Table of Contents
ISC dhcp3-server with LDAP backend
For large networks it might be a good idea to store DHCP-information in a central LDAP-database. Brian Masney has written a patch that gives the ISC DHCP-server an LDAP backend. You can find more information and download the patch at http://www.newwave.net/~masneyb/.
Download the sources of the ISC DHCP-server at http://www.isc.org, apply the LDAP-patch and then configure and compile the software or, even better, create binary packages for your GNU/Linux distribution of choice.
We built new Debian-packages (i386 platform only) based on the Debian Sarge source packages for the ISC DHCP-server.
Install the patched packages
dpkg -i dhcp3-common_3.0.4-1ldap_i386.deb dhcp3-server_3.0.4-1ldap_i386.deb
Add the interface to bind to to /etc/default/dhcp3-server
Install an LDAP-enabling /etc/dhcp3/dhcpd.conf
ldap-server "xenfds.intra.example.com"; ldap-port 389; # We do an anonymous bind # ldap-username "cn=directorymanagerloginname"; # ldap-password "mypassword"; ldap-base-dn "ou=DHCP,dc=intra,dc=example,dc=com"; ldap-method static; ldap-debug-file "/var/log/dhcp-ldap-startup.log";
In the chapter on installing the Fedora Directory Server we already described the custom LDAP-scheme that is required for DHCP usage (64ldapdhcp.ldif).
A basic example to fill the DHCP part of the LDAP-server is needed to get things going. You can save it eg. as /opt/dhcp-ldap.ldif
dn: ou=DHCP,dc=intra,dc=example,dc=com ou: DHCP objectClass: top objectClass: organizationalUnit description: DHCP Servers dn: cn=DHCP Config, ou=DHCP,dc=intra,dc=example,dc=com cn: DHCP Config objectClass: top objectClass: dhcpService dhcpPrimaryDN: cn=xendns, ou=DHCP,dc=intra,dc=example,dc=com dhcpStatements: ddns-update-style none dhcpStatements: get-lease-hostnames true dhcpStatements: use-host-decl-names true dn: cn=192.168.1.0, cn=DHCP Config, ou=DHCP,dc=intra,dc=example,dc=com cn: 192.168.1.0 objectClass: top objectClass: dhcpSubnet objectClass: dhcpOptions dhcpNetMask: 24 dhcpRange: 192.168.1.150 192.168.1.200 dhcpStatements: default-lease-time 600 dhcpStatements: max-lease-time 7200 dhcpOption: netbios-name-servers 192.168.1.16 dhcpOption: subnet-mask 255.255.255.0 dhcpOption: routers 192.168.1.1 dhcpOption: domain-name-servers 192.168.1.11 dhcpOption: domain-name "intra.example.com" dn: cn=xendns, ou=DHCP,dc=intra,dc=example,dc=com cn: xendns objectClass: top objectClass: dhcpServer dhcpServiceDN: cn=DHCP Config, ou=DHCP,dc=intra,dc=example,dc=com dn: cn=xenclient, cn=DHCP Config, ou=DHCP,dc=intra,dc=example,dc=com cn: xenclient objectClass: top objectClass: dhcpHost dhcpHWAddress: ethernet 00:16:3e:3d:eb:87 dhcpStatements: fixed-address 192.168.1.111
You can add the LDIF to the LDAP-database like so:
/opt/fedora-ds/slapd-xenfds/ldif2ldap "cn=Directory Manager" yourpassword /opt/dhcp-ldap.ldif
As an alternative you might use the available perl-script to convert your current dhcpd.conf to LDIF.
Finally start your DHCP-server and you're done. In case any debugging is needed, start with the files /var/log/dhcp-ldap-startup.log and /var/log/daemon.log, however Brian's patch and the ISC server do have additional options.
ISC dhcp3-server without LDAP backend
Below is an example of dhcpd.conf that enables running a dhcp3-server without LDAP backend.
Remember, our project doesn't support DDNS (yet).
Install the software
apt-get install dhcp3-server
Content of /etc/dhcp3/dhcpd.conf
allow booting;
allow bootp;
ddns-update-style none;
option domain-name "intra.example.com";
option domain-name-servers 192.168.1.11, 192.168.1.31;
option netbios-name-servers 192.168.1.16;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
default-lease-time 6000;
max-lease-time 72000;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.150 192.168.1.200;
}
In case of more than one NIC or when using a Xen domU als vehicle for your server, edit /etc/default/dhcp3-server
INTERFACES="eth1"
Start the DHCP-server
/etc/init.d/dhcp3-server start
