Chapter 9 Planning for DHCP Service

You can use DHCP services in a network you are creating, or in an existing network. If you are setting up a network, see Chapter 5, Planning Your TCP/IP Network before attempting to set up DHCP services. If you have an existing network, continue in this chapter.

This chapter describes what you need to do before setting up DHCP service on your network. The planning information is targeted for use with DHCP Manager, although you can also use the command-line utility dhcpconfig to set up DHCP service.

This chapter contains the following information:

• "Preparing Your Network for DHCP"

• "Making Decisions for Server Configuration"

• "Making Decisions for IP Address Management"

• "Planning for Multiple DHCP Servers"

• "Planning for Remote Network Configuration"

• "Selecting the Tool for Configuring DHCP"

Preparing Your Network for DHCP

Before you can set up your network to use DHCP, you must collect information and make decisions about how you will configure the server(s). You must:

• Map out your network topology to determine which servers are the best candidates for DHCP servers, and how many servers you will need.

• Update your system files and netmasks table to reflect network topology accurately. If your DHCP server is to support clients on remote networks, you must also be sure the netmasks table entries for those networks are up to date. (See netmasks(4) for more information.

• Choose the data storage method you will use, local files or NIS+.

• Define a lease policy.

• Determine how router information should be obtained by clients.

Mapping Your Network Topology

If you have not already done so, you should map out the physical structure or layout of your network, indicating the location of routers and clients, and the location of servers providing network services. This mapping of your network topology can help you determine which server to use for DHCP services, and what configuration information the DHCP server can provide to clients.

See Chapter 5, Planning Your TCP/IP Network for more information about planning your network.

The DHCP configuration process can look up some network information from the server's system and network files. "Updating System Files and Netmask Tables" discusses these files. However, you might want to give clients other service information, which you must enter into the server's databases. As you examine your network topology, record the IP addresses of any servers you want your clients to know about. The following are some examples of network services you may have on your network that the DHCP configuration does not find out about:

• Time server

• Log server

• Print server

• Install server

• Boot server

• Swap server

• X window font server

• TFTP server

Network Topology to Avoid

DHCP does not work well in network environments where more than one IP network is sharing the same network hardware media, either through the use of multiple network hardware interfaces or multiple logical interfaces. When multiple IP networks run across the same physical LAN, a DHCP client's request arrives on all network hardware interfaces, making the client appear to be attached to all of the IP networks simultaneously.

DHCP must be able to determine the address of a client's network in order to assign an appropriate IP address to the client. If more than one network is present on the hardware media, the server cannot determine the client's network, and cannot assign an IP address.

You can use DHCP on one of the networks, but not more than one. If this does not suit your needs, you must reconfigure the networks. Suggestions for reconfiguring include:

• Use variable length subnet masks (VLSM) to make better use of the IP address space you have, so you do not need to run multiple LANs on the same physical network. See RFC-1519 for more information on VLSM and Classless Inter-Domain Routing (CDIR).

• Configure the ports on your switches to assign devices to different physical LANs. This preserves the mapping of one LAN to one IP network required for Solaris DHCP. See the documentation for the switch for information about port configuration.

Determining the Number of DHCP Servers

The data store method you use has a direct effect on the number of servers you must have to support your DHCP clients. If you use the local files method one server can support a maximum of 10,000 clients. If you use NIS+ one server can support a maximum of 40,000 clients.

The section "Choosing the Data Store" discusses data store locations.

Updating System Files and Netmask Tables

During the configuration process, DHCP Manager or the dhcpconfig utility scans various system files on your server for information it can use to configure the server.

You must be sure the information in the system files is current before running DHCP Manager or dhcpconfig to configure your server. If you notice errors after configuring the server, manually change macros on the server to update the dhcptab configuration table.

The following table lists some of the information gathered during DHCP server configuration, and the sources for the information. Be sure this information is set correctly on the server before you configure DHCP on it. If you make changes to the system files after configuring the server, you should rerun DHCP Manager or dhcpconfig to pick up the changes.

Table 9-1 Information for DHCP Configuration

Information	Source	Comments
Timezone	System date, timezone settings	The date and timezone are initially set during the Solaris install. You can change the date using the date command and change the timezone by editing the /etc/TIMEZONE file, which sets the TZ variable.
DNS parameters	/etc/resolv.conf	DHCP server uses /etc/resolv.conf to look up DNS parameters such as DNS domain name and DNS server addresses. See (link to "Setting Up DNS Clients" section of the Solaris Naming Setup and Configuration Guide) for more information about resolv.conf.
NIS+ parameters	System domain name, nsswitch.conf, NIS+	DHCP server uses the domainname command to obtain the domain name of the server machine, the nsswitch.conf file to determine where to look for domain-based information. If the server machine is a NIS or NIS+ client, the DHCP server queries NIS or NIS+ services to get NIS/NIS+ server IP addresses.
Default router	System routing tables, user prompt	DHCP server searches the network routing tables to find the default router for clients attached to the local network. For clients not on the same network, DHCP server must obtain the information by prompting the administrator.
Subnet mask	Network interface, netmasks table	DHCP server looks to its own network interfaces to determine the netmask and broadcast address for local clients. If the request had been forwarded by a relay agent, the server looks up the subnet mask in the netmasks table on the relay agent's network.
Broadcast address	Network interface, netmasks table	For the local network, DHCP server obtains the broadcast address by querying the network interface. For remote networks, the server uses the BOOTP relay agent's IP address and the remote network's netmask to calculate the broadcast address for the network.

