How to install and configure a DHCP Server on a Linux machine

Hello dear readers,
In today’s article I will show you how to create your Linux DHCP server. DHCP or Dynamic Host Control Protocol is a service which provides IP addressing to your network devices. The difference between assigning static IPs and using a DHCP server is that the IP assignment is made without the interference of System Administrators. Using such service you also have a centralized administration point to your whole infrastructure offering an easy way to assign/change or remove an IP address from your hosts. Every network parameter can be automatically configured by the DHCP server: IP address, network mask, gateway, DNS servers, WINS server address, etc. This service works using the client-server model: the server sends messages using 67 (source) and 68 (destination) UDP port numbers while the client uses port 68 as source and port 67 as destination.
One of the main principles behind this technology is the use of “leased” addresses. This means that each client will be able to use a certain IP address only in the allotted time. Once an IP address has been assigned to a DHCP client, a lease-time duration is set. The client will contact the DHCP server periodically to “renew” it’s IP address. If for whatever reason, the DHCP server does not respond in time, the client will try to contact other DHCP servers by broadcasting a message throughout the network.
Before an IP is assigned to a workstation, several messages are exchanged between the DHCP client and the server. The following picture displays a typical DHCP process:

DHCP Client-Server model

We’ve talked previously about DHCP in this article when we’ve talked about Windows Server. From above, the whole DHCP IP assignment method looks something like this:
 1. client sends a DISCOVER message in which he tries to contact any DHCP server available on the network. This is a broadcast message that uses the UDP port 67 as destination. Unless there is DHCP-Relay configured on the network, this message will be blocked from any edge device (a router). This message can contain an IP address, the last used IP address and/or the lease time.
2. server will respond with an OFFER message that contains all the network parameters. This is also a broadcast message that uses the UDP port 68 as destination.
3. when the client chooses a certain IP configuration, it will send a REQUEST message to the DHCP server to inform that the specified IP address has been chosen. This message is received by all DHCP servers and thus, all will know that the client has received its reservation.
4. server will respond with an ACK (Acknowledge) message and the network parameters will be sent to the client.
Other types of DHCP messages that can be exchanged between the client and the server are:
Decline – the client will refuse to accept the IP allocation because this network address is used by another workstation
NACK – this type of message is sent when the server refuses to lease an IP address
Inform – when certain network parameters must be changed, the client will send an inform message to the server
Release – the client will inform the server that he doesn’t need the reservation anymore
For this example, I will install the DHCP server on a CentOS machine, you can choose whatever distribution you like because the config is similar. You’ll need an active Internet connection if you choose to install the DHCP service using the yum tool. To install this service from sources the story is a bit complicated and I will not talk about it right now.
To configure the network parameters, use ifconfig or ip commands:
ifconfig eth0 network
ip address add dev eth0

How to configure Linux IP address

If you need to remove an IP address type ip address del dev eth0 or ifconfig eth0 delete
The default route/gateway address can be configured by typing:
route add default gw oip route add default  via

How to configure gateway IP in Linux

 Once the network parameters have been set, we’ll need to enable the network interface by typing ifconfig eth0 up

How to enable network interface in Linux

 To disable a network interface, type ifconfig eth 0 down
We’ll need to add the DNS servers used by our DHCP server. Navigate to /etc/resolv.conf and edit the file using your favorite editor. Once you’ve opened the file, type in the following:
Add one entry per line for each DNS server’s IP address

How to configure local DNS servers in Linux

Now you should be able to ping any website and we are ready to install the DHCP service. There are several things that you’ll need to know before we can proceed with the installation:
  • the DHCP service is called dhcpd (DHCP Daemon) and once we’ve configured it, we’ll see this process running on the server.
  • In CentOS, the DHCP config file in stored under /etc/dhcp/dhcpd.conf. We’ll need to modify this file to successfully configure our server. Note that if the installation is made from sources, this file will have to be created manually:

DHCP configuration file

 As you can see from the output, in CentOS, the configuration file is empty so we need to enter all configuration parameters manually. An example can be seen in /usr/share/doc/dhcp*/dhcpd.conf.sample. Once the configuration is finished, we can validate it using the dhcpd -t command.
To install the DHCP service, type yum install dhcp and wait for the installation to finish. If you don’t know weather your server has this service installed or not, try to install it and you’ll receive the following message:

