Set up a DHCP server to manage IP addresses

An anonymous reader writes "The second in a three-part series on how to leverage Linux to get the most from your network, this tutorial shows how to set up a Dynamic Host Configuration Protocol (DHCP) server with Internet Systems Consortium (ISC) DHCP. Sample code and configuration files are provided throughout to aid understanding."

Comp User/pass Link

[Anonymous Coward]

http://www.bugmenot.com/view.php?url=www.ibm.com

Re:Comp User/pass Link

[wpc4]

Or even better, http://extensions.roachfiend.com/index.php#bugmeno t

It automatically inputs the information into the user/pass field for you.

Recommended: dnsmasq

[Tux2000]

For small networks, I recommend using dnsmasq [thekelleys.org.uk]. It's a combined DHCP server and DNS server/proxy intended for use on a masquerading gateway that can run nearly without any configuration. Add your mac addresses to /etc/ethers for fixed IP adresses, add your hostnames to /etc/hosts, finito. There is no need to fiddle with to big servers (bind and ISC dhcpd). I use it on my (heavily modified) WRT54G [linksys.com] with about 10 to 20 systems without any problems.

Tux2000

Re:Recommended: dnsmasq

[JRIsidore]

It's indeed a very helpful tool but it can cause some troubles. I tried it a while ago and got errors with Exim 4, it didn't like the DNS responses that dnsmasq sent out for my local machines and thus started to reject mails. Host queries and pings worked fine though. As I switched back to Bind the problems were gone. Dunno what went wrong, I didn't bother to dig deeper into this.

Re:Recommended: dnsmasq

[Tux2000]

I don't know what's wrong with dnsmasq+exim (and I'm too lazy to search google), but dnsmasq is under very active development and has fixed a lot of bugs, some esotheric, some really nasty. Details are in the changelog [thekelleys.org.uk]. Perhaps the trouble with exim has already been solved. You may want to give dnsmasq a second chance. ;-)

I still use sendmail from Slackware 8 in my LAN, it just works, with both my now disabled bind and with dnsmasq 2.something. I want to change to some other mailer, but I've not yet found

Re:Recommended: dnsmasq

[JRIsidore]

I don't know what's wrong with dnsmasq+exim (and I'm too lazy to search google), but dnsmasq is under very active development and has fixed a lot of bugs, some esotheric, some really nasty. Details are in the changelog. Perhaps the trouble with exim has already been solved.

I didn't follow dnsmasq development, but quite possibly the issue has been fixed (hm, maybe I should have filed a bug report...). Tried it about a year ago and now I'm too lazy to reconfigure my box.

You may want to give dnsmasq a s

So what's the point?

[jbarr]

I have a DHCP Server enabled on my Router, so why would I need to do this? Maybe for a large-network business application, but for the majority of network applications (read home and small business) what's the point other than an academic lesson?

(OK, so I didn't actually read the article because of the requried registration...)

Re:So what's the point?

[Rikus]

I don't think that DHCP is especially useful on a small network where each computer can be manually set up (simplifying things a bit), but it's even stranger to see a story like this on Slashdot. People who need to know how to set up DHCP servers should go to google [google.com].
And while they're at it, they can google for all the other computer-related subjects that don't need to become news stories.

Re:So what's the point?

[shufler]

Actually, DHCP is especially useful on a small network, as you can setup the DHCP server to assign addresses to specific MAC addresses instead of manually configuring the details in the OS.

This is handy if you continually resinstall operating systems on a box, and have gotten used to accessing it via a specific IP address, or whatever.

Besides, by using DHCP, you can add new hosts without doing a thing. This means your friends can come over and plug their shit in without problems, and your network will be filled with with trojans in no time.

Re:So what's the point?

[TeknoHog]

Actually, DHCP is especially useful on a small network, as you can setup the DHCP server to assign addresses to specific MAC addresses instead of manually configuring the details in the OS.

At the school where I work, we do exactly this. The idea is that workstations can be exact copies of a master image, but of course each must have a unique IP address. It's a lot nicer to set these up at the server, than going through the boxes separately. Especially when some of them are Windows machines.

Re:So what's the point?

[EnronHaliburton2004]

This is handy if you continually resinstall operating systems on a box, and have gotten used to accessing it via a specific IP address, or whatever.

It's also great when your friends come over and want to use your network. Just plug-in, wait for DHCP to kick in, and go.

Saves alot of typing, and retyping...

Re:So what's the point?

[Lussarn]

There are still many of us that use an old PC box for firewall/router. We use DHCP too. Chances are your router is running Linux so indirectly you are using this too.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:So what's the point?

[eneville]

Having DHCP on a given computer is as valid as having NAT on the given computer and not using your broadband router for NAT. The chances are the router is not as capable as ISC DHCP. I'd like to see a router that is as capable as OBSD PF.

IMO the broadband nat/router should be just a modem, and the computer user should set up services like that. If you have a reason for requiring DHCP on the router, then your network is likely too big to be managed by the router. Get your self a descent computer to act as

WTF?

[itwerx]

Is Slashdot posting Howto's now?
Or did an editor slip up (never!) and hit the "post this" button instead of the "delete" button?

I hate being this confused on a Monday morning... :|

Can't be bothered to register and RTFA

[TheLink]

Anyway my suggestion is if you want better control, what you do is to have your DHCP server assign unknown machines to IP addresses in a quarantine network that possibly runs something like nocatauth to tell new users to contact the admin - phone num etc. Heck maybe put each of them in their own /30 network or something.

Once they call you and you've identified the previously unknown machine and the user and everything is OK (scan for viruses, detect worms etc), you can reassign this machine to its own reserved IP - and possibly reconfigure the relevant switch's port to take it out of the special mode that only allows it to talk to one server and not each other (not all switches support this feature).

This could help prevent unknown machines from spreading worms, or automatically getting access to your network.

How about a resource about setting up IPv6 network

[MrSnivvel]

This is nice and all, but how about a comprehensive resource for setting up an internal network running IPv6. When adoption of IPv6 is always on the "Coming soon..." list (in North America at least), it would be nice to see an article, HOWTO, or something dealing the current setup and pitfalls.

Knowing that the tools (RADVD or DHCPv6, 6to4 gateways, DNS "AAAA" records, etc.) are out there is one thing, knowing how to get them to fit together and pull it off is another. If anybody knows how to setup an internal IPv6-only network where systems are accessible from "the outside", info would be appreciated.

Re:How about a resource about setting up IPv6 netw

[eneville]

There's good how-tos on www.6bone.net and www.tldp.org ;) I never got passed the 'subscribe to 6bone' stage, was too much to read and I thought IPv6 means more bits for my dear ol' mowdem to cope with.

dhcp and linux

[XO]

is there a functioning Linux distribution that DOESN'T come with a fully functioning DHCP server preinstalled, that you have to kill if you have more than one box on your network?? I don't think so..

at least, after installing three Fedora boxes and a Debian box on my network, I had a hell of a time getting my networking to work on the systems, until I realised that without asking me, all of them installed a function DHCP client and server..

(Linux distribution install programs suck)

Re:dhcp and linux

[bzBetty]

last i checked gentoo doesn't do that, and i'm sure alot of others don't either. Although i would have expected debian not to.

Re:dhcp and linux

[XO]

well, yeah, i forgot about gentoo, gentoo is sort of a "define exactly what you want" thing, though.. from what i understand, having not used it, that might be the way to go, to avoid having all the garbage that I don't need.. but requires a lot more time to invest to getting it up and running.. ?

actually, i haven't even managed to get my debian box to ever auto-configure it's network interface at all.. i defined the configuration when i ran the installation, but it always says "failed to bring up eth0" ..

Re:dhcp and linux

[bzBetty]

yeah gentoo takes a bit more work to setup then other distros around, but i guess you could use the binary packages (most gentoo users compile everything and i mean everything from source) probably wouldn't take too long.

Dynamic DNS

[Ann Elk]

Some tips on getting dhcpd and bind to "play nicely together" would be useful. It's not rocket science, but it's not exactly obvious, either.

Perhaps stupid question about DNS

[spitzak]

Would it be possible for a small router box (such as one running Linux) to also supply a local tiny DNS?

My cheapo commercial router/firewall seems to know the "name" of each machine, as it shows that name along with the MAC and IP address in it's web page (admittedly Linux makes it a pain in the ass to locate and change this name, why can't it match the hostname automatically?). However if I do "ping " it does not work. Adding the name and IP address to my /etc/hosts table does work, however.

So a couple q

Re:Perhaps stupid question about DNS

[mvdw]

Answers:

1. Yes. My DNS server at home does exactly this. It is a linux machine, running ipcop

2. Yes, it is done. IPCop is commercial quality. You just need to supply your own computer :).