CentOS 8.x Setup basic DHCP server
From Notes_Wiki
<yambe:breadcrumb self="Setup basic DHCP server">CentOS 8.x DHCP server|DHCP server</yambe:breadcrumb>
CentOS 8.x Setup basic DHCP server
To setup DHCP server in CentOS 8.x machine use following steps:
- Install required package
- dnf -y install dhcp-server
- Edit /etc/dhcp/dhcpd.conf file to create at least one subnet for all local interfaces of DHCP server. If DHCP server should not offer DHCP services on the particular interface then leave the subnet body empty, but we must declare one subnet for each interface of DHCP server
- subnet <network-1> netmask <netmask-1>
- {
- #Example subnet in case DHCP services are not required on this subnet
- }
- #Example subnet where DHCP will give IP, domain name, DNS IPs, Netmask, Gateway IP, etc. to DHCP clients
- subnet 192.168.100.0 netmask 255.255.255.0
- {
- option domain-name "example.com";
- option domain-name-servers 192.168.100.1;
- option routers 192.168.100.1;
- range 192.168.100.50 192.168.100.150;
- host hp_laserjet_m1536dnf_1 { hardware ethernet 2c:59:e5:d6:51:dd; fixed-address 192.168.100.4; }
- }
- Here
- domain-name
- This would be default search domain for the client ("search example.com" would be present in /etc/resolv.conf of DHCP client)
- domain-name-servers
- This would be DNS configured for the DHCP client ("nameserver 192.168.100.1" would be present in /etc/resolv.conf of DHCP client)
- routers
- This is used to give default gateway. Hence for client taking IP from above DHCP configuration default gateway would get set to 192.168.100.1
- range
- This is used to define IPs that DHCP can/should give in the subnet range. The subnet is already specified in the "subnet <Network> netmask <Netmask>" declaration. But DHCP would restrict the IPs given to client to the specified range only. We can specify range multiple times to specify non-contiguous ranges.
- host
- This is used to give a fixed IP 192.168.100.4 for DHCP client with MAC address 2c:59:e5:d6:51:dd; Note that IP 192.168.100.4 is outside the DHCP range specified for general / other clients which are not having DHCP MAC binding.
- Start dhcpd service and enable it
- systemctl start dhcpd
- systemctl enable dhcpd
- Allow UDP port 67 in firewall
- firewall-cmd --zone=public --add-port=67/udp --permanent
- firewall-cmd --reload
- firewall-cmd --list-all
- Test by taking IP from a DHCP client. You should see the lease related details at '/var/lib/dhcpd/dhcpd.leases' file similar to:
- lease 192.168.100.50 {
- starts 5 2021/03/19 14:18:16;
- ends 6 2021/03/20 02:18:16;
- cltt 5 2021/03/19 14:18:16;
- binding state active;
- next binding state free;
- rewind binding state free;
- hardware ethernet 00:50:56:a2:07:88;
- uid "\001\000PV\242\007\210";
- }
- Ideally add below options to dhcp.conf subnets:
- default-lease-time 259200;
- max-lease-time 604800;
- ddns-update-style none;
- authoritative;
- where
- default-lease-time
- By default after these many seconds the machine should request for DHCP IP again. 259200 is 3 days. The default is 43200 seconds (12 hours)
- max-lease-time
- By default after lease has expired if client does not connects for this much time then consider IP to be free. 604800 is 7 days. The default maximum lease time is 86400 (24 hours)
- ddns-update-style
- Since we are not updating DNS entries automatically based on DHCP IPs allotted, we can set this to none
- authoritative
- This means that this is authoritative DHCP for this network. If it sees DHCP offer from other DHCP servers, it can send DHCPNAK to clients to avoid using those offers
<yambe:breadcrumb self="Setup basic DHCP server">CentOS 8.x DHCP server|DHCP server</yambe:breadcrumb>