--- title: "DHCP Server and Routing" visible: true --- [toc] ## Installation ```sh apt install isc-dhcp-server ``` ## Configuration Edit `/etc/default/isc-dhcp-server` ``` INTERFACESv4="{INTERFACE 1} {INTERFACE 2}" ``` Edit `/etc/dhcp/dhcpd.conf` to set a subnet ``` subnet {NETADDRESS} netmask {SUBNETMASK} { range {FIRST DHCP} {LAST DHCP}; option subnet-mask {SUBNETMASK}; option routers {GATEWAY}; option domain-name "{NAME}"; option domain-name-servers {DNS SERVER}; } ``` Edit `/etc/network/interfaces` ``` auto {INTERFACE} iface {INTERFACE} inet static address {ADDRESS} network {NETADDRESS} netmask {NETMASK} broadcast {BROADCAST} ``` Enable the interface ```sh ifup {INTERFACE} ``` Restart DHCP Server ```sh systemctl restart isc-dhcp-server.service ``` ### Enable routing ```sh echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/80-forwarding.conf sysctl -p /etc/sysctl.d/80-forwarding.conf ``` ```sh iptables -t nat -A POSTROUTING -o (WAN interface) -j MASQUERADE iptables -A FORWARD -i (LAN interface) -j ACCEPT ``` Make iptables permanent Select `Yes` during the installation to save current rules ```sh apt install iptables-persistent ``` ### Enable DHCP-managed fixed IP address ``` host (hostname) { hardware ethernet (mac); fixed-address (ip address); } ``` ### Dynamic DNS _Needs a supported DNS like BIND or PowerDNS_ [Configure your DNS server to accept updates](https://wiki.realstickman.net/e/en/linux/services/powerdns) Add the following snippet to your `/etc/dhcp/dhcpd.conf` file How to generate the key is also described in the DNS article ``` ddns-updates on; ddns-update-style interim; update-static-leases on; ddns-domainname "testpdns"; ddns-rev-domainname "in-addr.arpa."; key "(keyname)" { algorithm hmac-md5; secret "(key)"; }; zone testpdns { primary 127.0.0.1; key (keyname); } zone 7.168.192.in-addr.arpa. { primary 127.0.0.1; key (keyname); } ``` ## Client DHCP Request ```sh dhclient -v ``` Release IP ```sh # dhclient -v -r ```