Introduction
Mailing List for the Conference
Conference Materials
Q: What is DHCP?
Q: What is BOOTP?
Q: How is UDP involved?
Q: Why did we need a new protocol, DHCP?
Q: DHCP, What is a "Lease"?
Q: What are the advantages of using DHCP?
Q: When should I use Static and/or BOOTP entries instead of Dynamic?
Q: How does the protocol work?
Setting up the ISC DHCP Server
Build and Install the Server
Note: Important Server Files
Configuring the Server to deliver IP Addresses
Running the Server
Important Server Operations
Server Strategies
Lease Length Strategies
More Popular Configuration Options
Other Tools You Might Want
Configuring the Clients
Client Problems, Problems, Problems
What is a Relay Agent?
Do I need a Relay Agent?
How do I configure the Router to be a Relay Agent?
Introduction
- Thanks to the network gods (Dave Meyer, Dale Smith, and Jose' Dominguez)
- Introduce myself (Vegas, LA, Illinois, Oregon)
- Let's Check the Weather!
- Recruiting the Dominguez Way
1. ask for volunteers before they have COFFEE
2. Jose's Laws #1: "Hurricane's are fun!"
3. Jose's Laws #2: "Una fria, por favor!"
Mailing List for the Conference
mailto:majordomo@ns.uoregon.edu
subscribe rudac-conf
Conference Materials
O'Reilly CD-ROMS will arrive soon!
Presentations are on the CD-ROM
The ISC DHCP Server Software on the CD-ROM
[ This is a great resource! Demonstrate on notebook! ]
Q: What is DHCP?
* DHCP is used to automatically configure network devices
with TCP/IP information.
"Dynamic Host Configure Protocol"
RFC2131 http://www.nic.mil/ftp/rfc/rfc2131.txt
"DHCP Options"
RFC2132 http://www.nic.mil/ftp/rfc/rfc2132.txt
See Also: "TCP/IP Network Administration", Appendix D
Q: What is BOOTP?
"Bootstrap Protocol"
RFC951 http://www.nic.mil/ftp/rfc/rfc2131.txt
- BOOTP was designed before DHCP
- BOOTP does things similar to DHCP
- BOOTP but is no longer preferred
Q: How is UDP involved?
- BOOTP and DHCP are built on UDP
- UDP is single-packets, "connectionless"
- UDP is "unreliable", no retransmission mechanism
- UDP allows destination = 255.255.255.255 BROADCASTS
- UDP allows source = 0.0.0.0 THIS HOST placeholder
See RFC768 http://www.nic.mil/ftp/rfc/rfc768.txt
0 7 8 15 16 23 24 31
+--------+--------+--------+--------+
| Source | Destination |
| Port | Port |
+--------+--------+--------+--------+
| | |
| Length | Checksum |
+--------+--------+--------+--------+
|
| data octets ...
+---------------- ...
User Datagram Header Format
Q: Why did we need a new protocol, DHCP?
- BOOTP requires server configuration for each new client.
- BOOTP has a very limitted set of options.
- BOOTP has no timeouts, so addresses are configured forever.
( In some cases however, BOOTP is what you want. )
( And the ISC DHCPD can be configured to do BOOTP, if you want. )
Q: DHCP, What is a "Lease"?
The DHCP server grants the DHCP client an IP address for a
fixed amount of time. This time is called the "lease" time.
After the lease expires, the client is REQUIRED to stop using
the IP address. Periodically the client sends request to the
server to "RENEW" or extend the lease.
- leases make DHCP able to recover unused addresses
- leases allow DHCP to simplify site renumbering
- varying lease lengths allows different types of control
( more on this later )
Q: What are the advantages of using DHCP?
*** No manual configuration required ***
- simplifies site IP renumbering
- maximizes available IP address space
- allows for automatic mobile configuration
- allows for centralized tracking of IP address use
Q: When should I use Static and/or BOOTP entries instead of Dynamic?
- for server machines
- for critical network machines/devices
- for "registering" machines for tracking purposes
- for printers
- for very old equipment
- when you never want the IP ADDRESS to change
NOTE: you can do "host" entries in the ISC DHCPD
that will operate like BOOTP static entries, but
- BOOTP devices will not free up the IP address later
Q: How does the protocol work?
- It is a "client-server" protocol.
- "67" is the server UDP port
- "68" is the client UDP port
- server controls IP address allocation and network configuration.
- server maintains a database of assigned addresses, "leases"
- clients are granted "leases" only for a set time period.
- after a lease expires, the client MUST request a new lease.
1. Client does DISCOVER [ DIAGRAM ]
2. Server does OFFER [ DIAGRAM ]
3. Client does REQUEST
4. Server does ACK
Complete Sequence [ DIAGRAM ]
DISCOVER/OFFER/REQUEST/ACK
Setting up the ISC DHCP Server
- The Official Distribution
stable ftp://ftp.isc.org/isc/dhcp/dhcp-2.0.tar.gz
experimental ftp://ftp.isc.org/isc/dhcp/dhcp-3.0b1pl0.tar.gz
- unpack the distribution
% gunzip dhcp-2.0.tar.gz
% tar xvf dhcp-2.0.tar
- includes/site.h
... these are not necessary in general ...
