Configuration of the DHCP Server


Contents

About this document
    Related documentation
What is DHCP?
Configuration of the DHCP server
Different configurations
Troubleshooting and errors commonly found in the DHCP server log file
Additional information

About this document

This document describes basic setup and configuration tips for the DHCP server in conjunction with TCP/IP.

This information applies to AIX Version 4.x.

This document was written and tested with the preceding operating systems. Though the techniques and information contained in this item may work on other levels of the operating system, they have not necessarily been tested. Normal precautions should be taken in adopting these same techniques and procedures in your own environment.

Related documentation

The AIX product documentation contains a detailed description of the DHCP server, client and relay agent processes and their respective configuration file formats. Other related information is also found in the online product documentation using the TCP/IP and DNS search paths.


What is DHCP?

DHCP is Dynamic Host Control Protocol. This protocol allows network clients a way to obtain a proper network configuration without knowledge or understanding of the network. Quite simply, a client can easily obtain an IP address and other ancillary information without knowing anything about the network per se.

As a means to distribute to clients IP addresses and parameters such as host names, netmasks, and DNS information, DHCP also works well as a tool for updating DNS zones and with information relevant to the network clients.

DHCP is a mechanism for the automatic network configuration of hosts through IP while IP addresses become "real estate" controlled by the server and are issued (leased) to each client.


Configuration of the DHCP server

There are numerous configurations and network topologies to consider when configuring a DHCP server. The server configuration file /etc/dhcpsd.cnf contains entries for logging information, options to return, machines to configure, and other items.


Different configurations

CASE 1: Simple IP address range

File: /etc/dhcpsd.cnf

NOTE: This information does not contain the usual documentation found inside the /etc/dhcpsd.cnf file.

Please change option 15 to your domain name.

EXAMPLE #1

NOTE: This is a basic configuration for AIX operating system levels up to and including 4.2.1. This configuration is portable on AIX 4.3.1 platforms, but requires file set enhancements other than the 4.3.1 operation system base level installation. See CASE #7, Configuring DHCP at AIX Version 4.3.1.

network 144.21.0.0 144.21.13.191-144.21.13.222 
{ 
        option 1 255.255.255.0 
        option 3 144.21.13.11 
        option 6 144.21.13.31 
        option 15 austin.ibm.com 
} 
numLogFiles 4 
logFileSize 100 
logFileName /usr/tmp/dhcpsd.log 
logItem SYSERR 
logItem OBJERR 
logItem PROTERR 
logItem WARNING 
logItem EVENT 
logItem ACTION 
logItem INFO 
logItem ACNTING 
logItem TRACE 
leaseTimeDefault 30 minute 
leaseExpireInterval 3 minute 
supportBOOTP Yes 
supportUnlistedClients Yes 

The following two lines of code should appear on one line.

updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s'
BOTH NONIM >> /tmp/updns.out 2>&1 " 
EXAMPLE #2

NOTE: This is a basic configuration for AIX operating system levels up to and including 4.2.1. This configuration is portable on AIX 4.3.1 platforms, but requires file set enhancements other than the 4.3.1 operation system base level installation. See CASE #7, Configuring DHCP at AIX version 4.3.1.

network 144.21.0.0 24 
{ 
        subnet 144.21.16.0 144.21.16.191-144.21.16.222 
        { 
               option 1 255.255.255.0 
               option 3 144.21.16.11 
               option 6 144.21.13.31 
               option 15 austin.ibm.com 
        } 
} 
numLogFiles 4 
logFileSize 100 
logFileName /usr/tmp/dhcpsd.log 
logItem SYSERR 
logItem OBJERR 
logItem PROTERR 
logItem WARNING 
logItem EVENT 
logItem ACTION 
logItem INFO 
logItem ACNTING 
logItem TRACE 
leaseTimeDefault 30 minute 
leaseExpireInterval 3 minute 
supportBOOTP Yes 
supportUnlistedClients Yes 

The following two lines of code should appear on one line.

updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
BOTH NONIM >> /tmp/updns.out 2>&1 " 

CASE 2: Simple IP address range to include subnets and sub-ranges

File: /etc/dhcpsd.cnf

NOTE: This is a basic configuration for AIX operating system levels up to and including 4.2.1. This configuration is portable on AIX 4.3.1 platforms, but requires file set enhancements other than the 4.3.1 operation system base level installation. See CASE #7, Configuring DHCP at AIX version 4.3.1.

