RHEL BasedRocky Linux

How To Configure DHCP Server on Rocky Linux 10

r00t

Configure DHCP Server on Rocky Linux 10

In this tutorial, we will show you how to configure DHCP server on Rocky Linux 10. Network administrators seeking reliable, enterprise-grade DHCP solutions often turn to Rocky Linux for its stability and security features. Configuring a dedicated DHCP server on Rocky Linux 10 provides superior control over network configurations compared to router-based solutions, offering enhanced security, better performance, and comprehensive management capabilities.

This comprehensive guide walks you through every step of setting up and configuring a DHCP server on Rocky Linux 10, from initial installation to advanced configuration options and troubleshooting techniques.

Understanding DHCP and Its Role in Network Management

What is DHCP?

Dynamic Host Configuration Protocol (DHCP) serves as the backbone of modern network infrastructure, automatically assigning IP addresses, subnet masks, default gateways, and DNS server information to network clients. This automation eliminates manual configuration requirements and reduces network administration overhead significantly.

DHCP operates through a four-step process: Discover, Offer, Request, and Acknowledge (DORA). When a device connects to the network, it broadcasts a discovery request. The DHCP server responds with an IP address offer, which the client requests, and the server acknowledges with a lease confirmation.

Why Choose Rocky Linux for DHCP Services?

Rocky Linux provides several advantages over router-based DHCP implementations. Enterprise-grade security updates ensure your DHCP server remains protected against emerging threats. The robust hardware resources available on dedicated servers minimize performance bottlenecks common in router firmware.

Cost-effectiveness represents another significant benefit. Open-source licensing eliminates expensive proprietary software costs while providing access to extensive community support and documentation. Long-term stability and predictable release cycles make Rocky Linux ideal for enterprise deployments requiring consistent uptime.

Prerequisites and System Requirements

Hardware Requirements

A DHCP server requires minimal hardware resources for most network environments. A dual-core processor with 2GB RAM sufficiently handles networks with hundreds of clients. Storage requirements remain modest, with 20GB of available disk space providing ample room for the operating system, DHCP software, and lease databases.

Multiple network interface considerations become important in complex topologies. Servers managing multiple VLANs or network segments benefit from dedicated NICs for each network segment, ensuring optimal performance and security isolation.

Software Prerequisites

Rocky Linux 10 installation serves as the foundation for your DHCP server deployment. Ensure your system includes the latest security updates before proceeding with DHCP configuration. Root privileges or sudo access remains essential for installing packages and modifying system configurations.

Verify network connectivity between your server and target network segments. Test basic connectivity using ping commands to ensure proper network interface functionality before beginning DHCP configuration.

Network Planning Considerations

Successful DHCP deployment requires careful network planning. Identify your subnet ranges, available IP address pools, and existing network infrastructure. Document default gateway addresses and DNS server configurations for each network segment.

Avoid IP address conflicts by surveying existing DHCP servers on your network. Multiple DHCP servers operating on the same subnet can cause client connectivity issues and network instability.

Pre-Configuration Network Assessment

Identifying Network Interfaces

Modern Rocky Linux systems use predictable network interface naming conventions rather than traditional eth0 designations. Use the ip address command to identify available network interfaces:

ip address show

Common interface names include enp0s3, ens160, or similar patterns based on hardware configuration. The loopback interface (lo) appears with address 127.0.0.1, while your LAN-facing interface displays your server’s current IP configuration.

Document interface names and current IP assignments for reference during configuration. Multiple interfaces require careful consideration to ensure DHCP services bind to appropriate network segments.

Network Topology Analysis

Determine your network’s subnet configuration using the ip route command to identify default gateways and routing information:

ip route show

This command reveals subnet boundaries, default gateway addresses, and routing table entries essential for DHCP configuration. Document subnet masks, network addresses, and gateway information for each network segment requiring DHCP services.

DNS server identification ensures clients receive proper name resolution services. Test DNS functionality using nslookup or dig commands to verify server responsiveness before incorporating them into DHCP configurations.

