Red Hat E nter pr ise Linu x 4: Sy stem Ad mini stra tion

Guid e

Pr ev Next

Chapt er 16. Dyna mic Ho st Confi gurati on Pro toco l

(DHC P)
Dynami c Hos t Configu ration P roto col ( DHC P) is a
netw or k p rotoc ol fo r automati cally as sign ing
TCP /IP inf or mation to cli ent mach ines. E ach D HCP
cl ient conne cts to the cent rally -lo cated D HCP
ser ver whi ch retu rns that c lient's networ k
con fi guration , includ ing the IP add res s, gate way ,
and D NS ser ver s.
16.1. Why Us e DHCP ?
DHCP i s usefu l for auto matic c onfi gurati on of
cl ient netwo rk inter face s. When con fi gurin g
the cl ient sy stem , the adm inis trato r can
ch oos e DHC P and instea d of enter ing an IP
ad dr es s, net mas k, gate way , or D NS se rve rs. The
cl ient ret riev es thi s info rma tion fr om the D HCP
ser ver. DHC P is als o usefu l if an ad mini st rator
want s to change the IP add re ss es o f a lar ge
num be r of sy ste ms. Instea d of re conf igur ing
all the sy ste ms , he can just edit one D HCP
con fi guration f ile on the ser ver f or the new s et
of IP ad dre ss es. If the DNS s er ver s fo r an
organi zation chang es , the c hange s are ma de
on the DHC P se rve r, not on the D HCP cli ents.
Once the netwo rk is re sta rted on the cli ents (o r
 the cl ients a re reb oote d), the chan ges take
effe ct .
Fur th er mo re, if a lapto p or any t ype of mo bile
co mpu ter i s conf igur ed fo r DHC P, it can be
move d fro m of fi ce to o ffi ce with out being
recon figu red a s long as each o ffi ce has a DHC P
ser ver that allow s it to connect to the netwo rk .

Pr ev Ho me Ne xt

Ad ditiona l Up Configu ring a

Res our ces DHCP Se rver

Red Hat E nter pr ise Linu x 4:

Sy stem Ad mini stra tion Guid e

Chapt er 16. Dyna mic

P Ho st Confi guration N
rev Proto col ( DHC P) ext

16. 2. Con figu ring a DHCP Ser ve r

To con figu re a D HCP s er ver , the /etc /dh cp d.con f
con fi guration f ile mu st be c reate d. A s am ple fil e
can be f ound at /us r/ sha re /do c/ dh cp -
<ver sion >/ dh cp d.con f.sa mpl e.
DHCP al so use s the file
/var /li b/ dhc p/ dh cpd.l ease s to sto re the cli ent
lea se data base. Re fe r to Se ction 16.2. 2 Lease
Databa se fo r mor e info rmat ion.
16. 2.1. Con figu ration File
The fi rs t ste p in con fi gurin g a DHC P se rve r is to
create the con figu ration f ile that sto res the
netw or k info rm ation fo r the client s. Glo bal option s
can be d ecla re d for all cl ients , while othe r option s
can be d ecla re d for in divi dual client s yste ms .
The con figu ration f ile can contain e xtra ta bs or
blan k line s fo r easie r fo rm atting. Keyw or ds ar e
ca se -ins ensit ive and line s beginn ing with a hash
ma rk (# ) are con si der ed co mm ents.
T wo DNS updat e sch eme s are cu rr ently
imple mente d — the ad- hoc DNS up date mo de and
the inte rim DHCP -D NS intera ction d raft up date
mode. If and when thes e two are ac cepte d as pa rt
of the Interne t Engin eerin g Tas k For ce (IE TF )
standa rd s pro ce ss , there wi ll be a thi rd m ode —
the stan dar d DNS up date met hod. The DHC P se rve r
mu st be con fi gure d to u se one of the two cur rent
sche me s. Vers ion 3.0b 2pl 11 and pre viou s ver sion s
us ed the ad- hoc m ode ; howe ver , it has b een
de pr ecate d. To k ee p the s ame b ehavio r, ad d the
follow ing line to the top of the con figu ration fi le:

ddn s- update -s t yle ad -hoc ;

To use the re co mm ende d mo de, ad d the f ollo wing

line to the top of the con fi guration f ile :

ddn s- update -s t yle inte rim ;