This information does not contain the usual documentation found inside the /etc/dhcpsd.cnf file.

Please change option 15 to your domain name.

network 171.28.0.0 24 
{ 
        option 1 255.255.255.0 
        option 6 144.21.13.31 
        option 15 subdomain.austin.ibm.com 
        subnet 171.28.4.0 171.28.4.220-171.28.4.250 
        { 
               option 3 171.28.4.10 
        } 
        subnet 171.28.7.0 171.28.7.220-171.28.7.250 
        { 
               option 3 171.28.7.10 
        } 
        subnet 171.28.16.0 171.28.16.220-171.28.16.250 
        { 
               option 3 171.28.16.10 
        } 
        subnet 171.28.17.0 171.28.17.220-171.28.17.250 
        { 
               option 3 171.28.17.10 
        } 
} 
numLogFiles 4 
logFileSize 100 
logFileName /usr/tmp/dhcpsd.log 
logItem SYSERR 
logItem OBJERR 
logItem PROTERR 
logItem WARNING 
logItem EVENT 
logItem ACTION 
logItem INFO 
logItem ACNTING 
logItem TRACE 
leaseTimeDefault 30 minute 
leaseExpireInterval 3 minute 
supportBOOTP Yes 
supportUnlistedClients Yes 

The following two lines of code should appear on one line.

updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
BOTH NONIM >> /tmp/updns.out 2>&1 " 

CASE 3: Client IP address assignment and exclusion

File: /etc/dhcpsd.cnf

NOTE: This information does not contain the usual documentation found inside the /etc/dhcpsd.cnf file.

Please change option 15 to your domain name.

The Client assignment line shows how to give this client the same IP address every time. Only this client can receive this IP address.

The Client exclusion line shows how to deny or exclude this IP address. No client can receive this IP address. The server status will show Not Available for this IP address.

network 144.21.0.0 24 
{ 
   subnet 144.21.16.0 144.21.16.195-144.21.16.220 
   { 
   client 1 0x00aa00c12c2d 144.21.16.199  # Client assignment 
   client 0 0 144.21.16.200               # Client exclusion 
   option 1 255.255.255.0 
   option 3 144.21.16.11 
   option 6 144.21.13.31 
   option 15 austin.ibm.com 
   } 
} 
numLogFiles 4 
logFileSize 100 
logFileName /usr/tmp/dhcpsd.log 
logItem SYSERR 
logItem OBJERR 
logItem PROTERR 
logItem WARNING 
logItem EVENT 
logItem ACTION 
logItem INFO 
logItem ACNTING 
logItem TRACE 
leaseTimeDefault 30 minute 
leaseExpireInterval 3 minute 
supportBOOTP Yes 
supportUnlistedClients Yes 

The following two lines of code should appear on one line.

updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
BOTH NONIM >> /tmp/updns.out 2>&1 " 

CASE 4: Multiple network assignments

File: /etc/dhcpsd.cnf

Please change option 15 to your domain name.

