Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to install ISC DHCP server on Debian system". In daily operation, I believe many people have doubts about how to install ISC DHCP server on Debian system. Xiaobian consulted all kinds of materials and sorted out simple and easy-to-use operation methods. I hope it will be helpful to answer the doubts of "how to install ISC DHCP server on Debian system". Next, please follow the editor to study!

Dynamic Host Control Protocol (DHCP) provides a convenient way for network administrators to provide network layer addresses for ever-changing network hosts or dynamic networks. One of the most commonly used DHCP services tools is ISC DHCP Server. The purpose of DHCP service is to provide hosts with the necessary network information so that they can communicate with other hosts connected in the network. The information provided by the DHCP service includes: DNS server information, network address (IP), subnet mask, default gateway information, hostname and so on.

This tutorial describes how ISC-DHCP-Server, version 4.2.4, running on Debian 7.7, can manage multiple virtual local area networks (VLAN) and can be easily applied to a single network.

The network used in the test uses Cisco routers to manage DHCP lease addresses in the traditional way. There are currently 12 VLAN that need to be managed through a centralized server. By transferring the task of DHCP to a dedicated server, the router can reclaim the corresponding resources and use them on more important tasks, such as routing addressing, access control list, traffic monitoring and network address translation.

Another benefit of moving the DHCP service to a dedicated server, which will be discussed later, is that it can set up a dynamic domain name server (DDNS) so that when the host requests a DHCP address from the server, the hostname of the new host will be added to the DNS system.

Install and configure the ISC DHCP server

1. Use the apt tool to install the ISC software in the Debian software repository to create this multi-homed server. Like other tutorials, you need root or sudo access. Please modify it appropriately so that you can use the following command. (note: there are comments in parentheses below. Please delete them when you use them. # indicates the root permission used.)

The code is as follows:

# apt-get install isc-dhcp-server [install the ISC DHCP Server software]

# dpkg-- get-selections isc-dhcp-server [confirm that the software has been installed successfully]

# dpkg-s isc-dhcp-server [confirm successful installation in another way]

2. Confirm that the service software has been installed, and now you need to provide network information to configure the server so that the server can distribute the network information according to our needs. The minimum DHCP information you need to know as an administrator is as follows:

Network address

Subnet mask

Dynamically assigned address range

Other useful information dynamically assigned by the server includes:

Default gateway

DNS server IP address

domain name

Hostnam

Webcast address

This is only a very small number of options that can be handled by the ISC DHCP server. If you want to see all the options and their descriptions, you need to enter the following command after installing the software:

The code is as follows:

# man dhcpd.conf

3. Once the administrator has determined all the necessary information distributed by this server, it is time to configure the server and assign the necessary address pool. Before you can configure any address pool or server configuration, you must configure the DHCP server to listen on an interface on this server.

On this particular server, after the network card is set up, DHCP listens for the interface named 'bond0'. Please change the server and network environment according to your actual situation. The following configurations are for this tutorial.

This line specifies DHCP traffic on one or more DHCP service listening interfaces. Modify the main configuration file to assign the appropriate pool of DHCP addresses to the desired network. The main configuration file is in / etc/dhcp/dhcpd.conf. Open this file with a text editor

The code is as follows:

# nano / etc/dhcp/dhcpd.conf

This configuration file can configure the address pool / host we need. There is a sentence like 'ddns-update-style'' at the top of the file, which is set to 'none'' in this tutorial. In future tutorials, we will talk about the integration of dynamic DNS,ISC-DHCP-Server with BIND9, which enables hostname updates to point to IP addresses.

4. The next part is for the administrator to configure global network settings, such as DNS domain name, default lease time, IP address, subnet mask, and so on. If you want to know all the options, please read the dhcpd.conf file in the man manual with the following command:

The code is as follows:

# man dhcpd.conf

For this server, we need to configure some global network settings at the top of the configuration file so that we don't have to set them separately in each address pool.

Let's take a moment to explain these options, which can be configured separately for a pool of addresses, although they are global settings in this tutorial.

Option domain-name "comptech.local";-all hosts using this DHCP server will become a member of the DNS domain "comptech.local"

Option domain-name-servers 172.27.10.6; DHCP distributes the DHCP server address 172.27.10.6 to all network hosts that configure this DNS server

Option subnet-mask 255.255.255.0;-each network device is assigned a subnet mask of 255.255.255.0 or / 24

Default-lease-time 3600;-default valid address lease time (in seconds). If the lease time runs out, the host can reapply for the lease. If the lease is completed, the corresponding address will be reclaimed as soon as possible.

Max-lease-time 86400;-this is the maximum lease time (in seconds) that a host can rent.

Ping-check true;-this is an additional test to ensure that the network address distributed by the server is not the network address already used by another host in the current network.

