You should read this file carefully before trying to install or use the ISC DHCP Distribution.TABLE OF CONTENTS
Documentation for this software includes this README file, the RELNOTES file, and the manual pages, which are in the server, common, client and relay subdirectories. Internet standards relating to the DHCP protocol are stored in the doc subdirectory. You will have the best luck reading the manual pages if you build this software and then install it, although you can read them directly out of the distribution if you need to.
DHCP server documentation is in the dhcpd man page. Information about the DHCP server lease database is in the dhcpd.leases man page. Server configuration documentation is in the dhcpd.conf man page as well as the dhcp-options man page. A sample DHCP server configuration is in the file server/dhcpd.conf. The source for the dhcpd, dhcpd.leases and dhcpd.conf man pages is in the server/ sub- directory in the distribution. The source for the dhcp-options.5 man page is in the common/ subdirectory.
DHCP Client documentation is in the dhclient man page. DHCP client configuration documentation is in the dhclient.conf man page and the dhcp-options man page. The DHCP client configuration script is documented in the dhclient-script man page. The format of the DHCP client lease database is documented in the dhclient.leases man page. The source for all these man pages is in the client/ subdirectory in the distribution. In addition, the dhcp-options man page should be referred to for information about DHCP options.
DHCP relay agent documentation is in the dhcrelay man page, the source for which is distributed in the relay/ subdirectory.
To read installed manual pages, use the man command. Type "man page" where page is the name of the manual page. This will only work if you have installed the ISC DHCP distribution using the ``make install'' command (described later).
If you want to read manual pages that aren't installed, you can type ``nroff -man page |more'' where page is the filename of the unformatted manual page. The filename of an unformatted manual page is the name of the manual page, followed by '.', followed by some number - 5 for documentation about files, and 8 for documentation about programs. For example, to read the dhcp-options man page, you would type ``nroff -man common/dhcp-options.5 |more'', assuming your current working directory is the top level directory of the ISC DHCP Distribution.
If you do not have the nroff command, you can type ``more catpage'' where catpage is the filename of the catted man page. Catted man pages names are the name of the manual page followed by ".cat" followed by 5 or 8, as with unformatted manual pages.
Please note that until you install the manual pages, the pathnames of files to which they refer will not be correct for your operating system.
This is the final release of Version 2 of the ISC DHCP Distribution. In version 2.0, this distribution includes a DHCP server, a DHCP client, and a BOOTP/DHCP relay agent. This release is stable.
In this release, the server and relay agent currently work well on NetBSD, Linux after kernel version 2.0.30, FreeBSD, BSD/OS, Ultrix, Digital Alpha OSF/1, Solaris and SunOS 4.1.4. On AIX, HPUX, IRIX and Linux 2.0.30, only a single broadcast network interface is supported. They also runs on QNX as long as only one broadcast network interface is configured and a host route is added from that interface to the 255.255.255.255 broadcast address.
The DHCP client currently only knows how to configure the network on NetBSD, FreeBSD, BSD/os, Linux, Solaris and NextStep. The client depends on a system-dependent shell script to do network configuration - support for other operating systems is simply a matter of porting this shell script to the new platform.
If you wish to run the DHCP Distribution on Linux, please see the Linux-specific notes later in this document. If you wish to run on an SCO release, please see the SCO-specific notes later in this document. You particularly need to read these notes if you intend to support Windows 95 clients. If you are running a version of FreeBSD prior to 2.2, please read the note on FreeBSD. If you are running HP-UX or Ultrix, please read the notes for those operating systems below. If you are running NeXTSTEP, please see the notes on NeXTSTEP below.
If you start dhcpd and get a message, "no free bpf", that means you need to configure the Berkeley Packet Filter into your operating system kernel. On NetBSD, FreeBSD and BSD/os, type ``man bpf'' for information. On Digital Unix, type ``man pfilt''.
To build the DHCP Distribution, unpack the compressed tar file using the tar utility and the gzip command - type something like:
zcat dhcp-2.0.tar.gz |tar xvf -
On BSD/OS, you have to type gzcat, not zcat, and you may run into similar problems on other operating systems.
