Contents
Abstract
The purpose of the dynamic host configuration protocol (DHCP) is to assign network settings centrally from a server rather than configuring them locally on each and every workstation. A host configured to use DHCP does not have control over its own static address. It is enabled to configure itself completely and automatically according to directions from the server. If you use the NetworkManager on the client side, you do not need to configure the client at all. This is useful if you have changing environments and only one interface active at a time. Never use NetworkManager on a machine that runs a DHCP server.
![]() | IBM System z: DHCP Support |
---|---|
On IBM System z platforms, DHCP only works on interfaces using the OSA and OSA Express network cards. These cards are the only ones with a MAC, which is required for DHCP's autoconfiguration features. |
One way to configure a DHCP server is to identify each client using the hardware address of its network card (which is fixed in most cases), then supply that client with identical settings each time it connects to the server. DHCP can also be configured to assign addresses to each interested client dynamically from an address pool set up for that purpose. In the latter case, the DHCP server tries to assign the same address to the client each time it receives a request, even over longer periods. This works only if the network does not have more clients than addresses.
DHCP makes life easier for system administrators. Any changes, even bigger ones, related to addresses and the network configuration in general can be implemented centrally by editing the server's configuration file. This is much more convenient than reconfiguring numerous workstations. Also it is much easier to integrate machines, particularly new machines, into the network, because they can be given an IP address from the pool. Retrieving the appropriate network settings from a DHCP server is especially useful in the case of laptops regularly used in different networks.
A DHCP server supplies not only the IP address and the netmask, but also the hostname, domain name, gateway, and name server addresses for the client to use. In addition to that, DHCP allows a number of other parameters to be configured in a centralized way, for example, a time server from which clients may poll the current time or even a print server.
![]() | LDAP Support |
---|---|
In this version of SUSE® Linux Enterprise, the YaST DHCP module can be set up to store the server configuration locally (on the host that runs the DHCP server) or to have its configuration data managed by an LDAP server. |
The YaST DHCP module allows you to set up your own DHCP server for the local network. The module can run in simple mode or expert mode.
When the module is started for the first time, a wizard starts, prompting you to make a few basic decision concerning server administration. Completing this initial setup produces a very basic server configuration that should function in essential aspects. The expert mode can be used to deal with more advanced configuration tasks.
In the first step, YaST looks for the network interfaces available on your system then displays them in a list. From the list, select the interface on which the DHCP server should listen and click Figure 35.1, “DHCP Server: Card Selection”.
. After this, select to open the firewall for this interface. SeeUse the check box to determine whether your DHCP settings should be automatically stored by an LDAP server. In the entry fields, provide the network specifics for all clients the DHCP server should manage. These specifics are the domain name, address of a time server, addresses of the primary and secondary name server, addresses of a print and a WINS server (for a mixed network with both Windows and Linux clients), gateway address, and lease time. See Figure 35.2, “DHCP Server: Global Settings”.
In this step, configure how dynamic IP addresses should be assigned to clients. To do so, specify an IP range from which the server can assign addresses to DHCP clients. All these addresses must be covered by the same netmask. Also specify the lease time during which a client may keep its IP address without needing to request an extension of the lease. Optionally, specify the maximum lease time—the period during which the server reserves an IP address for a particular client. See Figure 35.3, “DHCP Server: Dynamic DHCP”.
After the third part of the configuration wizard, a last dialog is shown in which you can define how the DHCP server should be started. Here, specify whether to start the DHCP server automatically when the system is booted or manually when needed (for example, for test purposes). Click Figure 35.4, “DHCP Server: Start-Up”. Alternatively, you can select Figure 35.5, “DHCP Server: Host Management”). from the tree structure to the left to configure special host management features in addition to the basic configuration (see
to complete the configuration of the server. SeeInstead of using dynamic DHCP in the way described in the preceding sections, you can also configure the server to assign addresses in quasi-static fashion. To do so, use the entry fields provided in the lower part to specify a list of the clients to manage in this way. Specifically, provide the Figure 35.5, “DHCP Server: Host Management”.
and the to give to such a client, the , and the (token ring or ethernet). Modify the list of clients, which is shown in the upper part, with , , and . SeeIn addition to the configuration method discussed earlier, there is also an expert configuration mode that allows you to tweak the DHCP server setup in every detail. Start the expert configuration by selecting
in the tree view in the left part of the dialog.In this first dialog, make the existing configuration editable by selecting Figure 35.6, “DHCP Server: Chroot Jail and Declarations”. After selecting , define the type of declaration to add. With , view the log file of the server, configure TSIG key management, and adjust the configuration of the firewall according to the setup of the DHCP server.
. An important feature of the behavior of the DHCP server is its ability to run in a chroot environment, or chroot jail, to secure the server host. If the DHCP server should ever be compromised by an outside attack, the attacker will still be behind bars in the chroot jail, which prevents him from touching the rest of the system. The lower part of the dialog displays a tree view with the declarations that have already been defined. Modify these with , , and . Selecting takes you to additional expert dialogs. SeeThe Figure 35.7, “DHCP Server: Selecting a Declaration Type”).
of the DHCP server are made up of a number of declarations. This dialog lets you set the declaration types , , , , , and . This example shows the selection of a new subnetwork (seeThis dialog allows you specify a new subnet with its IP address and netmask. In the middle part of the dialog, modify the DHCP server start options for the selected subnet using
, , and . To set up dynamic DNS for the subnet, select .If you chose to configure dynamic DNS in the previous dialog, you can now configure the key management for a secure zone transfer. Selecting Figure 35.10, “DHCP Server: Interface Configuration for Dynamic DNS”).
takes you to another dialog in which to configure the interface for dynamic DNS (seeYou can now activate dynamic DNS for the subnet by selecting Figure 35.8, “DHCP Server: Configuring Subnets”). Selecting again returns to the original expert configuration dialog.
. After doing so, use the drop-down list to choose the TSIG keys for forward and reverse zones, making sure that keys are the same for the DNS and the DHCP server. With , enable the automatic update and adjustment of the global DHCP server settings according to the dynamic DNS environment. Finally, define which forward and reverse zones should be updated per dynamic DNS, specifying the name of the primary name server for each of the two zones. If the name server runs on the same host as the DHCP server, you can leave these fields blank. Selecting returns to the subnet configuration dialog (seeTo define the interfaces where the DHCP server should listen and adjust the firewall configuration, select Figure 35.11, “DHCP Server: Network Interface and Firewall”), after which you can return to the original dialog by selecting .
+ from the expert configuration dialog. From the list of interfaces displayed, select one or more that should be attended by the the DHCP server. If clients in all of the subnets should be able to communicate with the server and the server host also runs a firewall, adjust the firewall accordingly. To do so, select . YaST then adjusts the rules of SuSEfirewall2 to the new conditions (seeAfter completing all the configuration steps, close the dialog with
. The server is now started with its new configuration.