[SGVLUG] intro to myself
Alex Roston
tungtung at pacbell.net
Mon Nov 27 13:22:52 PST 2006
Gary Li wrote:
> Hi sgvlug,
> I am a system admin at a company in beverly hills,ca and I am looking
> for some help on fedora core 5 setting up a dhcp server. Please let me
> know how can I get some help if I attend your group meetings. Can you
> tell me if you are meeting this saturday and there isn't any map on
> the website and address detail the site. Please advise to provide as
> much as possible. Please give me some hits on the installation fest
> this saturday if it is still on. Please also if you can webmaster can
> you update your website so we can get it before this saturday dec 2nd,
> 2006.
> By the way, Can we get shown how to configure a full blown server
> stand alone so that I can get some hands on tips.
> GARY
>
> ------------------------------------------------------------------------
> Everyone is raving about the all-new Yahoo! Mail beta.
> <http://us.rd.yahoo.com/evt=42297/*http://advision.webevents.yahoo.com/mailbeta>
Gary,
Here's a report I wrote on the subject for a class sometime ago.
Hopefully it will help. You should also be able to look this up on the
net. Also, unless you need something very difficult, your router should
have a built-in DHCP server.
Alex
*DHCP Under Unix*
*Alex Roston*
*Tech 421 (Cisco 1)*
_*OVERVIEW*_
DHCP is a service which allows a server to dynamically allocate IP
addresses and boot files to a host. In Unix it runs as a daemon, which
is a class of program that runs under root and helps support the system.
There are two types of DHCP programs, the client and the server.
The client usually resides on a workstation, which might be a Unix,
Linux, Windows, or MacIntosh machine, and it gets the necessary
information about the IP settings from the server.
The DHCP server daemon runs on a server, and it dynamically allocates
the appropriate host information to the clients. When it starts it reads
the /etc/dhcpd.conf file, which contains configuration information the
DHCP daemon needs to properly allocate IP addresses and booting information.
This report is written with the MS Windows user in mind. If you're
already a Unix veteran, you have my apologies. Also, please note that
the information in this file is best suited to RedHat Linux or one of
it's variants, or to a Solaris system.
_*FILES*_
If you're at a Unix workstation, the client can be found at /sbin/dhcpd,
though this can vary from one distribution of Unix to another. If you
can't find the client, type the following at the Unix command prompt,
which is represented by the $ or # character.
*$ whereis dhcpcd*
*or*
*$ which dhcpcd*
Note that Unix is case senstive.
Under Unix or Linux the client is usually started from one of the
startup files located somewhere in the /etc/init.d or /etc/rc.d
directory. Once again this location can vary greatly from distribution
to distributioin.
The server for this daemon usually resides in the/usr/sbin/dhcpd file,
though this can, once again, vary from one form of Unix to another. If
you have trouble finding it, type the following at the command prompt.
*$ whereis dhcpd*
*or*
*$ which dhcpd *
All configuration files for UNIX or LINUX appear in the /etc directory.
The DHCP configuration file is /etc/dhcpd.conf. If you have a problem
with the DHCP under UNIX or Linux, it's probably in that file, though
there might be a problem with the startup file, once again probably
located somewhere in the /etc/init.d or /etc/rc.d directory.
Once the DHCP serve has been contacted by a client, it creates a
temporary file called dhcpd.leases in the /var/lib/dhcp directory. This
is a free-form ascii file which lists the clients and their lease times.
_*DOCUMENTATION*_
Unix documentation usually is available under the man page system. To
access this system, type any of the following at the Unix command prompt:
*$ man dhcpd * (This gives general information on the daemon)
*$ man dhcpd.conf * (This explains how to write the configuration file)
*$ man dhcp-options* (This lists and explains the various options)
*$ man dhcpd.leases * (This discusses dhcp leases)
*$ man dhcpcd * (This gives information on the client)
There are also .html documents called HOWTOS, which can be accessed by
using a web browser. These give clear, simple explanations of how to
perform tasks under Linux or Unix. To use these documents, type:
*$ startx (under Linux)*
*or*
*$ openwin (under Solaris)*
at the command prompt. This will open a window manager somewhat like
Windows if it is installed on the machine. Open an internet browser.
Some common internet browsers on a UNIX/Linux machine might be Galleon,
Mozilla, Opera, Konqueror or Netscape. If the X-Windows system is not
available on the Unix machine you're working on, type:
*$ lynx*
at the command prompt. This will bring up a text based browser.
You will usually find HOWTO files in the /usr/share/doc/HOWTO directory.
If it's not there, look around, you'll find it somewhere in the area.