Now, cd to the dhcp-2.0 subdirectory that you've just created and configure the source tree by typing:
If the configure utility can figure out what sort of system you're running on, it will create a custom Makefile for you for that system; otherwise, it will complain. If it can't figure out what system you are using, that system is not supported - you are on your own.
Once you've run configure, just type ``make'', and after a while you should have a dhcp server. If you get compile errors on one of the supported systems mentioned earlier, please let us know. If you get warnings, it's not likely to be a problem - the DHCP server compiles completely warning-free on as many architectures as we can manage, but there are a few for which this is difficult. If you get errors on a system not mentioned above, you will need to do some programming or debugging on your own to get the DHCP Distribution working.
Once you have successfully gotten the DHCP Distribution to build, you can install it by typing ``make install''. If you already have an old version of the DHCP Distribution installed, you may want to save it before typing ``make install''.
There are three big LINUX issues: the all-ones broadcast address, Linux 2.1 ip_bootp_agent enabling, and operations with more than one network interface. There are also two potential compilation/runtime problems for Linux 2.1/2.2: the "SO_ATTACH_FILTER undeclared" problem and the "protocol not configured" problem.
In addition, there is a minor issue that we will mention here because this release is so close on the heels of the Linux 2.2 release: there is a symlink in /usr/include that points at the linux asm headers. It appears to be not uncommon that this link won't be updated correctly, in which case you'll get the following error when you try to build:
lpf.c: In function `if_register_receive': lpf.c:152: `SO_ATTACH_FILTER' undeclared (first use this function) lpf.c:152: (Each undeclared identifier is reported only once lpf.c:152: for each function it appears in.)
The line numbers may be different, of course. If you see this header, your linux asm header link is probably bad, and you should make sure it's pointing to correct linux source directory.
One additional Linux 2.1/2.2 issue: if you get the following message, it's because your kernel doesn't have the linux packetfilter or raw packet socket configured:
Make sure CONFIG_PACKET (Packet socket) and CONFIG_FILTER (Socket Filtering) are enabled in your kernel configuration
If this happens, you need to configure your Linux kernel to support Socket Filtering and the Packet socket. You can do this by typing ``make config'', ``make menuconfig'' or ``make xconfig'', and then enabling the Packet socket and Socket Filtering options that you'll see displayed on the menu or in the questionnaire. After you've reconfigured in one of these ways, you need to type ``make'' to build a new Linux kernel, and then install it in the appropriate place (probably /linux). Make sure to save a copy of your old /linux.You can also edit your linux kernel .config file directly by setting the CONFIG_FILTER and CONFIG_PACKET lines to:
If you do this, rebuild with:
make oldconfig make clean make depend make boot-method make modules make modules_install
Boot-method should be your preferred method of boot - e.g., lilo, zlilo, zdisk, or something along those lines.
If you set CONFIG_PACKET=m or CONFIG_FILTER=m, then you must tell the kernel module loader to load the appropriate modules. If this doesn't make sense to you, don't use CONFIG_whatever=m - use CONFIG_whatever=y. Don't ask for help with this on the DHCP mailing list - it's a Linux kernel issue. This is probably not a problem with the most recent Linux 2.2.x kernels.
If the instructions in this section make no sense to you, please ask your Linux vendor/guru for help. Please don't ask us, because by and large, we are not particularly expert at Linux - these instructions were contributed by helpful DHCP Distribution users who happen to know a lot about Linux.
In order for dhcpd to work correctly with picky DHCP clients (e.g., Windows 95), it must be able to send packets with an IP destination address of 255.255.255.255. Unfortunately, Linux changes an IP destination of 255.255.255.255 into the local subnet broadcast address (here, that's 126.96.36.199). This isn't a problem on Linux 2.2 and later kernels, since we completely bypass the Linux IP stack, but on old versions of Linux 2.1 and all versions of Linux prior to 2.1, it is a problem - pickier DHCP clients connected to the same network as the ISC DHCP server or ISC relay agent will not see messages from the DHCP server.