How to install DHCP in Linux

After the installation has been successfully completed, it’s time to configure our DHCP server by editing the configuration file. Simply copy the content from /usr/share/doc/dhcp*/dhcpd.conf.sample to /etc/dhcp/dhcpd.conf. To achieve this result, type in cat /usr/share/doc/dhcp*/dhcpd.conf.sample > /etc/dhcp/dhcpd.conf
Now open the dhcpd.conf file using your favorite editor. I’ve edited the file and kept only the information that we require for this config. The file should look similar to:
ddns-update-style none;
option domain-name “”;
option domain-name-servers;
option routers
default-lease-time 600;
max-lease-time 7200;
subnet netmask {
Note that the bold lines are the ones that must appear in the config. The # sign is used to comment lines so whatever is written after this character is not executed. It’s important to put the ; character at the end of each line.
I will try to explain each parameter used in our configuration file:
  • authoritative – an authoritative server will respond to requests coming from clients that are part of the same subnet. Simply put, if a client from a subnet that was not configured on the DHCP server requests a renew, the DHCP server will send DHCP NACK messages forcing the client to release its IP configuration.
  • ddns-update-style none – disables dynamic DNS
  • option domain-name “” – sets the domain name of the DHCP clients
  • option domain-name-servers – sets the DNS servers used by clients
  • option routers – sets the network routers
  • default-lease-time 600; and max-lease-time 7200; – the number of seconds a client can hold its IP allocation before submitting a renew
Note that if we include these settings in the subnet config, the settings will only be applied to that particular subnet. In this example we’ve configured the settings for the whole server thus all subnets configured on this machine will carry the same config.
  • subnet netmask  – the subnet of the DHCP server
  • range; – the pool of IP addresses used by DHCP clients
After we’ve finished our configuration, it’s time to test the config file for errors by typing dhcpd -t. If there are no errors received, the dhcp daemon can be started. You can verify it’s status by typing service –status-all | grep dhcpd

Get DHCP service status 

Start the DHCP daemon by typing /sbin/service dhcpd start .You can stop it by typing: /sbin/service dhcpd stop
If you type ps -el | grep dhcpd, you should be able to see the daemon running on your server. If you have any problems with the server at this point, type service dhcpd restart to restart the DHCP daemon:

How to restart DHCP daemon

We can also check if the server listens on UDP port 67 by typing netstat -paun

how to verify DHCP port in Linux

p = display PID/Program name for sockets ; a – all ; u – show only UDP ports ; n – numeric

On the client side, you will need to type dhclient [interface name] to instruct the DHCP client to listen on the specified interface. After this step is complete, if you type ifconfig or ip addr show, you should be able to see the leased IP address:

how to display IP address in Linux

 The dhclient config file is stored in /etc/dhcp/dhclient.conf. By editing this file, we can set custom settings for the DHCP client:

How to configure DHCP client

 The database of the DHCP client is stored under /var/lib/dhcp/dhclient.leases
If we return on the server, we can check out the DHCP database in which leased IP addresses are stored. In CentOS, the database can be found in /var/lib/dhcpd/dhcpd.leases and looks something similar to:

DHCP database

This way we can verify what IP addresses have been leased to DHCP clients. The number of leased IP addresses can be easily viewed by typing dhcpd once the daemon has been started:

Verify DHCP leased IP addresses

If we want to reserve a specific IP for a DHCP client, we’ll need to type in the following (I’ll add comments on each line):

host ubuntu1 {   host identification within the dhcpd.conf file
        hardware ethernet 00:0c:29:bd:5b:69;   – MAC address of the host
        option domain-name-servers;   – specific DNS servers used by this host (optional)
        option routers;   – specific gateway used by the host (optional)
        fixed-address;   – host’s reserved IP address
Once you’ve made this configuration, restart the dhcp daemon. On the client side, we will need to disable/enable the network interface by typing ifconfig eth0 down followed by ifconfig eth0 up.
Another method of renewing the leased IP address is by typing: sudo dhclient -r eth0 followed by sudo dhclient eth0
 If there are no problems on the server, the DHCP client will renew it’s IP address:

