Infinet Wireless: Technical Documentation
Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Commands used for configuration/review of current DHCP server state are entered using console or Telnet. Prefix command for WANFleX command interpreter is "dhcpd".

Full command list (without prefix command):

Syntax:

add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>
add dscope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>

add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*>
clear
delete option <OPTION_NAME>
delete scope <SCOPE_NAME>
delete virtual interface <VIFNAME>
interface <INTERFACE> delete option <OPTION_NAME>
interface <INTERFACE> option <OPTION_NAME> <OPTION_VALUE>
interface <INTERFACE> reservation <CLIENT_ID> delete option <OPTION_NAME>
interface <INTERFACE> reservation
     <CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
interface <INTERFACE|*> show boundhistory
interface <INTERFACE|*> show client <CLIENT_ID|*>
lock interface <INTERFACE>
option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID>
scope <SCOPE_NAME> add exclude <START_IP> <END_IP>
scope <SCOPE_NAME> add reservation <CLIENT_ID> <CLIENT_IP>
scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID>
scope <SCOPE_NAME> delete exclude <START_IP>
scope <SCOPE_NAME> delete option <OPTION_NAME>
scope <SCOPE_NAME> delete reservation <CLIENT_ID>
scope <SCOPE_NAME> interface <INTERFACE|*>
scope <SCOPE_NAME> option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> reservation
    <CLIENT_ID> delete option <OPTION_NAME>

scope <SCOPE_NAME> reservation
     <CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>
scope <SCOPE_NAME> set range <START_IP> <END_IP>
scope <SCOPE_NAME|*> show declinehistory
show config
show interface <INTERFACE|*>
show options
show scope <NAME|*>
show unleases <SUBSTR|*>
show version
start
stop
unlock interface <INTERFACE>

virtual interface <VIFNAME> add subnet <IP_ADDRESS> <SUBNET_MASK>

virtual interface <VIFNAME> change <GATEWAY> <GWIFNAME|*>

virtual interface <VIFNAME> delete subnet <IP_ADDRESS> <SUBNET_MASK>

Commands are not case-sensitive and can be shortened unless ambiguity appears.

For example, "dhcpd show scope *" command can be shorted to "dhcpd s s *", in its turn "dhcpd show config -" to "dhcpd sh c". The commands which change DHCP configuration (including “stop” and “start” commands) can be executed only by administrator with "super-user" rights. Other commands can be executed by any user.

In above command list parameters are put into <>. If parameter value contains spaces, this parameter must be put into quotes.

Example,

#2>dhcpd scope MSOFT add classid "MSFT 5.0"

or

#2>dhcpd add scope "Micro Soft" eth0 9.1.1.201 9.1.1.250

CAUTION

DHCP executes commands ONLY after its start:

dhcpd start

DHCP Client

DHCP protocol is used for (workstations and servers) TCP/IP network hosts connection parameters dynamic configuration. UDP/IP protocol is used as a transport protocol. Host which requests data for its network connection configuration (IP-address, subnet mask, default gateway etc) is called DHCP-client. IP-address is a basic configuration parameter. After client’s start it sends a DHCP request over the network so it could get a lease of IP-address and other network parameters. For its identification in its request a client may use client identifier. In general case, client identifier is a binary set of bytes which is unique within a physical network segment to which a client is connected. If client does not provide an identifier, the server will accept client’s MAC-address for network interface. Thus, in DHCP server a client is identified by its identifier and network interface from which server accepts client’s requests (client’s interface). Client’s identifier ("<CLIENT_ID>" parameter in commands) is represented as ID:<identifier> or 01:<MAC-address of network adapter>.

Example,

ID:01:00:04:35:22:88:1D.

In its requests to the server, a client may indicate its class (class identifier). Class identifier is a string which defines one of client’s properties which is common for a set of clients. For example, it can be client operating system’s name.  E.g. DHCP clients which work under OS Windows XP send “MSFT 5.0” as a class identifier, InfiNet Wireless IP-phones – “IW_IP_PHONE”. Client’s class can be used by server administrator for automatic clients’ grouping in address scopes in order to conveniently assign them specific configuration parameters (options).

Address scope

Scope is a range of IP-addresses within which a server can assign addresses to its clients. Scopes are located in a configuration database of a server and are identified by names configured by server administrator when this scope was created. Scope is created by the following command:

Syntax:

dhcpd add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>

  • "SCOPE_NAME" – scope name. It is not case-sensitive and must be unique. If scope name contains spaces, server will automatically substitute them with “underscore” sign (_).
  • "INTERFACE" – name of the network interface with which this scope will be attached (allowed interface). If * is specified as interference, that means that this scope can be attached to all suitable network interfaces. Suitable network interface is an interface which contains a subnet of IP-addresses (aliases) that includes starting and ending IP-addresses of the scope.
  • "START_IP and END_IP" – starting and ending IP-addresses of the scope correspondingly. When attaching to network interface, it is checked if a range of this scope does not intersect (and is not included) within another scope that might be attached to this interface. When IP-addresses are assigned to clients, only those scopes can be used which are connected to the same network interface as a client.

