understanding dhcpd.conf

sossego

Retired from the forums
I'm lost when it comes to the dhcpd.conf file because of the comments and examples.

The machine needs to act as a router.

Code:
ddns-update-style interim;
include "/etc/bind/rndc.key";

zone dyn.floppy-peoples.org. {
primary 127.0.0.1;
key "rndc-key";
}

ddns-domainname "dyn.floppy-peoples.org";
option domain-name "static.floppy-peoples.org dyn.floppy-peoples.org";
option domain-name-servers 172.30.200.254;
option routers 172.30.200.254;
option broadcast-address 172.30.255.255;
option ntp-servers 172.30.200.254;

default-lease-time 86400;
max-lease-time 86400;

authoritative;

log-facility local7;

subnet 172.30.0.0 netmask 255.255.0.0 {

range 172.30.201.10 172.30.201.200;

# DNS zones to update
zone 201.30.172.in-addr.arpa. {
primary 172.30.200.254;
key "rndc-key";
}

zone dyn.floppy-peoples.org. {
primary 172.30.200.254;
key "rndc-key";
}
}
host floppy-peoples
        {
                hardware ethernet 00:15:f2:7a:dc:83;
                fixed-address 192.168.1.7;
        }
subnet 192.168.1.0 netmask 255.255.255.0
{
        range 192.168.1.100 192.168.1.200;
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.1.255;
        option domain-name-servers 123.123.123.10, 123.123.123.20;
        option routers 192.168.1.1;

        

        
}

I know that I have something wrong here but not sure what.
Is it the different addresses?
The subnet declarations?
The routers?
 
What is the network topology for this server? It looks like its being configured to service DHCP requests from two separate networks, is that true?

How does it currently not work?
 
What do I do here? Eliminate value 17x.x.x.x?
This machine here has dc0 has connected to WAN, and rl0 as available.

Please forgive my ignorance when it comes to networking.
 
You tell us what you are trying to do. Then we may be able to answer intelligently.
What interfaces to you have? What networks? Where (and what) is your DNS server? What ranges are you offering on what interfaces to what networks? In short, what do you want?
What is the file you have listed not do? What error messages are you getting? Why do you believe that you have a problem? (No don't just tell us it doesn't work - there are endless ways something might "not work").
What is wrong?
 
I've cleaned out and made anew file.
Here it is:
Code:
ddns-update-style none;

option domain-name-servers 145.253.2.75, 193.174.32.18;

default-lease-time 86400;
max-lease-time 604800;

authoritative;

host floppy-peoples {
  hardware ethernet 00:15:f2:7a:dc:83;
  
  server-name "floppy-peoples.org";
}
subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.200 192.168.1.229;
        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.1.255;
        option routers 192.168.1.1;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

        option domain-name              "floppy-peoples.org";
        option domain-name-servers       192.168.1.1;

        option time-offset              -18000;     # Eastern Standard Time

	range 192.168.1.200 192.168.1.229;
}
I'm asking because I don't know.

is this correct yet?

I'm going to edit this and try another.
 
Code:
ddns-update-style none;

option domain-name-servers 145.253.2.75, 193.174.32.18;

default-lease-time 86400;
max-lease-time 604800;

authoritative;

host floppy-peoples {
  hardware ethernet 00:15:f2:7a:dc:83;
  
  server-name "floppy-peoples.org";

subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

        option domain-name              "floppy-peoples.org";
        option domain-name-servers       192.168.1.1;

        option time-offset              -18000;     # Eastern Standard Time

	range 192.168.1.200 192.168.1.229;
}


Code:
floppy-peoples:/etc/dhcp3# /etc/init.d/dhcp3-server restart
dhcpd self-test failed. Please fix the config file.
The error was:
Internet Systems Consortium DHCP Server V3.1.1
Copyright 2004-2008 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
/etc/dhcp3/dhcpd.conf line 15: subnet declarations not allowed here.
subnet
^
/etc/dhcp3/dhcpd.conf line 25: unexpected end of file
}
^
Configuration file errors encountered -- exiting
floppy-peoples:/etc/dhcp3#

I know that using Linux and FreeBSD together or interchangeably doesn't always go good with either group; but, I've learned that certain scripts and files can be shared. This configuration is one of them.

The sample dns servers do not match the ones that I currently have. It's 127.0.0.1 .
I'm making a guess at everything.
 