DHCP client renew

We can further modify our dhcpd.config file to set custom settings for a group of DHCP clients by typing:
group {
option domain-name-servers; -global settings applied to this groups of hosts
option routers;
         host ubuntu1      { 00:0c:29:bd:5b:69; }   each DHCP client with it’s corresponding MAC address
         host ubuntu2      { 00:0c:29:bd:5b:70; }
         host ubuntu3      { 00:0c:29:bd:5b:71; }
 I’ve tried to cover all main steps that you need to take in order to install and configure DHCP on your infrastructure. We’ve seen how to deploy the DHCP server and configure a client to obtain its IP automatically. Hope I’ve managed to explain all the important steps and you now have a clear understanding of the DHCP protocol how its implemented in Linux distributions. If you have any questions don’t hesitate to post a comment and I’ll respond asap. Wish you all the best!

Exploring DHCP server options

By now we’ve installed the Dynamic Host Control Protocol service on our Windows Server edition, in this article we will explore DHCP properties. If you’ve just stumbled upon this article please take some time to read the previous post just to get additional information regarding this service. After installing the DHCP role on your Windows Server, you can further configure this service to achieve the desired result. That being said, you can set address reservations, configure scope options, create filters, view address leases etc.
In the last article we’ve deployed the DHCP service and we have configured our IP scope. When defining the DHCP scope, you must set the first and last IP address that will be used by the server to assign IP addresses to network clients. Exclusion ranges can be set on the server to ensure that those particular IPs will not be allocated to DHCP clients. The server supports multiple contiguous exclusion ranges so, this gives you a better way to manage IP addresses. To configure an exclusion scope open the DHCP console, navigate to the scope section under IPv4, right click the address pool and select new exclusion range:
DHCP exclusion range
Enter the first and last IP address from the exclusion range and press OK. The new exclusion scope will appear in the address pool section:
DHCP Address pool
You can also configure a superscope By using a superscope, you can group multiple scopes as a single administrative entity” (check the following link from Microsoft’s website). To configure a superscope right click the IPv4 section and select New Superscope:
DHCP Superscope
Enter the superscope name and the managed scopes:
The newly created superscope will appear in the DHCP console and will managed the included scopes :
DHCP superscope
A multicast scope can be configured to define groups of multicast clients. Masticating is a mechanism in which a message is send to multiple predefined machines. When configuring a multicast group, you’ll have to set the first and last IP address that will be used by the multicast group. Right click the IPv4 menu, select New Multicast Scope  and follow the wizard. After you finish the wizard, the new multicast scope will appear in the DHCP console:
Multicast Scope
Read more about DHCP multicast scopes in this article from Microsoft’s website.
Now let’s explore the scope properties. Under the IPv4 section right click the DHCP scope and select Properties:
DHCP Scope properties
From this section we can modify the lease duration for DHCP clients from 8 days (the default value) to any value desired. After an IP lease has expired, the server will return the IP address to the DHCP Scope:
DHCP Lease duration
In the DNS section, you can setup the DHCP server to automatically update authoritative DNS servers with the host (A) and pointer (PTR) record of DHCP clients.There are several options available here:
DHCP properties
By default, the DHCP server will dynamically update A and PTR records if requested by DHCP clients and will discard these records when the IP lease is deleted. You can disable these settings if desired. In the name protection section you can enable the DHCP server to register A and PTR records on behalf of the client:
name protection