Installing DHCP Server Package

Package Installation Process

Rocky Linux utilizes the DNF package manager for software installation and management. Install the DHCP server package using the following command:

sudo dnf install dhcp-server -y

The installation process automatically resolves dependencies and configures necessary system files. Package installation creates the primary configuration directory structure and sample files for reference during setup.

Verify successful installation by checking the package status:

rpm -qa | grep dhcp-server

This command confirms the DHCP server package installation and displays version information for your records.

Post-Installation File Structure

DHCP server installation creates several important files and directories. The primary configuration file resides at /etc/dhcp/dhcpd.conf, initially containing only comments and basic structure. Sample configuration files appear in /usr/share/doc/dhcp-server/ directory, providing examples for various network scenarios.

The lease database file /var/lib/dhcpd/dhcpd.leases stores active client lease information. This file grows over time as clients request and renew IP address assignments, requiring periodic maintenance in high-volume environments.

System service files enable automatic startup and management through systemctl commands. The dhcpd service integrates with Rocky Linux’s systemd initialization system for reliable service management.

DHCP Server Configuration

Basic Configuration File Setup

Open the DHCP configuration file using your preferred text editor:

sudo nano /etc/dhcp/dhcpd.conf

The configuration file requires several essential parameters for basic operation. Default and maximum lease times control how long clients retain IP address assignments. Shorter lease times provide more dynamic address allocation but increase server overhead.

The authoritative directive instructs the DHCP server to assume control over the specified network segments. This prevents conflicts with misconfigured DHCP clients and ensures proper network operation.

Subnet Configuration

Configure subnet declarations to define network segments and available IP address ranges. Each subnet requires specific parameters including network address, subnet mask, and address pool ranges:

default-lease-time 86400;
max-lease-time 172800;
authoritative;

subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.10 192.168.1.100;
    option routers 192.168.1.1;
    option subnet-mask 255.255.255.0;
    option domain-name-servers 8.8.8.8, 8.8.4.4;
}

Customize network addresses, ranges, and options according to your specific requirements. The range directive specifies available IP addresses for dynamic assignment, while option statements configure client network parameters.

Router options define default gateway addresses for client traffic routing. DNS server options provide name resolution services, supporting multiple servers for redundancy and performance.

Sample Configuration Example

A complete working configuration demonstrates proper syntax and structure for common network environments:

default-lease-time 3600;
max-lease-time 86400;
authoritative;

subnet 192.168.10.0 netmask 255.255.255.0 {
    range 192.168.10.100 192.168.10.200;
    option routers 192.168.10.1;
    option subnet-mask 255.255.255.0;
    option domain-name-servers 192.168.10.1, 8.8.8.8;
    option domain-name "internal.local";
}

This configuration provides 24-hour default leases with 48-hour maximum duration, serving addresses from 192.168.10.100 to 192.168.10.200 on the 192.168.10.0/24 network segment.

Advanced DHCP Configuration Options

Lease Time Management

Default lease times balance network flexibility with administrative overhead. Shorter lease times (1-4 hours) suit dynamic environments with frequent client changes, while longer leases (24-48 hours) work well in stable office environments.

Maximum lease times prevent indefinite address assignments that could exhaust available IP pools. Consider network size and client behavior when determining appropriate lease durations for your environment.

Static IP Reservations

Reserve specific IP addresses for servers, printers, and critical network devices using MAC address-based assignments:

host fileserver {
    hardware ethernet 00:1a:2b:3c:4d:5e;
    fixed-address 192.168.10.50;
}

host networkprinter {
    hardware ethernet aa:bb:cc:dd:ee:ff;
    fixed-address 192.168.10.51;
}

Static reservations ensure consistent IP assignments for devices requiring predictable network addresses. Document MAC addresses and assigned IPs for network inventory management.