Re fe r to the dh cp d.con f man page f or deta ils ab out

the di ff eren t mod es.
The re are two t ypes o f state ment s in the
con fi guration f ile :
 Pa ra mete rs — State how to pe rfo rm a tas k,
wh ether to pe rfor m a ta sk , or what netwo rk
con fi guration o ptions to s end to the client .
Decla ration s — De sc ri be the topolo gy of the
netw or k, de sc ri be the clien ts, p rov ide ad dre ss es
for the cli ents , or apply a grou p of pa ramet er s to a
group of d ecla ration s.
So me para mete rs mus t star t wi th the option
keywo rd and are re fer re d to a s option s. Opti ons
con fi gure D HCP opt ions ; whe rea s, para met er s
con fi gure value s that are not optional o r contr ol
ho w the D HCP s er ver be have s.
Pa ra mete rs ( inclu ding opti ons ) dec lare d be for e a
secti on enclo sed in cu rly bra ck ets ({ } ) are
con si der ed glo bal pa ramet er s. Glo bal para mete rs
ap ply to all the s ecti ons be low it .

Impo rtant

If the con fi guration f ile is c hange d, the

change s do not tak e eff ect until the DHC P
daem on is re sta rted wi th the com man d se rvi ce
dhc pd r esta rt.

Tip

Ins tead of c hanging a DHC P con figu ration fi le

and re star ting the se rvi ce each tim e, using
the om shell co mm and p rovi de s an inte racti ve
 way to connect to, que ry, and chan ge the
conf igu ration of a DHC P se rver . By u sing
om shell , all c hange s can be ma de while the
se rve r is running. Fo r mor e info rmat ion on
om shell , ref er to the om shell man pa ge.

In Exa mp le 16-1 , the router s, su bnet -ma sk , do main -

nam e, do main -nam e-s er ver s, and ti me- of fse t
opt ions a re used f or any host s tatem ents d ecla red
be low it .
Add itionally , a su bnet can be d ecla re d, a su bnet
de cla ration mu st be inclu de d for eve ry su bnet in
the netw or k. If it is not , the D HCP se rve r fail s to
star t .
In thi s exa mp le, ther e are glo bal option s fo r ever y
DHCP cl ient in the s ubnet and a range de cla red.
Client s are as si gned an IP ad dr es s within the
ran ge .

subn et 192.168.1.0 netma sk 255. 255. 255.0 {

option r outer s 19 2.168.1.2 54;
option su bnet -ma sk 2 55.25 5.255.0 ;
option do main -nam e "e xam ple. com ";
option do main -nam e-s er ver s 192.168.1. 1;
option ti me- of fse t -18000 ; # Ea ste rn
Standar d Tim e
range 19 2.168.1.10 192. 168.1.100;
}

Exa mp le 16-1. Subnet D ecla ration

All subne ts that sha re the sa me phy si cal netwo rk
should b e decla re d within a sha red -netw or k
de cla ration as s hown in Ex am ple 16- 2. Pa ram eter s
wit hin the sha red -netw or k, but outsi de the
enc los ed su bnet de cla ration s, are con si der ed to
be gl obal pa ram eter s. The name of the share d-
netw or k s hould b e a de sc ri ptive title f or the
netw or k, su ch as usin g the title 'test -lab' to
de sc ri be all the subn ets in a te st lab envi ronm ent .

sha red -netw or k nam e {

option do main -nam e "te st .re dhat .co m" ;
option do main -nam e-s er ver s n s1.re dhat .co m,
ns2. re dhat .co m;
option r outer s 19 2.168.0.25 4;
mo re para mete rs for EX AMP LE shar ed -netwo rk
subn et 192.168.1.0 netma sk 255. 255. 25 2.0 {
para mete rs for s ubnet
range 19 2.168.1.1 192.168.1. 254 ;
}
subn et 192.168. 2.0 net mas k 2 55.2 55.25 2.0 {
para mete rs for s ubnet
range 19 2.168.2.1 19 2.168.2. 254 ;
}
}

Exa mp le 16-2. Sha red -net wor k D ecla ration

As de mon strat ed in Ex am ple 16- 3, the grou p
de cla ration can be us ed to apply gl obal
pa ram eter s to a g roup o f decla ration s. For
exam ple, s hare d netwo rk s, subnet s, and ho sts can
be g roup ed.
grou p {
opt ion route rs 192.168.1. 254 ;
opt ion subn et- mas k 255. 255. 255.0;
opt ion dom ain- name "exa mp le.co m" ;
opt ion dom ain- name- se rve rs 19 2.168.1.1 ;
opt ion time -o ff set -18000; # Eas tern
Standar d Tim e
ho st apex {
option ho st- name "a pex .ex am ple.c om ";
har dwar e ethern et 00:A 0:78 :8E :9 E: A A;
fi xed -ad dr es s 192.168.1. 4;
}
ho st ralei gh {
option ho st- name " ralei gh.exa mp le.co m" ;
har dwar e ethern et 00:A 1: DD :7 4:C3 :F 2;
fi xed -ad dr es s 192.168.1.6 ;
}
}