In the Network Access Protection, you can configure this feature for the IP scope. You can use the default profile or a custom profile. We will learn more about NAP in a future article. In the advanced section, further settings like delay can be configured:
DHCP Network Access Protection
In the address leases section you can view the currently leased IP addresses. The computer name, IP address, lease expiration time and IDs can be view from this panel:
DHCP address leases
From the DHCP console you can also configure IP reservations. When creating a reservation, that particular IP address will always be assigned to the configured host. The reservation is a mapping between MAC and IP address. When a client will try to obtain an IP address, the DHCP server will also check its database to see if there is a reservation for that particular host. A reservation can be made either from the address leases section by right clicking on one of the hosts or from the reservation section. Right click the reservation folder and select new reservation:
DHCP reservation
Enter the specified information and press add, the newly created reservation will appear in the console. This is a time consuming operation because each reservation must be configured individually.
Further DHCP options can be configured on the server level, on the scope level or on the reservation level. Where you define and configure these options depends on where they are applied. To explore additional server options, right click the section where you want to configure options and select configure options :
DHCP options
There are many configurable options available in this menu. On the right side of the menu you can read a short description of each option.
  • 003 Router – in this section you configure the gateway router that will be used by DHCP clients. You will add a router configuration when installing the DHCP role.
  • 006 DNS Servers – DNS servers used by clients for name resolution. In the installation wizard of the DHCP service you can configure two DNS servers that will be used by clients. In this section you can specify multiple DNS servers.
  • in the 007 and 008 you can specify the Log or Cookie Servers if you are using such devices within your network.
  • 015 DNS Domain Name – the primary suffix domain name used by clients.
I’ll let you explore all the options available here, they are so many and a bunch of them are rarely used. If you are using NNTP, WWW, IRC, SMTP or NTP servers you can also configure them using these options. To add a new dedicated server for one of the services indicated here you just have to type in the IP address or FQDN and press add:
On the advanced tab you can view similar settings applied for different vendor or user classes:
Vendor class
DHCP classes are groups of defined clients that follow their own rules. That being said you can configure vendor specific or user specific classes for different groups of network clients. Vendor specific classes define computers that use a specific OS like legacy Windows 2000 or 98 or for standard Microsoft Windows Clients (XP, Vista, 7 or 8). User specific classes apply to network clients that use BOOTP, Network Access Protection or Remote Access Class. By default, all clients will belong to the Default User Class. To configure an user or a vendor specific class, right click the IPv4 section and select Define Users Classes or Define Vendor Classes:
Define Users Classes
Select the desired class and press ADD. In the New Class section type in the Display name, description and ID (a hexadecimal string defining the unique identification):
DHCP user class
After you press OK, the class will appear in the class section. If we navigate to the advanced options on the server options menu, we can view and configure the newly created user class:
DHCP user class
Now we can configure specific DHCP options for this class.
On a Windows client you’ll have to define the network class used. Open an elevated command prompt and  type in the following:
ipconfig /setclassid [interface_name] [class_name]
On one of my Windows 7 clients I’ve configured the newly created class:
DHCP Class id
You’ll have to set the class id on all of the clients using that particular class.
That’s it for this article folks, hope you’ve enjoy it. Wish you a great day and stay tuned for the following article from  IT training day.

