Linux DHCP is Dynamic Host Configuration Protocol. It is used to control vital networking parameters of hosts (running clients)with the help of a server. DHCP is backward compatible with BOOTP. For more information see RFC 2131 (old RFC 1541) and other. (See Internet Resources section at the end of the document).

This mini-tutorial covers both the DHCP _SERVER_ daemon as well as DHCP_CLIENT_ daemon. Most people need the client daemon which is used byworkstations to obtain network information from a remote server. The serverdaemon is used by system administrators to distribute network informationto clients so if you are just a regular user you need the _CLIENT_ daemon.

Downloading the client daemon (dhcpcd)

Depending on your distribution you might have to download the DHCP client daemon. If you want to compile it from the source youpackage you need is called dhcpcd and the current version is 1.3.18. It is maintained by Sergei Viznyuk <sergei@phystech.com> andtoday it comes as a binary package with most distributions.

dhcpcd source can be downloaded from following locations

• ftp://ftp.phystech.com/pub/ (Primary site)
• http://www.cps.msu.edu/~dunham/out/

Then follow the instructions below. They should be the same.

Tying it all together

After your machine reboots your network interface should be configured.Type: ifconfig.

You should get something like this:

          lo        Link encap:Local Loopback            inet addr:127.0.0.1  Bcast:127.255.255.255  Mask:255.0.0.0          UP BROADCAST LOOPBACK RUNNING  MTU:3584  Metric:1          RX packets:302 errors:0 dropped:0 overruns:0 frame:0          TX packets:302 errors:0 dropped:0 overruns:0 carrier:0 coll:0eth0      Link encap:Ethernet  HWaddr 00:20:AF:EE:05:45          inet addr:24.128.53.102  Bcast:24.128.53.255  Mask:255.255.254.0          ^^^^^^^^^^^^^^^^^^^^^^^          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:24783 errors:1 dropped:1 overruns:0 frame:1          TX packets:11598 errors:0 dropped:0 overruns:0 carrier:0 coll:96          Interrupt:10 Base address:0x300

If you have some normal number under inet addr you are set. If you see0.0.0.0 don’t despair, it is a temporary setting beforedhcpcd acquiresthe IP address. If even after few minutes you are seeing 0.0.0.0 pleasecheck out Troubleshooting. DHCPcd is a daemon and willstay running as long as you have your machine on. Every three hours itwill contact the DHCP server and try to renew the IP address lease. Itwill log all the messages in the syslog (on Slackware/var/adm/syslog, RedHat/OpenLinux/var/log/syslog).

One final thing. You need to specify your nameservers. There are two ways to doit, you can either ask your provider to provide you with the addresses of yourname server and then put those in the/etc/resolv.conf or DHCPcd will obtainthe list from the linux DHCP server and will build aresolv.conf in /etc/dhcpc.

I decided to use linux DHCPcd’s resolv.conf by doing the following:

Back up your old /etc/resolv.conf: mv /etc/resolv.conf/etc/resolv.conf.OLD

If directory /etc/dhcpc doesn’texist create it: mkdir /etc/dhcpc

Make a link from /etc/dhcpc/resolv.conf to/etc/resolv.conf: ln -s/etc/dhcpc/resolv.conf /etc/resolv.conf

If that doesn’t work try this (fix suggested by<nothing@cc.gatech.edu> with a little amendment by HenrikStoerner):

This last step I had to perform only because my dhcpcd doesn’tcreate an /etc/dhcpc/resolv.conf. In /etc/sysconfig/network-scripts/ifup Imade the following changes (which are a very poor hack, but they workfor me):

elif [ "$BOOTPROTO" = dhcp -a "$ISALIAS" = no ]; then    echo -n "Using DHCP for ${DEVICE}... "    /sbin/dhcpcd -c /etc/sysconfig/network-scripts/ifdhcpc-done ${DEVICE}    echo "echo \$$ > /var/run/dhcp-wait-${DEVICE}.pid; exec sleep 30" | sh    if [ -f /var/run/dhcp-wait-${DEVICE}.pid ]; then^^^^        echo "failed."        exit 1

I changed to:

elif [ "$BOOTPROTO" = dhcp -a "$ISALIAS" = no ]; then    echo -n "Using DHCP for ${DEVICE}... "    /sbin/dhcpcd    echo "echo \$$ > /var/run/dhcp-wait-${DEVICE}.pid; exec sleep 30" | sh    if [ ! -f /var/run/dhcp-wait-${DEVICE}.pid ]; then^^^^^^       echo "failed."       exit 1