Making Decisions for Server Configuration

This section discusses some of the decisions to make before configuring the first DHCP server on your network. The topics parallel the dialogs in the DHCP Manager's Configuration Wizard, but the information is also useful if you decide to use the dhcpconfig utility to configure the server.

Selecting a Server for DHCP

With your network topology in mind, you can use the following guidelines to select a host on which to set up a DHCP server.

The server must:

• Run the Solaris 2.6, Solaris 7, or Solaris 8 operating environment

• Be accessible to all the networks having clients that will use DHCP, either directly on the network or through a BOOTP relay agent

• Be configured to use routing

• Have a correctly configured netmasks table that reflects your network topology

Choosing the Data Store

You can choose to store the DHCP data using files in a local directory or NIS+ tables in a NIS+ directory service. Because NIS+ is distributed, multiple servers can access the same database. NIS+ also provides inherently faster information retrieval. Note that the server machine must already be configured as a NIS+ client to use this option.

The files method can be used efficiently at sites having less than 10,000 DHCP clients, but it is somewhat slower than NIS+, and requires all DHCP data to be stored on one file system. The data stored in files can only be shared with multiple DHCP servers if it is exported through an NFS mount point.

Traditional NIS (as opposed to NIS+) is not offered as a data store option because it does not support fast incremental updates. If your network uses NIS, you should use files for your data store.

Setting a Lease Policy

A lease specifies the amount of time the DHCP server grants permission to a DHCP client to use a particular IP address. During the initial server configuration, you must specify a site-wide lease policy, indicating the lease time and whether clients can renew their leases. The server uses the information you supply to set option values in the default macros it creates during configuration. You can set different lease policies for specific clients or type of clients, by setting options in configuration macros you create.

The lease time is specified as a number of hours, days, or weeks for which the lease is valid. When a client is assigned an IP address (or renegotiates a lease on an IP address it is already assigned), the lease expiration date and time is calculated by adding the number of hours in the lease time to the timestamp on the client's DHCP acknowledgment. For example, if the timestamp of the DHCP acknowledgment is September 16, 1999 9:15 A.M., and the lease time is 24 hours, the lease expiration time is September 17, 1999 9:15 A.M. The lease expiration time is stored in the client's DHCP network record, viewable in the DHCP Manager or using pntadm.

The lease time value should be relatively small, so that expired addresses are reclaimed quickly, but large enough so that if your DHCP service becomes unavailable, the clients continue to function until the machine(s) running the DHCP service can be repaired. A rule of thumb is to specify a time that is two times the predicted down time of a server. For example, if it generally takes four hours to obtain and replace a defective part and reboot the server, you should specify a lease time of eight hours.

The lease negotiation option determines whether or not a client can renegotiate its lease with the server before the lease expires. If lease negotiation is allowed, the client tracks the time remaining in its lease, and when half the lease time is used, the client requests the DHCP server to extend its lease to the original lease time. Disallowing lease negotiation is useful for environments where there are more machines than IP addresses, so the time limit is enforced on the use of IP addresses. If there are enough IP addresses, lease negotiation should be permitted to avoid forcing a client to take down its network interface and obtain a new lease, possibly interrupting their TCP connections (such as NFS and telnet sessions). Lease negotiation can be set site-wide during the server configuration, and for particular clients or types of clients through the use of the LeaseNeg option in configuration macros.

---

Note -

Systems providing services on the network should retain their IP addresses, and should not be subject to short-term leases. You can use DHCP with such machines by assigning them reserved (manual) IP addresses, rather than IP addresses with permanent leases. This enables you to detect when the machine's IP address is no longer being used.

---

Determining Routers for DHCP Clients

Clients use routers for any network communication beyond their local network, and they must know the IP addresses of these routers in order to use them.

During DHCP server configuration, you must provide the IP address of a router the clients can use or, if you use DHCP Manager, you can specify that clients should find routers themselves by using the router discovery protocol.

If clients on your network support router discovery, you should use router discovery protocol instead of specifying the IP address, even if there is only one router. Discovery enables a client to adapt easily to router changes in the network. For example, if a router fails and is replaced by one with a new address, clients can discover the new address automatically without having to obtain a new network configuration to get the new router address.