Deploying a DHCP server

DHCP or Dynamic Host Control Protocol is a service that provides an automatic IP assignment system. Besides the IP address, a DHCP server can/will assign network mask, gateway, DNS servers and others. We will discover all elements involved in this process. In today’s enterprises, clients are usually configured to obtain an IP address automatically. These settings are configured from the network interface properties:
dynamic IP assignment


When this option is enabled, the client will request its IP configuration from a DHCP server which is responsible for IP assignment. The IP  negotiation process is made in four steps:
  1. The Client will send  a DHCP Discover message throughout the network. This message is a broadcast message that it’s received by all devices. By default, routers will not forward broadcast messages, so make sure clients are able to reach the DHCP server.
  2. The DHCP server will respond with a DHCP Offer message. If the client has an IP reservation, it will receive it directly from the DHCP server through a unicast message. If the client has just been added to the network it will receive a unicast message containing all the network configuration needed to communicate within the subnet (IP, network mask, gateway, DNS servers, etc.). What information is sent by the DHCP server depends on the configurations made on the server.
  3. The client will send a DHCP Request message if the offer acceptable.
  4. The server will acknowledge the request and will send a DHCP Ack message. Once this message has been sent, the client will have full network connectivity.
In an older networking article, I’ve described how to configure the DHCP service on a Cisco router. The negotiation mechanism on a Windows Server works in the same way:
DHCP negotiation
We will deploy a DHCP server on a Windows Server 2008 machine. I will try to explain all the elements involved in this process. Open the Server Manager console, navigate to the Roles section and press the Add Roles button:
Deploying a DHCP server
Read the information written in the welcome screen and press Next. From the Server Roles section select the DHCP server and press Next:
Deploying a DHCP server
A short description of the DHCP server will be shown, read the information written here and press Next.
In the Network Connection Bindings you’ll have to specify the interface through which clients will send and receive their IP configuration. If you are using a server connected to multiple subnets that uses multiple network interfaces, you can select which one will participate in the DHCP process. Using this method you can isolate networks in which the DHCP messages are sent. Because my virtual machine has one network interface, only this one will appear in this section:
Deploying a DHCP server
Once you press Next, you will be redirected to the IPv4 DNS Settings section. In the Parent domain you’ll have to specify what domain will be used by clients for name resolution. Underneath this section, enter  the IP address of the preferred and alternate DNS servers. Remember that the interface involved in the DHCP process must have a static IP allocated that is part of the same subnet as DHCP clients:
Add the DHCP server role
After you have entered all the information request here press Next. If your network is using WINS servers, check the WINS is required for applications on this network box and enter the IP address of the preferred and alternate WINS servers, else click Next:
Add the DHCP server role
Now we have to specify the DHCP scope that will be used by the server to assign IP addresses to network clients. A DHCP scope is a continuous pool of IP addresses from which clients will receive IP addresses. If your server is part of a multihomed network then you’ll have to add a DHCP scope for each subnet:
Click on the Add button and enter the following information:
Scope name – this label is used as an identification element for the scope on the DHCP server.
Starting and ending IP address – these two elements specify the IP pool from which clients will receive their IP address allocation
Subnet type – by default a wired network will have the lease duration set to 8 days and a wireless network will have it configured for 8 hours. Select the one that suits you best and check the Activate this scope box.
Subnet mask – specify the subnet mask used by the DHCP scope. Because all devices involved in the DHCP process are part of the same network, the subnet mask will be the same to all computers.
Default gateway – this element is optional and can be added later. The gateway is used to forward network packets outside the network
DHCP scope
After the DHCP scope has been added, in the following window you’ll have to specify if the DHCPv6 stateless mode will be used or not. By default, Windows client will use stateless IPv6 configuration without using a DHCP server. The stateless addressing mode is used by default on IPv6 clients (this specifies that the IP allocation will be done by the client). If you disable the stateless mode, the DHCP server will be responsible for assigning IPv6 addresses and other parameters to all IPv6 clients that are set to use stateful addressing. To enable stateful addressing for computers running IPv6, open a command prompt and type in the following:
netsh int ipv6 set int [index] managedaddress=enabled
netsh int ipv6 set int [index] otherstateful=enabled
Clients using stateful addressing will be using the DHCPv6 protocol to request and receive their IP allocation.
DHCP stateless mode
If you leave the DHCPv6 stateless mode enabled, in the next page you’ll have to specify the IPv6 DNS servers that will be used by network clients:
DHCP stateless mode
I will disable the DHCPv6 stateless mode on the server and we will see later how to configure these settings from the DHCP console.
If the server will be part of an AD DS environment, the DHCP server must be authorized before allocating IP addresses to network computers. This is a security measurement which is highly recommended in an AD DS infrastructure because only authorized DHCP servers will be able to set IP addresses to DHCP clients. You can either use the current logged credentials or another username to authorize the DHCP server:
DHCP authorization
Click Next, check if everything is correct in the Confirmation section and then click Install. Wait for the installation to finish (an Installation Succeeded message will be shown) and then open the DHCP console:
DHCP console
That’s it for the installation of the DHCP service. If you’ve enjoyed this article share it to others. If there are things that are not so clear don’t hesitate to leave a comment and I will try to respond as soon as possible. Have a great day!

WAN – Dynamic Host Control Protocol

In this article I will talk about a well known service that can be configured on Cisco devices, DHCP or Dynamic Host Control Protocol. This is a network service that automatically configures any device that uses the Internet Protocol, with all the elements needed to communicate inside a network. DHCP is a transparent process (to the user) that has helped a lot network administrators with managing IP addresses. Before this service became available, every device would required static entries that would bind a physical device to a unique IP address. Imagine how hard it was for network administrators to maintain all changes of locations and IPs for all devices. DHCP offers an easy way to manage and troubleshoot IP allocation and also provides a scalable service meaning that is not affected by network growth. Beside the workstation IP address, DHCP can automatically assign the network mask, default gateway, DNS servers and much more.