In any case, if a scope cannot be attached, it is not deleted.

To create dynamic scope you can use the following command:

dhcpd add dscope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP>

 Example,

#2> dhcpd add scope MSOFT eth0  192.168.177.20 192.168.177.22

[eth0] <192.168.177.12> (MSOFT): 
  192.168.177.20-192.168.177.22   Scope attached
OK

In the example, we created a scope with MSOFT as a name and for suitable interface eth0.

#2> dhcpd add scope new * 10.12.12.30 10.12.12.50
WRN: Scope created, but not attached.

Here a scope with new name was created to be attached to any suitable interface. A scope was successfully created but could not find a suitable interface to be attached to.

In order to change a range of addresses of existing scope one can use the following command.

Syntax:

dhcpd scope <SCOPE_NAME> set range <START_IP> <END_IP>

  • "SCOPE_NAME" – scope name which range we change
  • "START_IP and END_IP" – new starting and ending IP-addresses of a scope correspondingly

In order to change an interface for the scope one can use the following command.

Syntax:

scope <SCOPE_NAME> interface <INTERFACE|*>

  • "SCOPE_NAME" – scope name which interface we change
  • "INTERFACE" – name of the network interface to which a scope is attached to. If a system does not have an interface with specified name or a system cannot attach this scope to specified interface, the scope will be immediately detached. This feature can be used for temporary shutdown of one of the scopes.

Example,

#2> dhcpd scope OTHER interface -eth0
[eth0] <192.168.177.12> (OTHER):
 192.168.177.10-192.168.177.19   Scope detached
OK

Thus, we detached OTHER scope. In order to attach it again we need the following command:

#2> dhcpd scope OTHER interface eth0 (and *)
[eth0] <192.168.177.12> (OTHER):
 192.168.177.10-192.168.177.19   Scope attached
OK

One can set up excludes into scope range of addresses. Excludes are range of addresses which belong to the scope but are not given to DHCP server clients. The following command should be used:

Syntax:

dhcpd scope <SCOPE_NAME> add exclude <START_IP> <END_IP>

  • "SCOPE_NAME" – scope name to which we add excludes
  • "START_IP and END_IP" – starting and ending addresses of an exclude. Exclude’s range should not intersect (or belong) with any of previous excludes assigned to this scope. Exclude’s range should belong to the scope. To delete an exclude, one should do the following:

Syntax:

dhcpd scope <SCOPE_NAME> delete exclude <START_IP>

This command’s parameters are identical to the command for exclude configuration besides the fact that here one can specify only starting address of an exclude to be deleted.

CAUTION

When executing command "dhcpd scope <SCOPE_NAME> set range <START_IP> <END_IP>", excludes which were created before range changing and which stop satisfying conditions described above, will be deleted automatically.

Client class filter (CLASSID)

Scope of addresses has clients class filter. If a client in its request submits its class, a server is able to give an IP-address only from those scopes which are connected to client’s interface and which have client’s class specified in their class filter. Class filter is a set of client vendor class id from which it is allowed to give a lease for IP-addresses from the scope. In order to create a class filter for a scope, one should add one or more client vendor class id. To add a client vendor class id to the scope, the following command is used:

Syntax:

scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID>

  • "SCOPE_NAME" – name of the scope to which client vendor class id is added ("CLIENT_CLASS_ID")
  • "CLIENT_CLASS_ID" – a set of characters of variable length (up to 255 characters). If this parameter contains spaces it should be specified in quotes. This "<CLIENT_CLASS_ID>" is compared to what client submits when requests for IP-address lease. If client submitted a class which does not present in any of scope’s filters or a client did not submit any class name, only scopes with no class filters can be used for IP-address lease.

In order to delete a class from the filter, the following command is used:

Syntax:

scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID>

Network interfaces (INTERFACE)

Network interface – physical or VLAN network adaptor registered in OS WANFleX core. After its start, the server automatically detects all network interfaces which are suitable for serving DHCP clients. Suitable interface is an interface connected to a multiple-access network with broadcast support (including VLAN support). In server database each interface is identified by its name which was assigned to it while registration in WANFleX OS core. In order to review all interfaces, use the following command:

Syntax:

show interface <INTERFACE|*>

  • "INTERFACE" – network interface name which information is required. If * is specified instead of interface name, all interfaces’ information is printed. Command output is a structured list::

Example,

#2> dhcpd show interface *
>INTERFACES
[eth0] UP
 <SUBNET> 9.1.1.100/255.255.255.0
        <SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
 <SUBNET> 192.168.177.12/255.255.255.0
        <SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
        <SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
 <SUBNET> 192.168.178.1/255.255.255.0
OK

From this example it is seen that two network interfaces ("eth0"  and  "vlan0") are served. "eth0" is turned on (UP) and it has two IP-subnets. To one of the subnets we can see a scope PHONES connected. To another subnet: OTHER and MSOFT. None of the scopes can be connected to "vlan0" interface as it was turned off by the administrator (DOWN).

