DHCP, the Dynamic Host Configuration Protocol, describes
the means by which a system can connect to a network and
obtain the necessary information for communication upon that
network. FreeBSD uses the OpenBSD dhclient
taken from OpenBSD 3.7. All information here regarding
dhclient is for use with either of the ISC
or OpenBSD DHCP clients. The DHCP server is the one included
in the ISC distribution.
This section describes both the client-side components of
the ISC and OpenBSD DHCP client and server-side components of
the ISC DHCP system. The client-side program,
dhclient, comes integrated within FreeBSD,
and the server-side portion is available from the net/isc-dhcp42-server port. The
dhclient(8), dhcp-options(5), and
dhclient.conf(5) manual pages, in addition to the
references below, are useful resources.
When dhclient, the DHCP client, is
executed on the client machine, it begins broadcasting
requests for configuration information. By default, these
requests are on UDP port 68. The server replies on UDP 67,
giving the client an IP address and other relevant network
information such as netmask, router, and DNS servers. All of
this information comes in the form of a DHCP
“lease” and is only valid for a certain time
(configured by the DHCP server maintainer). In this manner,
stale IP addresses for clients no longer connected to the
network can be automatically reclaimed.
DHCP clients can obtain a great deal of information from the server. An exhaustive list may be found in dhcp-options(5).
FreeBSD fully integrates the OpenBSD DHCP client,
dhclient. DHCP client support is provided
within both the installer and the base system, obviating the
need for detailed knowledge of network configurations on any
network that runs a DHCP server.
DHCP is supported by
sysinstall. When configuring a
network interface within
sysinstall, the second question
asked is: “Do you want to try DHCP configuration of the
interface?”. Answering affirmatively will execute
dhclient, and if successful, will fill in
the network configuration information automatically.
There are two things required to have the system use DHCP upon startup:
Make sure that the
bpfdevice is compiled into the kernel. To do this, adddevice bpfto the kernel configuration file, and rebuild the kernel. For more information about building kernels, see Chapter 9, Configuring the FreeBSD Kernel.The
bpfdevice is already part of theGENERICkernel that is supplied with FreeBSD, thus there is no need to build a custom kernel for DHCP. In the case of a custom kernel configuration file, this device must be present for DHCP to function properly.Note:
For those who are particularly security conscious, take note that
bpfis also the device that allows packet sniffers to work correctly (although they still have to be run asroot).bpfis required to use DHCP; however, the security sensitive types should probably not addbpfto the kernel in the expectation that at some point in the future the system will be using DHCP.By default, DHCP configuration on FreeBSD runs in the background, or asynchronously. Other startup scripts continue to run while DHCP completes, speeding up system startup.
Background DHCP works well when the DHCP server responds quickly to requests and the DHCP configuration process goes quickly. However, DHCP may take a long time to complete on some systems. If network services attempt to run before DHCP has completed, they will fail. Using DHCP in synchronous mode prevents the problem, pausing startup until DHCP configuration has completed.
To connect to a DHCP server in the background while other startup continues (asynchronous mode), use the “
DHCP” value in/etc/rc.conf:ifconfig_fxp0="DHCP"To pause startup while DHCP completes, use synchronous mode with the “
SYNCDHCP” value:ifconfig_fxp0="SYNCDHCP"Note:
Replace the
fxp0shown in these examples with the name of the interface to be dynamically configured, as described in Section 12.8, “Setting Up Network Interface Cards”.When using a different file system location for
dhclient, or if additional flags must be passed todhclient, include (editing as necessary):dhclient_program="/sbin/dhclient" dhclient_flags=""
The DHCP server, dhcpd, is
included as part of the
net/isc-dhcp42-server port
in the ports collection. This port contains the ISC DHCP
server and documentation.
/etc/dhclient.confdhclientrequires a configuration file,/etc/dhclient.conf. Typically the file contains only comments, the defaults being reasonably sane. This configuration file is described by the dhclient.conf(5) manual page./sbin/dhclientdhclientis statically linked and resides in/sbin. The dhclient(8) manual page gives more information aboutdhclient./sbin/dhclient-scriptdhclient-scriptis the FreeBSD-specific DHCP client configuration script. It is described in dhclient-script(8), but should not need any user modification to function properly./var/db/dhclient.leases.interfaceThe DHCP client keeps a database of valid leases in this file, which is written as a log. dhclient.leases(5) gives a slightly longer description.