It is possible to work around this problem on some versions of Linux by creating a host route from your network interface address to 255.255.255.255. The command you need to use to do this on Linux varies from version to version. The easiest version is:
route add -host 255.255.255.255 dev eth0
On Linux 2.0 systems with more than one network interface, assuming that your kernel includes SO_BINDTODEVICE support, which is required in order to support more than one interface, you may have to add a route to the 255.255.255.255 broadcast address on every interface - just do the route command, as shown above, substituting the name of each network interface in place of "eth0". Because of the way SO_BINDTODEVICE works, it is not a problem to have more than one of these routes.
On some older Linux systems, you will get an error if you try to do this. On those systems, try adding the following entry to your /etc/hosts file:
route add -host all-ones dev eth0
Another route that has worked for some users is:
route add -net 255.255.255.0 dev eth0
If you are not using eth0 as your network interface, you should specify the network interface you *are* using in your route command.
If you are running the DHCP server or client on a Linux system that's also acting as a firewall, you must be sure to allow DHCP packets through the firewall - Linux firewalls make filtering decisions before they make the forwarding decision, so they will filter packets that are intended for the firewall itself, as well as packets intended to be forwarded. In particular, your firewall rules _must_ allow packets from IP address 0.0.0.0 to IP address 255.255.255.255 from UDP port 68 to UDP port 67 through. They must also allow packets from your local firewall's IP address and UDP port 67 through to any address your DHCP server might serve on UDP port 68. Finally, packets from relay agents on port 67 to the DHCP server on port 67, and vice versa, must be permitted.
Some versions of the Linux 2.1 kernel apparently prevent dhcpd from working unless you enable it by doing the following:
echo 1 >/proc/sys/net/ipv4/ip_bootp_agent
Very old versions of the Linux kernel do not provide a networking API that allows dhcpd to operate correctly if the system has more than one broadcast network interface. However, Linux 2.0 kernels with version numbers greater than or equal to 2.0.31 add an API feature: the SO_BINDTODEVICE socket option. If SO_BINDTODEVICE is present, it is possible for dhcpd to operate on Linux with more than one network interface. In order to take advantage of this, you must be running a 2.0.31 or greater kernel, and you must have 2.0.31 or later system headers installed *before* you build the DHCP Distribution.
We have heard reports that you must still add routes to 255.255.255.255 in order for the all-ones broadcast to work, even on 2.0.31 kernels. In fact, you now need to add a route for each interface. Hopefully the Linux kernel gurus will get this straight eventually.
Linux 2.1 and later kernels do not use SO_BINDTODEVICE or require the broadcast address hack, but do support multiple interfaces, using the Linux Packet Filter.
SCO has the same problem as Linux (described earlier). The thing is, SCO *really* doesn't want to let you add a host route to the all-ones broadcast address. One technique that has been successful on some versions of SCO is the very bizarre command:
ifconfig net0 alias 10.1.1.1 netmask 188.8.131.52
Apparently this works because of an interaction between SCO's support for network classes and the weird netmask. The 10.* network is just a dummy that can generally be assumed to be safe. Don't ask why this works. Just try it. If it works for you, great. If not, SCO is supposedly adding hooks to support real DHCP service in a future release - I have this on good authority from the people at SCO who do *their* DHCP server and client.
HP-UX has the same problem with the all-ones broadcast address that SCO and Linux have. One user reported that adding the following to /etc/rc.config.d/netconf helped (you may have to modify this to suit your local configuration):
INTERFACE_NAME=lan0 IP_ADDRESS=184.108.40.206 SUBNET_MASK=255.255.255.0 BROADCAST_ADDRESS="255.255.255.255" LANCONFIG_ARGS="ether" DHCP_ENABLE=0
Now that we have Ultrix packet filter support, the DHCP Distribution on Ultrix should be pretty trouble-free. However, one thing you do need to be aware of is that it now requires that the pfilt device be configured into your kernel and present in /dev. If you type ``man packetfilter'', you will get some information on how to configure your kernel for the packet filter (if it isn't already) and how to make an entry for it in /dev.
