Dynamic Host Configuration Protocol (DHCP)
The Dynamic Host Configuration Protocol (DHCP) is a network service that enables host computers to be automatically assigned settings from a server as opposed to manually configuring each network host. Computers configured to be DHCP clients have no control over the settings they receive from the DHCP server, and the configuration is transparent to the computer’s user.
The most common settings provided by a DHCP server to DHCP clients include:
-
IP address and netmask
-
IP address of the default-gateway to use
-
IP addresses of the DNS servers to use
However, a DHCP server can also supply configuration properties such as:
-
Hostname
-
Domain name
-
Time server
-
Print server
The advantage of using DHCP is that any changes to the network, such as a change in the DNS server address, only need to be changed at the DHCP server, and all network hosts will be reconfigured the next time their DHCP clients poll the DHCP server. As an added advantage, it is also easier to integrate new computers into the network, as there is no need to check for the availability of an IP address. Conflicts in IP address allocation are also reduced.
A DHCP server can provide configuration settings using the following methods:
Manual allocation (MAC address)
This method uses DHCP to identify the unique hardware address of each network card connected to the network, and then supplies a static configuration each time the DHCP client makes a request to the DHCP server using that network device. This ensures that a particular address is assigned automatically to that network card, based on its MAC address.
Dynamic allocation (address pool)
In this method, the DHCP server assigns an IP address from a pool of addresses (sometimes also called a range or scope) for a period of time (known as a lease) configured on the server, or until the client informs the server that it doesn’t need the address anymore. This way, the clients receive their configuration properties dynamically and on a “first come, first served” basis. When a DHCP client is no longer on the network for a specified period, the configuration is expired and released back to the address pool for use by other DHCP clients. After the lease period expires, the client must renegotiate the lease with the server to maintain use of the same address.
Automatic allocation
Using this method, the DHCP automatically assigns an IP address permanently to a device, selecting it from a pool of available addresses. Usually, DHCP is used to assign a temporary address to a client, but a DHCP server can allow an infinite lease time.
The last two methods can be considered “automatic” because in each case the DHCP server assigns an address with no extra intervention needed. The only difference between them is in how long the IP address is leased; in other words, whether a client’s address varies over time.
Ubuntu makes two DHCP servers available:
-
isc-dhcp-server
(which installsdhcpd
, the dynamic host configuration protocol daemon) -
isc-kea
.
Note that although Ubuntu still supports isc-dhcp-server
, this software is no longer supported by its vendor.
isc-kea
Kea is the DHCP server which ISC developed to replace isc-dhcp
. It is newer and designed for more modern network environments.
This section describes how to install and configure isc-kea
in Ubuntu 23.04
or greater. For isc-dhcp-server
instructions, skip to the next section.
Install isc-kea
At a terminal prompt, enter the following command to install isc-kea
:
sudo apt install kea
This will also install a few binary packages, including
-
kea-dhcp4-server
: The IPv4 DHCP server (the one we will configure in this guide). -
kea-dhcp6-server
: The IPv6 DHCP server. -
kea-ctrl-agent
: A REST API service for Kea. -
kea-dhcp-ddns-server
: A Dynamic DNS service to update DNS based on DHCP lease events.
Since the kea-ctrl-agent
service has some administrative rights to the Kea
services, we need to ensure regular users are not allowed to use the API
without permissions. Ubuntu does it by requiring user authentication to access
the kea-ctrl-agent
API service (LP: #2007312 has more details on this).
Therefore, the installation process described above will get a debconf “high”
priority prompt with 3 options:
- no action (default);
- configure with a random password; or
- configure with a given password.
If there is no password, the kea-ctrl-agent
will not start.
The password is expected to be in /etc/kea/kea-api-password
, with ownership
root:_kea
and permissions 0640
. To change it, run dpkg-reconfigure kea-ctrl-agent
(which will present the same 3 options from above again), or just edit the file
manually.
