Tag Archives: dhcp

How to Configure Vyatta as DHCP Server for LAN

vyatta

Scenario:

Vyatta dhcp server with 2 network cards (eth0 & eth1), eth0 is connected to Internet, while eth1 is connected to the LAN and serve as dhcp server for 10.10.10.0/24 subnet.

Configuring the LAN–facing Ethernet interface:

Connect to the Vyatta Firewall, then enter the configuration mode and list the configuration of eth1 interface(which will serve the ip address(es) to the LAN hosts):

configure
show interfaces ethernet eth1

1

Read more of this post

Vyatta – Basic Configuration after installation

Vyatta is a routing/firewall/VPN platform based on a Debian GNU/Linux that runs on x86 or amd64 hardware and many virtual machine hypervisors. It is widely used in cloud infrastructure. It is appreciated by its robustness, reliability and the services it provides. Vyatta is more like IOS, JunOS and other enterprise platforms.

Scenario:

We’ll use the following scenario, to understand the basic configuration of vyatta.

vyatta

Booting the Vyatta:

After starting the Vyatta machine. It should go through the usual Linux boot process. Log in with the username vyatta and the password vyatta (or any other password that you have configured during the installation).

1

Read more of this post

Multiple DHCP Servers on single Mikrotik

mikrotikScenario:

Mikrotik dhcp server with 3 network cards (LAN,Wireless,WAN), WAN is connected to Internet, Wireless is connected to the 10.10.10.0/24 subnet and serve as dhcp server  while LAN interface serve for 172.16.10.0/24 subnet.

Read more of this post

Configure Mikrotik DHCP to assign ip address to only authorized client(s) {2nd Method}

To achieve the same goal, you can also consult this post and decide yourself that which method suit you better!

mikrotik

Scenario:

Mikrotik is working as dhcp, dns, and default gateway for local network.

Read more of this post

Configure the DHCP server dynamically update the DNS records on Ubuntu 12.04LTS

 This tutorial is based on Ubuntu 12.04 LTS, in which I will try to show you that how to configure the DHCP server automatically update the DNS records, when it assigns a new lease to a client on local network. We will use the below network diagram as a base for this tutorial:

Before Starting this tutorial:

Before starting this tutorial, you can check my other tutorials to learn that, how i configure DHCP server and Gateway:

Ubuntu as a firewall/gateway router

How to Install the DHCP Server on Ubuntu 12.04LTS

Network Configuration for the Ubuntu Gateway:

Configure the DNS:

Install the DNS (bind9) using this command:

sudo apt-get install bind9 dnsutils

Also edit the hosts settings so that the server will be able to accepts the DNS requests. Here is an example of my server’s host file:

cat /etc/hosts

Move to the bind directory:

cd /etc/bind/

Next, we need to configure the forwards for bind, I am using Google’s DNS servers as an example:

sudo nano named.conf.options

forwarders {
 8.8.8.8;
 8.8.4.4;
 };

Now we create a secret key that will be shared between the DHCP server and the DNS:

sudo dnssec-keygen -r /dev/urandom -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER

Show the generated key:

sudo cat Kdhcp_updater.*.private|grep Key

Edit the named.conf.local file in /etc/bind/ directory:

sudo nano named.conf.local

Define the locations of the forward and reverse zone files as well as the secret shared key here:

Move to the /var/lib/bind/ directory:

cd /var/lib/bind/

Create the forward zone file for your doamin:

sudo nano tendo.local.db

Replace the tendo.local with your domain name. Here’s an example of my forward zone file:

$ORIGIN .
$TTL 907200 ; 1 week 3 days 12 hours
tendo.local IN SOA dnssrv.tendo.local. arbab.tendo.local. (
                   2012071707 ; serial
                   10800 ; refresh (3 hours)
                   3600 ; retry (1 hour)
                   604800 ; expire (1 week)
                   38400 ; minimum (10 hours 40 minutes)
                   )
                   NS dnssrv.tendo.local.
                   A 172.16.10.1
$ORIGIN tendo.local.
dhcpsrv            A 172.16.10.2
dnssrv             A 172.16.10.1
gateway            A 172.16.10.254

Every time you make the changes to the zone file, you need to change the serial before reloading the bind.