Versions of FreeBSD prior to 2.2 have a bug in BPF support in that the ethernet driver swaps the ethertype field in the ethernet header downstream from BPF, which corrupts the output packet. If you are running a version of FreeBSD prior to 2.2, and you find that dhcpd can't communicate with its clients, you should #define BROKEN_FREEBSD_BPF in site.h and recompile.
The NeXTSTEP support uses the NeXTSTEP Berkeley Packet Filter extension, which is not included in the base NextStep system. You must install this extension in order to get dhcpd or dhclient to work.
One problem which has been observed and is not fixed in this patchlevel has to do with using DLPI on Solaris machines. The symptom of this problem is that the DHCP server never receives any requests. If you are using Solaris 2.6, and you encounter this symptom, and you are running the DHCP server on a machine with a single broadcast network interface, you may wish to edit the includes/site.h file and uncomment the #define USE_SOCKETS line. Then type ``make clean; make''.
The DHCP client on Solaris will only work with DLPI. If you run it and it just keeps saying it's sending DHCPREQUEST packets, but never gets a response, you may be having DLPI trouble as described above. If so, you are SOL. Also, because Solaris requires you to "plumb" an interface before it can be detected by the DHCP client, you must either specify the name(s) of the interface(s) you want to configure on the command line, or must plumb the interfaces prior to invoking the DHCP client. This can be done with ``ifconfig iface plumb'', where iface is the name of the interface (e.g., ``ifconfig hme0 plumb'').
It should be noted that Solaris versions from 2.6 onward include a DHCP client that you can run with ``/sbin/ifconfig iface dhcp start'' rather than using the ISC DHCP client. The feature set of the Solaris client is different (not necessarily better or worse) than that of the ISC client, but in most cases it will be a lot easier for you to just use that. Please do not ask for help in using the Solaris DHCP client on ISC's DHCP mailing lists - that's why you're paying Sun the big bucks. If you're having a problem with the Solaris client interoperating with the ISC DHCP server, that's another matter, but please check with Sun first.
The ISC DHCP server is not a commercial product, and is not supported in that sense. However, it has attracted a fairly sizable following on the Internet, which means that there are a lot of knowledgable users who may be able to help you if you get stuck. These people generally read the email@example.com mailing list.
If you are going to use dhcpd, you should probably subscribe to the dhcp-server and dhcp-announce mailing lists. If you will be using dhclient, you should subscribe to the dhcp-client mailing list.
If you need help, you should ask on the dhcp-server or dhcp-client mailing list (or both) - whichever is appropriate to your application. This includes reporting bugs. Please do not report bugs in old software releases - fetch the latest release and see if the bug is still in that copy of the software, and if it's not, _then_ report it. It's okay to report bugs in the latest patchlevel of a major version that's not the most recent major version, though - for example, if you're running 2.0, you don't have to upgrade to 3.0 before you can report bugs.
When you report bugs, please provide us complete information. A list of information we need follows. Please read it carefully, and put all the information you can into your initial bug report, so that we don't have to ask you any questions in order to figure out your problem.
gdb dhcpd dhcpd.core (gdb) where [...] (gdb) quit
This assumes that it's the DHCP server you're debugging, and that the core file is in dhcpd.core.
Please, do not send queries about non-isc clients to the dhcp-client mailing list. If you're asking about them on an ISC mailing list, it's probably because you're using the ISC DHCP server, so ask there. If you are having problems with a client whose executable is called dhcpcd, this is not the ISC DHCP client, and we probably can't help you with it.
Please see our dhcp mailing lists page for details on how to subscribe.
Please do not send requests for help directly to the author! The number of people using the DHCP Distribution is sufficiently large that if we take an interrupt every time any one of those people runs into trouble, we will never get any more coding done.
Please do not call the author on the phone for support! Answering the phone takes a lot more time and attention than answering email. If you do call on the phone, you will be told to send email to the mailing list, so there's no point in doing it.
This release of the DHCP Distribution does not yet contain support for DHCPINFORM. The Vendor Specific Data option is not supported. Site- specific options are not supported. All of these are supported in the 3.0 release of the DHCP distribution, which is now in beta testing.