The DHCP HOWTO is acutally a mini-howto, and you might have to look
under the subdirectory of /mini to find it. HOWTOS can mainly be found
under Linux, but it is possible (though unlikely)to find them under
other systems as well. They can also be found on the web. Do a Google
search as necessary.
In Windows NT and in some varieties of Unix, a configuration utility is
provided. However, if you're working on a machine without a Windowing
system, (which is typical of most servers) you'll have to create or edit
your own configuration file. Though this can be much more difficult than
using a configuration utility, it generally allows you much finer
control of your situation.
_*EDITING THE DHCPD.CONF FILE*_
To edit the file dhcpd.conf file you must first be in the /etc
directory. If you're normally a Windows user, type:
*$ pico dhcpd.conf*
at the command line. This command will bring up simplest available UNIX
editor. If you're unlucky, you might have to use vi, a much more complex
program. Type
*$ vi dhcpd.conf*
at the command prompt. If you don't know how to use this editor, try
typeing:
*$ vimtutor*
at the command line. This will give you a tutorial on using vi.
_*CONFIGURATION*_
In general, the configuration files for DHCP follow the same rules for
writing PERL or C. Comments start with a pound sign (#), Global
parameters are laid out in clear text at the beginning of the file.
Everything after the global parameters has to be enclosed in curly
braces, and all lines must end with a semicolon. If you want to use
options they must begin with the word "option" a follows:
option routers 192.168.0.1;
option domain-name "domain.org";
The main stylistic difference between a C file and the dhcpd.conf file
is that keywords are not case sensitive.
In order to learn the exact working of DHCP, let's look at a sample
file. (The file below was taken from the sample file that came with the
RedHat Linux 7.1 distribution installed on my laptop, and I have added
items from the Unix man pages and the DHCP HOWTO. This file is probably
not usable in its current form, but could be edited with your own system
in mind.)
Each dhcpd.conf file or file section must begin with a subnet
declaration, and each subnet declaration is followed by it's own set of
parameters. I have only included one subnet in this file. You'll see
that I have written the “range' statement to keep the first five
addresses from being dynamically allocated. This allows me to assign
them as static addresses which will be used for routers, servers, etc.
/subnet 212.168.7.0 netmask 255.255.255.224 {/
/range 212.168.7.38 192.168.1.62/
DHCP allows us to give a default and maximum lease time. A lease is the
amount of time the DHCP client can be connected to the server. DHCP
lease times are measure in seconds.
/default-lease-time 21600;/
/max-lease-time 43200;/
A well written Unix configuration file has lots of comments, which
should be read carefully, as they will give the technician important
clues about what's going on. Note the “default gateway” comment below.
Also note that the router address is outside the subnet this file
discusses. In a real situation, this would be a much longer file that
discussed all the subnets in use.
/# --- default gateway/
/option routers 212.168.7.1;/
/option subnet-mask 255.255.255.224;/
The use of the options should be obvious. A full list of the options is
available in the dhcp-options man page.
/option nis-domain "domain.org";/
/option domain-name "domain.org";/
We use the first of our reserved addresses here to make sure that the
domain name server has a static IP address. Since other files, possibly
on other computers will refer to this address, and it is inconvenient to
change all these addresses on the fly, using a static address is necessary.
/option domain-name-servers 212.168.7.33;/
/option time-offset -5; # Eastern Standard Time/
Note the security applications of a well written file. The allow and
deny statements can be used to control the behaviour of dhcpd to various
sorts of requests. Also note that the default behaviour of DHCP on this
sytem can be changed simply by moving the “#” character down one line.
In a Unix system, such use of comments is a sign of a well written file.
/# The default behavior is to deny an addres to unknown-clients./
/# allow unknown-clients;/
/deny unknown-clients;/
Because the option below is commented out, you can see that no-one is
using netbios on this system, but the possibility that someone might
need it was considered by the manufacturer. If one was working for a
client who wanted netbios installed, one could simply erase the pound
signs and set the IP address properly. (It's wrong below)
/# option ntp-servers 192.168.1.1;/
/# option netbios-name-servers 192.168.1.1;/
A properly commented Unix file gives intelligent warnings. The file's
original author doesn't want you messing with this.
/# --- Selects point-to-point node (default is hybrid). Don't change
this unless/
/# -- you understand Netbios very well/
/# option netbios-node-type 2;/
The next section of the file uses the “group” statement to assign all
these MAC addresses to boot off a particular file. This is an example of
how DHCP can assign not just IP addresses, but bootable files to a
particular machine.
Everything after the “group” statement is in curly brackets. Failure to
close the curly brackets can cause a DHCP file to become unusable.