If required it is possible to lock one or several interfaces – in this case they cannot be used. Command is the following:

Syntax:

lock interface <INTERFACE>

  • "<INTERFACE>" - interface name. When locking interface, all attached scopes will be detached. Other scopes cannot be attached to the interface while it is locked.

Example,

#2> dhcpd show interface *
>INTERFACES
[eth0] UP
 <SUBNET> 9.1.1.100/255.255.255.0
        <SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
 <SUBNET> 192.168.177.12/255.255.255.0
        <SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
        <SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
 <SUBNET> 192.168.178.1/255.255.255.0
OK

In this example DHCP server has two interfaces: "eth0" and "vlan0". "vlan0" interfaces was turned down by WANFleX command: "ifconfig vlan0 down". Eth0 is turned on and we see three scopes attached to it: phones, other and msoft. PHONES is attached to 9.1.1.100/255.255.255.0 subnet, two others - to 192.168.177.12/255.255.255.0 subnet. Imagine that we want lock eth0 interface:

Example,

#2> dhcpd lock interface eth0
[eth0] <9.1.1.100> (PHONES):
  9.1.1.151-9.1.1.200   Scope detached
[eth0] <192.168.177.12> (OTHER):
  192.168.177.10-192.168.177.19   Scope detached
[eth0] <192.168.177.12> (MSOFT):
  192.168.177.20-192.168.177.22   Scope detached
OK

After locking, let us see interfaces information again:

#2> dhcpd show interface *
>INTERFACES
[eth0] UP LOCKED
 <SUBNET> 9.1.1.100/255.255.255.0
 <SUBNET> 192.168.177.12/255.255.255.0
[vlan0] DOWN
 <SUBNET> 192.168.178.1/255.255.255.0
OK

Now "eth0" interface is locked and it had all his scopes detached.

Interface can be unlocked:

Syntax:

dhcpd unlock interface <INTERFACE>

Example,

#2> dhcpd unlock interface eth0
[eth0] <192.168.177.12> (MSOFT):
  192.168.177.20-192.168.177.22   Scope attached
[eth0] <192.168.177.12> (OTHER):
  192.168.177.10-192.168.177.19   Scope attached
[eth0] <9.1.1.100> (PHONES):
  9.1.1.151-9.1.1.200   Scope attached
OK
#2> dhcpd show interface *
>INTERFACES
[eth0] UP
 <SUBNET> 9.1.1.100/255.255.255.0
        <SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
 <SUBNET> 192.168.177.12/255.255.255.0
        <SCOPE> (OTHER) 192.168.177.10 - 192.168.177.19
        <SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.22
[vlan0] DOWN
 <SUBNET> 192.168.178.1/255.255.255.0
OK

Scope reservation

The target of scope reservation is to reserve an IP-address for a specific client. The command is the following:

Syntax:

dhcpd scope <SCOPE_NAME> add reservation <CLIENT_ID> <CLIENT_IP>

  • "SCOPE_NAME" – name of the scope to which reservation is added,
  • "CLIENT_ID" – client identifier,
  • "CLIENT_IP" – IP-address which will be given to this client. Scope reservations are saved in configuration database of the server and are identified by scope name and client’s identifier.

Example,

#2>dhcpd scope PHONES add reservation ID:01:00:04:35:00:22:23 9.1.1.170
OK

Thus if a client ID:01:00:04:35:00:22:23 sends a request to the interface with attached scope PHONES, the server will definitely give this client 9.1.1.170 address. IP-address of the reservation must be within a scope range. Excludes does not affect the reservation. If you add a reservation and another registration for the same client exists in another pool, new reservation will not be created and the user will see an error message.

#1> dhcpd scope other add reservation
       ID:01:00:04:35:00:22:23 192.168.177.10
[eth0] <192.168.177.12> (OTHER):
 192.168.177.10-192.168.177.19  Reservation for "ID:01:00:04:35:00:22:23" already exists in scope PHONES with IP=9.1.1.170
ERR: Reservation's IP is out of scope's range

Moreover, reservation does not obey class filtering rules.

