Configuring DHCPd
DHCP can be a real convenience for your users, since DHCP provides the networking information for all machines on a physical network. This allows your users to skip manual networking configuration.
OpenBSD includes a DHCP server based on software from the Internet Software Consortium. Here we provide a sample configuration.
Suppose you provide a router with the following networking values:
IPv4 range: 198.51.100.0/24 Subnet mask: 255.255.255.0 Router IP address: 198.51.100.1 Interface connected to subnet: if0
You want to provide fixed IP addresses for two hosts: subdomain1 and subdomain2. Here is one possible method for configuring dhcpd.conf:
# cat /etc/dhcpd.conf option domain-name "example.com"; subnet 198.51.100.0 netmask 255.255.255.0 { option routers 198.51.100.1; option domain-name-servers 198.51.100.1; # deny unknown-clients; use-host-decl-names true; range 198.51.100.4 198.51.100.254 host subdomain1.example.com { fixed-address 198.51.100.2; hardware ethernet e8:8b:27:7b:7a:01; } host subdomain2.example.com { fixed-address 198.51.100.3; hardware ethernet e8:8b:27:7b:7a:02; } }
First we set the domain name as example.com
in a dhcp option. Next, we
specify our subnet starts at 198.51.100.0 and has a subnet mask of
255.255.255.0.
Inside our subnet declaration, we specify DHCP options. By convention, the router for a subnet is usually the first available IP address, which in our case is 198.51.100.1. We run our own caching name server on this router for the subnet, so we specify the same IP address for domain-name-servers.
If we did not want to dynamically assign IP addresses to clients that we did not specifically define in dhcpd.conf, we can uncomment @@deny unknown-clients;@@. However, because we do want to assign IP addresses dynamically for some clients, we leave this commented.
By setting use-host-decl-names
to true, we use the same name in the host
declaration as the client hostname.
The range directive indicates the addresses that the DHCP server can assign dynamically, from 198.51.100.4 to 198.51.100.254 . Next, we define two hosts:
The first host is named subdomain1.example.com. We expect the hardware to have a MAC address of e8:8b:27:7b:7a:01 and we will assign it the fixed IP address of 198.51.100.2.
The second host is named subdomain2.example.com. We expect the hardware to have a MAC address of e8:8b:27:7b:7a:02 and we will assign it the fixed IP address of 198.51.100.3.
Now we enable, configure, and start the dhcpd server:
# rcctl enable dhcpd # rcctl set dhcpd flags if0 # rcctl start dhcpd
Make sure to replace if0 with the actual interface your DHCP server is listening on.
Further Reading
OpenBSD recommends the book DHCP by Ted Lemon and Ralph E. Droms. Ted Lemon helped write the DHCP server used by OpenBSD.
Troubleshooting
System logs
/var/log/messages
and /var/log/daemon
can contain error logs like the
following:
May 31 06:25:13 example dhcpd[39900]: Both dynamic and static leases present for 198.51.100.2. May 31 06:25:13 example dhcpd[39900]: Either remove host declaration 198.51.100.2 or remove 198.51.100.2 May 31 06:25:13 example dhcpd[39900]: from the dynamic address pool for 198.51.100.0
In this above message, we see that a host declaration specified 198.51.100.2 as a fixed address, but this IP address was also included in a range. An IP address can be present in only one or the other, but not both.
tcpdump
Sometimes, it can help to view packets on the wire. In this example below, I
run tcpdump on the fictional if0 interface. Our machine with ethernet address
e8:8b:27:7b:7a:02
is unable to get proper networking details from our
router using DHCP:
# tcpdump -ne -i if0 'ether host e8:8b:27:7b:7a:02' tcpdump: listening on if0, link-type EN10MB 11:02:06.292615 e8:8b:27:7b:7a:02 ff:ff:ff:ff:ff:ff 0800 342: 0.0.0.0.68 > 255.255.255.255.67: xid:0xff7d00d5 [|bootp] [tos 0x10] 11:02:06.292622 e8:8b:27:7b:7a:02 ff:ff:ff:ff:ff:ff 0800 342: 0.0.0.0.68 > 255.255.255.255.67: xid:0xff7d00d5 [|bootp] [tos 0x10]
(The lines keep repeating with the same information, so the complete dump has been truncated)
Here, tcpdump shows us that the device
e8:8b:27:7b:7a:02
is sending out DHCP broadcast requests properly
(labeled bootp
by tcpdump), but our DHCP server is not responding. This
may indicate an improperly functioning DHCP server.