network 144.21.0.0 144.21.13.191-144.21.13.222 
{ 
        option 1 255.255.255.0 
        option 3 144.21.13.11 
        option 6 144.21.13.31 
        option 15 austin.ibm.com 
} 
network 144.21.0.0 24 
{ 
        subnet 144.21.16.0 144.21.16.195-144.21.16.220 
        { 
               option 1 255.255.255.0 
               option 3 144.21.16.11 
               option 6 144.21.13.31 
               option 15 austin.ibm.com 
               } 
} 
network 171.28.0.0 24 
{ 
        option 1 255.255.255.0 
        option 6 144.21.13.31 
        option 15 austin.ibm.com 
        subnet 171.28.4.0 171.28.4.220-171.28.4.250 
        { 
               option 3 171.28.4.10 
        } 
        subnet 171.28.7.0 171.28.7.220-171.28.7.250 
        { 
               option 3 171.28.7.10 
        } 
        subnet 171.28.16.0 171.28.16.220-171.28.16.250 
        { 
               option 3 171.28.16.10 
        } 
        subnet 171.28.17.0 171.28.17.220-171.28.17.250 
        { 
               option 3 171.28.17.10 
        } 
} 

#Log file and trace information. See other examples in other cases.

The following two lines of code should appear on one line.

updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
BOTH NONIM >> /tmp/updns.out 2>&1 " 

CASE 5: Bootp client support

File: /etc/dhcpsd.cnf

NOTE: This information does not contain the usual documentation found inside the /etc/dhcpsd.cnf file.

supportBOOTP Yes 
supportUnlistedClients Yes 

These lines are not mutually exclusive. They should both be yes to support bootp clients. /usr/sbin/bootptodhcp is a converter routine for bootp client support.

The following steps should be taken to support bootp clients:

  1. Configure bootp clients in /etc/bootptab. Make sure this works.
  2. Comment out the bootp line in the /etc/inetd.conf file.
  3. Run the command /usr/sbin/bootptodhcp.
  4. Edit the /etc/dhcpsd.cnf file and add SA records for the bootp clients in the form sa=<ipaddress> where ipaddress is the bootp server.
  5. Start the dhcpsd daemon.

See APAR number IX58812 for a problem with a backslash (\) in /etc/bootptab.

CASE 6: DDNS and the nameserver configuration

File: /etc/dhcpsd.cnf

NOTE: This information does not contain the usual documentation found inside the /etc/dhcpsd.cnf file.

The following two lines of code should appear on one line.

updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
BOTH NONIM >> 

This line must be uncommented in the /etc/dhcpsd.cnf file. The nameserver must support DDNS. At the time of this writing, AIX 4.1.4, AIX 4.2.0 and AIX 4.3.x are the only operating systems that support DDNS. No other vendor's operating system supports DDNS with the exception of WindowsNT beta v4. This beta or test version of WindowsNT may support DDNS.

Please perform the following steps for DHCP and DDNS.

In the /etc/dhcpsd.cnf file:

  1. Uncomment the following line; it should appear as one line:

    updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
    PTR NONIM >> 
    

    The PTR means the pointer record will be updated. This is the default value. If you want to update the A record and the pointer record, you should change PTR to BOTH.

    That line will read (the following two lines of code should appear on one line):

    updateDNS "/usr/sbin/dhcpaction '%s' '%s' '%s' '%s' 
    BOTH NONIM >> 
    
  2. Change the /etc/named.boot file as follows:
    primary   domainname.com  /etc/named.data  dynamic controlled 
    primary   in-addr.arpa    /etc/named.rev   dynamic controlled 
    

    The dynamic keyword is required for the named.rev line if the updateDNS line shows the PTR update. Since the updateDNS line shows BOTH NONIM, then the dynamic keyword is required for the named.data and named.rev lines in the /etc/named.boot file.

    Add the keyword controlled to the dynamic lines, as it acts like secured and allows updates.

    Refresh the named subsystem. Enter: refresh -s named

DDNS is documented in the online product documentation using the following search path:

   List of Books
   AIX System Management Guide: Communications and Networks
   TCP/IP Name Resolution

EXAMPLE /etc/named.boot file:

primary  ztrans.com   /etc/named.data    dynamic controlled 
primary  0.0.127.in-addr.arpa    /etc/named.local 
primary  32.3.9.in-addr.arpa     /etc/named.rev 
cache    .                       /etc/named.ca 

CASE 7: Simple configuration at AIX Version 4.3.1 and higher

NOTE: For AIX Versions 4.3.1 and later, the DHCP protocol engine has been updated to RFC 2131. It is still compatible with RFC 1541 and can also process options as defined in RFC 2132. The protocol engine uses the database to determine what information should be returned to the client.

