Solaris DHCP Administration Guide

Modifying DHCP Service Options

You can change values for some additional features of the DHCP service, some of which were not offered during the initial configuration with DHCP Manager. If you configured your server with dhcpconfig, you may have been prompted to select values for most of these options. You can use the Modify Service Options dialog box in DHCP Manager or specify options on the in.dhcpd command to change service options.

The following task map shows the tasks related to service options and the procedures to use:

Table 4–1 Modify DHCP Service Options Task Map

Tasks 

Description 

Where to Find Instructions 

Change logging options 

Enable or disable verbose logging, enable or disable logging of DHCP transactions, and select a syslog facility to use for logging DHCP transactions.

How to Generate Verbose DHCP Log Messages (DHCP Manager)

How to Generate Verbose DHCP Log Messages (Command Line)

How to Enable and Disable DHCP Transaction Logging (DHCP Manager)

How to Enable and Disable DHCP Transaction Logging for Current Session (Command Line)

How to Log DHCP Transactions to a Separate syslog File

 

 

Change DNS update options 

Enable or disable server's adding DNS entries for clients that supply a host name, and determine the maximum time the server should spend attempting to update DNS. 

How to Enable Dynamic DNS Updating for DHCP Clients

Enable or disable duplicate IP address detection 

Enable or disable the DHCP server's determination that an IP address is not already in use before offering it to a client. 

How to Customize DHCP Server Performance Options (DHCP Manager)

How to Customize DHCP Server Performance Options (Command Line)

Change options for DHCP server's reading of configuration information 

Enable or disable automatic reading of dhcptab at specified intervals, or change the interval between reads.

How to Customize DHCP Server Performance Options (DHCP Manager)

How to Customize DHCP Server Performance Options (Command Line)

Change the number of relay agent hops 

Increase or decrease the number of networks a request can travel through before being dropped by the DHCP daemon. 

How to Customize DHCP Server Performance Options (DHCP Manager)

How to Customize DHCP Server Performance Options (Command Line)

Change the length of time an IP address offer is cached 

Increase or decrease the number of seconds that the DHCP service reserves an offered IP address before offering to a new client. 

How to Customize DHCP Server Performance Options (DHCP Manager)

How to Customize DHCP Server Performance Options (Command Line)

The following figure shows DHCP Manager's Modify Service Options dialog box.

Figure 4–3 Modify Service Options Dialog Box

Graphic

Changing DHCP Logging Options

The DHCP service can log DHCP service messages and DHCP transactions to syslog. See thesyslogd(1M) andsyslog.conf(4) man pages for more information about syslog.

DHCP service messages logged to syslog include:

You can increase the amount of information reported by using the verbose option for the DHCP daemon. Verbose message output can be useful in troubleshooting DHCP problems. See How to Generate Verbose DHCP Log Messages (DHCP Manager).

Another useful troubleshooting technique is transaction logging. Transactions provide information about every interchange between a DHCP server or BOOTP relay and clients. DHCP transactions include:

BOOTP relay transactions include:

Transaction logging is disabled by default. When enabled, transaction logging uses the local0 syslog facility by default. DHCP transaction messages are generated with a syslog severity level of notice, so by default, transactions are logged to the file where other notices are logged. However, because they use a local facility, the transaction messages can be logged separately from other notices if you edit the syslog.conf file to specify a separate log file.

You can disable or enable transaction logging, and specify a different syslog facility, from 0 through 7, as explained in How to Enable and Disable DHCP Transaction Logging (DHCP Manager). If you edit the server system's syslog.conf file, you can also instruct syslogd to store the DHCP transaction messages in a separate file, as explained in How to Log DHCP Transactions to a Separate syslog File.

How to Generate Verbose DHCP Log Messages (DHCP Manager)

  1. Choose Modify from the Service menu.

  2. Select Verbose Log Messages.

  3. Select Restart Server if it is not already selected.

  4. Click OK.

    The daemon runs in verbose mode for this session and each subsequent session until you reset this option. Verbose mode can reduce daemon efficiency because of the time taken to display messages.

How to Generate Verbose DHCP Log Messages (Command Line)

  1. Become superuser on the DHCP server system.

  2. Type the following commands to stop the DHCP daemon and restart it in verbose mode:


    # /etc/init.d/dhcp stop
    # /usr/lib/inet/in.dhcpd -v options
    

    where options are any other options you normally use to start the daemon.

    The daemon runs in verbose mode for this session only.

    Verbose mode can reduce daemon efficiency because of the time taken to display messages.

How to Enable and Disable DHCP Transaction Logging (DHCP Manager)

This procedure enables/disables transaction logging for all subsequent DHCP server sessions.