Next, create the reverse zone file for your doamin:

sudo nano 10.16.172.rev

Here is my reverse zone file, replace the hosts and domain name with your own that match with the forward zone file just created above:

$ORIGIN .
$TTL 907200 ; 1 week 3 days 12 hours
10.16.172.in-addr.arpa IN SOA dnssrv.tendo.local. arbab.tendo.local. (
                       2012071706 ; serial
                       10800 ; refresh (3 hours)
                       3600 ; retry (1 hour)
                       604800 ; expire (1 week)
                       38400 ; minimum (10 hours 40 minutes)
                       )
                       NS dnssrv.tendo.local.
$ORIGIN 10.16.172.in-addr.arpa.
1                      PTR dnssrv.tendo.local.
2                      PTR dhcpsrv.tendo.local.
254                    PTR gateway.tendo.local.

Restart the bind service:

sudo /etc/init.d/bind9 restart

Configure the DHCP server to send updates to the DNS:
sudo nano /etc/dhcp/dhcpd.conf

Add the secret key that we created on our dns server in the dhcpd.conf file and other option, some of the main configurations are mentioned below:

For given subnet, we need to define the zones and within the zones, we need to tell the DHCP server which key to use to update the DNS server:

Here is a DHCP scope that will be used to assign the IP configuration to the clients:

Restart the dhcp service:

sudo /etc/init.d/isc-dhcp-server restart

Once again, restart the bind service on DNS server:

sudo /etc/init.d/bind9 restart

Check the log messages on both dns and dhcp servers:
sudo tail -f /var/log/syslog

DHCP server successfully add the client to the forward and reverse zone.

DNS server accept the secret key and update it’s forward and reverse zone.

Verification on dhcp client:

Enjoy 🙂

Troubleshooting:

I found some really nice troubleshooting steps regarding dhcp and dns server here (Thanks to original author):

  • error: zone [zone-name]/IN: NS ‘[dns-server-hostname]‘ has no address records (A or AAAA)
    You’ll probably encounter this if you forget to provide records for your DNS server in your zone files; e.g. [dns-server-name] IN A [dns-server-ip-address]
  • error: [some-zone-file]: create: permission denied
    Check to make sure that permissions on the given file are correct. Configuration files must be readable by the bind user, and zone/journal files must be writable by the bind user.
  • updating zone ‘[zone-name]/IN’: error: journal open failed: unexpected error
    It is possible that Ubuntu’s AppArmor is getting in the way of the zone updates. Make sure you check /var/log/syslog for related messages. Also check the AppArmor configuration at /etc/apparmor.d/usr.sbin.named.
  • error: zone [zone-name]/IN: [some-hostname]/A: bad owner name (check-names)
    The hostname that a client is requesting is invalid for use in a FQDN. Change the client’s hostname.
  • error: zone [zone-name]/IN: journal rollforward failed: journal out of sync with zone
    The zone journal file has gotten out of sync with the zone file (usually occurs with forced restarts, or modifying the zone file while BIND9 is running). Delete the .jnl file (in/var/lib/bind), and restart BIND9.

Hope this will help you!

Please Remember me in your prayers!

Configure Mikrotik DHCP to assign ip address to only authorized client(s)

Scenario:

Mikrotik is working as dhcp, dns, and default gateway for local network.

Extra Requirement:

Mikrotik only assign ip address(es) to authorized client(s) in our local network!

Here are the steps to achieve this requirement:

Connect to the Mikrotik router using it’s ip address through web browser:

Click on the button, select the ip address of Mikrotik, enter username and password, then click Connect:

IP —>DHCP Server

From the Leases tab, select the client(s), which are authorized to take ip address from Mikrotik router (in future) and then click Make Static:

Move to the DHCP tab and double-click on the DHCP Server and select the static-only from Address Pool drop down menu:

After that, only authorized client(s) will get ip address from Mikrotik. If you want that new client get an ip address from Mikrotik, then you can select the dhcp_pool1 from Address Pool drop down menu. After that Mikrotik will assign an ip address to new client, make this ip address to static (as described above) and select static-only again in order to disallow ip address assignment to unknown client(s).

Hope this will help you!

Please Remember me in your prayers!