Exa mp le 16-3. Gr oup De cla ration

To con figu re a D HCP s er ver that lea ses a dyna mic
IP add re ss to a sy stem within a subnet , m odi f y
Exa mp le 16-4 wit h your values. It d ecla re s a de fault
lea se tim e, max imu m lea se time , and networ k
con fi guration value s fo r the client s. This exam ple
as si gns IP add re ss es in the range 19 2.168.1.10 and
19 2.168.1.100 to client s yst em s.

def ault- lease -ti me 600;

max -lease -ti me 7200 ;
option su bnet -ma sk 255. 255. 255.0;
option b roa dca st- add res s 19 2.168.1.25 5;
option r outer s 192.168.1. 254 ;
option do main -nam e-s er ver s 192.168.1. 1, 192.168.1. 2;
option do main -nam e "exa mp le.co m" ;
subn et 192.168.1.0 netma sk 255. 255. 255.0 {
ran ge 192.168.1.1 0 192.168.1.100 ;
}

Exa mp le 16-4. Rang e Para mete r

To as sign an IP add res s to a c lient bas ed on the
MAC ad dr es s of the netwo rk inter face ca rd , use the
ha rdwa re ethe rnet pa ram eter w ithin a ho st
de cla ration. As dem onst rate d in Exa mp le 16-5 , the
ho st apex dec larati on spe ci fies that the net wor k
inte rfa ce car d with the MAC ad dr es s
00 :A0 :78:8 E: 9E :A A always r ece ives the IP ad dre ss
19 2.168.1.4.
Note that the optiona l para mete r host -nam e can
al so be use d to a ssi gn a ho st name to the client .

host ape x {
opt ion host -nam e "apex .e xa mpl e.co m" ;
ha rdwa re ethe rnet 00: A0 :78:8 E: 9E :A A;
f ixe d- add re ss 19 2.168.1.4 ;
}

Exa mp le 16-5. Static IP A dd res s usin g DHC P

Tip
 The sam ple con fi guration f ile p rovi ded can be
use d as a sta rtin g point and cus tom
conf igu ration option s can be ad ded to it . To
copy it to the pr ope r location , use the foll owin g
com man d:

cp /u sr /s har e/ doc /d hc p- <ver sion -

numb er >/dh cpd. conf. sa mple
/et c/ dhc pd. conf
(wh ere <ver sion -num be r> i s the DHCP ver sion
numb er ).

Fo r a co mpl ete list o f option sta tem ents and what

they do , ref er to the dhc p- option s man page.
16. 2.2. Leas e Databa se
On the D HCP s er ver , the f ile
/var /li b/ dhc p/ dh cpd.l ease s s tore s the DHC P cli ent
lea se data base. Thi s file s hould not be m odi fie d by
hand. D HCP lea se info rm ation fo r each re cently
as si gned IP add re ss is automati cally s tor ed in the
lea se data base. The inf or mation inc lude s the
leng th of the leas e, to whom the IP ad dre ss has
be en ass igne d, the sta rt and end date s for the
lea se, and the MAC ad dre ss of the netwo rk
inte rfa ce car d that was u sed to ret riev e the lease.
All time s in the lease data bas e are in Green wi ch
Mean Tim e (GMT ), not local ti me.
The lea se databa se i s rec reate d fr om ti me to time
so that it i s not too lar ge. Fir st , all kno wn lease s
ar e save d in a tem pora ry leas e databa se. The
dh cp d.lea ses file i s renam ed dh cp d.lea ses ~ and
the te mpo rar y lea se data base i s wri tten to
dh cp d.lea ses .
The D HCP dae mon coul d be k ille d or the sy stem
cou ld c rash a fter the lea se data base ha s been
rename d to the bac kup fi le but bef ore the new f ile
ha s been wr itten. If thi s happ ens , the dh cp d.lea ses
file doe s not exi st , but it is re quire d to star t the
ser vice. Do not c reate a new lease f ile. If you do ,
all old lea se s are lo st whic h cause s many
prob lem s. The co rre ct solut ion is to rena me the
dh cp d.lea ses ~ bac kup f ile to dhc pd.l ease s and
then sta rt the dae mon.
16. 2.3. Sta rting and Stop ping the Ser ver

Impo rtant

When the D HCP s er ve r is s tar te d fo r the fir st

time , it fa ils unle ss the dh cp d.lea ses file
exi st s. Use the com man d touch
/va r/l ib /dh cp /d hcp d.lea ses to creat e the f ile if
it does not e xist .
If the sa me s er ver is al so running BIN D as a DNS
se rver , this s tep is not nec es sar y, as sta rting
the name d se rvi ce automati cally ch ec ks for a
dhc pd.l ease s f ile.