  1. Choose Modify from the Service menu.

  2. Select Log Transactions to Syslog Facility.

    To disable transaction logging, deselect this option.

  3. (Optional) Select a local facility from 0 to 7 to use for logging transactions.

    By default, DHCP transactions are logged to the location where system notices are logged, which depends on how syslogd is configured. If you want the DHCP transactions to be logged to a file separate from other system notices, see How to Log DHCP Transactions to a Separate syslog File.

    Message files can quickly become very large when transaction logging is enabled.

  4. Select Restart Server if it is not already selected.

  5. Click OK.

    The daemon will log transactions to the selected syslog facility for this session and each subsequent session until you disable it in this dialog box.

How to Enable and Disable DHCP Transaction Logging for Current Session (Command Line)

  1. Become superuser on the DHCP server system.

  2. Type the following commands to enable logging for the current session:


    # /etc/init.d/dhcp stop
    # /usr/lib/inet/in.dhcpd -l syslog-local-facility
    

    where syslog-local-facility is a number from 0 through 7. If you omit this option, 0 is used by default. See How to Enable and Disable DHCP Transaction Logging (DHCP Manager).


    Note –

    To disable transaction logging, omit the -l option when starting in.dhcpd.


    By default, DHCP transactions are logged to the location where system notices are logged, which depends on how syslogd is configured. If you want the DHCP transactions to be logged to a file separate from other system notices, see How to Log DHCP Transactions to a Separate syslog File.

    Message files can quickly become very large when transaction logging is enabled.

How to Log DHCP Transactions to a Separate syslog File

  1. Become superuser on the DHCP server system.

  2. Edit the /etc/syslog.conf file on the server system and add a line of the following format:


    localn.notice     path-to-logfile
    

    where n is the syslog facility number you specified for transaction logging, and path-to-logfile is the complete path to the file to use for logging transactions.

    For example, you might add the following line:

    local0.notice /var/log/dhcpsrvc

    See the syslog.conf(4) man page for more information about the syslog.conf file.

Enabling Dynamic DNS Updates by DHCP Server

If a host name is mapped to the IP address leased to a DHCP client and the DHCP server has been configured to supply host names, the DHCP server will inform the client of the name it has been assigned. Alternatively, the DHCP server may be configured so that DHCP clients may supply their own host names and the DHCP server will attempt DNS updates on their behalf.

DNS provides basic name-to-address and address-to-name services for the Internet. Once a DNS update is made, other systems may refer to the DHCP client system by name.

You can enable the DHCP service to update the DNS service with the host names of DHCP clients that supply their own host names. When a system's name is registered with DNS, the system is visible outside its domain. In order for the DNS update feature to work, the DNS server, DHCP server, and DHCP client must all be set up correctly, and the requested name must not be in use by another system in the domain.

The DHCP server's DNS update feature works if all the following are true:

How to Enable Dynamic DNS Updating for DHCP Clients


Note –

Be aware that dynamic DNS updates are by nature a security risk.

By default, the Solaris DNS daemon (in.named) does not allow dynamic updates. Authorization for dynamic DNS updates is granted if the requesting host's IP address is assigned to the allow-update keyword in the appropriate zones of the named.conf configuration file on the DNS server system. No other security is provided. You must carefully weigh the convenience of this facility for users against the security risk created when you enable dynamic DNS updates.


  1. At the DNS server, edit the /etc/named.conf file as root.

  2. Find the zone section for the appropriate domain and add the DHCP server's IP addresses to the allow-update keyword.

    For example, if the DHCP server resides at addresses 10.0.0.1 and 10.0.0.2, a named.conf file for the dhcp.domain.com zone would be modified as follows:


    zone "dhcp.domain.com" in {
                 type master;
                 file "db.dhcp";
                 allow-update { 10.0.0.1; 10.0.0.2; }; 
    };  
     
    zone "10.IN-ADDR.ARPA" in {
                 type master;
                 file "db.10"; 
                 allow-update { 10.0.0.1; 10.0.0.2; };
    }; 

    Note that allow-update for both zones must be enabled to allow the DHCP server to update both A and PTR records on the DNS server.

  3. On the DHCP server, start DHCP Manager.

  4. Choose Modify from the Service menu.

    The Modify Service Options dialog box opens.

  5. Select Update DNS Host Information Upon Client Request.

  6. Specify the number of seconds to wait for a response from the DNS server before timing out, then click OK.

    The default value should be adequate. If you have timeout problems, you can increase the value later.

  7. Click the Macros tab and ensure that the correct DNS domain is specified.

    The DNSdmain option must be passed with the correct domain name to any client that expects dynamic DNS update support. By default, DNSdmain is specified in the server macro, which is used as the configuration macro bound to each IP address.