Mikrotik as Gateway

Note: This is not the best tutorial on Mikrotik, but it is one of easiest tutorial to configure Mikrotik as gateway 🙂

Scenario:

In this scenario, Mikrotik will work as dhcp, dns, and default gateway for local network.

Local Network : 172.16.10.0/24

Public: 192.168.1.0/24 (In this scenario)

I assume that you already install the fresh copy of mikrotik  on any low end (P III, P IV or whatever) machine. Default username is “admin” and there is no password , by default.

Login to the Mikrotik router:

After login, you will see the screen something like this:

After login, first thing we need to do is to change password:

password

Check the interface(s) Setting by using this command:

interface print

Change the interface(s )name by using these commands:

interface set 0 name=WAN
interface set 1 name=LAN

Now, check the interface(s) again:

interface print

Assign the ip address to LAN interface:

ip address add address=172.16.10.1/24 interface=LAN

Assign the ip address to WAN interface:

ip address add address=192.168.1.169/24 interface=WAN

Now, check the ip address setting:

ip address print

Add the default route using this command:

ip route add gateway=192.168.1.1

Check the routing table:

ip route print

DNS setup on Mikrotik:

ip dns set primary-dns=8.8.8.8 secondary-dns=4.2.2.2
ip dns set allow-remote-requests=yes 

DNS settings check:

ip dns print

DHCP Configuration:

ip dhcp-server setup

Configuration of NAT on Mikrotik:

ip firewall nat add chain=srcnat action=masquerade out-interface=WAN

Testing from one of the Local Network’s Client:

Hope this will help you!

Please Remember me in your prayers!

How to Configure Cisco Router with DSL (PTCL)!

In this tutorial, we will configure the cisco(3640) router as a gateway for our LAN. It takes IP setting from DSL (PTCL) Modem through dhcp, in order to access the Internet. This router also act as the DHCP and DNS Server for LAN!

In first step, we will configure fa0/0 interface to take the ip address from DSL Modem:

interface fa0/0
ip address dhcp
no shut

Next, we configure the ip address on fa1/0 interface:

interface fa1/0
ip address 10.10.10.1 255.255.255.0
no shut

Verify the ip address and interface(s) status:

show ip int brief

Now, we will configure this router as dhcp server in order to serve ip address settings to our LAN, we will use the 10.10.10.0/24 network, in which 10.10.10.1 will be the default gateway and dns:

service dhcp
ip dhcp excluded-address 10.10.10.1 10.10.10.20
ip dhcp pool LAN-Pool
 network 10.10.10.0 255.255.255.0
 default-router 10.10.10.1
 dns-server 10.10.10.1
 domain-name home.lan
 import all

Verify that our dhcp server, serves the ip address to LAN:

show ip dhcp binding

Now, we will configure the DNS setting on our router in order to provide DNS services to our network, and make all clients use it as a DNS server:

ip dns server
ip name-server 192.168.1.1
ip domain-lookup

Next step is to configure the NAT on our router, for this, we need to define  the inside and outside interfaces, fa0/0 is connected to the Internet, so it is outside while fa1/0 is connected to the internal network, so it is  inside!

interface FastEthernet0/0
ip nat outside
interface FastEthernet1/0
ip nat inside

Now,we need to create an ACL that will include local network(10.10.10.0/24)!

Next, we need to enable NAT overload and bind it to the outside interface:

Test from one of the LAN’s client:

Verify the NAT status on our cisco router:
show ip nat translations 

Hope this will help you!

Please Remember me in your prayers!

Multiple Interface DHCP Server on Ubuntu 12.04LTS

Scenario:

Ubuntu dhcp server with 3 network cards (eth0,eth1,eth2), eth0 is connected to upstream server, in order to get the internet access, eth1 is connected to the 10.10.10.0/24 subnet and serve as dhcp server  while eth2 serve for 172.16.10.0/24 subnet.

Before configuring the dhcp server on Ubuntu, we shall check the ip address setting on our Ubuntu server:

sudo nano /etc/network/interfaces

Ubuntu as DHCP Server:

To install dhcp server, enter the following command at a terminal prompt:

sudo apt-get install isc-dhcp-server

We have more than one network card(s) in our Ubuntu server, so we need  to select the network card(s) on which our server will be listen for dhcp request. (By default, it listens on eth0 but we want to change it to eth1 and eth2).