Now sit back and enjoy .

eth0      Link encap:10Mbps Ethernet  HWaddr 00:C0:4F:D3:C4:62          inet addr:183.217.19.43  Bcast:183.217.19.255  Mask:255.255.255.0          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1          RX packets:2875542 errors:0 dropped:0 overruns:0          TX packets:218647 errors:0 dropped:0 overruns:0          Interrupt:11 Base address:0x210

255.255.255.255 all-ones

route add -host all-ones dev eth0

route add 255.255.255.0 dev eth0

# Sample /etc/dhcpd.conf# (add your comments here) default-lease-time 600;max-lease-time 7200;option subnet-mask 255.255.255.0;option broadcast-address 192.168.1.255;option routers 192.168.1.254;option domain-name-servers 192.168.1.1, 192.168.1.2;option domain-name "mydomain.org";subnet 192.168.1.0 netmask 255.255.255.0 {   range 192.168.1.10 192.168.1.100;   range 192.168.1.150 192.168.1.200;}

option netbios-name-servers 192.168.1.1;

host haagen {   hardware ethernet 08:00:2b:4c:59:23;   fixed-address 192.168.1.222;}

touch /var/state/dhcp/dhcpd.leases

/usr/sbin/dhcpd

/usr/sbin/dhcpd eth1

/usr/sbin/dhcpd -d -f

/etc/rc.d/rc.local

Now you can maintain your network systems by using Linux DHCP Server and you must not worry about giving DHCP manually to each client computer.

Other related articles:

• PXE Server for Clonezilla/ESX 4 – Alright, this blog is as much about me as a DJ as it is about what’s going on in my life, so in following with the open-source I help you if you help me movement, I have a post that’s a how-to for getting a PXE server running with support for Clonezilla and ESX (vSphere) 4. (For those of you who read this on facebook, it gets auto-uploaded there after I post it on my main site at blog. Also keeping in mind that the steps presented could be modified for just about anything except a Windows boot but there’s plenty of resources for THAT out there as well (if you’re interested, look into WinPE it’s designed for Windows booting over PXE).
• LTSP Linux Thin Client School Project Update | | IT Infusion in … – I just got back from my son’s school where we’ve been rolling out LTSP thin clients into the classrooms. Eventually we’ll be converting almost all of the computers in both buildings (200+ PCs) into thin clients. There are no other words to describe it.
• Red Hat Magazine | Linux DHCP server: Static IPs are gone in 60 … – Linux DHCP is a low-cost alternative to proprietary network servers that depend on the user doing a series of GUI clicks. On the surface it may seem convenient to have a “wizard” setup your network for you. But it’s often better to tap …
• Linux DHCP Server | Adam Palmer, Linux, PHP Programmer, MySQL … – Linux DHCP Server.

This chapter will show you how to convert your Linux box into an FTP server using the VSFTP package. The RedHat software download site runs on VSFTP. By using Linux FTP Server users can easily share files in your network systems.

FTP Overview

File Transfer Protocol (FTP) is a common method of copying files between computer systems. Two TCP ports are used to do this:

FTP Control Channel – TCP Port 21

All commands you send and the ftp server’s responses to those commands will go over the control connection, but any data sent back (such as”ls” directory lists or actual file data in either direction)will go over the data connection.

FTP Data Channel – TCP Port 20

Used for all data sent between the client and server.

Active FTP

Active FTP works as follows:

o Your client connects to the FTP server by establishing an FTPcontrol connection to port 21 of the server. Your commands such as ‘ls’ and ‘get’ are sent over this connection.

o Whenever the client requests data over the control connection,the server initiates data transfer connections back to the client. The source port of these data transfer connections is always port 20 on the server,and the destination port is a high port on the client.

o Thus the ‘ls’ listing that you asked for comes back overthe “port 20 to high port connection”, not the port 21 control connection.

o FTP active mode data transfer therefore does this in a counter intuitive way to the TCP standard as it selects port 20 as it’s source port(not a random high port > 1024) and connects back to the client on a random high port that has been pre-negotiated on the port 21 control connection.

o Active FTP may fail in cases where the client is protected from the Internet via many to one NAT (masquerading). This is because the firewall will not know which of the many servers behind it should receive the return connection.

