Difference between revisions of "DHCP Server"

From MythTV Official Wiki
Jump to: navigation, search
m (Server Basics: Added a section header and removed some unpleasant block breaks)
m (Populating /etc/dhcpd.conf: Added the other location this file tends to pop up)
Line 17: Line 17:
 
== Populating /etc/dhcpd.conf ==
 
== Populating /etc/dhcpd.conf ==
  
Once you've got ISC's dhcpd installed (whether it's running or not right now doesn't matter) we'll start by telling it what IP addresses it's allowed to manage for you.  This is done with a quick edit to it's configuration file, which is almost always '''/etc/dhcpd.conf'''.  You ''will'' need root access (or sudo) to modify this file.  If it doesn't exist there it may be elsewhere in /etc and typing `find /etc -name dhcpd.conf` will tell you where.  Our basic configuration will start with these two directives:
+
Once you've got ISC's dhcpd installed (whether it's running or not right now doesn't matter) we'll start by telling it what IP addresses it's allowed to manage for you.  This is done with a quick edit to it's configuration file, which is almost always '''/etc/dhcpd.conf''', although sometimes it is '''/etc/dhcp3/dhcpd.conf'''.  You ''will'' need root access (or sudo) to modify this file.  If it doesn't exist there it may be elsewhere in /etc and typing `find /etc -name dhcpd.conf` will tell you where.  Our basic configuration will start with these two directives:
  
 
  ddns-update-style none;
 
  ddns-update-style none;

Revision as of 18:56, 16 November 2009

Note: The purpose of this page is not to tell you how to set up a DHCP server, as the details of that will have more to do with the distribution you run than can be easily explained. The point is to show you how to make an existing installation of ISC's dhcpd obtained through your distribution's package manager do what you need it to do to eliminate the problems associated with hosts occasionally moving to different IP addresses on your home network.

Required Knowledge

Ethernet devices (like your computer's network interface card, your hubs, and your switches) talk to each other directly in a way similar to how you understand IP addresses to work. Each ethernet-connected device has a unique address called a MAC address, which is a set of six octets (usually represented as hexadecimal and separated by a colon or dash) that uniquely identify it in the local broadcast domain. The broadcast domain itself is generally going to be the set of all devices directly connected to each other by a hub or a switch (not a router). You will need to know the MAC address of the devices you want to manage explcitly with DHCP.

DHCP stands for Dynamic Host Configuration Protocol. It is a mechanism by which hosts which do not have an IP address already explicitly assigned can ask the local network what IP address should be safe for them to use. This dramatically simplifies putting new equipment on your network since you'll no longer have to manually set this on each and every host. There are some security considerations involved in this, but thankfully since DHCP's scope is limited to the local broadcast domain (i.e., your home network) they can largely be solved by the application of a suitable blunt object to the offending user or network-connected device.

When your DHCP-aware device asks the network for an IP address, if one is available, it's given a lease to use that address for a given amount of time from a pool of IP addresses that the DHCP server has been told it can manage. The DHCP server's job is to keep track of which IP addresses have been leased and which haven't. A good DHCP server (like ISC's dhcpd) can also be given extra instructions and information about what to do with specific hosts, identified by their MAC address. Unless something different has been specifed for a given host (i.e., computer) it will be given a dynamic lease, meaning that the DHCP server just picks an IP address from the set of IP addresses it's allowed to give out and this address may change, but generally won't for reasons we won't go into right now. If you've configured the DHCP server to give some hosts static leases, the IP address the DHCP server gives that host will never change. For the purposes of this documentation, we're focusing on setting up static leases for your MythTV equipment.

The DHCP server program is called 'dhcpd' and the most common DHCP client programs are called 'dhclient' or 'dhcpcd'. Killing the DHCPd server simply means that there won't be anything to respond to DHCP requests on the network until you start it again. Killing the DHCPd client on a host often turns off the ethernet interface it was managing as a side-effect which will quickly lock you out of the machine if you were doing this remotely across that interface! The extra 'c' is something people often miss, so take care that you don't get them mixed up.

Server Basics

Get and install the DHCP server package from your distribution's repository. Practically all distributions have ISC's dhcpd implementation available, and it's name is usually something unimaginative like "dhcpd-x.x.x". Once it's installed and running (this is very much distribution-specific) it will now respond to any DHCP requests it sees on the network.

