How-To: Set up a LAN gateway with DHCP, Dynamic DNS and iptables on Debian Etch — page 3 — DHCP server

2 minute read

Now that we have configured our DNS server, we need to distribute IPs to the machines in our LAN.

2. DHCP server

In order to provide an IP address to the other machines in the network, we need to use a DHCP server.

This DHCP server will provide the host with all the information needed to connect to any other accessible host. i.e, the IP, netmask, gateway, domain name server.

The DHCP server will also update bind with a nt set of hostname and IP when the client is requesting a specific hostname.

2.1. Installing the DHCP server

We are going to install the dhcp server packaged under the name of dhcp3-server. To install it, simply type:

# apt-get install dhcp3-server

Make sure you are installing dhcp3-server and not dhcp as the latter does not support dynamic dns updates.

2.2. Configuring the DHCP server

The configuration is all in /etc/dhcp3/dhcpd.conf.

In our set up, we want to give IPs in the range 192.168.2.0/24 and we want to set up our domain name to be lan.debuntu.local

We are only going to listen for DHCP queries on eth1 and thus will need to bind the service for only this specific address. To achieve this, go and edit /etc/default/dhcp3-server and make sure INTERFACES is set as follow:

...
...
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="eth1

Then, go and edit /etc/dhcp3/dhcpd.conf and make it look as follows:

#naming the server
# and enabling ddns
server-identifier router;
authoritative;

ddns-update-style interim;

include "/etc/bind/rndc.key";

#Standard DHCP info
option domain-name "lan.debuntu.local";
option domain-name-servers ns.lan.debuntu.local;

default-lease-time 600;
max-lease-time 7200;

log-facility local7;

subnet 192.168.2.0 netmask 255.255.255.0 {
  range 192.168.2.5 192.168.2.200;
  option routers  router.lan.debuntu.local;
  zone    2.168.192.in-addr.arpa. {
    primary ns.lan.debuntu.local;
    key             "rndc-key";
  }
  zone    lan.debuntu.local. {
    primary ns.lan.debuntu.local;
    key             "rndc-key";
  }
}

Which says that we provide IP addresses on the range 192.168.2.5 to 192.168.2.200, and the traffic for this network will be routed by router.lan.debuntu.local

On the top of this, the domain name to be used for dns ueries is lan.debuntu.local and the DNS server is machine ns.lan.debuntu.local

The host names where defined earlier in the DNS section, dhcp3-server will query his DNS server to find there IP. Only the IP will be sent back to the host clients.

Now our DHCP server should be ready, it is time to restart it.

# /etc/init.d/dhcp3-server restart

Same here, if anything goes wrong, /var/log/messages, /var/log/syslog and /var/log/daemon.log will be your friends.

At this stage, you should normally be able to provide IPs to all the host in the network, provide them domain name resolution service and all the host should be able to communicate with each others using hostnames.

BUT, except for the gateway, none of the host can connect to the internet. This is now the role of iptables covered in the next section.