Passive FTP

Passive FTP works as follows:

o Your client connects to the FTP server by establishing a FTP control connection to port 21 of the server. Your commands such as ‘ls’ and ‘get’ are sent over that connection.

o Whenever the client requests data over the control connection,the client initiates the data transfer connections to the server. The source port of these data transfer connections is always a high port on the client with a destination port of a high port on the server.

o Passive FTP should be viewed as the server never making an active attempt to connect to the client for FTP data transfers.

o Passive FTP works better for clients protected by a firewall as the client always initiates the required connections.

Problems With FTP And Firewalls

FTP frequently fails when the data has to pass through a firewall as FTP uses a wide range of unpredictable TCP ports and firewalls are designed to limit data flows to predictable TCP ports. There are ways to overcome this as explained in the following sections.

Client Protected By A Firewall Problem

Typically firewalls don’t let any incoming connections at all,this will frequently cause active FTP not to function. This type of FTP failure has the following symptoms:

o The active ftp connection appears to work when the client initiates an outbound connection to the server on port 21. The connection appears to hang as soon as you do an “ls” or a “dir” or a”get”. This is because the firewall is blocking the return connection from the server to the client. (From port 20 on the server to a high port on the client)

Solutions

Here are the general firewall rules you’ll need to allow FTP clients through a firewall:

Client Protectedby Firewall – Required Rules for FTP

*Many home based firewall/routers automatically allow traffic for already established connections. This rule may not be necessary in all cases.

** in some cases, you may want to allow all Internet users to have access, not just a specific client server or network.

Server Protected By A Firewall Problem

o Typically firewalls don’t let any connections come in at all. FTP server failure due to firewalls in which the active ftp connection from the client doesn’t appear to work at all

Solutions

Here are the general firewall rules you’ll need to allow FTP severs through a firewall

Server Protectedby Firewall – Required Rules for FTP

*Many home based firewall/routers automatically allow trafficfor already established connections. This rule may not be necessary in all cases.

** in some cases, you may want to allow all Internet users to have access, not just a specific client server or network.

How ToDownload And Install The VSFTP Package

· As explained previously, RedHatsoftware is installed using RPM packages. In version 8.0 of the operatingsystem, the VSFTP RPM file is named:

vsftpd-1.1.0-1.i386.rpm

Downloading and installing RPMs isn’t hard. If you need are fresher, the RPM chapter covers how to do this in detail.

· Now download the file to a directory such as /tmp and install it using the “rpm” command:

[root@bigboy tmp]# rpm -Uvh vsftpd-1.1.0-1.i386.rpm
Preparing… ########################################### [100%]
1:vsftpd     ###########################################[100%]

[root@bigboy tmp]#

How To Get VSFTP Started

The starting and stopping of VSFTP is controlled by xinetd via the /etc/xinetd.d/vsftpd file. VSFTP is deactivated by default, so you’ll have to edit this file to start the program. Make sure the contents look like this. The disable feature must be set to “no” to accept connections.

service ftp
{

disable = no
socket_type = stream
wait = no
user = root
server = /usr/sbin/vsftpd
nice = 10

}

You will then have to restart xinetd for these changes to take effect using the startup script in the /etc/init.d directory.

[root@aqua tmp]#  /etc/init.d/xinetd restart

Stopping xinetd: [  OK  ]

Starting xinetd: [  OK  ]

[root@aqua tmp]#

Naturally, to disable VSFTP once again, you’ll have to edit /etc/xinetd.d/vsftpd,set “disable” to “yes” and restart xinetd.

Testing To See If VSFTP Is Running

You can always test whether the VSFTP process is running byusing the netstat –a command which lists all the TCP and UDP ports on which the server is listening for traffic. The example below shows the expected output, there would be no output at all if VSFTP wasn’t running.

[root@bigboy root]# netstat -a | grep ftp
tcp       0       0       *:ftp        *:*        LISTEN
[root@bigboy root]#

What Is Anonymous FTP?

Anonymous FTP is used by web sites that need to exchange fileswith numerous unknown remote users. Common uses include downloading software updates and MP3s to uploading diagnostic information for a technical support engineer’s attention. Unlike regular FTP where you login with a user-specific username, anonymous FTP only requires a username of “anonymous” and your email address for the password. Once logged in to a VSFTP server, you’ll automatically have access to only the default anonymous FTP directory /var/ftpand all its subdirectories.

As seen in the chapter on RPMs, using anonymous FTP as a remote user is fairly straight forward. VSFTP can be configured to support user based and or anonymous FTP in its configuration  file.

