DHCP, the Dynamic Host Configuration Protocol, describes
the means by which a system can connect to a network and
obtain the necessary information for communication upon that
network. FreeBSD uses the OpenBSD dhclient
taken from OpenBSD 3.7. All information here regarding
dhclient
is for use with either of the ISC
or OpenBSD DHCP clients. The DHCP server is the one included
in the ISC distribution.
This section describes both the client-side components of
the ISC and OpenBSD DHCP client and server-side components of
the ISC DHCP system. The client-side program,
dhclient
, comes integrated within FreeBSD,
and the server-side portion is available from the net/isc-dhcp42-server
port. The
dhclient(8), dhcp-options(5), and
dhclient.conf(5) manual pages, in addition to the
references below, are useful resources.
When dhclient
, the DHCP client, is
executed on the client machine, it begins broadcasting
requests for configuration information. By default, these
requests are on UDP port 68. The server replies on UDP 67,
giving the client an IP address and other relevant network
information such as netmask, router, and DNS servers. All of
this information comes in the form of a DHCP
“lease” and is only valid for a certain time
(configured by the DHCP server maintainer). In this manner,
stale IP addresses for clients no longer connected to the
network can be automatically reclaimed.
DHCP clients can obtain a great deal of information from the server. An exhaustive list may be found in dhcp-options(5).
FreeBSD fully integrates the OpenBSD DHCP client,
dhclient
. DHCP client support is provided
within both the installer and the base system, obviating the
need for detailed knowledge of network configurations on any
network that runs a DHCP server.
DHCP is supported by
sysinstall. When configuring a
network interface within
sysinstall, the second question
asked is: “Do you want to try DHCP configuration of the
interface?”. Answering affirmatively will execute
dhclient
, and if successful, will fill in
the network configuration information automatically.
There are two things required to have the system use DHCP upon startup:
Make sure that the bpf
device
is compiled into the kernel. To do this, add
device bpf
to the kernel configuration
file, and rebuild the kernel. For more information about
building kernels, see
Chapter 9, Configuring the FreeBSD Kernel.
The bpf
device is already
part of the GENERIC
kernel that is
supplied with FreeBSD, thus there is no need to build a
custom kernel for DHCP. In the case of
a custom kernel configuration file, this device must be
present for DHCP to function
properly.
For those who are particularly security conscious,
take note that bpf
is also the
device that allows packet sniffers to work correctly
(although they still have to be run as
root
).
bpf
is
required to use DHCP; however, the security sensitive
types should probably not add
bpf
to the kernel in the
expectation that at some point in the future the system
will be using DHCP.
By default, DHCP configuration on FreeBSD runs in the background, or asynchronously. Other startup scripts continue to run while DHCP completes, speeding up system startup.
Background DHCP works well when the DHCP server responds quickly to requests and the DHCP configuration process goes quickly. However, DHCP may take a long time to complete on some systems. If network services attempt to run before DHCP has completed, they will fail. Using DHCP in synchronous mode prevents the problem, pausing startup until DHCP configuration has completed.
To connect to a DHCP server in the background while
other startup continues (asynchronous mode), use the
“DHCP
” value in
/etc/rc.conf
:
fxp0
="DHCP"To pause startup while DHCP completes, use
synchronous mode with the
“SYNCDHCP
” value:
fxp0
="SYNCDHCP"Replace the fxp0
shown
in these examples with the name of the interface to be
dynamically configured, as described in
Section 12.8, “Setting Up Network Interface Cards”.
When using a different file system location for
dhclient
, or if additional flags must
be passed to dhclient
, include (editing
as necessary):
The DHCP server, dhcpd, is
included as part of the
net/isc-dhcp42-server
port
in the ports collection. This port contains the ISC DHCP
server and documentation.
/etc/dhclient.conf
dhclient
requires a configuration
file, /etc/dhclient.conf
. Typically
the file contains only comments, the defaults being
reasonably sane. This configuration file is described by
the dhclient.conf(5) manual page.
/sbin/dhclient
dhclient
is statically linked and
resides in /sbin
. The
dhclient(8) manual page gives more information about
dhclient
.
/sbin/dhclient-script
dhclient-script
is the
FreeBSD-specific DHCP client configuration script. It
is described in dhclient-script(8), but should not
need any user modification to function properly.
/var/db/dhclient.leases.
interface
The DHCP client keeps a database of valid leases in this file, which is written as a log. dhclient.leases(5) gives a slightly longer description.