Code:
ddns-update-style none;

option domain-name-servers 127.0.0.1, 127.0.1.1;

default-lease-time 86400;
max-lease-time 604800;

authoritative;

host floppy-peoples {
  hardware ethernet 00:15:f2:7a:dc:83;
  
  server-name "floppy-peoples.org";

subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

        option domain-name              "floppy-peoples.org";
        option domain-name-servers       192.168.1.1;

        option time-offset              -18000;     # Eastern Standard Time

	range 192.168.1.200 192.168.1.229;
} }



Code:
floppy-peoples:/etc/dhcp3# /etc/init.d/dhcp3-server restart
dhcpd self-test failed. Please fix the config file.
The error was:
Internet Systems Consortium DHCP Server V3.1.1
Copyright 2004-2008 Internet Systems Consortium.
All rights reserved.
For info, please visit http://www.isc.org/sw/dhcp/
/etc/dhcp3/dhcpd.conf line 15: subnet declarations not allowed here.
subnet
^
Configuration file errors encountered -- exiting

I'm not seeing right now where I do and don't need to declare something.
 
syslog relevant information

Code:
Oct 22 02:24:51 floppy-peoples dhcpd: Wrote 0 deleted host decls to leases file.
Oct 22 02:24:51 floppy-peoples dhcpd: Wrote 0 new dynamic host decls to leases file.
Oct 22 02:24:51 floppy-peoples dhcpd: Wrote 0 leases to leases file.
Oct 22 02:24:51 floppy-peoples dhcpd: 
Oct 22 02:24:51 floppy-peoples dhcpd: No subnet declaration for eth0 (0.0.0.0).
Oct 22 02:24:51 floppy-peoples dhcpd: ** Ignoring requests on eth0.  If this is not what
Oct 22 02:24:51 floppy-peoples dhcpd:    you want, please write a subnet declaration
Oct 22 02:24:51 floppy-peoples dhcpd:    in your dhcpd.conf file for the network segment
Oct 22 02:24:51 floppy-peoples dhcpd:    to which interface eth0 is attached. **
Oct 22 02:24:51 floppy-peoples dhcpd: 
Oct 22 02:24:51 floppy-peoples dhcpd: 
Oct 22 02:24:51 floppy-peoples dhcpd: Not configured to listen on any interfaces!

dhcp3-server restart

Code:
floppy-peoples:/etc/dhcp3# /etc/init.d/dhcp3-server restart
Stopping DHCP server: dhcpd3 failed!
Starting DHCP server: dhcpd3check syslog for diagnostics. failed!
 failed!
floppy-peoples:/etc/dhcp3

present dhcpd.conf file

Code:
ddns-update-style none;

option domain-name-servers 127.0.0.1, 127.0.1.1;

default-lease-time 86400;
max-lease-time 604800;

authoritative;


  
  
 host floppy-peoples {
        hardware ethernet 00:15:f2:7a:dc:83;
        server-name "floppy-peoples.org";}

 
subnet  192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

        option domain-name              "floppy-peoples.org";
        option domain-name-servers       192.168.1.1;
        

        option time-offset              -18000;     # Eastern Standard Time

	range 192.168.1.200 192.168.1.229;
 }


First, is this file setup properly?
 
I need to be able to bridge the connection between rl0 as the server input for the client computer and dc0 as the client for the ISP. I've hosed the Linux installation and had to redo it because the connection would disable itself.

Do I need a VPN but then again, how do I route traffic through?

I've made it to the initial dhcpd.conf file and starting the service.
DNS setup is giving me trouble. Am I to use my computer as the name server or the ISP name server as such?
 
I'm giving the fu.ck up on this.
I asked for help.
I searched.
I posted my configuration file.

eth1/dc0 to isp or router

connection here between the two is what I need


eth0/rl0 to client


No one can tell me what the best solution is.
One person told me that I have two subnets declared.

Server was setup. I asked How do I ping the client from the server on eth0/rl0 and not eth1/dc0. No one could tell me.

I sent the file to the ISC, it came back as code, it was rejected.


I posted my work to show that I was attempting to make an effort.


When I ask for help, it is for a certain part of the process.

I use two systems alternating.

Certain config scripts will work on both of them.


I'm repeating my fu.cking self.



For the fu.cking love of god.

Foda tudo, foda tudo.
 
As soon as you posted the error you are getting, so we finally could work out what you might have wanted, the error was clear. unfortunately, as you had posted repeatedly without telling us anything, most of us had tuned out.

in the first ones, you had forgotten to put a } at the end of a host{} declaration.
Code:
host floppy-peoples {
  hardware ethernet 00:15:f2:7a:dc:83;
  
  server-name "floppy-peoples.org";
} <<-- this was missing.

subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

When you did the last one, your interface was not yet configured. You need to set the ip address and net mask on the server's interfaces first.

Always reply with the information that people request. Only then can we help you. Wait patiently until we reply - we will, when we get around to it in our otherwise busy lives. And, of course, never post something like your last post. Never forget that you are relying on the good nature of volunteers. Their lives will be more important than your questions.

To anyone else: This is a great example of how not to ask a question. If you want to know how, google "How to ask questions the smart way". It's essential reading for any new user.
 
Like this?


Code:
ddns-update-style none;

option domain-name-servers 127.0.0.1, 127.0.1.1;

default-lease-time 86400;
max-lease-time 604800;

authoritative;


  
  
 host pocket-peoples  {
        hardware ethernet 00:15:f2:7a:dc:83;
        server-name "pocket-peoples";
}

 
subnet  192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

        option domain-name             "pocket-peoples";
        option domain-name-servers       192.168.1.1;
        

        option time-offset              -18000;      

	range 192.168.1.200 192.168.1.229;
 }


robbak said:
When you did the last one, your interface was not yet configured. You need to set the ip address and net mask on the server's interfaces first.

How do I do that?
 
sossego said:
Like this?
Nothing obvious, but I don't know. What happens when you try it?
How do I do that?

To configure your interface while running, use the ifconfig command. To get it set up at boot time, use the "ifconfig_interface" entry in rc.conf.

This is all standard stuff, and covered commpletely in the handbook
 
Hi Sossego, please, be patient please and don't post bad words. i really didn't understand what you really want to do. Do you want to give you clients network access to the internet? Is it that? Please clear us a bit so we can come up with a solution.
 
sossego said:
Code:
option domain-name-servers 127.0.0.1, 127.0.1.1;
You do realize that this isn't going to work? Now all your clients will have those addresses for DNS servers. It's quite unlikely your clients are running a DNS service themselves.

Here's my working example, it uses DDNS which runs on the same machine as dhcpd:
Code:
option domain-name "dicelan.home.";
option domain-name-servers 192.168.1.1;

default-lease-time 600;
max-lease-time 7200;
authoritative;
ddns-update-style interim;
log-facility local7;
ignore client-updates;
#ddns-ttl 600;

do-forward-updates true;

key DHCP {
        algorithm HMAC-MD5;
        secret "<uuencoded key>";
}

zone dicelan.home. {
        primary 127.0.0.1;
        key DHCP;
}

zone 1.168.192.in-addr.arpa. {
        primary 127.0.0.1;
        key DHCP;
}

subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.20 192.168.1.100;
        option routers 192.168.1.1;
}

Related /etc/rc.conf entries:
Code:
dhcpd_enable="YES"
dhcpd_flags="-q"                            # command option(s)
dhcpd_conf="/usr/local/etc/dhcpd.conf"      # configuration file
dhcpd_ifaces="rl1"                             # ethernet interface(s)
dhcpd_withumask="022"                       # file creation mask
 
If you are wondering why I am switching between dhcp and dnsmasq, it's because I am an amateur when it comes to networking.

Here's the current ifconfig setup:
Code:
pocket-peoples# ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:15:f2:7a:dc:83
        inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
        media: Ethernet autoselect (none)
        status: no carrier
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:11:d8:85:04:0b
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 0.11.d8.0.0.85.4.b.a.2.ff.fe.0.0.0.0
dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 00:04:5a:4f:ab:db
        inet 98.192.215.118 netmask 0xfffffc00 broadcast 255.255.255.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
        inet6 ::1 prefixlen 128
        inet 127.0.0.1 netmask 0xff000000
pocket-peoples#

The dnsmasq.conf has the following options enabled:
Code:
interface=rl0
listen-address=192.168.0.1
dhcp-range=192.168.0.50,192.168.0.150,12h
dhcp-option=option:router,1.2.3.4

The good thing about the dnsmasq is that my isp connection isn't fried.
The bad thing is that I don't know what I am doing. It's all guess work.


Anything wrong with ifconfig for rl0?
Anything wrong with the dnsmasq.conf options?


Edit: Client reply has DHCP discover running on 255.255.255.255 with both virtual interface of vboxnet0 and real interface of eth0. Five requests from eth0 and six requests from vboxnet0 with no replies.

I used the -p options for dnsmasq of 67 and 68 for alternate values. The test was ran with no return value. I also had the dhcp client listen with -p 53 as a value. The result was the same: no carrier and no lease.
 
"Why do you keep switching back and forth, sossego?"
Because I am trying different things until I can get the server running.


New dhcpd.conf
Code:
option domain-name-servers 192.168.1.1;

default-lease-time 86400;
max-lease-time 604800;

authoritative;


  
  
 host pocket-peoples  {
        hardware ethernet 00:15:f2:7a:dc:83;
        server-name "pocket-peoples";
}

 
subnet  192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;

        option domain-name             "pocket-peoples";
        option domain-name-servers       192.168.1.1;
        

        option time-offset              -18000;      

	range 192.168.1.0 192.168.1.20;
 }

Code:
pocket-peoples:/home/sossego# ifconfig eth0  192.168.1.1 netmask 255.255.255.0 up
pocket-peoples:/home/sossego# /etc/init.d/dhcp3-server restart
Stopping DHCP server: dhcpd3.
Starting DHCP server: dhcpd3.
pocket-peoples:/home/sossego#



I kept getting error with the dns update line, so I removed it.


