The "dhcpd" command is used to manage DHCP server. Parameters of this command are entered using console with the "dhcpd" prefix for WANFleX command interpreter.
Parameters are not case-sensitive and allow arbitrary abbreviation up to one letter if command as a whole can not be perceived by the DHCP server ambiguously. E.g., "dhcpd show scope *" command can be shorted to "dhcpd s s *", and "dhcpd show config" command as "dhcpd sh c". In above command list parameters are put into <>. If parameter value contains spaces, this value must be put into quotes.
DHCP server cannot be started simultaneously with DHCP relay, if the device configuration contains the "dhcpr start" command, the server start settings will not be applied. |
The commands which change DHCP configuration (including "stop" and "start" commands) can be executed only by administrator with "super-user" rights. Other commands can be executed by any user. |
Syntax (without prefix):
add dscope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP> add scope <SCOPE_NAME> <INTERFACE|*> <START_IP> <END_IP> add virtual interface <VIFNAME> <GATEWAY> <GWIFNAME|*> clear delete option <OPTION_NAME> delete scope <SCOPE_NAME> delete useroption <NAME> delete virtual interface <VIFNAME> help options interface <INTERFACE> delete option <OPTION_NAME> interface <INTERFACE> option <OPTION_NAME> <OPTION_VALUE> interface <INTERFACE> reservation <CLIENT_ID> delete option <OPTION_NAME> interface <INTERFACE> reservation <CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE> interface <INTERFACE|*> show boundhistory interface <INTERFACE|*> show client <CLIENT_ID|*> lock interface <INTERFACE> notrace option <OPTION_NAME> <OPTION_VALUE> scope <SCOPE_NAME> add classid <CLIENT_CLASS_ID> scope <SCOPE_NAME> add exclude <START_IP> <END_IP> scope <SCOPE_NAME> add reservation <CLIENT_ID> <CLIENT_IP> scope <SCOPE_NAME> delete classid <CLIENT_CLASS_ID> scope <SCOPE_NAME> delete exclude <START_IP> scope <SCOPE_NAME> delete option <OPTION_NAME> scope <SCOPE_NAME> delete reservation <CLIENT_ID> scope <SCOPE_NAME> interface <INTERFACE|*> scope <SCOPE_NAME> option <OPTION_NAME> <OPTION_VALUE> scope <SCOPE_NAME> reservation <CLIENT_ID> delete option <OPTION_NAME> scope <SCOPE_NAME> reservation <CLIENT_ID> option <OPTION_NAME> <OPTION_VALUE> scope <SCOPE_NAME> set range <START_IP> <END_IP> scope <SCOPE_NAME|*> show declinehistory show config show interface <INTERFACE|*> show options show scope <NAME|*> show unleases <SUBSTR|*> show version show xml start stop trace unlock interface <INTERFACE> useroption <NAME> code <CODE> type <TYPE> virtual interface <VIFNAME> add subnet <IP_ADDRESS> <SUBNET_MASK> virtual interface <VIFNAME> change <GATEWAY> <GWIFNAME|*> virtual interface <VIFNAME> delete subnet <IP_ADDRESS> <SUBNET_MASK> |
The DHCP server executes commands only after its start.
|
DHCP protocol is used for (workstations and servers) TCP network hosts connection parameters dynamic configuration. UDP protocol is used as a transport protocol for DHCP. Host which requests data for its network connection configuration (IP-address, subnet mask, default gateway etc) is called DHCP client. IP-address is a basic configuration parameter. After client’s start it sends a DHCP request over the network so it could get a lease of IP-address and other network parameters. For its identification in its request a client may use client identifier. In general case, client identifier is a binary set of bytes which is unique within a physical network segment to which a client is connected. If client does not provide an identifier, the server will accept client’s MAC-address for network interface. Thus, in DHCP server a client is identified by its identifier and network interface from which server accepts client’s requests (client’s interface). Client’s identifier ("<CLIENT_ID>" parameter in commands) is represented as ID:<identifier> or 01:<MAC-address of network adapter> as it is shown at the example below.