Example,

#2> dhcpd show scope *
>SCOPES:
(MSOFT)         192.168.177.20  - 192.168.177.22  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
 <CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"      'wad     ' 192.168.177.20  <BOUND>    since 01/01/2003 05:01:08
 <FREE RANGE>   192.168.177.21  - 192.168.177.22   =2

          (NEW)           10.12.12.30     - 10.12.12.50     [*]

(OTHER)         192.168.177.10  - 192.168.177.19  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <CLIENT> ID:01:00:05:90:02:1F:C8 ""              '        ' 192.168.177.10  <BOUND>    since 01/01/2003 05:34:24
 <FREE RANGE>   192.168.177.11  - 192.168.177.11   =1
 <FREE RANGE>   192.168.177.13  - 192.168.177.19   =7

(PHONES)        9.1.1.151       - 9.1.1.200       [*] ATTACHED [eth0] <9.1.1.100>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_IP_PHONE"
 <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE"   'Stas    ' 9.1.1.151       <BOUND>    since 01/01/2003 05:00:34
 <FREE RANGE>   9.1.1.152       - 9.1.1.169        =18
 <RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE"   'Andrew  ' 9.1.1.170       <BOUND>    since 01/01/2003 05:49:35
 <FREE RANGE>   9.1.1.171       - 9.1.1.200        =30
 <OPTION>       Router  9.1.1.3
 <OPTION>       H323_GK_ADDRESS 195.38.45.84

OK

Here, a client ID:01:00:05:90:02:1F:C8 in his DHCP request did not specify his class (“”), so OTHERS scope (192.168.177.12/255.255.255.0 subnet,  eth0 interface) as this scope does not have class filters. However, administrator wants this client to get his additional configuration parameters from PHONES scope. In order to do that, a reservation is created:

#2> dhcpd scope PHONES add reservation
        ID:01:00:05:90:02:1F:C8 9.1.1.200
OK
#2> dhcpd show scope *
>SCOPES:
(MSOFT)         192.168.177.20  - 192.168.177.22  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
 <CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"      'wad     ' 192.168.177.20  <BOUND>    since 01/01/2003 05:01:08
 <FREE RANGE>   192.168.177.21  - 192.168.177.22   =2

(NEW)           10.12.12.30     - 10.12.12.50     [*]

(OTHER)         192.168.177.10  - 192.168.177.19  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <FREE RANGE>   192.168.177.10  - 192.168.177.11   =2
 <FREE RANGE>   192.168.177.13  - 192.168.177.19   =7

(PHONES)        9.1.1.151       - 9.1.1.200       [*] ATTACHED [eth0] <9.1.1.100>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_IP_PHONE"
 <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE"   'Stas    ' 9.1.1.151       <BOUND>    since 01/01/2003 05:00:34
 <FREE RANGE>   9.1.1.152       - 9.1.1.169        =18
 <RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE"   'Andrew  ' 9.1.1.170       <BOUND>    since 01/01/2003 05:49:35
 <FREE RANGE>   9.1.1.171       - 9.1.1.199        =29
 <RESERV> ID:01:00:05:90:02:1F:C8 ""              '        ' 9.1.1.200       <BOUND>    since 01/01/2003 06:22:30
 <OPTION>       Router  9.1.1.3
 <OPTION>       H323_GK_ADDRESS 195.38.45.84

OK

If reservation is no more required, you can delete it:

Syntax:

dhcpd scope <SCOPE_NAME> delete reservation <CLIENT_ID>

If a client acquired its IP-address, after reservation deletion a server will hold a lease of this address to this client if a client does violate scope’s rules (excludes and class filters).

Example,

#1> dhcpd scope phones delete
       reservation ID:01:00:05:90:02:1F:C8
OK
#1> dhcpd show scope *
>SCOPES:
(MSOFT)         192.168.177.20  - 192.168.177.22  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
 <CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"      'wad     ' 192.168.177.20  <BOUND>    since 01/01/2003 01:01:08
 <FREE RANGE>   192.168.177.21  - 192.168.177.22   =2

(NEW)           10.12.12.30     - 10.12.12.50     [*]

(OTHER)         192.168.177.10  - 192.168.177.19  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <CLIENT> ID:01:00:05:90:02:1F:C8 ""              '        ' 192.168.177.10  <BOUND>    since 01/01/2003 01:16:36
 <FREE RANGE>   192.168.177.11  - 192.168.177.11   =1
 <FREE RANGE>   192.168.177.13  - 192.168.177.19   =7

(PHONES)        9.1.1.151       - 9.1.1.200       [*] ATTACHED [eth0] <9.1.1.100>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_IP_PHONE"
 <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE"   'Stas    ' 9.1.1.151       <BOUND>    since 01/01/2003 01:01:47
 <FREE RANGE>   9.1.1.152       - 9.1.1.169        =18
 <RESERV> ID:01:00:04:35:00:22:23 "IW_IP_PHONE"   'Andrew  ' 9.1.1.170       <BOUND>    since 01/01/2003 01:01:37
 <FREE RANGE>   9.1.1.171       - 9.1.1.200        =30
 <OPTION>       Router  9.1.1.3
 <OPTION>       H323_GK_ADDRESS 195.38.45.84

OK

In this example after the reservation was deletes, the server cancelled a lease for ID:01:00:05:90:02:1F:C8 client for IP-address 9.1.1.2000 in PHONES scope because client’s class does not fulfill class filter requirements in the scope. After some time, the same client obtained another IP-address from OTHER scope.

#1> dhcpd scope phones delete
          reservation ID:01:00:04:35:00:22:23
OK
#1> dhcpd show scope phones
>SCOPES:
(PHONES)        9.1.1.151       - 9.1.1.200       [*] ATTACHED [eth0] <9.1.1.100>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_IP_PHONE"
 <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE"   'Stas    ' 9.1.1.151       <BOUND>    since 01/01/2003 01:01:47
 <FREE RANGE>   9.1.1.152       - 9.1.1.169        =18
 <CLIENT> ID:01:00:04:35:00:22:23 "IW_IP_PHONE"   'Andrew  ' 9.1.1.170       <BOUND>    since 01/01/2003 01:01:37
 <FREE RANGE>   9.1.1.171       - 9.1.1.200        =30
 <OPTION>       Router  9.1.1.3
 <OPTION>       H323_GK_ADDRESS 195.38.45.84

OK

ID:01:00:04:35:00:22:23 client did not have his lease cancelled (9.1.1.170 address) because this client fulfills all scope’s rules.

CAUTION

When executing "dhcpd scope <SCOPE_NAME> set range <START_IP> <END_IP>" command, all reservations that stop fulfilling scope’s range of addresses will be deleted automatically.

Configuration options

Configuration options are parameters which clients might request from the server for more precise host configuration. These parameters are Address Time, Router, NTP Servers etc. Clients may request a different set of these parameters. The parameters are only sent when a client included them in its request and only when server knows the value of the parameter. Divisions and values of the parameters are defined while DHCP server configuration. Divisions can be defined for the following purposes:

  1. Scope reservation. Options values from this division will be given to the client of this reservation.
  2. Interface reservation. Options are sent if requested option’s value is not in scope’s reservation divisions.
  3. Scope. Option values from this division can be sent to the client who received an address lease from this scope only if the option requested by the client is not in scope’s or interface’s reservation division.
  4. Interface. Sent to the client who received a lease from one of the scopes which is attached to the interface (and the value of the requested option was not in scope’s reservation, in the scope itself and in interface’s reservation).
  5. Server. Sent to clients which received a lease from one of the scopes (if the value of the option was not in all divisions listed above)? Meaning of the division – default value.

If option’s value does not exist in all divisions, client does not receive anything from the server. Two exceptions are possible:

  • Address Time – the value of this parameter is ALWAYS sent to the client. If this value is not specified in all divisions, the client receives a default value of 120 (lease time – 2 minutes).
  • Subnet Mask – the value of this parameter is ALWAYS sent to the client. The value of this option is automatically determined by the server and it cannot be defined in options divisions while server configuration. The value of the subnet mask for the client always equals subnet mask of the interface to which the scope is attached (this scope gave a lease to the client)

DHCP configuration options (overall table) is available using the following link: http://www.iana.org/assignments/bootp-dhcp-parameters

To define a set of options, DHCP server has special commands for each division. These commands have parameters, which are inputted in a common way (for all divisions):

  • "OPTION_NAME" – name of the option (see the link for the table above). If option name has spaces, they must be substituted with “_” sign. Option name is not case-sensitive.
  • "OPTION_VALUE" – value of the option. Input format depends on the purpose of the option and is divided into three categories by DHCP server:
    • Symbolic. A string (e.g. for Bootfile-Name option). If this option’s value has spaces, the option value should be put in quotes.
    • Binary. One or several decimal numbers. If several numbers should be specified, they are separated by commas. Options examples: Address Time, Time Offset.
    • IP-address. One or several values – IP-addresses. Several IP-addresses are separated by commas.

Commands for defining/adding options for different divisions:

  • Scope reservation division

Syntax:

dhcpd scope <SCOPE_NAME> reservation
      <CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>

    • "SCOPE_NAME" – scope name for which reservation one need to define an option value.
    • "CLIENT_ID" – reservation client identifier. If this option with the same name was defined, the value will be changed to the one specified in this command.
  • Interfaces reservations division

Syntax:

dhcpd interface <INTERFACE> reservation
     <CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE>

    • "INTERFACE" – name of the interface where client’s (CLIENT_ID) reservation is created. If this interface did not have a reservation for this client, this command will automatically create this reservation and will add it to the options set.

Interfaces reservations are required for specific settings for the client no matter from what scope the client is getting his address lease. Interface reservation is different from scope reservation in two parameters:

    • Does not define a fixed IP-address for the client. Thus it takes for the server to dynamically define from which scope and which IP-address is to be given to the client.
    • Allows changing client’s class. If Class ID option is defined for the interfaces reservation, the class will be changed for the option’s value when a client from this reservation sends a request. It becomes necessary when DHCP client does not send its class.

Creating interface reservation does not contradict with scope reservation for the same client.

  • Scope divisions

Syntax:

dhcpd scope <SCOPE_NAME>
     option <OPTION_NAME> <OPTION_VALUE>

  • Interface divisions

Syntax:

dhcpd interface <INTERFACE>
   option <OPTION_NAME> <OPTION_VALUE>

  • Server divisions

Syntax:

dhcpd option <OPTION_NAME> <OPTION_VALUE>

Of course, there is a set of commands which delete all of these options from the divisions:

Syntax:

dhcpd scope <SCOPE_NAME>
     reservation <CLIENT_ID> delete option <OPTION_NAME>

dhcpd scope <SCOPE_NAME> delete option <OPTION_NAME>

dhcpd interface <INTERFACE>
     reservation <CLIENT_ID> delete option <OPTION_NAME>

dhcpd interface <INTERFACE> delete option <OPTION_NAME>

dhcpd delete option <OPTION_NAME>

One should pay a great deal of attention to the deletion of interfaces reservation division options. If, after deletion, it turns out that options set for this reservation is empty, the interface reservation will be deleted automatically.

Not all of the options can be defined in any division. Apart from Subnet Mask (was described above), there are options which can be defined for some particular divisions.

Example,

#1> dhcpd scope phones option class_id "TestClass"
ERR: This option cannot contain in the given division.

Moreover, there is a set of service options which although are included into a summary table, they do not act as configuration parameters but act as service parameters. The list of service options of DHCP server looks as follows:

  • Subnet Mask
  • Address Request
  • Overload
  • DHCP Msg Type
  • DHCP Server Id
  • Parameter List
  • DHCP Message
  • DHCP Max Msg Size
  • Client Id

If you attempt to add one of these options to any division, the server will report an error: "ERR:" This option cannot contain in the given division.

To control options which were requested by the client and given to him, one can use the following command:

Syntax:

dhcpd interface <INTERFACE|*> show client <CLIENT_ID|*>

  • "INTERFACE" – name of a network interface which information is requested
  • "CLIENT_ID" – client’s identifier, which information is requested. Instead of interface name one can specify “*”: this will print information for all clients and interfaces. Instead of client’s identifier it is permitted to specify “*”: this will print information about all clients for the specified interface. The information is shown only for clients with given address lease from one of the scopes which is attached to the specified interface.

Example,

#2> dhcpd interface * show client *
>INTERFACES CLIENTS
--------- [eth0] ---------
(IPHONES) <CLIENT> ID:01:00:04:35:00:22:24 "IW_IP_PHONE" 'Unknown node' 192.168.0.101   <BOUND>    since 25/04/2005 11:32:57
SUPPLIED OPTIONS:
#1       .  .  .  .  . DF Subnet Mask               255.255.255.0
#2       .  .  .  .  .  . Time Offset               <not supplied>
#3       .  .  S  .  .  . Router                    192.168.0.1
#7       .  .  .  .  .  . Log Server                <not supplied>
#42      .  .  S  .  .  . NTP Servers               192.168.0.1
#230     .  .  S  .  .  . H323 GK ADDRESS           192.168.0.1
#231     . IR  .  .  .  . H323 LOGIN ALIAS          IWPhone/V. Pupkin/101
#232     .  .  .  .  .  . H323 GK ID                <not supplied>

Here, the list of client’s supplied options consists of records (strings) which contain a number (#<N>) of a supplied option, a map of server’s divisions from which this option was supplied to a client (if was supplied), name of the option and its value. If a requested option was not defined in any of server’s divisions, it is displayed as <not supplied> in the list. On the map the divisions are displayed using the following indication:

  • "SR" – scope reservation division
  • "IR" – interface reservation division
  • "S" – scope reservation
  • "I" – client’s interface division
  • "SV" – server’s division

Moreover, the options which were requested by clients and supplied to them but which were not defined in any division (e.g. Subnet Mask) are marked as DF.

Creating User-Defined Options

Besides standard well known DHCP Server options one can create his own ones using the following command:

dhcpd useroption <NAME> code <CODE> type <TYPE>

The NAME and the CODE of the created option should be unique from the standard and previously created user-defined DHCP options.

The TYPE of the option can be of the following values:

  • "n8"  - 8-bit integer
  • "n16" – 2-bytes integer
  • "n32" – 4-bytes integer
  • "ip"  - IP-address
  • "ipp" – IP-address pairs (classful routes)
  • "clr" – classless routes in the following format: A.B.C.D/M>R.R.R.R,
    • "A.B.C.D" - is a network address, 
    • "M" – network mask 
    • "R.R.R.R" - is a gateway IP-address
  • "text" – text string (254 characters maximum).

