Dynamic Host Configuration Protocol (DHCP) is a network service that automatically assigned network settings (IP address, netmask, Gateway, DNS server) to host computer connected to the same subnet. Hosts configured to be DHCP clients have no control over the settings they receive from the DHCP server, and the configuration is transparent to the computer's user.
Operation
The DHCP negotiation is explained in the below steps:
- The network device, or the client who need to be assigned with a static address, sends a broadcast in a network with the message “DHCP Discover”. In the message sent, the client device also includes its MAC address. The clients send this message in order to identify if a DHCP server is somewhere in the network, listening for these type of incoming messages.
- The listening DHCP server receives the broadcast frame and replies to the client with a “DHCP Offer” message: The offer contains the network settings needed for the client to be registered in the network and its own IP address, in order for the client to correctly identify the source of the offer. Usually, the offer contains an IP address, subnet mask, default gateway and other parameters for the network. If more than one DHCP server are configured at your premises, a broadcast message is sent so that the offer can be received by the client.
- After receiving the offer, the client, if satisfied with the settings it received, sends a “DHCP Request” message back to DHCP server and informs that it agrees with the formal network settings offered. A record of the offer is included so that only the server that sent the offer will set aside the requested IP address. Again, the request is sent as a broadcast to all other DHCP servers that may have responded because the client hasn’t officially started assigning the offered IP address.
- Finally, the DHCP server replies with the “DHCP ACK” unicast message. In this stage, the IP address and all other network parameters are sent to the client device because they are now approved to be used by the client. The ACK message is sent as a unicast, but may be broadcast instead.
The Internet Software Consortium is the main author and developer of the most used DHCP server in Linux, typically known as ISC DHCP Server.
Installation and Configuration
sudo apt-get install isc-dhcp-server
Enter your interface to be used (here enp2s0):
nano /etc/default/isc-dhcp-serv =>
INTERFACESv4="enp2s0
INTERFACESv6="enp2s0
Configure DHCP settings:
sudo nano /etc/dhcp/dhcpd.conf =>
#option domain-name "ceid.upatras.gr";
#option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 3600;
max-lease-time 7200;
authoritative;
#This is the most important part of the configuration file
subnet 150.140.139.192 netmask 255.255.255.192 {
range 150.140.139.194 150.140.139.210;
option domain-name-servers 150.140.129.30, 8.8.8.8;
# option domain-name "internal.ceid.upatras.gr";
# option domain-search "ceid.lan";
option subnet-mask 255.255.255.192;
option routers 150.140.139.193;
option broadcast-address 150.140.139.255;
default-lease-time 3600;
max-lease-time 7200;
}
#Define any static IP to be assigned based on the host mac address
host photonics {
hardware ethernet 00:4g:8h:13:8h:3a;
fixed-address 150.140.139.251;
}
Restart and check leases:
service isc-dhcp-server restart
dhcp-lease-list
Firewall Configuration:
DHCP service listen to ports 67/UDP. Allow connection to this port, only for the subnet above:
sudo iptables -A INPUT -i enp2s0 -s 150.140.139.192/26 -p udp --dport 67 -j ACCEPT