DHCP – Dynamic Host Configuration Protocol

Summary

DHCP is a basic network service to help computers and devices connect to a network and use the Internet. 

Linux

Internet Systems Consortium maintains the open source software for DHCP. There are other packages but most rely on ISC’s version.

The client side is usually installed when the system is created.

To install the server side use your systems package manager.  Example commands from various systems.  NOTE: look in your documentation for the correct method.

  • yast -i yast-dhcp-server
  • apt-get install isc-dhcp-server
  • yum install dhcp

Configuration File

Typically found at /etc/dhcpd.conf

The file can get very complex.  It’s also possible to store the information in LDAP.

Example configuration for a single class C network.

default-lease-time 600;   # number of seconds 600 = 10 minutes
max-lease-time 7200; # number of seconds 7200 = 2 hours

option domain-name "example.com";
option domain-name-servers 192.168.1.10;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
subnet 192.168.1.0 netmask 255.255.255.0
{
range 192.168.1.100 192.168.1.200;
range 192.168.1.220 192.168.1.240;
}

host fileserver {
hardware ethernet 00:00:00:ff:ff:ff;
fixed-address 192.168.1.10;
}

host printer {
hardware ethernet ff:ff:ff:00:00:00;
fixed-address 192.168.1.20;
}

host bootp {
hardware ethernet ff:ff:ff:00:00:ff;
fixed-address 192.168.1.201;
filename "/path/to/tftpboot/bootp.boot";
}

CHROOT Security tips

Using chroot the DHCP service can be walled off to increase the security but it needs additional help.  When in chroot mode the new root is located in /var/lib/dhcp and the user ID that runs the service is set to the nobody ID.

The file /etc/sysconfig/dhcpd controls the chroot behavior.

Important entries in the /etc/sysconfig/dhcpd file

  • DHCPD_RUN_CHROOTED
  • DHCPD_CONF_INCLUDE_FILE
  • SYSLOGD_ADDITIONAL_SOCKET_DHCP 
  • DHCPDARGS

In chroot mode several files need to be copied to /var/lib/dhcp. They are copied only at the start of the init script. This will allow DHCP to resolve host names. If your DHCP only uses MAC address and IP addresses then this isn’t needed.

  • /etc/localtime
  • /etc/host.conf
  • /etc/hosts
  • /etc/resolv.conf

Other Tips

Lease times shown in the log file are in UTC not local time.

Windows

In Windows there are several ways to access DHCP server.  DHCP servers will be placed in a special container in AD. The GUI interface will pull up information stored in AD.

Moving DHCP configurations to a new server.

You can move a configuration from the same version to the same version or a new version but you cannot downgrade.

Export the DHCP data

  1. Log on to the existing DHCP server.
  2. Open an Administrator command prompt.
  3. Type the following and then press ENTER.
netsh dhcp server export C:\zTemp\dhcp.YYYYMMDD.txt all

Import the new data

  1. Log on to the new DHCP sever
  2. Install the DHCP role on the new DHCP server.
  3. Copy the exported DHCP text file the new DHCP server.
  4. Open an Administrator command prompt.
  5. Type the following and then press ENTER.
netsh dhcp server import C:\zTemp\dhcp.YYYYMMDD.txt all

Enable the new DHCP server

  1. Open DHCP management console on the new server.
  2. In the console tree on the left side, right-click DHCP.
  3. Verify all of the settings, options, scopes, and reservations.
  4. Select “Authorize”.

Tip

By default the old server should be de-authorized automatically but this does not always happen. This is to prevent two DHCP servers from handing out conflicting addresses.

Cleaning up the DHCP server list.

Basic maintenance task when you have a very old network or a network that has gone through many changes

Find and delete old DHCP servers

This is useful when an old server is offline and will not be restored

  1. Open an Administrative command console
  2. Type the following command and press enter
Netsh DHCP show server
  1. Copy the missing server’s information
  2. Type the following command and press enter
Netsh DHCP delete server ServerFQDN ServerIP address

Error when a server will not delete using NETSH

You can manually remove an old server from the AD Configuration Container.

  1. Start ADSIEDIT.MSC or open a blank MMC and add the ADSIEDIT tool.
  2. Open the configuration Container.
  3. Expand Services.
  4. Expand Net Services.
  5. On the right hand side you will find a record named CN=DHCPRoot
  6. Right Click the CN=DhcpRoot entry and then click Properties
  7. Highlight DhcpServers Attribute and click Edit. A new dialog box will appear.
  8. Highlight the entry with the old Domain name.
  9. Click Remove from DHCPServers Attribute.
  10. Click OK to close the edit dialog box.
  11. Click OK to close the properties dialog box.
  12. Restart the DHCP service on each DHCP server
  13. Verify the server is deleted using the following command in an Administrative Command Console
Netsh DHCP show server

References

Did you get a clue?

If you got a clue and want to thank me, then visit the thank me page. It’s the best way to keep me publishing articles and keeping this site operation.

This site uses affiliate links. When you go to another site from here the link typically will have an affiliate code attached to it. Your actions on that site may earn a small commission for me. Read our affiliate link policy for more details.

{fin}

Scroll to Top