#define DEBUG [ to run in foreground and current dir ]
#define _PATH_DHCPD_DB [ /var/run/dhcpd.leases, /etc/dhcpd.leases ]
#define _PATH_DHCPD_CONF [ /var/run/dhcpd.conf, /etc/dhcpd.conf ]
... but i always do this one ...
- syslog to a certain file, /var/log/dhcp
- add "local4.* /var/log/dhcp" to /etc/syslog.conf
#define DHCPD_LOG_FACILITY LOG_LOCAL4
... good if you are on Solaris ...
#define USE_SOCKETS [ use sockets instead of streams interfaces ]
Build and Install the Server
% make clean
% make
% make install
installs these files:
/usr/sbin/dhcpd, /usr/sbin/dhcrelay,
/sbin/dhclient, /etc/dhclient-script
installs these man pages:
dhclient.conf dhcp-options dhcpd.leases
dhclient.leases dhcpd.conf
dhclient-script dhclient dhcrelay dhcpd
Note: Important Server Files
/etc/dhcpd.conf
/var/state/dhcp/dhcpd.leases
/var/run/syslogd.pid
/var/adm/messages (or) /var/log/dhcp.log
Configuring the Server to deliver IP Addresses
- global settings
server-identifier 192.168.0.151;
option domain-name "rudac.net.do";
option domain-name-servers 207.176.16.50;
option subnet-mask 255.255.255.0;
default-lease-time 43200;
max-lease-time 43200; # that's 12 hours!
- always include server subnet, "net0"
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.200 192.168.0.250;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
}
- a simple subnet, "net1"
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.200 192.168.1.250;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
}
- another subnet, "net2"
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.200 192.168.2.250;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
}
- example host declaration
host biz {
hardware ethernet 00:40:C7:59:93:A9;
fixed-address 192.168.0.199
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1
}
Running the Server
- create empty leases file
- create config file [ SEE BELOW ]
- restart syslogd
- start the server
% cp /dev/null /var/state/dhcp/dhcpd.leases
% edit /etc/dhcpd.conf
% kill -HUP `cat /var/run/syslogd.pid`
% dhcpd
Important Server Operations
- to change configuration, you must FIRST stop the server
kill `cat /var/run/dhcpd.pid`
- automatically BACKUP your leases file on another machine
% scp /var/state/dhcp/dhcpd.leases backup-machine:/saveleases/
% scp /etc/dhcpd.conf backup-machine:/saveconf/
- run a program to check if server running
% man cron
% nmap -sU -p 67 192.168.0.151
Server Strategies
- dynamic addressing
- static addressing (also called "host" entries, or "fixed")
- automatic addressing (also called "dynamic-bootp")
- hybrid approach
NOTE: no standard Server-to-Server mechanism
NOTE: Dynamic-DNS is not part of the ISC2.0 server
NOTE: Dynamic-DNS is in the ISC3.0 server code, but unsupported
Lease Length Strategies
- when to use short leases, [ Classrooms ]
- when to use long leases, [ Dormitories ]
- what is a good general lease length? [ 12 hours ]
- Example: USWest, [ 24 hours ]
- "Renumbering" can be the deciding factor
More Popular Configuration Options
- fix some host entries where host has BOOTP problems
option always-reply-rfc1048 true;
- netbios options for W95/W98 file sharing/browsing
point at central Windows NT Primary Domain Controller
option netbios-name-servers 128.223.60.48;
option netbios-node-type 8;
Other Tools You Might Want
- a "see-leases" script
- a "see-config" script
- a daily report
- an illegal-IP-addresses-in-use detector
- use your DNS file as your DHCP source database for host entries
Configuring the Clients
MacOS
Win95/98
Linux
- pump, named after "boot(p)", a pump is a shoe
- pump, runs as a daemon
- pump, the first version 1.0 was buggy, get the update!
% man pump
% pump -i eth0
% pump -l 48 -i eth0 [ ask for a 48-hour lease ]
% pump -r [ RENEW ]
% pump -R [ RELEASE ]
Client Problems, Problems, Problems
- general problem: allowed size of the ACK UDP packet (309 bytes?)
- general problem: broadcast REQUEST, broadcast? or unicast? ACK
- general problem: unrecognized options fields
client problem examples:
LANMANAGER TCPIP.EXE, pre-1994 hates do-not-fragment bit
MacOS TCP/IP creates invisible configuration entries
MacOS TCP/IP has a 21-day max lease limit
MacOS TCP/IP "sleep/wakeup/renew" every 5 minutes
Win95 TCP/IP stack hangs
HP Printers hang on errors
Linux pump, v1.0 was buggy
What is a Relay Agent?
Do I need a Relay Agent?
How do I configure the Router to be a Relay Agent?