If you have a home router/firewall that's already assigning leases, this documentation will not help you use it's DHCP server, and quite frankly most of them aren't going to be very useful because many don't let you set up any static leases at all. If yours does and you can find the documentation for it, stop reading this and go see if you can use it to set up static leases for some hosts--it might be easier. If it can't (like many) or you're looking to do something more advanced, keep reading.

Populating /etc/dhcpd.conf

Once you've got ISC's dhcpd installed (whether it's running or not right now doesn't matter) we'll start by telling it what IP addresses it's allowed to manage for you. This is done with a quick edit to it's configuration file, which is almost always /etc/dhcpd.conf, although sometimes it is /etc/dhcp3/dhcpd.conf. You will need root access (or sudo) to modify this file. If it doesn't exist there it may be elsewhere in /etc and typing `find /etc -name dhcpd.conf` will tell you where. Our basic configuration will start with these two directives:

ddns-update-style none;
one-lease-per-client true;

Note: Every directive ends with a semi-colon. Don't leave that out by accident. Setting ddns-update-style to none tells the DHCP server to not try updating DNS information for the hosts it manages, because that's a wholly separate problem and if you know what that entails you probably don't need to be reading this at all. Setting one-lease-per-client to true means that if one of your hosts explicitly requests a different IP address for some reason (it can happen, especially if you dual-boot operating systems) that the DHCP server will go and delete any existing leases for that host, freeing up those IP addresses for something else. This is important because some devices will never remember the last lease they had and always request a brand new one, and if you're booting a different operating system it may have gotten a different IP address the last time you booted it and it will ask for that same one again. Either of these issues can, over time, cause your DHCP server to think all the IP addresses it manages are in use and it will begin telling DHCP clients "Sorry, I've got nothing for you".

The much more important section comes up next, and requires a tiny bit of knowledge about binary math and bitmasks on your part. It tells the DHCP server which network block it's supposed to be a part of, and what IP addresses in that network block it's allowed to hand out. It looks like this (and you can probably cut and paste this as well):

subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.16 192.168.1.127;
  authoritative;   

  max-lease-time 518400;
  default-lease-time 172800;

  option subnet-mask 255.255.255.0;
  option broadcast-address 192.168.1.255;
  option routers 192.168.1.1; 

  option domain-name "home.int";
  option domain-name-servers 192.168.1.1;
}

Again, remember the semi-colons, and for this section make sure you don't omit the curly braces either. The subnet and netmask settings tell the DHCP server what network block it's going to be part of. The sample above assumes that like most people, you're using the IANA-reserved 192.168.0.0/16 network block as a Class-C network block of 192.168.1.0/16, since this is the most common configuration used by the vast majority of home networks. There are other IANA-reserved netblocks you can use, but stick with this one unless you're familiar with them because it will reduce the number of unpleasant suprises you may encounter.

The range statement inside this subnet declaration is really important since it tells the DHCP server that those are the lowest and highest IP addresses it's allowed to hand out. In this case, everything from 192.168.1.16 to 192.168.1.127 is being given to the DHCP server to manage for you. We're telling to to start at the fifteenth available address (.16) instead of the first to avoid any complications with the DHCP server and the IP address of your gateway to the internet (which is likely to be 192.168.1.1). We're also telling it to leave anything higher than .127 alone simply because you probably won't need more than 111 leases in your home. You can set it higher if you like, but there's probably no point in doing so.

The max-lease-time and default-lease-time arguments are in seconds (the samples are quite long enough), and they're important as well. If your hosts request an IP address and don't say how long they want it for, they'll be told the default lease time. If they request an IP address for a positively ludicrous amount of time, they'll be told they can only have that address for that maximum time. Note that just about every well-behaved DHCP client will try to refresh their lease when that lease is half expired, just to make sure they can keep it. A well-behaved DHCP server will never have a problem renewing a lease for an IP address that a host currently has leased.