Making Decisions for IP Address Management

This section discusses the decisions you need to make when configuring IP addresses to be managed by DHCP. The topics parallel the dialogs of DHCP Manager's Address Wizard, but can also be used to make decisions if you use the dhcpconfig utility.

As part of the DHCP service setup, you determine several aspects of the IP addresses that the server is to manage. If your network needs more than one DHCP server, you must decide how to divide responsibility for the addresses so you can assign some to each server. Before you begin configuring your server you must decide on the following:

• Number or range of IP addresses that the server should manage

• Whether you want the server to automatically generate host names for clients, and the prefix to use for generated host names

• What configuration macro to use to assign clients' network configuration

• Whether IP address leases are dynamic or permanent

Number and Ranges of IP Addresses

During the initial server configuration, DHCP Manager allows you to add one block, or range, of IP addresses under DHCP management by specifying the total number of addresses and the first address in the block. DHCP Manager creates a list of contiguous addresses from this information. If you have several blocks of noncontiguous addresses, you can add the others by running DHCP Manager's Address Wizard again, after the initial configuration.

Before configuring your IP addresses, know how many addresses are in the initial block of addresses you want to add and the IP address of the first address in the range.

Client Host Name Generation

The dynamic nature of DHCP means that an IP address is not permanently associated with the host name of the system that is using it. The Solaris DHCP server can generate a client name to associate with each IP address, if you select this option. The generated client names are mapped to IP addresses in /etc/hosts or the NIS/NIS+ hosts tables. The client names use a prefix, or root name, plus a dash and a number assigned by the server. For example, if the root name is charlie, the client names will be charlie-1, charlie-2, charlie-3, and so on.

By default, generated client names begin with the name of the DHCP server that manages them. This is useful in environments having more than one DHCP server because you can quickly see in the DHCP network tables which clients any given DHCP server manages. However, you can change the root name to any name you choose.

Before configuring your IP addresses, decide if you want the server to generate client names, and if so, what root name to use for the names.

---

Note -

The client names are not automatically added to the DNS domain, thus the client names are not known outside your name service (NIS/NIS+) domain. However, you can load them into DNS manually. See "Administering DNS" in Solaris Naming Administration Guide and the in.named(1M) manual page for more information about DNS.

---

Default Client Configuration Macros

In Solaris DHCP, a macro is a collection of network configuration options and their assigned values. Macros are used to determine what network configuration information to send to a DHCP client.

During the initial configuration of the DHCP server, several macros are created, using information gathered from system files and from prompting the system administrator:

• Network address macro, named using the IP address of the client network, and containing information needed by any client that is part of the network, such as subnet mask, network broadcast address, default router or router discovery token, and NIS/NIS+ domain and server if the server is using NIS/NIS+. Other options applicable to your network might be included.

• Locale macro, which contains the offset (in seconds) from Universal Time to specify the time zone.

• Server macro, named using the server's host name, and containing information about the lease policy, time server, DNS domain, and DNS server, and possibly other information that the configuration program was able to obtain from system files. This macro includes the locale macro.

The network address macro is automatically processed for all clients located on that network. The locale macro is included in the server macro, so it is processed when the server macro is processed.

While configuring IP addresses for the first network, you must select a client configuration macro to be used for all DHCP clients using the addresses you are configuring. By default, the server macro is selected because it is contains information needed by all clients using this server. Clients receive the options contained in the network address macro before those in the server macro. See "Order of Macro Processing" for more information about macro processing order.

Dynamic and Permanent Lease Type

The lease type determines whether the lease policy (lease time and negotiation) is used for the addresses you are configuring. During initial server configuration, DHCP Manager allows you to select either dynamic or permanent leases for the addresses you are adding. The dhcpconfig utility allows only dynamic leases.

When an address has a dynamic lease, the DHCP server can manage the address by allocating it to a client, extending the lease time, detecting when it is no longer in use, and reclaiming it. When an address has a permanent lease, the DHCP server can only allocate it to a client, after which the client owns the address until the client explicitly releases it. When the address is released, the server can assign it to another client. The address is not subject to the lease policy as long as it is configured with a permanent lease type.

When you configure a range of IP addresses, the lease type you select applies to all the addresses in the range. To get the most benefit from DHCP, you should use dynamic leases for most of the addresses. You can later modify individual addresses to make them permanent if necessary, but the total number of permanent leases should be kept to a minimum.

Reserved Addresses and Lease Type

Addresses can be reserved by manually assigning them to particular clients. A reserved address can have a permanent or dynamic lease associated with it. When a reserved address is assigned a permanent lease, the address can only be allocated to the client that is bound to the address, the DHCP server cannot allocate the address to another client, and the address cannot be reclaimed by the DHCP server.