Overview of DHCP at 4.3.1

As with earlier AIX versions, the DHCP server is configured by reading the /etc/dhcpsd.cnf file, which specifies the server's initial database of options and addresses. The server is started in the /etc/rc.tcpip file, or it can be started from Web-based System Manager, from SMIT, or through SRC commands.

Configuring the DHCP server is usually the most difficult part of using DHCP in your network. First, determine what networks must have DHCP clients. Each subnet in your network represents a pool of addresses that the DHCP server must add to its database. For example:

database db_file {
    subnet  9.3.149.0  255.255.255.0
    { option 3 9.3.149.1 # The default gateway clients on this network should
use
    option 6 9.3.149.2 # The nameserver for clients  on this  network  should
use
    }
    ...  options or other  containers
      added later
 }
The preceding example shows a subnet, 9.3.149.0, with a subnet mask 255.255.255.0. All addresses in this subnet, 9.3.149.1 through 9.3.149.254, are in the pool. Optionally, a range can be specified on the end of the line or a range or exclude statement can be included in the subnet container. See DHCP Server File Known Options for common configuration methods and definitions.

The database clause with db_file indicates which database method to use for processing this part of the configuration file. Comments begin with a # (pound sign). Text from the # to the end of the line is ignored by the DHCP server. Each option line is used by the server to tell the client what to do. DHCP Server File Known Options describes the currently supported and known options. See DHCP Server File Syntax for General Server Operation for ways to specify options that the server does not know about.

If the server does not understand how to parse an option, it uses default methods to send the option to the client. This also allows the DHCP server to send site-specific options that are not RFC defined, but may be used by certain clients or client configurations.

The configuration file at 4.3.1

The configuration file has an address section and an option definition section, which are based on the concept of containers that hold options, modifiers, and potentially other containers. Notice the difference from the normal, earlier AIX operating system levels.

EXAMPLE #1

logging_info
{
numLogFiles 5
logFileSize 500
logFileName /bcp/TEMP/dhcpsd.log
logItem SYSERR
logItem OBJERR
logItem PROTERR
logItem ACNTING
logItem ACTION
logItem EVENT
}
database db_file
{
leaseExpireInterval 4 hour
leaseTimeDefault 8 days
supportBOOTP No
supportUnlistedClients Yes
        subnet 10.0.0.0 255.0.0.0  subnet1A:1
        {
                range 10.20.128.2-10.20.128.128
                client 6 002035018496 10.20.128.128
                option 1 255.0.0.0
                option 3 10.10.10.1
                option 6 10.10.10.5
                option 6 10.10.10.3
                option 15 burbank.aic.com
                option 44 10.10.10.104
                option 44 10.10.10.105
                option 46 08
        }
        subnet 192.10.10.0 255.255.255.0 192.10.10.11-192.10.10.11 subnet1B:1
        {
                exclude 192.10.10.11    # Remvove the only initial range address
        }
virtual fill subnet1A subnet1B
}

Troubleshooting and errors commonly found in the DHCP server log file

Error message #1:

------------------------------------------------------------ 
INFO:  getPortNum: dhcps/udp unknown service, assuming port 67 
SYSERR:  createMailbox: bind socket failed - The socket name is 
         already in use. 
SYSERR:  main: cannot create transport facility. Exit dhcpsd. 
log: END 
------------------------------------------------------------- 

When the preceding error is received, it is common for the dhcpsd process to die. This error is common when bootp is running under inetd. bootpd and dhcpsd cannot run at the same time. The dhcpsd process uses the same service port as bootps; however, dhcpsd is not an inetd subserver and is started in the /etc/rc.tcpip file, not /etc/inetd.conf. The bootps line in /etc/inetd.conf must be commented out with #. inetd must be refreshed using the command:

refresh -s inetd . 
The bootps line in /etc/services remains as is:
bootps        67/udp      # bootp server port 