The DHCP protocol is fully described in RFC 2131. An informational resource has also been set up at http://www.dhcp.org/.
This section provides information on how to configure a FreeBSD system to act as a DHCP server using the ISC (Internet Systems Consortium) implementation of the DHCP server.
The server is not provided as part of FreeBSD, and so the
net/isc-dhcp42-server
port must be installed to provide this service. See
Chapter 5, Installing Applications: Packages and Ports for more information on using the
Ports Collection.
In order to configure the FreeBSD system as a DHCP server,
first ensure that the bpf(4) device is compiled into
the kernel. To do this, add device bpf
to the kernel configuration file, and rebuild the kernel.
For more information about building kernels, see
Chapter 9, Configuring the FreeBSD Kernel.
The bpf
device is already part
of the GENERIC
kernel that is supplied
with FreeBSD, so there is no need to create a custom kernel in
order to get DHCP working.
Those who are particularly security conscious should
note that bpf
is also the device
that allows packet sniffers to function correctly
(although such programs still need privileged access).
The bpf
device
is required to use DHCP, but if the
sensitivity of the system's security is high, this device
should not be included in the kernel purely because the
use of DHCP may, at some point in the
future, be desired.
An example configuration file is installed by the
net/isc-dhcp42-server
port. Copy the example
/usr/local/etc/dhcpd.conf.example
to the actual configuration file,
/usr/local/etc/dhcpd.conf
. Edits
will be made to this new file.
dhcpd.conf
is comprised of
declarations regarding subnets and hosts, and is perhaps
most easily explained using an example :
This option specifies the domain that will be provided to clients as the default search domain. See resolv.conf(5) for more information on what this means. | |
This option specifies a comma separated list of DNS servers that the client should use. | |
The netmask that will be provided to clients. | |
A client may request a specific length of time that a lease will be valid. Otherwise the server will assign a lease with this expiry value (in seconds). | |
This is the maximum length of time that the server
will lease for. Should a client request a longer
lease, a lease will be issued, although it will only
be valid for | |
This option specifies whether the DHCP server should attempt to update DNS when a lease is accepted or released. In the ISC implementation, this option is required. | |
This denotes which IP addresses should be used in the pool reserved for allocating to clients. IP addresses between, and including, the ones stated are handed out to clients. | |
Declares the default gateway that will be provided to clients. | |
The hardware MAC address of a host (so that the DHCP server can recognize a host when it makes a request). | |
Specifies that the host should always be given the same IP address. Note that using a hostname is correct here, since the DHCP server will resolve the hostname itself before returning the lease information. |
Once the configuration of
dhcpd.conf
has been completed,
enable the DHCP server in
/etc/rc.conf
, i.e., by adding:
Replace the dc0
interface name with
the interface (or interfaces, separated by whitespace)
that the DHCP server should listen on for DHCP client
requests.
Proceed to start the server by issuing the following command:
#
service isc-dhcpd start
Any future changes to the configuration of the server
will require the sending of a SIGTERM
signal to dhcpd rather than a
SIGHUP
. It is definitely more simple to
use service(8) to completely restart the
service.
/usr/local/sbin/dhcpd
dhcpd is statically
linked and resides in
/usr/local/sbin
. The dhcpd(8)
manual page installed with the port gives more
information about
dhcpd.
/usr/local/etc/dhcpd.conf
dhcpd requires a
configuration file,
/usr/local/etc/dhcpd.conf
before it
will start providing service to clients. This file
needs to contain all the information that should be
provided to clients that are being serviced, along with
information regarding the operation of the server. This
configuration file is described by the
dhcpd.conf(5) manual page installed by the
port.
/var/db/dhcpd.leases
The DHCP server keeps a database of leases it has issued in this file, which is written as a log. The manual page dhcpd.leases(5), installed by the port gives a slightly longer description.
/usr/local/sbin/dhcrelay
dhcrelay is used in
advanced environments where one DHCP server forwards a
request from a client to another DHCP server on a
separate network. If this functionality is required,
then install the
net/isc-dhcp42-relay
port. The dhcrelay(8) manual page provided with
the port contains more detail.
All FreeBSD documents are available for download at http://ftp.FreeBSD.org/pub/FreeBSD/doc/
Questions that are not answered by the
documentation may be
sent to <freebsd-questions@FreeBSD.org>.
Send questions about this document to <freebsd-doc@FreeBSD.org>.