5 -b 128 -n HOST dnskey
  • /etc/dhcpd.conf
option time-servers 192.168.1.1;
allow bootp;
allow booting;
allow client-updates;
ddns-update-style interim;
ddns-updates on;
allow unknown-clients;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name-servers 192.168.1.2, 192.168.1.1;
option ip-forwarding off;
option nntp-server time.nist.gov;
option netbios-name-servers 192.168.1.3;

# Local DDNS Zone 
key dnskey {
	algorithm hmac-md5;
	secret "asiomasdfeCEDDo1JTt8Q==";
	};

# Zone Entry for example.com
zone example.com. {
	primary 192.168.1.1;
	key dnskey;
	}

# Zone Entry for wireless.example.com
zone wireless.example.com. {
	primary 192.168.2.1;
	key dnskey;
	}

# Local Area Network
zone 1.168.192.in-addr.arpa. {
	primary 192.168.1.1;
	key dnskey;
	}

# Wireless Network
zone 2.168.192.in-addr.arpa. {
	primary 192.168.1.1;
	key dnskey;
	}

subnet 192.168.1.0 netmask 255.255.255.0 {
	authoritative;
	allow client-updates;
	allow unknown-clients;
	option domain-name "example.com";
	option routers 192.168.1.1;
	pool {
		ddns-updates on;
		range 192.168.1.50 192.168.1.254;
		}
	}

subnet 192.168.2.0 netmask 255.255.255.0 {
	authoritative;
	allow client-updates;
	allow unknown-clients;
	option domain-name "wireless.example.com";
	option routers 192.168.2.1;
	option domain-name-servers 192.168.2.1;
	pool {
		ddns-updates on;
		range 192.168.2.2 192.168.2.254;
		}
	}

host computer1 {
	hardware ethernet 00:16:76:28:08:99;
	fixed-address 192.168.1.3;
}

host computer2 {
	ddns-hostname "computer2";
	hardware ethernet 00:0f:cb:9f:f5:ca;
	fixed-address 192.168.2.4;
}