Error message #2:

------------------------------------------------------------ 
TRACE:  am_queryClient: client 1-0x00aa00c12c2d is not known 
to address mapper, ask clientele 
TRACE:  cl_queryClientele: client 1-0x00aa00c12c2d rejected 
in clientele list 
OBJERR: am_queryClient: clientele failed when queried about 
client 1-0x00aa00c12c2d 
INFO:   processDISCOVER: client 1-0x00aa00c12c2d 
authentication failed 
ACTION: reply_generator: no reply is generated 
TRACE:  main: No reply is to be generated 
------------------------------------------------------------- 

This error was generated when the DHCP server configuration file shows the following two lines:

supportBOOTP Yes 
supportUnlistedClients No 

This error was corrected by changing the line to supportUnlistedClients Yes

Error message #3:

------------------------------------------------------------ 
09/05/96 09:39:38 SYSERR: ....initUserComm: bind usercomm 
socket failed -  The socket name is not available on this 
system.  09/05/96 09:39:38 SYSERR: ..main: cannot create 
user communications socket. 
Exit 
------------------------------------------------------------- 

The preceding error occurs when the value for hostid is incorrect. There may be an incorrect entry in /etc/hosts and so on. The host ID must be a valid address for at least one of the networks defined in /etc/dhcpsd.cnf. The hostid command returns, in hex, the value of the system's IP address. The hex value 0x8123cae3 can be converted to decimal and be equal to 129.35.202.227. This is a valid IP address for a DHCP server.


Additional information

  1. DHCP Client on AIX and the SMIT interface

    The SMIT interface on AIX only applies to the DHCP client configuration. The DHCP server configuration uses a Motif interface run by the command /usr/sbin/dhcpsconf. However, the preceding server configuration examples can be modified into your own environment using vi or any editing tool which may be quicker and more effective than running the DHCP server Motif interface.

    The SMIT fastpath smit tcpip displays a screen where you can select DHCP as follows: Use DHCP for TCPIP Configuration & Startup. After selecting the interface, the client configuration is set in this screen. Execution of this screen will pass the host name of this client to the DHCP server for DDNS updates and start the dhcpcd client daemon process. The /etc/rc.net file and /etc/rc.tcpip file both are modified to run DHCP as a client. The variable modified in the /etc/rc.net file is USE_DHCP="1". The line which starts /usr/sbin/dhcpcd is uncommented in the /etc/rc.tcpip file.

    Side effects

    If the DHCP client service is started using the SMIT interface but the system administrator or user never intended for this system to be a DHCP client or to run DHCP services, you will find unusual behavior and a corrupt configuration after a system reboot.

    Two symptoms of this are that the host name is changed to loopback or localhost and the default route no longer exists.

    Run the ps -ef | grep dhcpcd command to see if the client process is running. The command netstat -rn will verify the routing table.

  2. Turning DHCP off.

    There are two ways to stop the client service:

    1. Edit the /etc/rc.net file and set the variable USE_DHCP="0" ; then edit the /etc/rc.tcpip file and comment out the line which starts /usr/sbin/dhcpcd. Run the command ps -ef | grep dhcpcd to obtain the process id for dhcpcd; then run the kill -9 <pid> command where pid is the process id for dhcpcd. At this point, the DHCP client service is not running and will not start up on the next reboot but must reconfigure TCP/IP on the interface to get the correct host name and default route set. Run smit tcpip and select Minimum Configuration & Startup to reconfigure TCP/IP.
    2. You can use the SMIT fastpath smit dhcpcd and select Stop Using the dhcpcd Subsystem. Select BOTH to perform the same steps in the preceding option; however, you will need to reconfigure TCP/IP on the interface to get the correct host name and default route set. Run smit tcpip and select Minimum Configuration & Startup to reconfigure TCP/IP.




[ Doc Ref: 90605201414638     Publish Date: Mar. 23, 2000     4FAX Ref: 5934 ]