To sta rt the DHC P se rvi ce, use the co mm and

/sb in/ se rvi ce dhc pd s tar t. To sto p the DHC P ser ver ,
us e the c om mand /sb in/ se rvi ce dhc pd s top .
By default , the D HCP s er vice do es not sta rt at b oot
ti me. To c onfi gure the dae mon to sta rt
auto matica lly at b oot time , ref er to Chapte r 12
Cont rollin g Ac ces s to Ser vice s fo r info rmat ion on
ho w to mana ge se rvi ces.
If mo re than one networ k inte rfa ce is attac hed to
the sy ste m, but the D HCP s er ve r sh ould only be
star te d on one o f the inte rfa ce s, con figu re the
DHCP s er ver to sta rt only on that de vice. In
/etc /sy sc onf ig/ dh cp d, ad d the na me of the
inte rfa ce to the list of DHCP DA RG S:

# Com mand line opt ions he re

DHC PD AR GS =eth0

Thi s is use ful fo r a f ire wall ma chine wi th two

netw or k ca rd s. One netwo rk car d can be con figu red
as a DHC P clien t to r etri eve an IP ad dre ss to the
Internet . The other networ k ca rd can b e used as a
DHCP s er ver fo r the interna l networ k be hind the
fire wall. Spe cif ying only the netwo rk ca rd
conn ecte d to the internal netw or k ma ke s the
syste m mo re s ecu re becau se use rs can not
conn ect to the dae mon via the Inte rnet .
Other com man d line option s that can be spe ci fie d
in /et c/ sys con fig /d hc pd inc lude :
-p <p or tnu m> — Spe cif y the UDP po rt num ber on
wh ich dh cp d shoul d list en. The d efault i s por t 6 7.
The D HCP s er ve r tran sm its r es pons es to the D HCP
cl ients at a por t num be r one g reate r than the UDP
po rt sp eci fie d. For exa mp le, if the de fault po rt 67
is used , the ser ver li sten s on p or t 6 7 for r eques ts
and r es pons es to the clien t on po rt 68. If a po rt is
spe cifi ed he re and the DHC P relay agent i s used ,
the sa me po rt on which the D HCP r elay agent
should li sten mu st be s pec ifie d. Ref er to Se ction
16. 2.4 DHC P Relay A gent fo r detail s.
-f — Run the da emon a s a fo reg roun d pro ces s.
Thi s is m ostl y used f or de bugg ing.
-d — Log the DHC P se rver daem on to the
standa rd er ro r des cr ipto r. This i s mos tly use d for
de bug ging. If thi s is not s pec ifie d, the log i s
written to /var /log /m es sa ges .
-cf <fil ename > — Spe cif y the location o f the
con fi guration f ile. The def ault location i s
/etc /dh cp d.con f.
-lf <f ilena me> — Speci f y the locat ion of the
lea se data base f ile. If a leas e databa se fil e
al ready e xis ts , it i s ver y im po rtant that the s ame
file be use d ever y ti me the DHC P se rve r is sta rte d.
It i s str ongly r eco mm ende d that this opt ion only
be u sed fo r de buggin g pur pos es on non-
produ ction ma chine s. The de fault locati on is
/var /li b/ dhc p/ dh cpd.l ease s.
-q — D o not p rint the entir e copy rig ht mes sa ge
wh en star ting the daem on.
16. 2.4. D HCP R elay Agen t
The D HCP Re lay Agent ( dhc relay ) allow s fo r the
relay of DHC P and B OO TP r eque sts f ro m a s ubnet
wit h no D HCP s er ver on it to one or m ore D HCP
ser ver s on oth er su bnets.
When a D HCP cl ient reque st s info rm ation, the D HCP
Re lay Agent f or war ds the re ques t to the li st of
DHCP s er ver s sp eci fie d when the DHC P Relay A gent
is star ted. When a DHC P se rve r retu rns a rep ly , the
reply i s broa dca st or unica st on the netwo rk that
sent the orig inal reque st .
The D HCP Re lay Agent li sten s for DHCP reque sts on
all inte rfa ces unle ss the inte rfa ce s are s peci fie d
in /et c/ sys con fig /d hc relay wit h the INT ERF ACES
di re ctive.
To sta rt the DHC P Relay A gent , use the co mm and
ser vice dh cr elay sta rt.