If a reserved address is assigned a dynamic lease, the address can only be allocated to the client that is bound to the address, but the client must track lease time and negotiate for a lease extension as if the address were not reserved. This allows you to track when the client is using the address by looking at the network table.

You cannot create reserved addresses for all the IP addresses during the initial configuration because they are intended to be used sparingly for individual addresses.

Planning for Multiple DHCP Servers

If you want to configure more than one DHCP server to manage your IP addresses, consider the following guidelines:

• Divide the pool of IP addresses so that each server is responsible for a range of addresses and there is no overlap of responsibility.

• Choose NIS+ as your data store, if available. If not, choose files and specify a shared directory for the absolute path to the data store.

• Configure each server separately so that address ownership is allocated correctly and that server-based macros can be automatically created.

• Set up the servers to scan the options and macros in the dhcptab file at specified intervals so they each are using the latest information. You can do this by using the -t option with in.dhcpd(1M).

• Be sure that all clients can access all DHCP servers so that the servers can support one another. If a client has a valid IP address lease, and is either trying to verify its configuration or extend the lease, but the server owning the client's address is not reachable, another server can respond to the client after the client has attempted to contact the primary server for 20 seconds. If a client requests a specific address, and the server owning that address is not available, one of the other servers handles the request. The client receives a different address from the one requested.

Planning for Remote Network Configuration

After the initial configuration, you can place IP addresses in remote networks under DHCP management. However, because the system files are not local to the server, most of the information is not looked up to provide default values, so you must provide the information. Before you attempt to configure a remote network, be sure you know the following information:

• Remote network's IP address

• Subnet mask of the remote network - This can be obtained from the netmasks table in the name service. If the network uses local files, look in /etc/netmasks on a system in the network. If the network uses NIS+, use the command niscat netmasks.org_dir. If the network uses NIS, use the command ypcat -k netmasks.byaddr. Make sure the netmasks table contains all the topology information for all the subnets you want to manage.

• Network type - Do the clients connect to the network through a local area network (LAN) connection or using point-to-point protocol (PPP)?

• Routing - Can the client use router discovery? If not, you must find out the IP address of a router they can use.

• NIS domain and NIS servers, if applicable

• NIS+ domain and NIS+ servers, if applicable

See "Adding, Modifying, and Removing DHCP Networks" for the procedure for adding DHCP networks.

Selecting the Tool for Configuring DHCP

After you have gathered information and made decisions, as outlined in the previous sections, you are ready to configure a DHCP server. You can use the graphical DHCP Manager or the command-line utility dhcpconfig to configure a server. Each tool lets you select options and type in data that is then used to create the dhcptab and network tables used by the DHCP server.

DHCP Manager Features

DHCP Manager, a Java-based graphical tool, provides a DHCP Configuration Wizard, which starts automatically the first time you run DHCP Manager on a system that is not configured as a DHCP server. The DHCP Configuration Wizard is a series of dialog boxes that prompt you for the essential information required to configure a server: data store, lease policy, DNS/NIS/NIS+ servers and domains, and router addresses. Some of the information is obtained by the wizard from system files, and you only need to confirm that the information is correct, and correct it if necessary.

When you progress through the dialog boxes and approve the information, and the DHCP server daemon starts on the server system, you are prompted to start the Add Addresses Wizard to configure IP addresses for the network. Only the server's network is configured for DHCP initially, and other server options are given default values. You can run DHCP Manager again after the initial configuration is complete to add networks and modify other server options.

dhcpconfig Features

The dhcpconfig utility is a wrapper script for the dhtadm and pntadm commands. The dhcpconfig utility prompts you for server startup options such as the interval for reading the dhcptab, the timeout value for DHCP service offers, and so on. It obtains other information from the system files discussed in "Updating System Files and Netmask Tables". You cannot view the information it obtains from system files, so it is important that the system files be updated before running dhcpconfig.

Note that you can rerun dhcpconfig after updating system files and it will properly update the DHCP data.

Comparison of DHCP Manager and dhcpconfig

The following table summarizes the differences between the two server configuration tools.

Table 9-2 Comparison of DHCP Manager and dhcpconfig

Feature	DHCP Manager	dhcpconfig
Network information gathered from system	Allows you to view the information gathered from system files, and change it if needed.	You cannot see what information dhcpconfig is gathering. You must look at the dhcptab and network tables after they are created.
Configuration experience for user	Speeds up configuration process by omitting prompts for nonessential server options by using default values for them. Allows you to change nonessential options after initial configuration.	Prompts for all server options during configuration process. To change the options later, you must rerun dhcpconfig or use dhtadm and pntadm commands.
User input checking	Checks validity of user input as it is entered.	Does not check validity of user input as it is entered.

The next chapter includes procedures for configuring your server using both DHCP Manager and dhcpconfig.