The next stanzas specify the other very important bits that you would normally have to set manually on each and every host on the network. When the DHCP server gives a host a lease, it will also pass this information along to the DHCP client to help it get everthing else set up properly. The subnet-mask option tells the host what the subnet mask for the network is. The broadcast-address tells the host what the broadcast address for the network is. The routers option tells the host where your network gateway is. This should be set to the default gateway address for your network and as such, the most common thing is going to be your router/firewall which is probably sitting at 192.168.1.1.

The last two lines tell the host what the domain name in use is, and it's reasonably okay to make something up there, as long as it does not match any "real" domain name in use. You can leave that option out entirely if you like. You will want to specify the nameserver each host should be using, or DNS will not work. If you have your own DNS server running, or your router is providing DNS service, use that address. If your ISP has given you the addresses of some nameservers to use, use those. Multiple addresses should be separated with a comma, and again, don't forget the semi-colon at the end of the line.

With just this much in place, you can now restart (or start) the DHCP server for the changes you've made to dhcpd.conf to take effect, and the DHCP server should be able to hand out leases between 192.168.1.16 and 192.168.1.127 without further messing around. However, since the whole point of this documentation is to avoid hosts being given some random IP address in that range, we're going a bit further still.

To start assigning static leases, we're going to have to define a group. It'll involve curly braces just like the subnet declaration above, and inside that group we'll create entries for each host you want to assign a static lease to. This section will look like the following:

group {
  host mythbackend {
    hardware ethernet 00:23:54:1d:98:f4;
    fixed-address 192.168.1.13;
  }

  host mysqlserver {
    hardware ethernet 00:19:66:71:aa:0f;
    fixed-address 192.168.1.14;   
  } 

  host mythfrontend {
    hardware ethernet 00:1c:dd:0f:aa:9d;
    fixed-address 192.168.1.15;   
  }
}

The host declarations inside the group declaration are just as simple as they look. In the example, we're looking to assign static leases for the frontend machine, the backend machine, and the mysql server. Your setup might not need this many, but again, we're trying to make everything as obvious as possible. Each host declaration involves the name of the machine (which is a name you use to identify them--it doesn't have to be a DNS name), it's ethernet hardware (MAC) address, and the IP address that host has now been assigned.

You may have noticed an apparent contradiction in the above sample. Note that while the DHCP server has been told to use the range of addresses from 192.168.1.16 to 192.168.1.127, these address are outside that range. This is fine (as long as they're within the subnet) and will avoid confusion later if you're trying to troubleshoot a problem. This will make your network environment in general a little more easy to identify. Anything that winds up with an IP address in the pool of 192.168.1.16 to 192.168.1.127 you will be able to tell wasn't immediately recognized as anything special by the DHCP server and is on a dynamic IP assignment. If the hosts you wanted to have a static IP address wind up in that pool, then you know that either you forgot to restart the DHCP server after you modified dhcpd.conf, or that you typo'd the MAC address (or that they haven't tried to get a DHCP lease since you did this).

Finding out the MAC address

Now that you know what goes into your dhcpd.conf, we'll address the one missing piece of the puzzle: How to find the MAC (ethernet hardware) address of your equipment. The MAC address for a network device is kept in the hardware and will never change (unless you do something really you shouldnt' have, they must be unique on your network). Simply type `/sbin/ifconfig` and look for the interface you want to know the MAC address for in the output. If it doesn't appear, it's probably in a "down" state. Assuming that the interface you want the address for is eth0, you can remedy this without risking anything bad happening by simply typing `/sbin/ifconfig eth0 up` and then typing `/sbin/ifconfig eth0`. The ifconfig command is something that can usually be run by any user, but isn't likely to be in the shell's path, which is why the /sbin part. For a host currently running Windows, you can find out the MAC address with a very similar command called 'ipconfig' run from a DOS prompt--Just remember to replaces the dashes Windows uses with colons when you create the host entry.

If the piece of equipment is something you can't run a prompt on (like a PS3 or XBox or you're just feeling lazy) you can also just go look in the file the server uses to store information about leases it's already handed out--just don't expect a lot of it to make sense. Usually this is /var/state/dhcp/dhcpd.leases, and it's a plain text file. It will contain some lease declarations in a format similar to the rest of what you've seen here, listed by IP address and each section will show the hardware ethernet address for the host that IP address was assigned to. By the way, don't edit the leases file.