The DHCP protocol is fully described in RFC 2131. An informational resource has also been set up at http://www.dhcp.org/.
This section provides information on how to configure a FreeBSD system to act as a DHCP server using the ISC (Internet Systems Consortium) implementation of the DHCP server.
The server is not provided as part of FreeBSD, and so the
net/isc-dhcp42-server
port must be installed to provide this service. See
Chapter 5, Installing Applications: Packages and Ports for more information on using the
Ports Collection.
In order to configure the FreeBSD system as a DHCP server,
first ensure that the bpf(4) device is compiled into
the kernel. To do this, add device bpf
to the kernel configuration file, and rebuild the kernel.
For more information about building kernels, see
Chapter 9, Configuring the FreeBSD Kernel.
The bpf device is already part
of the GENERIC kernel that is supplied
with FreeBSD, so there is no need to create a custom kernel in
order to get DHCP working.
Note:
Those who are particularly security conscious should
note that bpf is also the device
that allows packet sniffers to function correctly
(although such programs still need privileged access).
The bpf device
is required to use DHCP, but if the
sensitivity of the system's security is high, this device
should not be included in the kernel purely because the
use of DHCP may, at some point in the
future, be desired.
An example configuration file is installed by the
net/isc-dhcp42-server
port. Copy the example
/usr/local/etc/dhcpd.conf.example
to the actual configuration file,
/usr/local/etc/dhcpd.conf. Edits
will be made to this new file.
dhcpd.conf is comprised of
declarations regarding subnets and hosts, and is perhaps
most easily explained using an example :
option domain-name-servers 192.168.4.100;
option subnet-mask 255.255.255.0;
default-lease-time 3600;
max-lease-time 86400;
ddns-update-style none;
subnet 192.168.4.0 netmask 255.255.255.0 {
range 192.168.4.129 192.168.4.254;
option routers 192.168.4.1;
}
host mailhost {
hardware ethernet 02:03:04:05:06:07;
fixed-address mailhost.example.com;
}
| This option specifies the domain that will be provided to clients as the default search domain. See resolv.conf(5) for more information on what this means. |
| This option specifies a comma separated list of DNS servers that the client should use. |
| The netmask that will be provided to clients. |
| A client may request a specific length of time that a lease will be valid. Otherwise the server will assign a lease with this expiry value (in seconds). |
| This is the maximum length of time that the server
will lease for. Should a client request a longer
lease, a lease will be issued, although it will only
be valid for |
| This option specifies whether the DHCP server should attempt to update DNS when a lease is accepted or released. In the ISC implementation, this option is required. |
| This denotes which IP addresses should be used in the pool reserved for allocating to clients. IP addresses between, and including, the ones stated are handed out to clients. |
| Declares the default gateway that will be provided to clients. |
| The hardware MAC address of a host (so that the DHCP server can recognize a host when it makes a request). |
| Specifies that the host should always be given the same IP address. Note that using a hostname is correct here, since the DHCP server will resolve the hostname itself before returning the lease information. |
Once the configuration of
dhcpd.conf has been completed,
enable the DHCP server in
/etc/rc.conf, i.e., by adding:
Replace the dc0 interface name with
the interface (or interfaces, separated by whitespace)
that the DHCP server should listen on for DHCP client
requests.
Proceed to start the server by issuing the following command:
# service isc-dhcpd startAny future changes to the configuration of the server
will require the sending of a SIGTERM
signal to dhcpd rather than a
SIGHUP. It is definitely more simple to
use service(8) to completely restart the
service.
/usr/local/sbin/dhcpddhcpd is statically linked and resides in
/usr/local/sbin. The dhcpd(8) manual page installed with the port gives more information about dhcpd./usr/local/etc/dhcpd.confdhcpd requires a configuration file,
/usr/local/etc/dhcpd.confbefore it will start providing service to clients. This file needs to contain all the information that should be provided to clients that are being serviced, along with information regarding the operation of the server. This configuration file is described by the dhcpd.conf(5) manual page installed by the port./var/db/dhcpd.leasesThe DHCP server keeps a database of leases it has issued in this file, which is written as a log. The manual page dhcpd.leases(5), installed by the port gives a slightly longer description.
/usr/local/sbin/dhcrelaydhcrelay is used in advanced environments where one DHCP server forwards a request from a client to another DHCP server on a separate network. If this functionality is required, then install the
net/isc-dhcp42-relayport. The dhcrelay(8) manual page provided with the port contains more detail.