  8. Set up the DHCP client to specify its host name when requesting DHCP service.

    If you use the Solaris DHCP client, see How to Enable a Solaris Client to Request Specific Host Name. If your client is not a Solaris DHCP client, see the documentation for your DHCP client for information about how to do this.

How to Enable a Solaris Client to Request Specific Host Name

  1. On the client system, edit the /etc/default/dhcpagent file as root.

  2. Find the keyword REQUEST_HOSTNAME in the /etc/default/dhcpagent file and modify it as follows:


    REQUEST_HOSTNAME=yes

    If there is a comment sign (#) in front of the keyword, remove the #. If the keyword is not present, insert it.

  3. Edit the /etc/hostname.interface file on the client system and add the following line:

    inet hostname
    

    where hostname is the name you want the client to use.

  4. As root, type the following commands to have the client perform a full DHCP negotiation upon rebooting:


    # pkill dhcpagent
    # rm /etc/dhcp/interface.dhc
    # reboot
    

    The DHCP server makes sure that the host name is not in use by another system on the network before the server assigns it to the client. Depending how it is configured, the DHCP server may update name services with the client's host name.

Customizing DHCP Service Performance Options

You can change options that affect the performance of the DHCP service. These options are described in the following table.

Table 4–2 Options Affecting DHCP Server Performance

Server Option 

Description 

Key in /etc/inet/dhcpsvc.conf

Number of BOOTP relay agent hops 

If a request has traveled through more than a given number of BOOTP relay agents, it is dropped. The default maximum number of relay agent hops is 4, and it is not likely that this number will be surpassed unless your network is set up to pass requests through several BOOTP relay agents before they reach a DHCP server.

RELAY_HOPS=integer

Verification of IP address availability before making an offer 

By default, the server pings an IP address before offering it to a client to verify that it is not already in use. You can disable this feature to decrease the time it takes to make an offer, but this creates the risk of having duplicate IP addresses in use.

ICMP_VERIFY=TRUE/FALSE

Automatic reading of dhcptab at specified intervals

The server can be set to automatically read the dhcptab at the interval in minutes you specify. If your network configuration information does not change frequently, and you do not have multiple DHCP servers, it is not necessary to reload dhcptab automatically. Also note that DHCP Manager gives you the option to have the server reload dhcptab after you make a change to the data.

RESCAN_INTERVAL=min

Length of time to reserve an IP address that has been offered 

After a server offers an IP address to a client, it caches the offer, during which time the server does not offer the address again. You can change the number of seconds for which the offer is cached. The default is 10 seconds. On slow networks, you made need to increase the offer time.

OFFER_CACHE_TIMEOUT=sec

The following procedures describe how to change these options.

How to Customize DHCP Server Performance Options (DHCP Manager)

  1. Choose Modify from the Service menu.

  2. To change the number of BOOTP relay agents a request can pass through, specify a different Maximum Number of Relay Agent Hops.

  3. To have the DHCP server verify that an IP address is not in use before it offers the address to a client, select Detect Duplicate IP Addresses.

  4. To have the DHCP server read dhcptab at specified intervals, select Reload dhcptab Every n Minutes, and type the number of minutes for the interval.

  5. To change the length of time the server holds an IP address open after it makes an offer, type the number of seconds in the field Cache Offers for n Seconds.

  6. Select Restart Server if it is not already selected.

  7. Click OK.

How to Customize DHCP Server Performance Options (Command Line)

If you change options with this procedure, the changed options affect only the current server session. If the DHCP server system reboots, the DHCP server starts with the settings specified during server configuration. If you want settings to apply to all future sessions, you must make changes using DHCP Manager.

  1. Become superuser on the DHCP server system.

  2. Type the following command:


    # /etc/init.d/dhcp stop
    # /usr/lib/inet/in.dhcpd options
    

    where options are any of the following:

    -h relay-hops

    Specifies the maximum number of relay agent hops that can occur before the daemon drops the DHCP/BOOTP datagram. 

    -n

    Disables automatic duplicate IP address detection. This is not recommended. 

    -t dhcptab_rescan_interval

    Specifies the interval in minutes that the DHCP server should use to schedule the automatic rereading of the dhcptab information.

    -o seconds

    Specifies the number of seconds the DHCP server should cache the offers it has extended to discovering DHCP clients. The default setting is 10 seconds. 

    For example, the following command sets the hop count to 2, disables duplicate IP address detection, sets the rescan interval to 30 minutes, and sets the offer time to 20 seconds.

    # /usr/lib/inet/in.dhcp -h 2 -n -t 30 -o 20