Ping-timeout;-how many seconds will the server wait for the ping response before determining that the address has not been used before.

Ignore client-updates; this option is now negligible because DDNS was previously disabled in the configuration file, but when DDNS is running, this option ignores the host's request to update its DNS hostname.

5. The following line in the file is the line of the authoritative DHCP. The meaning of this line is that if the server is the server that distributes the network address configured in the file, uncomment the authoritative keyword authoritative stanza.

Uncomment the global authority keyword by removing the'# 'before the keyword authoritative. This server will be the only authority in the network it manages.

By default, the server is assumed to be not an authoritative server on the network. The reason for doing this is for security reasons. If someone does not understand the configuration of DHCP services, resulting in improper configuration or configuration to a network that should not appear, this will lead to very serious connectivity problems. This line can also be configured separately in each network. That is, if the server is not a DHCP server for the entire network, the authoritative line can be used in each separate network instead of the global configuration as shown in the screenshot above.

6. This step is to configure all DHCP address pools / networks that the server will manage. For brevity, this tutorial covers only one of the configured address pools. As an administrator, you need to collect some necessary network information (such as domain names, network addresses, how many addresses can be distributed, etc.)

The information used in the following address pool is collected by the administrator: network ID 172.27.60.0, subnet mask 255.255.255.0 or / 24, default subnet gateway 172.27.60.1, broadcast address 172.27.60.255.0.

The above information is important for building a new network in the dhcpd.conf file. Use a text editor to modify the configuration file to add a new network, here we need to use root or sudo access.

The code is as follows:

# nano / etc/dhcp/dhcpd.conf

The current example is assigning IP addresses to virtual servers created with VMWare. The first line shows the subnet mask of the network. The contents in parentheses are all the options that the DHCP server should provide to the hosts on the network.

The first line, range 172.27.60.50 172.27.60.254, shows the range of addresses that the DHCP service can dynamically distribute to hosts on this network.

The second line, option routers 172.27.60.1, shows the default gateway address assigned to all hosts on the network.

The last line, option broadcast-address 172.27.60.255, shows the broadcast address of the current network. This address cannot be included in the address range to be distributed because the broadcast address cannot be assigned to a host.

It must be emphasized that each line must end with (;), and all created networks must be in {}.

7. If you want to create multiple networks, continue to create their corresponding options and save the text file. If there are changes after the configuration is complete, the ISC-DHCP-Server process needs to restart for the new changes to take effect. Restarting the process can be done with the following command:

The code is as follows:

# service isc-dhcp-server restart

This command restarts the DHCP service, and administrators can use several different ways to check whether the server is ready to process dhcp requests. The easiest way is to use the lsof command to see if the server is listening on port 67, as follows:

The code is as follows:

# lsof-I: 67

The output here shows that dhcpd (the DHCP service daemon) is running and listening on port 67. Because of the mapping of port 67 in the / etc/services file, port 67 in the output is actually converted to "bootps".

This is very common in most systems, and now that the server should be ready for network connection, we can connect a host to the network to request a DHCP address to verify that the service is working.

Test client connection

8. Many systems now use network managers to maintain the state of network connections, so the device should be pre-configured to obtain DHCP as long as the corresponding interface is active.

However, when a device cannot use the network manager, it may need to obtain the DHCP address manually. The following steps demonstrate how to obtain the address manually and how to see if the server has distributed the address as needed.

The ifconfig' tool can be used to check the configuration of the interface. The device of the DHCP server used for testing has only one network adapter (network card), which is named 'eth0'.

The code is as follows:

# ifconfig eth0

Judging from the output, the device currently does not have an IPv4 address, which makes it easy to test. We connect this device to the DHCP server and make a request. A DHCP client tool called 'dhclient'' has been installed on this device. Because the operating systems are different, the client software is also different from each other.

The code is as follows:

# dhclient eth0

The current 'inet addr:' field shows IPv4 addresses that fall within the 172.27.60.0 network address range. It is gratifying to note that the current network is also configured with the correct subnet mask and broadcast addresses are distributed.

Everything looks good so far. Let's test it to see if the new IP address received by this device is sent by the server. Here we refer to the server's log file to accomplish this task. Although there are hundreds of thousands of entries in this log, only a few are used to determine whether the server is working properly. Here we use a tool, 'tail', which displays only the last few lines of the log file, so we don't have to have a text editor to view all the log files. The command is as follows:

The code is as follows:

# tail / var/log/syslog

OK! The server records show that it distributes an address to the host (HRTDEBXENSRV). The server operates as expected and distributes the appropriate network address to the network where it acts as the authoritative server. At this point, the DHCP server is successfully set up and running. If necessary, you can continue to configure other networks to troubleshoot and ensure security.

At this point, the study on "how to install an ISC DHCP server on a Debian system" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.