1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
|
dhcpd(8) dhcpd(8)
N�NA�AM�ME�E
dhcpd - Dynamic Host Configuration Protocol Server
S�SY�YN�NO�OP�PS�SI�IS�S
d�dh�hc�cp�pd�d [ -�-p�p _�p_�o_�r_�t ] [ -�-f�f ] [ -�-d�d ] [ -�-c�cf�f _�c_�o_�n_�f_�i_�g_�-_�f_�i_�l_�e ] [ -�-l�lf�f
_�l_�e_�a_�s_�e_�-_�f_�i_�l_�e ] [ _�i_�f_�0 [ _�._�._�._�i_�f_�N ] ]
D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
The Internet Software Consortium DHCP Server, dhcpd,
implements the Dynamic Host Configuration Protocol (DHCP)
and the Internet Bootstrap Protocol (BOOTP). DHCP allows
hosts on a TCP/IP network to request and be assigned IP
addresses, and also to discover information about the net-
work to which they are attached. BOOTP provides similar
functionality, with certain restrictions.
O�OP�PE�ER�RA�AT�TI�IO�ON�N
The DHCP protocol allows a host which is unknown to the
network administrator to be automatically assigned a new
IP address out of a pool of IP addresses for its network.
In order for this to work, the network administrator allo-
cates address pools in each subnet and enters them into
the dhcpd.conf(5) file.
On startup, dhcpd reads the _�d_�h_�c_�p_�d_�._�c_�o_�n_�f file and stores a
list of available addresses on each subnet in memory.
When a client requests an address using the DHCP protocol,
dhcpd allocates an address for it. Each client is
assigned a lease, which expires after an amount of time
chosen by the administrator (by default, one day). Before
leases expire, the clients to which leases are assigned
are expected to renew them in order to continue to use the
addresses. Once a lease has expired, the client to which
that lease was assigned is no longer permitted to use the
leased IP address.
In order to keep track of leases across system reboots and
server restarts, dhcpd keeps a list of leases it has
assigned in the dhcpd.leases(5) file. Before dhcpd
grants a lease to a host, it records the lease in this
file and makes sure that the contents of the file are
flushed to disk. This ensures that even in the event of
a system crash, dhcpd will not forget about a lease that
it has assigned. On startup, after reading the
dhcpd.conf file, dhcpd reads the dhcpd.leases file to
refresh its memory about what leases have been assigned.
New leases are appended to the end of the dhcpd.leases
file. In order to prevent the file from becoming arbi-
trarily large, from time to time dhcpd creates a new
dhcpd.leases file from its in-core lease database. Once
this file has been written to disk, the old file is
renamed _�d_�h_�c_�p_�d_�._�l_�e_�a_�s_�e_�s_�~, and the new file is renamed
dhcpd.leases. If the system crashes in the middle of
1
dhcpd(8) dhcpd(8)
this process, whichever dhcpd.leases file remains will
contain all the lease information, so there is no need for
a special crash recovery process.
BOOTP support is also provided by this server. Unlike
DHCP, the BOOTP protocol does not provide a protocol for
recovering dynamically-assigned addresses once they are no
longer needed. It is still possible to dynamically
assign addresses to BOOTP clients, but some administrative
process for reclaiming addresses is required. By
default, leases are granted to BOOTP clients in perpetu-
ity, although the network administrator may set an earlier
cutoff date or a shorter lease length for BOOTP leases if
that makes sense.
BOOTP clients may also be served in the old standard way,
which is to simply provide a declaration in the dhcpd.conf
file for each BOOTP client, permanently assigning an
address to each client.
Whenever changes are made to the dhcpd.conf file, dhcpd
must be restarted. To restart dhcpd, send a SIGTERM
(signal 15) to the process ID contained in
_�/_�v_�a_�r_�/_�r_�u_�n_�/_�d_�h_�c_�p_�d_�._�p_�i_�d, and then re-invoke dhcpd. Because the
DHCP server database is not as lightweight as a BOOTP
database, dhcpd does not automatically restart itself when
it sees a change to the dhcpd.conf file.
C�CO�OM�MM�MA�AN�ND�D L�LI�IN�NE�E
The names of the network interfaces on which dhcpd should
listen for broadcasts may be specified on the command
line. This should be done on systems where dhcpd is
unable to identify non-broadcast interfaces, but should
not be required on other systems. If no interface names
are specified on the command line dhcpd will identify all
network interfaces which are up, elimininating non-
broadcast interfaces if possible, and listen for DHCP
broadcasts on each interface.
If dhcpd should listen on a port other than the standard
(port 67), the -�-p�p flag may used. It should be followed by
the udp port number on which dhcpd should listen. This is
mostly useful for debugging purposes.
To run dhcpd as a foreground process, rather than allowing
it to run as a daemon in the background, the -�-f�f flag
should be specified. This is useful when running dhcpd
under a debugger, or when running it out of inittab on
System V systems.
To have dhcpd log to the standard error descriptor, spec-
ify the -�-d�d flag. This can be useful for debugging, and
also at sites where a complete log of all dhcp activity
must be kept but syslogd is not reliable or otherwise
2
dhcpd(8) dhcpd(8)
cannot be used. Normally, dhcpd will log all output
using the syslog(3) function with the log facility set to
LOG_DAEMON.
Dhcpd can be made to use an alternate configuration file
with the -�-c�cf�f flag, or an alternate lease file with the -�-l�lf�f
flag. Because of the importance of using the same lease
database at all times when running dhcpd in production,
these options should be used o�on�nl�ly�y for testing lease files
or database files in a non-production environment.