Configure kea-dhcp4
The kea-dhcp4 service can be configured by editing
/etc/kea/kea-dhcp4.conf
.
Most commonly, what you want to do is let Kea assign an IP address from a
pre-configured IP address pool. This can be done with settings as follows:
{
"Dhcp4": {
"interfaces-config": {
"interfaces": [ "eth4" ]
},
"control-socket": {
"socket-type": "unix",
"socket-name": "/run/kea/kea4-ctrl-socket"
},
"lease-database": {
"type": "memfile",
"lfc-interval": 3600
},
"valid-lifetime": 600,
"max-valid-lifetime": 7200,
"subnet4": [
{
"id": 1,
"subnet": "192.168.1.0/24",
"pools": [
{
"pool": "192.168.1.150 - 192.168.1.200"
}
],
"option-data": [
{
"name": "routers",
"data": "192.168.1.254"
},
{
"name": "domain-name-servers",
"data": "192.168.1.1, 192.168.1.2"
},
{
"name": "domain-name",
"data": "mydomain.example"
}
]
}
]
}
}
This will result in the DHCP server listening on interface “eth4”, giving clients an IP address from the range 192.168.1.150–192.168.1.200. It will lease an IP address for 600 seconds if the client doesn’t ask for a specific time frame. Otherwise the maximum (allowed) lease will be 7200 seconds. The server will also “advise” the client to use 192.168.1.254 as the default-gateway and 192.168.1.1 and 192.168.1.2 as its DNS servers.
After changing the config file you can reload the server configuration through
kea-shell
with the following command (considering you have the
kea-ctrl-agent
running as described above):
kea-shell --host 127.0.0.1 --port 8000 --auth-user kea-api --auth-password $(cat /etc/kea/kea-api-password) --service dhcp4 config-reload
Then, press ctrl-d. The server should respond with
[ { "result": 0, "text": "Configuration successful." } ]
meaning your configuration was received by the server.
The kea-dhcp4-server
service logs should contain an entry similar to
DHCP4_DYNAMIC_RECONFIGURATION_SUCCESS dynamic server reconfiguration succeeded with file: /etc/kea/kea-dhcp4.conf
signaling that the server was successfully reconfigured.
You can read kea-dhcp4-server
service logs with journalctl
:
journalctl -u kea-dhcp4-server
Alternatively, instead of reloading the DHCP4 server configuration through
kea-shell
, you can restart the kea-dhcp4-service
with
systemctl restart kea-dhcp4-server
isc-dhcp-server
This section describes how to install and configure the isc-dhcp-server
.
Install isc-dhcp-server
At a terminal prompt, enter the following command to install isc-dhcp-server
:
sudo apt install isc-dhcp-server
Note:
dhcpd
's messages are being sent tosyslog
. Look there for diagnostic messages.
Configure isc-dhcp-server
You will probably need to change the default configuration by editing /etc/dhcp/dhcpd.conf
to suit your needs and particular configuration.
Most commonly, what you want to do is assign an IP address randomly. This can be done with /etc/dhcp/dhcpd.conf
settings as follows:
# minimal sample /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.150 192.168.1.200;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name "mydomain.example";
}
This will result in the DHCP server giving clients an IP address from the range 192.168.1.150–192.168.1.200. It will lease an IP address for 600 seconds if the client doesn’t ask for a specific time frame. Otherwise the maximum (allowed) lease will be 7200 seconds. The server will also “advise” the client to use 192.168.1.254 as the default-gateway and 192.168.1.1 and 192.168.1.2 as its DNS servers.
You also may need to edit /etc/default/isc-dhcp-server
to specify the interfaces dhcpd
should listen to.
INTERFACESv4="eth4"
After changing the config files you need to restart the dhcpd
service:
sudo systemctl restart isc-dhcp-server.service
References
-
The isc-dhcp-server Ubuntu Wiki page has more information.
-
For more
/etc/dhcp/dhcpd.conf
options see the dhcpd.conf man page.