   As an IP allocation mechanism, DHCP provides three methods of assigning an IP to a physical host:
manual – network administrators manually assign one IP address to a single device. The DHCP service is used only to maintain that particular binding.
automatic – a single IP address is allocated permanently to a host and the DHCP server will always allocate the same IP to that particular host.
dynamic – DHCP will allocate IPs from a pool of usable addresses. IP addresses are leased for a defined period of time and if a device does not renew its lease, the IP is automatically returned to the address pool and can be used again by another device.
   DHCP works in a client/server model. The host requests an IP address to the closest DHCP server and the server responds with a new IP allocation or renew of the leased IP. The host must contact the DHCP server periodically to renew its lease. If the host doesn’t contact the server for a period of time, the IP address is returned to the address pool. When a device wants to obtain IP allocation from a DHCP server, the following messages are exchanged:
1. the host sends a DHCPDISCOVER message which is a broadcast message send to all devices in the network. It will use the layer 2 and layer 3 broadcast addresses (FFFF-FFFF-FFFF-FFFF and
2. the DHCP server will receive the message and will create an entry in the ARP table that will contain the host’s MAC address and the leased IP address. This information will then be sent in a DHCPOFFER message. The response is sent unicast directly to the host by using it’s MAC address.
3. the host will then check the received DHCPOFFER message and will then reply with a broadcast DHCPREQUEST message informing all devices (and the DHCP server) that he accepted this configuration.
4. the server will finally reply with a DHCPACK message and the host will have access to network resources.
The following image displays the DHCP allocation mechanism:
DHCP process
   DHCP had a predecessor, the BOOTP(Bootstrap Protocol) which was used primarily for configuring devices that did not had an operating system nor a hard drive. These two protocols are somehow similar because both use the client/server model. The main difference between DHCP and BOOTP is that BOOTP uses manually configured tables in which bindings between IP and MAC addresses are stored. DHCP builds entries automatically according to network changes. Another aspect of BOOTP is that this protocol uses permanent assigned IP addresses (the same IP address is allocated to one device permanently). BOOTP supports only four configuration parameters (IP address, subnet mask, gateway address and DNS server’s IP address) while DHCP supports over 20 parameters. Check the following link from IANA for more information:
   Next, we will talk about configuring DHCP on Cisco devices. Remember that you will have to be careful when doing this on a production environment so I suggest you test your configurations first. When configuring DHCP, we will first have to set IPs that will be reserved for special purposes and will not be included in the DHCP pool. Remember that servers, routers or printers require static IP addresses so it’s best that you include all these devices in the excluded IP pool. To configure these excluded addresses, use the ip dhcp excluded-address [ip address or ip pool] command. The following image displays an example of such a pool:

dhcp excluded address command
In this case, the IPs from to will not be leased to clients.
Next, we will need to configure the DHCP pool and the default-router address. To achieve this, use the commands displayed in the following image:
dhcp pool configuration
Optionally, you can configure domain name, dns server, duration of dhcp lease, etc. To view these options type ? from the dhcp configuration mode:
dhcp options
These are the options emulated in my Cisco Packet Tracer version. If you use GNS3 tool, all DHCP commands will be available:
   To verify your configuration, use the show running-configshow ip dhcp binding, show ip dhcp server statistics and show ip dhcp pool commands. Run these commands one by one to view their output. The following image displays the show running-config command:
show running-config
To troubleshoot your DHCP configuration, use the show ip dhcp conflict (this command is used when an IP allocation conflict exists).
   Remember that DHCP clients use broadcast messages when first trying to obtain IP configuration. We already know that broadcasts are not forwarded by routers by default, so what would happen if your DHCP server is a couple of routers away from your client computer? Well, on the closest router to the client’s workstation, you’ll have to specify the DHCP server IP address by using the ip helper-address [IP address] command from the interface configuration mode. By issuing this command, the router will accept DHCP broadcasts and will then forward the request unicast to the specified IP address:
ip helper address
This mechanism is also known as DHCP Relay.
   On the client side, if you use Cisco devices that will obtain their IP configuration from the DHCP server, use the ip address dhcp command from the interface configuration mode:
ip address dhcp
I think that’s about it for this post folks. Remember to rate/share/comment if you’ve enjoyed this article. Have a wonderful day and stay tuned for more articles to come.