C�CO�ON�NF�FI�IG�GU�UR�RA�AT�TI�IO�ON�N
The syntax of the dhcpd.conf(8) file is discussed seper-
ately. This section should be used as an overview of the
configuration process, and the dhcpd.conf(8) documentation
should be consulted for detailed reference information.
S�Su�ub�bn�ne�et�ts�s
dhcpd needs to know the subnet numbers and netmasks of all
subnets for which it will be providing service. In addi-
tion, in order to dynamically allocate addresses, it must
be assigned one or more ranges of addresses on each subnet
which it can in turn assign to client hosts as they boot.
Thus, a very simple configuration providing DHCP support
might look like this:
subnet 239.252.197.0 netmask 255.255.255.0 {
range 239.252.197.10 239.252.197.250;
}
Multiple address ranges may be specified like this:
subnet 239.252.197.0 netmask 255.255.255.0 {
range 239.252.197.10 239.252.197.107;
range 239.252.197.113 239.252.197.250;
}
If a subnet will only be provided with BOOTP service and
no dynamic address assignment, the range clause can be
left out entirely, but the subnet statement must appear.
L�Le�ea�as�se�e L�Le�en�ng�gt�th�hs�s
DHCP leases can be assigned almost any length from zero
seconds to infinity. What lease length makes sense for
any given subnet, or for any given installation, will vary
depending on the kinds of hosts being served.
For example, in an office environment where systems are
added from time to time and removed from time to time, but
move relatively infrequently, it might make sense to allow
lease times of a month of more. In a final test environ-
ment on a manufacturing floor, it may make more sense to
3
dhcpd(8) dhcpd(8)
assign a maximum lease length of 30 minutes - enough time
to go through a simple test procedure on a network appli-
ance before packaging it up for delivery.
It is possible to specify two lease lengths: the default
length that will be assigned if a client doesn't ask for
any particular lease length, and a maximum lease length.
These are specified as clauses to the subnet command:
subnet 239.252.197.0 netmask 255.255.255.0 {
range 239.252.197.10 239.252.197.107;
default-lease-time 600;
max-lease-time 7200;
|
This particular subnet declaration specifies a default
lease time of 600 seconds (ten minutes), and a maximum
lease time of 7200 seconds (two hours). Other common
values would be 86400 (one day), 604800 (one week) and
2592000 (30 days).
Each subnet need not have the same lease--in the case of
an office environment and a manufacturing environment
served by the same DHCP server, it might make sense to
have widely disparate values for default and maximum lease
times on each subnet.
B�BO�OO�OT�TP�P S�Su�up�pp�po�or�rt�t
Each BOOTP client must be explicitly declared in the
dhcpd.conf file. A very basic client declaration will
specify the client network interface's hardware address
and the IP address to assign to that client. If the
client needs to be able to load a boot file from the
server, that file's name must be specified. A simple
bootp client declaration might look like this:
host haagen {
hardware ethernet 08:00:2b:4c:59:23;
fixed-address 239.252.197.9;
filename "/tftpboot/haagen.boot";
}
O�Op�pt�ti�io�on�ns�s
DHCP (and also BOOTP with Vendor Extensions) provide a
mechanism whereby the server can provide the client with
information about how to configure its network interface
(e.g., subnet mask), and also how the client can access
various network services (e.g., DNS, IP routers, and so
on).
These options can be specified on a per-subnet basis, and,
for BOOTP clients, also on a per-client basis. In the
event that a BOOTP client declaration specifies options
that are also specified in its subnet declaration, the
4
dhcpd(8) dhcpd(8)
options specified in the client declaration take prece-
dence. An reasonably complete DHCP configuration might
look something like this:
subnet 239.252.197.0 netmask 255.255.255.0 {
range 239.252.197.10 239.252.197.250;
default-lease-time 600 max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 239.252.197.255;
option routers 239.252.197.1;
option domain-name-servers 239.252.197.2, 239.252.197.3;
option domain-name "isc.org";
}
A bootp host on that subnet that needs to be in a differ-
ent domain and use a different name server might be
declared as follows:
host haagen hardware ethernet 08:00:2b:4c:59:23 {
fixed-address 239.252.197.9;
filename "/tftpboot/haagen.boot";
option domain-name-servers 192.5.5.1;
option domain-name "vix.com";
}
A more complete description of the dhcpd.conf file syntax
is provided in dhcpd.conf(5).
F�FI�IL�LE�ES�S
/�/e�et�tc�c/�/d�dh�hc�cp�pd�d.�.c�co�on�nf�f,�, /�/v�va�ar�r/�/d�db�b/�/d�dh�hc�cp�pd�d.�.l�le�ea�as�se�es�s,�, /�/v�va�ar�r/�/r�ru�un�n/�/d�dh�hc�cp�pd�d.�.p�pi�id�d,�,
/�/v�va�ar�r/�/d�db�b/�/d�dh�hc�cp�pd�d.�.l�le�ea�as�se�es�s~�~.�.
S�SE�EE�E A�AL�LS�SO�O
dhcpd.conf(5), dhcpd.leases(5)
A�AU�UT�TH�HO�OR�R
d�dh�hc�cp�pd�d(�(8�8)�) was written by Ted Lemon <mellon@vix.com> under a
contract with Vixie Labs. Funding for this project was
provided by the Internet Software Corporation. Informa-
tion about the Internet Software Consortium can be found
at h�ht�tt�tp�p:�:/�//�/w�ww�ww�w.�.i�is�sc�c.�.o�or�rg�g/�/i�is�sc�c.�.
5
|
