35.1.1 Initial Configuration (Wizard)

When the module is started for the first time, a wizard starts, prompting you to make a few basic decision concerning server administration. Completing this initial setup produces a very basic server configuration that should function in essential aspects. The expert mode can be used to deal with more advanced configuration tasks.

Card Selection

In the first step, YaST looks for the network interfaces available on your system then displays them in a list. From the list, select the interface on which the DHCP server should listen and click Add. After this, select Open Firewall for Selected Interfaces to open the firewall for this interface. See Figure 35-1.

Figure 35-1 DHCP Server: Card Selection

Global Settings

Use the check box to determine whether your DHCP settings should be automatically stored by an LDAP server. In the entry fields, provide the network specifics for all clients the DHCP server should manage. These specifics are the domain name, address of a time server, addresses of the primary and secondary name server, addresses of a print and a WINS server (for a mixed network with both Windows and Linux clients), gateway address, and lease time. See Figure 35-2.

Figure 35-2 DHCP Server: Global Settings

Dynamic DHCP

In this step, configure how dynamic IP addresses should be assigned to clients. To do so, specify an IP range from which the server can assign addresses to DHCP clients. All these addresses must be covered by the same netmask. Also specify the lease time during which a client may keep its IP address without needing to request an extension of the lease. Optionally, specify the maximum lease time—the period during which the server reserves an IP address for a particular client. See Figure 35-3.

Figure 35-3 DHCP Server: Dynamic DHCP

Finishing the Configuration and Setting the Start Mode

After the third part of the configuration wizard, a last dialog is shown in which you can define how the DHCP server should be started. Here, specify whether to start the DHCP server automatically when the system is booted or manually when needed (for example, for test purposes). Click Finish to complete the configuration of the server. See Figure 35-4. Alternatively, you can select Host Management from the tree structure to the left to configure special host management features in addition to the basic configuration (see Figure 35-5).

Figure 35-4 DHCP Server: Start-Up

Host Management

Instead of using dynamic DHCP in the way described in the preceding sections, you can also configure the server to assign addresses in quasi-static fashion. To do so, use the entry fields provided in the lower part to specify a list of the clients to manage in this way. Specifically, provide the Name and the IP Address to give to such a client, the Hardware Address, and the Network Type (token ring or ethernet). Modify the list of clients, which is shown in the upper part, with Add, Edit, and Delete from List. See Figure 35-5.

Figure 35-5 DHCP Server: Host Management

35.1.2 Expert Configuration

In addition to the configuration method discussed earlier, there is also an expert configuration mode that allows you to tweak the DHCP server setup in every detail. Start the expert configuration by selecting Expert Settings in the tree view in the left part of the dialog.

Chroot Environment and Declarations

In this first dialog, make the existing configuration editable by selecting Start DHCP Server. An important feature of the behavior of the DHCP server is its ability to run in a chroot environment, or chroot jail, to secure the server host. If the DHCP server should ever be compromised by an outside attack, the attacker will still be behind bars in the chroot jail, which prevents him from touching the rest of the system. The lower part of the dialog displays a tree view with the declarations that have already been defined. Modify these with Add, Delete, and Edit. Selecting Advanced takes you to additional expert dialogs. See Figure 35-6. After selecting Add, define the type of declaration to add. With Advanced, view the log file of the server, configure TSIG key management, and adjust the configuration of the firewall according to the setup of the DHCP server.

Figure 35-6 DHCP Server: Chroot Jail and Declarations

Selecting the Declaration Type

The Global Options of the DHCP server are made up of a number of declarations. This dialog lets you set the declaration types Subnet, Host, Shared Network, Group, Pool of Addresses, and Class. This example shows the selection of a new subnetwork (see Figure 35-7).

Figure 35-7 DHCP Server: Selecting a Declaration Type

Subnet Configuration

This dialog allows you specify a new subnet with its IP address and netmask. In the middle part of the dialog, modify the DHCP server start options for the selected subnet using Add, Edit, and Delete. To set up dynamic DNS for the subnet, select Dynamic DNS.

Figure 35-8 DHCP Server: Configuring Subnets

TSIG Key Management

If you chose to configure dynamic DNS in the previous dialog, you can now configure the key management for a secure zone transfer. Selecting OK takes you to another dialog in which to configure the interface for dynamic DNS (see Figure 35-10).

Figure 35-9 DHCP Server: TSIG Configuration

Dynamic DNS: Interface Configuration

You can now activate dynamic DNS for the subnet by selecting Enable Dynamic DNS for This Subnet. After doing so, use the drop-down list to choose the TSIG keys for forward and reverse zones, making sure that keys are the same for the DNS and the DHCP server. With Update Global Dynamic DNS Settings, enable the automatic update and adjustment of the global DHCP server settings according to the dynamic DNS environment. Finally, define which forward and reverse zones should be updated per dynamic DNS, specifying the name of the primary name server for each of the two zones. If the name server runs on the same host as the DHCP server, you can leave these fields blank. Selecting Ok returns to the subnet configuration dialog (see Figure 35-8). Selecting Ok again returns to the original expert configuration dialog.

Figure 35-10 DHCP Server: Interface Configuration for Dynamic DNS

Network Interface Configuration

To define the interfaces where the DHCP server should listen and adjust the firewall configuration, select Advanced Interface Configuration from the expert configuration dialog. From the list of interfaces displayed, select one or more that should be attended by the the DHCP server. If clients in all of the subnets should be able to communicate with the server and the server host also runs a firewall, adjust the firewall accordingly. To do so, select Adapt Firewall Settings. YaST then adjusts the rules of SuSEfirewall2 to the new conditions (see Figure 35-11), after which you can return to the original dialog by selecting Ok.

Figure 35-11 DHCP Server: Network Interface and Firewall

After completing all the configuration steps, close the dialog with Ok. The server is now started with its new configuration.