User-defined options can be defined for different divisions (scope and scope reservation, interfaces and interface reservation, server).

Example,

dhcpd start
dhcpd useroption "Room Numbers" code 199 type n16
dhcpd scope TEST option "Room Numbers" 123,156,432

To delete a User-Defined option use the following command:

dhcpd delete useroption <NAME>

Address Time

Any IP-address lease is limited by the time specified in Address Time option. If a client which was given a lease does not extend it within Address Time period, the server will cancel the lease. The value of this time may be defined by the client but it should not exceed its maximal value. The maximal time of a lease is set up in Address Time of one of the divisions to which this client is applied. If a server does not have this option defined, the maximal time will be set to 120 seconds. In case if a client does not request Address Time parameter, the server will give a lease for a maximal time according to the scheme described above.

A client, who received a lease, confirms it periodically. The periodicity is usually equal to the half of Address Time. As an acknowledgement to the lease prolongation the server resends configuration parameters (options). Thus, if during the lease some of the options were changed in the server (or division to which this client was applied) the client will learn it in the moment of lease prolongation.

If after lease expiration the client does not confirm it, the scope cancels the lease. If the client is not a scope reservation client, the scope will mark the IP-address of this lease as “conditionally free”. On scope state output (dhcpd show scope *) this state will be marked as <OBIND>. Thus, with other addresses available for lease, the scope will not give <OBIND> addresses for new clients. If during 24 hours from the moment of lease expiration the client will request for a lease again, the server will give him the same IP-address.

#1> dhcpd show scope MSOFT
>SCOPES:
(MSOFT)         192.168.177.20  - 192.168.177.22  [eth0] ATTACHED [eth0] <192.168.177.12>/255.255.255.0
 <CLIENT CLASS IDs>: "IW_BRI_GATEWAY" "MSFT 5.0"
 <CLIENT> ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"      'wad     ' 192.168.177.20  <BOUND>    since 01/01/2003 01:01:14
 <O_BIND> ID:01:00:0F:EA:05:29:C6 "MSFT 5.0"      'win2k3sbs' 192.168.177.21  <OBIND>
 <FREE RANGE>   192.168.177.22  - 192.168.177.22   =1
OK

At the same time, the scope writes down the parameters of expired lease into a special database (boundhistory).

#1> dhcpd interface eth0 show boundhistory
[eth0]
>BOUND_HISTORY 1
(MSOFT) ID:01:00:0F:EA:05:29:C6 BOUND=192.168.177.21     until 02/01/2003 13:25:37
OK

The information about expired leases is saved in the database during 24 hours. After 24 hours the record is automatically deleted from the database, and the IP-address becomes a free address (after being <OBIND>).

The server will use <OBIND> addresses for other clients if all the scopes (which suit new clients) ran out of free addresses. The server will use the oldest records in “boundhistory” in the first turn.

The server will also cancel an address lease after a client’s corresponding request.

Admissibility check for IP-addresses lease

The check is made in order to avoid IP-addresses conflicts. After the server detected the IP-address as being free, it will perform an admissibility check prior to IP-address lease to the client. In other words, the server makes sure that this IP-address is not occupied by any host (except, may be, for the target client itself) on the client’s interface. The server makes ARP-requests on the client’s interface. If no one answered the request (may be except for the target client), the IP-address will be given for a lease.

This check is performed in any case except for case of virtual interfaces when the check is a client’s responsibility.

If IP-addresses conflict is detected, this IP-address will not be given for a lease. The server will attempt to give a next free IP-address. If, eventually, there is no free IP-address left, the server looks into boundhistory for the client’s interface. If this step failed, the server puts this client into a database of unleases.

Unleases

Clients to which DHCP server failed to give and IP-address for a lease are put to a special list – unleases. The records in this list are saved for 15 minutes if a client does not repeat an attempt to get a lease. Each record in the list consists of the following fields:

  • Name of a network interface from which a client’s request for a lease was received (client’s interface).
  • Client’s identifier
  • Client’s class identifier
  • Host name

To view the list, use the following command:

Syntax:

dhcpd show unleases <SUBSTR|*>

  • "SUBSTR" – a substring for a partial list view. When executing a command the server will print only those records which fields contain the substring (one of the fields). Substring is case-sensitive. If * is specified as a substring the full list is printed.