The /etc/vsftpd.conf File

VSFTP only reads the contents of its /etc/vsftpd.conf configurationfile when it starts, so you’ll have to restart xinetd each time you edit the file in order for the changes to take effect.

This file uses a number of default settings you need to know.By default, VSFTP runs as an anonymous FTP server. Unless you want any remote user to log into to your default FTP directory using a username of “anonymous”and a password that’s the same as their email address, I would suggest turning this off. The configuration file’s anonymous_enable instruction can becommented out by using a “#” to disable this feature. You’ll also want to simultaneously enable local users to be able to log in by uncommenting the local_enable instruction.

By default VSFTP only allows anonymous FTP downloads to remote users, not uploads from them. Also by default, VSFTP doesn’t allow remote usersto create directories on your FTP server and it logs FTP access to the /var/log/vsftpd.loglog file.

The configuration file is fairly straight forward as you cansee in the snippet below. Remove/add the “#” at the beginning of theline to “activate/deactivate” the feature on each line.

# Allow anonymous FTP?
anonymous_enable=YES
…

…

# Uncomment this to allow local users to log in.
local_enable=YES
…

…

# Uncomment this to enable any form of FTP write command.

# (Needed even if you want local users to be able to uploadfiles)
write_enable=YES
…

…

# Uncomment to allow the anonymous FTP user to upload files. Thisonly
# has an effect if global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
#anon_upload_enable=YES
…

…

# Uncomment this if you want the anonymous FTP user to be ableto create
# new directories.
#anon_mkdir_write_enable=YES
…

…

# Activate logging of uploads/downloads.
xferlog_enable=YES
…

…

# You may override where the log file goes if you like.

# The default is shown# below.
#xferlog_file=/var/log/vsftpd.log

FTP Security Issues

The /etc/vsftpd.ftpusersFile

For added security you may restrict FTP access to certain usersby adding them to the list of users in this file. Do not delete entries from the default list, it is best to add.

Anonymous Upload

If you want remote users to write data to your FTP server then it is recommended you create a write-only directory within /var/ftp/pub.This will allow your users to upload, but not access other files uploaded by other users. Here are the commands to do this:

[root@bigboy tmp]# mkdir /var/ftp/pub/upload
[root@bigboy tmp]# chmod 733 /var/ftp/pub/upload

FTP Greeting Banner

Change the default greeting banner in /etc/vsftpd.confto make it harder for malicious users to determine the type of system you have.

ftpd_banner= New Banner Here

Using SCP As SecureAlternative To FTP

One of the disadvantages of FTP is that it does not encryptyour username and password. This could make your user account vulnerable to an unauthorized attack from a person eavesdropping on the network connection.Secure Copy (SCP) provides encryption and could be considered as an alternative to FTP for trusted users. SCP however does not support anonymous services, a feature that FTP does.

Other related articles:

• Featured Living Room FIVE – It’s time to showcase another SnapStream Digital Living Room. This one was submitted to us by Jason C., Cisbmet1 on Flickr. He has a big screen TV with his entertainment components stacked neatly beside it in a glass case. …
• Ubuntu Linux FTP Server Setup Guide (ProFTPD) | JCortes Web – If you are a web designer, such as myself, you know the importance of having access to a web server through FTP. I just recently set up an FTP server on my.
• Linux Dedicated Server – Linux Dedicated Server For Uploading Sites Online Linux Mail Server, Linux Ftp Server, Linux Dns Server, Redhat Linux Ftp Server – Dns Server Configuration In Linux, Linux Dns Server Configuration- Li. read more …
• Setup and Secure a Linux FTP Server – 1 – LinuxIntro. com Linux Videos, Software, Linux Forums, Linux Installation, Linux Tutorials, Linux Lessons, howto, Wireless, Examples, Fedora, Ubuntu.
• Need help with logging into my Linux ftp server? – [12:35:34] SmartFTP v2.0.1002.2 [12:35:34] Resolving host name “**.***.***.***” [12:35:34] Connecting to **.***.***.*** Port: 22 [12:35:34] Connected to **.***.***.***. [12:35:34] SSH-1.99-OpenSSH_4.2 …
• How to setup a Linux ftp server with proftpd – How to setup a Linux ftp server with proftpd, installation and configuration.
• Your top ten linux commands – Your top ten linux commands, top 10 commands in your command history.