I went back just now and added the ddns line.
I'm wondering, will there be a need for masking or packet forwarding?

The client still isn't receiving any leases.
Eth0 has a static address.

Code:
pocket-peoples:/etc/dhcp3# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:15:f2:7a:dc:83
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:21 Base address:0xc000

eth1      Link encap:Ethernet  HWaddr 00:04:5a:4f:ab:db
          inet addr:98.192.215.118  Bcast:255.255.255.255  Mask:255.255.252.0
          UP BROADCAST RUNNING MULTICAST  MTU:576  Metric:1
          RX packets:265317 errors:0 dropped:0 overruns:0 frame:0
          TX packets:68301 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:45916892 (43.7 MiB)  TX bytes:10594986 (10.1 MiB)
          Interrupt:17 Base address:0xd800

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:108 errors:0 dropped:0 overruns:0 frame:0
          TX packets:108 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:6612 (6.4 KiB)  TX bytes:6612 (6.4 KiB)

pocket-peoples:/etc/dhcp3#
Something missing? Wondering now if there is a value to ifconfig I didn't use.
 
sossego said:
I'm wondering, will there be a need for masking or packet forwarding?
It's called NAT and if you want those machine to talk to the outside world, yes. It's not done with dhcpd though. You will need to use one of the three firewalls that come with fbsd.

IMO the simplest to use is PF, here's a simple /etc/pf.conf:

Code:
int_if="rl1"
ext_if="rl0"

nat on $ext_if from $int_if:network to any -> ($ext_if)

pass all
 
sossego said:
I also had the dhcp client listen with -p 53 as a value. The result was the same: no carrier and no lease.
Don't use any other ports then the standard ones. Port 53 is for DNS. "No carrier" means there's no cable or the cable is broken.
 
Code:
pocket-peoples:/var/log# /etc/init.d/dhcp3-server restart
Stopping DHCP server: dhcpd3 failed!
Starting DHCP server: dhcpd3check syslog for diagnostics. failed!
 failed!
pocket-peoples:/var/log# cat syslog | grep dhcp3
Oct 29 03:35:45 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 1: semicolon expected.
Oct 29 03:35:45 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 5: semicolon expected.
Oct 29 03:35:45 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 1: semicolon expected.
Oct 29 03:35:45 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 5: semicolon expected.
Oct 29 03:37:33 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 1: semicolon expected.
Oct 29 03:37:33 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 1: semicolon expected.
Oct 29 03:40:41 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 2: semicolon expected.
Oct 29 03:40:41 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 4: expecting a parameter or declaration
Oct 29 03:40:41 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 2: semicolon expected.
Oct 29 03:40:41 pocket-peoples dhcpd: /etc/dhcp3/dhcpd.conf line 4: expecting a parameter or declaration
pocket-peoples:/var/log#

This is the dhcpd.conf being tested on the linux partition. If the error occurs here, it's going to repeat on the UFS2 slice. I edited to allow a space between the last variable and the semicolon for each line which was listed in syslog.


I just tested both cables and they work. The NIC from the client worked previously with the coaxial router.
I have a feeling that my life would be easier if I had the Absolute FreeBSD book with me.



Is there anyway to test the NIC to see if it can ping a client?
 
I had mentioned from the beginning that the problem was for DHCPD.
Just like Xorg, and aRts, and DNS, It is a service independent from any operating system.
You are aware of this and so is anyone else who uses multiple operating systems.
What I have been asking help for is with the dhcp server setup independent of whatever it is installed on.
When the server configuration file is faulty, it will not work on anything.
You are not
DutchDaemon said:
troubleshooting a Linux installation
, your helping me with the dhcpd.conf file.


I know that you may find it strange but, once again, a lot of settings and variables are similar between the two systems.


Please don't tell me that it is something new- for someone to use two systems to check and improve each other.

Second reason for using two operating systems: Until I learn the complete setup for HAL, DBUS, and policykit, I will need to switch between the two to mount media.

Third reason: I see nothing wrong with having another system as a backup.

Fourth Reason: My girlfriend, her family, and my family know very little about OS setup, design, and use. I am nowhere as near as good as the people here are.
 
This is not about dhcpd anymore. This is about networking and services, areas where Linux and FreeBSD differ considerably. You're getting advice to read The Handbook, you're getting advice to use ifconfig, you're getting advice to use PF for NAT -- all sound FreeBSD advice, none of it applicable to Linux. You're confusing yourself and probably everybody else working like this, because seeing /etc/dhcp3 and eth0 in this context is distracting. That's all I'm saying. It's probably better to troubleshoot all of this on FreeBSD and then move a working config over to Linux, not the other way around.
 
Back
Top