Understanding and configuring DHCP

Sarath Pillai's picture

DHCP- Dynamic Host Configuration Protocol.

Suppose you have a small network and you want all the machines in the network to have an ip address,dns server address,gateway etc to be configured automatically at boot time, then DHCP can help you.

In this case the client machine is not configured with a static ip address but its configured in such a way that it goes and quries the DHCP server in the network for its IP address and other configs.

DHCP is also useful when an administrator wants to change all the machine in the network with a different IP address. So instead of going to all the client machine and configure the address, the administrator needs to just change the configs of the DHCP server.

lets bigin with installing the package required to configure the dhcp server. installation can be done by using YUM(the redhat linux DVD does have all the packages and dependancies required to install dhcp.).

[root@myvm1 ~]# yum install dhcp

Now after installing dhcp server you will get a configuration file called dhcpd.conf in /etc.

a typical /etc/dhcpd.conf only has the following contents. and its blank

#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample
#

Now red hat includes documentation for most of the packages out there, which you can find at /usr/share/doc/.we need to look under that directory for the correct version of our dhcp and inside that you will find the dhcpd.conf example configuration file.

now in my case its /usr/share/doc/dhcp-3.0.5/ and the directory listing is as below.

 

[root@myvm1 ~]# cd /usr/share/doc/dhcp-3.0.5/
[root@myvm1 dhcp-3.0.5]# ls
api+protocol                          IANA-arp-parameters  rfc2131.txt
dhcpd.conf.sample                     ja_JP.eucJP          rfc2132.txt
draft-ietf-dhc-authentication-14.txt  README               rfc2485.txt
draft-ietf-dhc-dhcp-dns-12.txt        RELNOTES             rfc2489.txt
draft-ietf-dhc-failover-07.txt        rfc1542.txt          rfc951.txt

dhcpd.conf.sample file in the directory can be very helpful in configuration.

the file /var/lib/dhcpd/dhcpd.leases can be very useful in finding the address alloted to the client by the server.

most of the time its better to copy and overwrite the file /etc/dhcpd.conf with the sample config file /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample for easily configuring. 

So now lets start with configuring a simple network which allots an address to each host, within an address range specified, and configs as below.

Subnet:172.16.200.0 Mask: 255.255.255.0

Gateway: 172.16.200.254

Dns: 172.16.200.254

Domain Name: Slashroot.in

Range: 172.16.200.20 to 172.16.200.150

So in this case our configuration will be like this as shown below.

subnet 172.16.200.0 netmask 255.255.255.0 {
        option routers          172.16.200.254;
        option subnet-mask      255.255.255.0;
        option nis-domain       "slashroot.in";
        option domain-name      "slashroot.in";
        option domain-name-servers      172.16.200.254;
        option time-offset      -18000;
        range dynamic-bootp     172.16.200.20 172.16.200.150;
        default-lease-time      21600;
        max-lease-time  43200;
}

now lets go through each and every options in the above diagram:

option routers: this specifies the gateway

options subnet-mask: specifies subnet mask used in the network

option nis-domain: this option specifies the clients SUN NIS domain

option domain-name-servers: this specifies the dns server for the client.

option time-offset: this specifies the time offset that the client computers can have in UTC

range: this specifies the range of ip adresses that can be alloted to the clients.

default-lease-time: its the time of validity of an ip address assigned to a host

max-lease-time: its the maximum validity that an ip address assigned to a host can have

Now imagine a case where you need to have a fixed ip address through dhcp to one of your host, in that case you need to configure the dhcpd.conf with specific ip address to that specific host identified by its MAC address.

now in the above configuration we are assuming that we need a machine in our network with the name test, and its having the mac address as mentioned to have a specific ip address 172.16.200.32.

Now every that machine with the mac accress 00:0C:29:93:A0:52 will always get that ip address only.

now after editing the changes save and close the file dhcpd.conf and restart the dhcpd service.

Now you can also specify the default ntp server to be used by the clients in your network, by the below statement in you /etc/dhcpd.conf file

option ntp-servers              172.16.200.42;

Note: the ntp server option should go inside the subnet declaration braces.

Now configuring the client is very easy,most of you already know.

you must have the following things in your /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
BOOTPROTO=dhcp
HWADDR=00:0c:29:93:a0:52
ONBOOT=yes
TYPE=Ethernet

Now lets understand the steps that the client goes through to fetch an ip address and other relevant information from a dhcp server.

Step 1:DHCP discover message

when the client boots up it sends a broadcast message in its network with dhcp discover. this broadcast is called dhcp discover message, this message contains the MAC address of the client, and its destined for UDP port 67 of dhcp server.

there is one interesting question out there regarding this discover message.

How will the client send broadcast without an ip address? what will be the source address in the discover message packet?and what will be the destination?

Answer: the client will use 0.0.0.0 as the source address, and 255.255.255.255 as destination address, and source port of the packet will be 68, destination will be 67, and the packet will be of type UDP

Step 2: DHCP offer message:

Now when a DHCP server recieves the discover message from the client it responds to that message with dhcp offer message to the computer that requested with the below information.this packet will also be a broadcast packet,because the client yet does not have an ip address.

2.ip address that the server is offering

3.lease duration

4.dhcp server ip

Now if suppose there are multiple DHCP servers in the network, all of them offers the dhcp offer message to the client.

this offer message will be of the type UDP broadcast,with source address as the dhcp server address, destination address will be 255.255.255.255, and destination port will be 68

 

Step 3: DHCP request message:

when the client recieves the offer message from the server, it sends a dhcp broadcast request requesting the offered ip address and other configurations. this broadcast will be reiceved by all dhcp servers that offered dhcp offer messages.

But the client will only accept one server as its dhcp server. And all other servers are informed about this fact(trasaction ID in request message), through dhcp request broadcast message. when other dhcp servers gets this request message they withdraw their offer message.

this packet will be of UDP broadcast, with source address still 0.0.0.0 because the client still does not have an ip address(it is only offered with an ip).the destination ip will be 255.255.255.255 as this is broadcast,and destination port will be again 67.

Step 4: DHCP Acknowledgment:

the dhcp server on recieving the dhcp request message will send back a dhcp ack message containing ip lease duration and other ip configs. And the configuration of the client is done by the client itself.

this packet is yet again a UDP broadcast packet,with source address as DHCP server address,destination will be 255.255.255.255,and destination port will be 68 and source port will be 67

Now the most important fact to note here is that the dhcp server does not have any authentication mechanism, which makes it vulnerable.

As the client does not have any method to validate the identity of the dhcp server, the attacker can make his dhcp server in the network, and can provide wrong details to the clients requesting ip.

 

Now after reading this blog, dont you guys think that after the DHCP offer message the request message is an unwanted message?

Answer: In fact that request message is not at all unwanted, this request message does two things.

1.the client can check whether the ip address offered by the dhcp server is already assigned to another NIC card on the server?

2.And the request message informs the other DHCP servers in the network about which dhcp servers reply the client accepted.

Rate this article: 
Average: 4 (55 votes)

Comments

I have been looking for a simple and useful guide to linux dhcp config, and have looked a lot, this is possibly the best and the most useful one pager i have found! Thanks!!

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.