We can change this by editing  /etc/default/isc-dhcp-server file:

sudo nano /etc/default/isc-dhcp-server

Change “eth0” to the interface(s) on which we want that our server will listen for dhcp request (In this case, it’s eth1 and eth2):

It’s always a good practice to make a backup copy of /etc/dhcp/dhcpd.conf file:

sudo cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.bak 

Now we will change the default configuration by editing /etc/dhcp/dhcpd.conf, I normally delete everything inside the file and manually add the configuration that suits my needs :-)

sudo nano /etc/dhcp/dhcpd.conf

Here is my dhcpd.conf file, you need to change it according to your needs:

ddns-update-style none;
authoritative;
log-facility local7;

subnet 10.10.10.0 netmask 255.255.255.0 {
 option routers 10.10.10.1;
 option subnet-mask 255.255.255.0;
 option broadcast-address 10.10.10.255;
 option domain-name-servers 10.10.10.1;
 option domain-name "eth1.lan";
 default-lease-time 600;
 max-lease-time 7200;
 range 10.10.10.10 10.10.10.100;
}

subnet 172.16.10.0 netmask 255.255.255.0 {
 option routers 172.16.10.1;
 option subnet-mask 255.255.255.0;
 option broadcast-address 172.16.10.255;
 option domain-name-servers 172.16.10.1;
 option domain-name "eth2.lan";
 default-lease-time 600;
 max-lease-time 7200;
 range 172.16.10.10 172.16.10.100;
}

Restart dhcp service using the following command:

sudo service isc-dhcp-server restart 

Confirm the IP Address on Windows 7 that connect to eth1:

Confirm the IP Address on Windows XP that connect to eth2:

To Check the DHCP Leases on Ubuntu Server:
sudo tail /var/lib/dhcp/dhcpd.leases

 

Hope this will help you!

 

Please Remember me in your prayers!


How to Setup a DHCP Server on CentOS 6.2

In this scenario, we have a CentOS server with two network cards, but it will only listen the dhcp request on one card (eth1).

Here is the configuration of eth1 interface:

cat /etc/sysconfig/network-scripts/ifcfg-eth1

CentOS as DHCP Server:

To install dhcp server, enter the following command at a terminal prompt:

sudo yum -y install dhcp

To make the dhcp server start at boot time, use this commands:

sudo chkconfig dhcpd on

As we are using more than one network card(s) in our CentOS server, so we need to specify on which interface our server will be listen for dhcp request. (By default, it listens on eth0).

You can change this by editing  /etc/sysconfig/dhcpd file:

sudo nano /etc/sysconfig/dhcpd

Add the name of the interface on which you want that your server will listen for dhcp request (In my case, it is eth1):

DHCPDARGS=eth1

Copy the default configuration file from  /usr/share/doc/dhcp-versidhcp/dhcpd.conf.sample to the /etc/dhcp/dhcpd.conf :

sudo cp /usr/share/doc/dhcp-*/dhcpd.conf.sample /etc/dhcp/dhcpd.conf

Now we will change the default configuration by editing /etc/dhcp/dhcpd.conf, I normally delete everything inside the file and manually add the configuration that suits my needs :-)

sudo nano /etc/dhcp/dhcpd.conf

Here is my dhcpd.conf file, you need to change it according to your needs:

ddns-update-style none;
authoritative;
log-facility local7;
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 172.16.10.255;
option routers 172.16.10.1;
option domain-name-servers 172.16.10.1;
option domain-name "centos.local";
subnet 172.16.10.0 netmask 255.255.255.0 {
 range 172.16.10.10 172.16.10.100;
}

Restart dhcp service using the following command:

sudo service dhcpd restart

Configure Windows as DHCP Client:

Just follow these steps, in order to configure your Windows machine as DHCP client (In my case, it’s Windows XP):

To check the IP Address on Windows XP:

To Check the DHCP Leases on CentOS Server:
cat /var/lib/dhcpd/dhcpd.leases

Hope this will help you!

Please Remember me in your prayers!

%d bloggers like this: