[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Make a DHCP server using Fedora - Help



On Saturday 15 November 2008 01:09, Antonio Olivares wrote:
> I am trying once again, something that I have not succeeded in doing.  I
> have tried before:
>
> http://marc.info/?l=fedora-list&m=112527669314098&w=4

Haven't read the whole thread, sorry, just the beggining. But I hope I didn't 
miss much info. ;-)

> Now I am at it again, this time, I want to succeed.  I have read the
> documentation again and I can't succeed, I have tried copying different
> /etc/dhcpcd.conf files from different places, but not working

The dhcpd configuration is highly network-dependent. You should never expect 
that somebody else's dhcpd.conf will Just Work for you. It typically Just 
Won't.

You have to understand what and how to configure and write your own 
dhcpd.conf.

> I have two nic's one from the motherboard and a 
> different one(PCI)
>
> [root localhost ~]# lspci
> 00:04.0 Ethernet controller: nVidia Corporation nForce2 Ethernet Controller
> 01:08.0 Ethernet controller: 3Com Corporation 3c905 100BaseTX [Boomerang]

Ok. Which do you want to be used for what purpose? How are they connected to 
outside world? What is your network topology? Try to think like this --- 
there is generally the "up" network (the outside world, not to be served with 
dhcpd) and "down" network (the local one, which should accept your dhcp 
offers). How are these two connected to the interfaces?

> [root localhost network-scripts]# ifconfig -a
> eth0      Link encap:Ethernet  HWaddr 00:0E:A6:42:59:AF
>           inet addr:10.154.19.210  Bcast:10.154.19.255  Mask:255.255.255.0
> eth1      Link encap:Ethernet  HWaddr 00:60:97:C5:2A:C3
>           inet6 addr: fe80::260:97ff:fec5:2ac3/64 Scope:Link

I see no IPv4 information for eth1. Depending on your topology, you should 
probably have it configured and up (with a static IP, if this is to be a link 
to the "down" network).

> I have read the howto's from here:
>
> http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch08_:_Conf
>iguring_the_DHCP_Server
>
> and
>
> http://www.howtoforge.com/perfect-server-fedora9
>
> as well as the article in Red Hat Magazine.

I've never read those articles, nor I intend to fwiw. But more importantly, 
have you read "man dhcpd" and "man dhcpd.conf"? Further, have you understood 
what is said there? This is essential for correct dhcpd operation. The main 
moral for servers: "Understand What You Are Doing".

If you need help on this, feel free to ask, or read some book on tcp/ip to 
learn the details about network structure. That's what I did and have never 
ever had any problems configuring dhcpd, since. :-)

> [root localhost ~]# service dhcpd start
> Starting dhcpd:                                            [FAILED]

Ok, so something is wrong. ;-)

> [root localhost ~]# dhcpd -f 
[snip]
> No subnet declaration for eth0 (10.154.19.210).
> ** Ignoring requests on eth0.  If this is not what
>    you want, please write a subnet declaration
>    in your dhcpd.conf file for the network segment
>    to which interface eth0 is attached. **

So, is this what you want, or not? You have to make it clear on what device 
(eth0 or eth1 or both) the dhcpd will listen. Where is your "down" network 
and where is the "up" one? Typically, you *do not* want to listen on the "up" 
interface, and you *do* want to listen on the "down" interface.

[[ N.B. In some network setups, the "up" network may not even exist. In other 
setups, you may want to listen on both "up" and "down" networks. You need to 
specify what exactly you want to achieve. ]]

> Not configured to listen on any interfaces!

So this is why it fails. The dhcpd.conf file is not configured correctly (or 
at all). Or the eth1 interface is not up and running (separate problem --- 
configure it, check cables and such...). Or both.

> [root localhost ~]# cat /etc/dhcpd.conf
> # dhcpd.conf
> #
> # Sample configuration file for ISC dhcpd

Example dhcpd.conf files are mainly targeted for educational purposes, not 
usability. Do not just copy-paste the example to /etc/dhcpd.conf and expect 
that to work. The example is there to teach you syntax and typical 
configuration, in order to help you write your own setup, not to substitute 
that writing.

> # option definitions common to all supported networks...
> option domain-name "example.org";

Is this your domain-name? I doubt. ;-) Fill in the real one. If you don't 
know, ask your ISP, they should know. If they haven't given you one (typical 
home-network dhcpd setup with a single link to outside), invent one. Do you 
want/have a dns server working in your local network?

> option domain-name-servers ns1.example.org, ns2.example.org;

So, what are your domain-name servers? Ask your ISP and use theirs, if you do 
not have a local dns. I usually put IP numbers here, not fqdn.

> default-lease-time 600;
> max-lease-time 7200;

Ok, suit for yourself, adjust these as you wish.

> # Use this to enble / disable dynamic dns updates globally.
> #ddns-update-style none;

Do you want dynamic updating of your local dns server? Probably not at this 
stage, leave commented.

> # If this DHCP server is the official DHCP server for the local
> # network, the authoritative directive should be uncommented.
> #authoritative;

Is this going to be the official dhcpd server for your local network? If yes 
(and I see no point in having the server if not), I guess you want this line 
uncommented.

> # Use this to send dhcp log messages to a different log file (you also
> # have to hack syslog.conf to complete the redirection).
> log-facility local7;

So, you want to log the server messages in a non-default way? Have you 
customized the syslog.conf to match this (assuming this is really needed, 
never did it myself)?

> # No service will be given on this subnet, but declaring it helps the
> # DHCP server to understand the network topology.
>
> subnet 10.152.187.0 netmask 255.255.255.0 {
> }

Ok, so any dhcp requests from this subnet will be ignored. What subnet do you 
want to serve?

Btw, in order to help dhcpd to understand network topology, you should 
definitely understand it yourself first. I can assume that you do, but 
sharing the info with us is important if you want anyone to help you with the 
configuration.

> # This is a very basic subnet declaration.
>
> subnet 10.254.239.0 netmask 255.255.255.224 {
>   range 10.254.239.10 10.254.239.20;
>   option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
> }

As it says, this is a very basic subnet definition. When a client asks for a 
dhcp request, your dhcpd server will offer it an address from the above range 
(typically going from .20 down to .10, ie. in reverse order...). Is this the 
set of addresses you want the client to get and use? How many computers do 
you expect to have on the network with dynamic IPs? Is it less than ten? Is 
that enough for your purposes?

Do you actually use the .example.org routers? No? What is the fqdn of your 
router then?

> # This declaration allows BOOTP clients to get dynamic addresses,
> # which we don't really recommend.
>
> subnet 10.254.239.32 netmask 255.255.255.224 {
>   range dynamic-bootp 10.254.239.40 10.254.239.60;
>   option broadcast-address 10.254.239.31;
>   option routers rtr-239-32-1.example.org;
> }

Is any of your client machines to be network-booted (ie. not from its own 
hard-disk)? I have never needed this. Do you? If not, delete it (or comment 
it out).

> # A slightly different configuration for an internal subnet.
> subnet 10.5.5.0 netmask 255.255.255.224 {
>   range 10.5.5.26 10.5.5.30;
>   option domain-name-servers ns1.internal.example.org;
>   option domain-name "internal.example.org";
>   option routers 10.5.5.1;
>   option broadcast-address 10.5.5.31;
>   default-lease-time 600;
>   max-lease-time 7200;
> }

You have two different subnets on your local network? This is the (by now 
famous) "topology question" :-) . How is your network organized? What is the 
intention behind having two different subnets? Why do you want them to have 
different parameters?

I repeat, this is *an example file*, I guess you really really don't need this 
in real life as is written here. This is meant to *teach* you, not to be 
*used*.

> # Hosts which require special configuration options can be listed in
> # host statements.   If no address is specified, the address will be
> # allocated dynamically (if possible), but the host-specific information
> # will still come from the host declaration.
>
> host passacaglia {
>   hardware ethernet 0:0:c0:5d:bd:95;
>   filename "vmunix.passacaglia";
>   server-name "toccata.fugue.com";
> }

Do you expect to have a client machine with the MAC address 0:0:c0:5d:bd:95? 
No? Why do you need this setting then?

> # Fixed IP addresses can also be specified for hosts.   These addresses
> # should not also be listed as being available for dynamic assignment.
> # Hosts for which fixed IP addresses have been specified can boot using
> # BOOTP or DHCP.   Hosts for which no fixed address is specified can only
> # be booted with DHCP, unless there is an address range on the subnet
> # to which a BOOTP client is connected which has the dynamic-bootp flag
> # set.
> host fantasia {
>   hardware ethernet 08:00:07:26:c0:a5;
>   fixed-address fantasia.fugue.com;
> }

Same as above.

> # You can declare a class of clients and then do address allocation
> # based on that.   The example below shows a case where all clients
> # in a certain class get addresses on the 10.17.224/24 subnet, and all
> # other clients get addresses on the 10.0.29/24 subnet.
>
> class "foo" {
>   match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
> }
>
> shared-network 224-29 {
>   subnet 10.17.224.0 netmask 255.255.255.0 {
>     option routers rtr-224.example.org;
>   }
>   subnet 10.0.29.0 netmask 255.255.255.0 {
>     option routers rtr-29.example.org;
>   }
>   pool {
>     allow members of "foo";
>     range 10.17.224.10 10.17.224.250;
>   }
>   pool {
>     deny members of "foo";
>     range 10.0.29.10 10.0.29.230;
>   }
> }

Ok, now this really gets complicated. Do you know what this means? Do you need 
it for your network? Why is it there?

> Thank you in Advance for advice, suggestions, howto's and guidance.

Ok, I have a small home network for a couple of computers (at work I have a 
large one with different pools, several servers, subnets and all, but I am 
not at liberty to disclose that dhcpd.conf...). My home setup looks like 
this:

[vmarko TheSith ~]$ cat /etc/dhcpd.conf
# I have no dns here, nor need one atm. So no dynamic dns either:
ddns-update-style none;

# no dns means I don't what to honor client requests on updating it:
ignore client-updates;

# my net is not a part of some larger network, nor connected to
# the internet, so I invent a name for my domain, just for kicks:
option domain-name "homesweethome";

# Now, what and how to serve. I use the 10.* addresses.
# Why not? :-)
subnet 10.0.0.0 netmask 255.0.0.0
{
# this machine is to be a router if I ever want to connect to outside world:
        option routers                  10.0.0.1;
# the class A local network (why not?):
        option subnet-mask              255.0.0.0;
# I have eight (3 to 10) possible IPs for dhcpd to serve. Do I need more?
# No. I have only four computers at home so far... Is a class A network
# a complete waste in this situation? Sure, but since I don't have a dns,
# I often have to type explicit IPs in command-line, and 10.0.0.* is the
# easiest to type... ;-)
        range 10.0.0.3 10.0.0.10;
        default-lease-time 21600;
        max-lease-time 43200;
}

And that's it. It just works, for my needs. And this network is completely 
off-line, in the sense that I have no "up" network (no connection to the 
internet). If I get connected (using dial-up, sigh :-( ...), I do it with the 
10.0.0.1 machine (the one hosting dhcpd among other things), and it is used 
as a router for others.

For most elementary needs, you would probably not need anything more than 
this. Maybe make the range more wide if you have lots of clients.

For more advanced setups, you need more advanced configuration. But always, 
and I mean **always**, configure dhcpd.conf yourself to suit *your* needs and 
*your* network. The "Understand What You Are Doing" philosophy... ;-)

HTH, :-)
Marko




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]