/group {/
The "filename" statement gives the address and filename we want to boot
from. It is very possible that a directory will not have to be
specified. Depending on the application, hardware or Unix system hosting
the boot file, that file might be in a default directory.
/filename "/usr/bootp/Xncd19r";/
The "next-server" statement gives the name of the server our group is
booting from. These appear to be NCD thin clients.
/next-server ncd-booter;/
The “host” statement indicates the name assigned to the NCD thin
clients, and the MAC address of these clients follows in the curly brackets.
/host ncd1 { hardware ethernet 0:c0:c3:49:2b:57; }/
/host ncd4 { hardware ethernet 0:c0:c3:80:fc:32; }/
/host ncd7 { hardware ethernet 0:c0:c3:22:46:81; }/
/ }/
Note another good security feature of DHCP. We can allocate a particular
MAC address to the IP address of our choice. It is possible to do this
with every host on the system. This is not in any way perfect security,
because MAC addresses can be spoofed, but someone would have to read the
file or get into the BIOS of one of the machines on the system to learn
a MAC address.
As you recall, at the beginning of the file, we decided to keep certain
addresses out of the pool of dynamically allocated addresses . We'll use
these addresses for the name server, mail server, print server, and file
server. Note the curly brackets and semicolons
/ host ns {/
/hardware ethernet 12:34:56:78:AB:CD;/
/fixed-address 212.168.7.34;/
/}/
/ /
/ host fs {/
/hardware ethernet 12:34:56:78:AB:CD;/
/fixed-address 212.168.7.35;/
/}/
etc.
# Note the closing curly brackett.
}
Depending of exactly what one wants DHCP to manage, two dhcpd.conf files
might look very different. The dhcpd.conf file at my last job existed
only to handle the boot options for twenty diskless workstations, while
the one on my home network serves only to provide static ip addresses.
Obviously such files need to be written carefully and with attention to
the situation at hand.
_*AFTER CONFIGURATION*_
Once a DHCP configuration file has been written, it is necessary to
restart the DHCP daemon so the configuration file can be re-read. To
some degree, this is beyond the scope of this report. The proceedure for
restarting a service under Unix can vary wildly. However, the following
proceedure will probably work under most Unixes.
Type:
*$ kill –9 dhcpd*
at the command prompt. This will turn off the dhcpd daemon.
Next, the startup file for DHCP must be located. As I noted before, this
file will usually be found in the /etc/rc.d or /etc/init.d directory,
though it could also be found in the /etc/sysinit directory. Usually the
startup file will be listed as dhcpd and a number which represents its
order in the system's startup sequence. Type the full filename of this
file at the command prompt. What follows are only examples. You will
have to investigate carefully to discover the exact filename.
*$ /etc/rc.d/rc6.d/45dhcpd*
*$ /etc/init.d/76dhcpd*
*$/etc/sysinit/rc3.d/32dhcpd*
On Linux systems that are descended from the RedHat distribution things
are a little easier. Simply type:
*$ service dhcpd restart*
and the daemon will shut itself off and restart, at which point it will
re-read the dhcpd.conf file and accept it's new parameters.
_*BIBLIOGRAPHY*_
*_DHCPD Manual Page:_* Ted Lemon under contract with Vixie Labs.
Published by the Internet Software Corporation, http://www.isc.org
<http://www.isc.org/>
*_DHCPCD Manual Page:_* Yoichi Hariguchi <yoichi at fore.com
<mailto:yoichi at fore.com>> and Sergei Viznyuk <sv at phystech.com
<mailto:sv at phystech.com>>
*_DHCPD.CONF Manual Page:_* Ted Lemon under contract with Vixie Labs.
Published by the Internet Software Corporation, */http://www.isc.org/*
<http://www.isc.org/>
*_DHCP-OPTIONS Manual Page:_* Ted Lemon under contract with Vixie Labs.
Published by the Internet Software Corporation, */http://www.isc.org/*
<http://www.isc.org/>
*_DHCPD.LEASES Manual Page:_* Ted Lemon under contract with Vixie Labs.
Published by the Internet Software Corporation, */http://www.isc.org/*
<http://www.isc.org/>
*_Network Nirvana: How to make Network Configuration as easy as DHCP:_*
James Mohr, Linux Magazine, April 2000
*_DHCP mini-HOWTO:_* Vladimir Vuksan (vuksan at veus.hr
<mailto:vuksan at veus.hr>) Revision v4.12 October 22, 2000
HYPERLINK "http://www.isc.org/"HYPERLINK "http://www.isc.org/"
More information about the SGVLUG
mailing list