DHCP is a Dynamic Host Configuration protocol. This protocol is used to automatically provide computers with IP addresses, subnet masks, and routing information. Network administrators typically allocate a range of IP addresses to clients on the local area network. When the device is connected to the local area network, they request an IP address from the DHCP server. The DHCP server then assigns an address to each requested device until all IP addresses within that range are assigned. The assigned IP address must be timed to extend the lease period. This deferred process, called leasing, ensures that the addresses that are assigned when the client device suddenly disconnects from the network before the IP address is normally released can be returned to the server. This article takes Redhat Linux 9.0 as an example to describe how to establish a complete and secure DHCP server.
First, establish a DHCP server configuration file
You can use the Redhat Linux 9.0 itself to carry the RPM pack installation. After the installation is complete, the DHCP port monitor dhcpd configuration file is the file named dhcpd.conf in the/etc directory. Set up the/etc/dhcpd.conf file manually below. /etc/dhcpd.conf usually consists of three parts: parameters, declarations, option.
Parameters (Parameters) in the 1.DHCP profile: Indicates how tasks are performed, whether tasks are performed, or which network configuration options are sent to the customer. The main contents are shown in table 1
Parameters |
Explain |
Ddns-update-style |
Configure DHCP-DNS Interactive update mode. |
Default-lease-time |
Specify the length of the lease time in the province, the unit is seconds. |
Max-lease-time |
Specifies the maximum length of the lease time, in seconds. |
Hardware |
Specifies the NIC interface type and MAC address. |
Server-name |
Notifies the DHCP client server name. |
Get-lease-hostnames Flag |
Check the IP address used by the client. |
Fixed-address IP |
Assign to the client a fixed address. |
Authritative |
Reject the request for an incorrect IP address. |
2. Declarations (Declaration) in the DHCP configuration file: Used to describe the network layout, provide the customer's IP address, and so on. The main contents are shown in table 2:
Statement |
Explain |
Shared-network |
Used to tell if some subnets share the same network. |
Subnet |
Describes whether an IP address belongs to the subnet. |
Range Start IP Termination IP |
Provides a range of dynamically allocated IP. |
Host hostname Name |
Refer to the special host. |
Group |
Provides a declaration for a set of parameters. |
Allow Unknown-clients;deny unknown-client |
Whether to dynamically assign IP to unknown consumers. |
Allow Bootp;deny BOOTP |
Whether to respond to activation queries. |
Allow Booting;deny booting |
Whether to respond to a user query. |
FileName |
Begins the name of the startup file, applied to the diskless workstation. |
Next-server |
Set up the server to mount from the boot file, such as the hostname, to the diskless workstation. |
3. option in the DHCP configuration file: Used to configure DHCP optional parameters, starting with the option keyword, which includes table 3:
Options |
Explain |
Subnet-mask |
Sets the subnet mask for the client. |
Domain-name |
Indicates the DNS name for the client. |
Domain-name-servers |
Indicates the DNS server IP address for the client. |
Host-name |
Specifies the host name for the client. |
Routers |
Set the default gateway for the client. |
Broadcast-address |
Set the broadcast address for the client. |
Ntp-server |
Set the network time server IP address for the client. |
Time-offset |
The offset time for the client setting and GMT, in seconds. |
Note: If the client is using a Windows operating system, do not select the "host-name" option, that is, do not specify a host name for it.
The following is a DHCP profile used by the author, which is a Class C network with a total of 126 IP addresses that can be assigned an example. Readers can copy and use, note that the red part must be modified.
Ddns-update-style Interim; Ignore client-updates; Subnet 192.168.1.0 netmask 255.255.255.0 { Option routers 192.168.1.254; Option Subnet-mask 255.255.255.0; Option broadcast-address 192.168.1.255; Option Domain-name-servers 192.168.1.3; Option Domain-name "www.cao.com"; #dns Name # Option Domain-name-servers 192.168.1.3; Option time-offset-18000; Range DYNAMIC-BOOTP 192.168.1.128 192.168.1.255; Default-lease-time 21600; Max-lease-time 43200; Host NS { Hardware Ethernet 52:54:ab:34:5b:09;# The MAC address of the network interface running DHCP Fixed-address 192.168.1.9; } } |