ID:01:00:04:35:22:88:1D |
In its requests to the server, a client may indicate its class (class identifier). Class identifier is a string which defines one of client’s properties which is common for a set of clients. For example, it can be client operating system’s name. E.g. DHCP clients which work under OS Windows XP send "MSFT 5.0" as a class identifier, InfiNet Wireless IP-phones – "IW_IP_PHONE". Client’s class can be used by server administrator for automatic clients’ grouping in IP-address scopes in order to conveniently assign them specific configuration parameters (options). Scope is a range of IP-addresses within which a server can assign addresses to its clients. Scopes are located in a configuration database of a server and are identified by names configured by server administrator when this scope was created.
|
Configuration options might be requested by clients from the server for more precise host configuration. These parameters are Address Time, Router, NTP Servers etc. Clients may request a different set of these parameters. The parameters are only sent when a client included them in its request and only when server knows the value of the parameter. Divisions and values of the parameters are defined while DHCP server configuration. Divisions can be defined for the following purposes:
If option’s value does not exist in all divisions, client does not receive anything from the server. Two exceptions are possible:
DHCP configuration options (overall table) is available using the following link: http://www.iana.org/assignments/bootp-dhcp-parameters
To define a set of options, DHCP server has special commands for each division. These commands have parameters, which are inputted in a common way (for all divisions):
Not all of the options can be defined in any division. Apart from Subnet Mask (was described above), there are options which can be defined for some particular divisions. If you attempt to add one of these options to inappropriate division, the server will report an error:
|
Moreover, there is a set of service options which although are included into a summary table, they do not act as configuration parameters but act as service parameters. The list of service options of DHCP server looks as follows:
If you attempt to add one of these options to any division, the server will report an error:
ERR: This option cannot contain in the given division |
Any IP-address lease is limited by the time specified in Address Time option. If a client which was given a lease does not extend it within Address Time period, the server will cancel the lease. The value of this time may be defined by the client but it should not exceed its maximal value. The maximal time of a lease is set up in Address Time of one of the divisions to which this client is applied. If a server does not have this option defined, the maximal time will be set to 120 seconds. In case if a client does not request Address Time parameter, the server will give a lease for a maximal time according to the scheme described above.
A client, who received a lease, confirms it periodically. The periodicity is usually equal to the half of Address Time. As an acknowledgement to the lease prolongation the server resends configuration parameters (options). Thus, if during the lease some of the options were changed in the server (or division to which this client was applied) the client will learn it in the moment of lease prolongation.
If after lease expiration the client does not confirm it, the scope cancels the lease. If the client is not a scope reservation client, the scope will mark the IP-address of this lease as "conditionally free". On scope state output ("dhcpd show scope *") this state will be marked as "<OBIND>". Thus, with other addresses available for lease, the scope will not give "<OBIND>" addresses for new clients. If during 24 hours from the moment of lease expiration the client will request for a lease again, the server will give him the same IP-address.
At the same time, the scope writes down the parameters of expired lease into a special database (boundhistory).
The information about expired leases is saved in the database during 24 hours. After 24 hours the record is automatically deleted from the database, and the IP-address becomes a free address (after being "<OBIND>"). The server will use "<OBIND>" addresses for other clients if all the scopes (which suit new clients) ran out of free addresses. The server will use at first the oldest records in boundhistory. The server will also cancel an address lease after a client’s corresponding request.
Create the scope "MSOFT" with "eth0" as a permitted interface. Scope will be automatically connected to subnet "192.168.177.12" of "eth0".
| |||
Create the scope "new" with permition to connect to any suitable interface. A scope was successfully created but could not find a suitable interface to be attached to, because no one interface contains a subnet that includes the range of IP-addresses of this scope.
| |||
Thus if a client ID:01:00:04:35:00:22:23 sends a request to the interface with attached scope PHONES, the server will definitely give this client 9.1.1.170 address. IP-address of the reservation must be within a scope range. Exceptions does not affect the reservation. Even if the scope has an exception (e.g. "dhcpd scope PHONES add exclude 9.1.1.165 9.1.1.175"), to which the reserved address belongs, the server will create such a reservation anyway.
If you add a reservation for some client, but for the same client exists a reservation in another scope, new reservation will not be created and a user will see an error message.
| |||
In this example after the reservation was deleted, the server cancelled a lease for "ID:01:00:05:90:02:1F:C8" client for IP-address "9.1.1.200" in "PHONES" scope because client’s class does not fulfill class filter requirements in the scope. After some time, the same client obtained another IP-address from "OTHER" scope.
In next example "ID:01:00:04:35:00:22:23" client did not have his lease cancelled (9.1.1.170 address) because this client fulfills all scope’s rules.
| |||
Lock the "eth0" interface for DHCP server. After using of the "dhcpd show interface *" command we can see three scopes attached to "eth0": "phones", "other" and "msoft". "phones" is attached to "9.1.1.100/255.255.255.0" subnet, two others - to "192.168.177.12/255.255.255.0".
Lock the "eth0" interface.
After locking, let us see interfaces information again. We can see that now "eth0" interface is locked and it had all his scopes detached.
| |||
Create a scope of addresses from which a DHCP server can give a lease to the clients to which a DRA has an access to.
| |||
The list of client’s supplied options.
|