Example,

#1> dhcpd show unleases *
>UNLEASES 1
eth0    ID:01:00:C0:DF:10:AF:69 "MSFT 5.0"      wad
OK

Virtual interfaces

After their start, DHCP clients send broadcast request in order to get an IP-address lease. As a client at this time does not yet have an IP-address the server also uses broadcast packets to communicate with a client. It is known that broadcast packets are not routed and, thus, the dialog between DHCP server and DHCP client can occur only within one network (physical network). If DHCP server is connected to another network, the direct dialog cannot take place. However, the router which logically connects two networks withDHCP client and DHCP server can have a special software running – DHCP Relay Agent (DRA). DRA retranslates DHCP packets (including broadcast packets) from DHCP clients to DHCP server and back. Data exchange between DRA and DHCP server is performed using unicast packets only. Thus, DRA and DHCP must know each other’s IP-addresses starting from their configuration stage. For this purpose DHCP server has virtual interfaces. In fact DHCP-server virtual interface is a physical network interface placed in DRA. As DHCP does not know this interfaces subnets sets, one should specify these subnets while virtual interfaces configuration.

To create virtual interface, use the command:

Syntax:

add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*>

  • "VIFNAME" – name of the DHCP server’s virtual interface
  • "GATEWAY" – IP-address of DRA which has a corresponding physical interface.
  • "GWIFNAME" – name of DRA’s interface that performs retranslation of DHCP packets to DHCP clients. If the “*” symbol is used as “GWIFNAME” parameter DRA is allowed to use all its interfaces to retranslate DHCP packets.

After executing this command, one more interface is created in DHCP server’s configuration.

Example,

#1> dhcpd add virtual interface vvv1  192.168.177.81 *
#1> dhcpd show interface *
>INTERFACES
[eth0] UP
 <SUBNET> 9.1.1.100/255.255.255.0
        <SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
 <SUBNET> 192.168.177.12/255.255.255.0
        <SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.50
 <SUBNET> 192.168.15.55/255.255.255.0
 <RESERVATION>  for ID:01:00:05:90:02:1F:C8
        <OPTION>        Class_Id        "Swissvoice"
[vlan0] DOWN
 <SUBNET> 192.168.178.1/255.255.255.0
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP

In server’s configuration we now can observe the virtual interface. Working with this interface is no different from other interfaces. However, before a scope is attached to it, one should configure a set of subnets. The following command can be used:

Syntax:

dhcpd virtual interface <VIFNAME> add subnet <IP_ADDRESS> <SUBNET_MASK>

  • "VIFNAME" – name of the DHCP server’s virtual interface
  • "IP_ADDRESS" – IP-address which DRA has for this subnet
  • "SUBNET_MASK" – subnet mask

Example,

#1> dhcpd virtual interface vvv1
       add subnet 192.168.188.1 255.255.255.0
#1> dhcpd show interface *
>INTERFACES
[eth0] UP
 <SUBNET> 9.1.1.100/255.255.255.0
        <SCOPE> (PHONES) 9.1.1.151 - 9.1.1.200
 <SUBNET> 192.168.177.12/255.255.255.0
        <SCOPE> (MSOFT) 192.168.177.20 - 192.168.177.50
 <SUBNET> 192.168.15.55/255.255.255.0
 <RESERVATION>  for ID:01:00:05:90:02:1F:C8
        <OPTION>        Class_Id        "Swissvoice"
[vlan0] DOWN
 <SUBNET> 192.168.178.1/255.255.255.0
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
 <SUBNET> 192.168.188.1/255.255.255.0

After that, we can create a scope of addresses from which a DHCP server can give a lease to the clients to which a DRA has an access to.

Example,

#1> dhcpd add scope VIRTUAL_TEST 
     vvv1 192.168.188.20 192.168.188.50
#1> dhcpd show interface vvv1
>VIRTUAL INTERFACES
[vvv1] 192.168.177.81:* UP
 <SUBNET> 192.168.188.1/255.255.255.0
        <SCOPE> (VIRTUAL_TEST) 192.168.188.20 - 192.168.188.50
#1> dhcpd show scope virtual_test
>SCOPES:
(VIRTUAL_TEST) 192.168.188.20 - 192.168.188.50 [vvv1] ATTACHED [vvv1] <192.168.188.1>/255.255.255.0 <FREE RANGE> 192.168.188.20 - 192.168.188.50   =31

You can delete a subnet from the virtual interface’s list using the following command:

Syntax:

dhcpd virtual interface <VIFNAME> delete subnet <IP_ADDRESS> <SUBNET_MASK>

Example,

#1> dhcpd virtual interface vvv1 delete subnet 192.168.188.1 255.255.255.0
#1> dhcpd show scope virtual_test
>SCOPES:
(VIRTUAL_TEST)       192.168.188.20  - 192.168.188.50  [vvv1]

As we deleted a subnet to which a scope was connected, the scope will be detached automatically. This scope will stay detached until an appropriate subnet is configured for the “vvv1” virtual interface.

DHCP server configuration cleanup

In order to clean DHCP server configuration, it first should be stopped by “dhcpd stop” command. After that, the configuration can be cleaned:

dhcpd clear
  • No labels