Pr ev Ho me Ne xt

Dyna mic Ho st Up Configu ring a

Configu ration DHC P Client
Pr otoc ol (D HCP )

Red Hat E nter pr ise Linu x 4:

Sy stem Ad mini stra tion Guid e

Chapt er 16. Dyna mic

P Ho st Confi guration N
rev Proto col ( DHC P) ext

16.3. Confi gurin g a DHC P Client

The fi rs t ste p for c onfi gurin g a D HCP cl ient is to
ma ke s ure the k erne l rec ogni zes the netw or k
inte rfa ce car d. Most ca rd s are r eco gnize d dur ing
the in stallation p ro ces s and the sy ste m is
con fi gure d to u se the cor re ct ke rnel mo dule fo r
the ca rd. If a ca rd i s adde d afte r installa tion,
Kud zu [1] s hould r eco gnize it and p rom pt fo r the
con fi guration o f the cor re spon ding k ern el mo dule
for it . B e sur e to c hec k the Har dwa re Com patibi lit y
Li st availab le at htt p: // har dwa re.re dhat .co m/ hcl /.
If the netwo rk car d is not conf igur ed by the
in stallation p rog ra m or Kudzu and you kno w whi ch
kern el mo dule to load fo r it , r efe r to Chapte r 30
Ke rnel Module s f or deta ils on load ing ke rnel
module s.
To con figu re a D HCP c lient manuall y, mo dif y the
/etc /sy sc onf ig/n etwo rk file to enabl e networ ki ng
and the con figu ration f ile fo r each netwo rk devi ce
in the /et c/ sys con fig /net wor k- scr ipt s dir ecto ry. In
thi s di rect or y, ea ch devi ce sh ould have a
con fi guration f ile name d if cfg -eth0 , wher e eth0 is
the netw or k dev ice nam e.
The /etc /sy sc onf ig/n etwo rk file s hould c ontain the
follow ing line:

NE T WOR KING=y es

The NET WO RKING va riabl e must b e set to yes i f you

want netw or kin g to s tar t at boot ti me.
The /etc /sy sc onf ig/n etwo rk -sc rip ts /if cf g- eth0 file
should c ontain the follo wing line s:

DE VICE =eth0
BO OT PR OT O= dh cp
ON BO OT =ye s

A c onfi gurati on file is nee ded f or eac h devi ce to be

con fi gure d to u se DHCP .
Other option s for the net wor k s cr ipt inclu de :
DHCP _H OSTN AME — On ly use this o ption if the
DHCP s er ver re quire s the cli ent to s pe cif y a
ho stnam e bef ore r ecei ving an IP ad dr es s. (The
DHCP s er ver dae mon in Red Hat E nter pr ise Linu x
do es not su ppo rt this f eature. )
PEER DNS =<ans we r> , wher e <ans we r> i s one o f
the fo llow ing:
ye s — Modif y /et c/ res olv .conf wit h info rmat ion
fro m the se rver . If using D HCP , then ye s is the
de fault .
no — Do not mo dif y /etc /re sol v.con f.
SRC AD DR =<a dd re ss >, wher e <ad dr es s> is the
spe cifi ed sou rc e IP ad dr es s fo r outgoing pa ck ets.
US ERCTL =<an sw er >, whe re <an sw er > is one of
the fo llow ing:
ye s — Non-ro ot user s are allo we d to con trol thi s
de vic e.
no — Non-ro ot user s are not allo wed to cont rol
thi s devi ce.
If you pre fer using a grap hical inte rfa ce, r efe r to
Chapt er 10 Netwo rk Configu ration f or deta ils on
us ing the Netwo rk Ad mini stra tion Tool to confi gure
a netwo rk inter face to use D HCP .

Tip

For advan ced c onfi gurati ons o f client D HCP

 option s su ch as pr otoco l timin g, lease
requi re ment s and reque st s, dyna mic D NS
sup por t , alia se s, as wel l as a wi de var iet y of
values to ove rr ide , pre pend , or appen d to
client -s ide con fi guration s, r efe r to the dhc lient
and dhc lient .con f man page s.

Note s

[1 ] Kud zu is a hard war e pro bing tool run at sy ste m

bo ot time to dete rm ine what har dwa re has b een
ad ded o r rem ove d fr om the sy ste m.

Pr ev Ho me Next

Configu ring a Up Add itional

DHC P Ser ve r Re sou rce s