Multiple Subnet Support

Configure multiple network segments within a single DHCP server for complex network topologies:

subnet 192.168.10.0 netmask 255.255.255.0 {
    range 192.168.10.100 192.168.10.200;
    option routers 192.168.10.1;
    option domain-name-servers 192.168.10.1;
}

subnet 192.168.20.0 netmask 255.255.255.0 {
    range 192.168.20.50 192.168.20.150;
    option routers 192.168.20.1;
    option domain-name-servers 192.168.20.1;
}

Multiple subnet configurations support VLAN environments and geographically distributed networks. Each subnet operates independently with customized parameters for specific network requirements.

Additional DHCP Options

Configure supplementary network services through additional DHCP options:

option ntp-servers 192.168.1.10, pool.ntp.org;
option domain-search "company.local", "branch.company.local";
option bootfile-name "pxelinux.0";
option next-server 192.168.1.20;

NTP server options synchronize client system clocks for accurate logging and authentication. Domain search options simplify hostname resolution within organizational networks. Boot options support PXE network installations and diskless workstations.

Firewall Configuration

Understanding Firewalld in Rocky Linux

Rocky Linux employs firewalld as the default firewall management system. Firewalld operates using zones that define trust levels for different network interfaces and traffic types. Understanding zone concepts ensures proper DHCP service accessibility.

DHCP servers require UDP port 67 for incoming client requests and UDP port 68 for outgoing responses. Firewall rules must accommodate this bidirectional communication for proper DHCP operation.

Configuring Firewall Rules

Add DHCP service rules to the firewall configuration using firewalld commands:

sudo firewall-cmd --add-service=dhcp --permanent

Alternative port-specific configuration provides equivalent functionality:

sudo firewall-cmd --add-port=67/udp --permanent

Reload firewall configuration to activate new rules:

sudo firewall-cmd --reload

Verify rule application using the list command:

sudo firewall-cmd --list-services
sudo firewall-cmd --list-ports

These commands confirm DHCP service or port rules appear in the active firewall configuration.

Service Management and Startup

Starting DHCP Service

Rocky Linux uses systemd for service management, providing consistent startup and monitoring capabilities. Enable and start the DHCP service with a single command:

sudo systemctl enable --now dhcpd

This command enables automatic startup at boot time and immediately starts the DHCP service. Verify service status using:

sudo systemctl status dhcpd

Active service status indicates successful startup with green “active (running)” status display.

Service Troubleshooting

Monitor DHCP service logs for configuration errors and operational issues:

sudo journalctl -u dhcpd -f

Common startup errors include configuration syntax mistakes, network interface binding failures, and permission problems. Address configuration errors by validating dhcpd.conf syntax and correcting identified issues.

Test configuration file syntax before service restart:

sudo dhcpd -t -cf /etc/dhcp/dhcpd.conf

This command validates configuration syntax without starting the service, identifying potential problems before deployment.

Testing and Validation

Client-Side Testing

Connect test devices to verify DHCP functionality and address assignment accuracy. Windows clients display IP configuration using ipconfig /all, while Linux clients use ip address show commands.

Successful DHCP assignment displays assigned IP addresses within configured ranges, correct subnet masks, appropriate default gateways, and specified DNS servers. Test connectivity to gateway addresses and external hosts to verify complete network configuration.

Release and renew IP addresses to test lease management:

# Windows
ipconfig /release
ipconfig /renew

# Linux
sudo dhclient -r
sudo dhclient

Server-Side Monitoring

Monitor DHCP lease assignments through the lease database file:

sudo tail -f /var/lib/dhcpd/dhcpd.leases

Active leases display client MAC addresses, assigned IP addresses, lease start and end times, and client identification information. This data helps track network utilization and identify potential issues.

Analyze system logs for DHCP server messages:

sudo grep dhcpd /var/log/messages

Log entries reveal client requests, lease assignments, renewals, and error conditions requiring administrative attention.

Network Connectivity Verification

Test network connectivity from DHCP clients to verify complete configuration accuracy. Ping default gateway addresses to confirm routing functionality:

ping 192.168.1.1

Test DNS resolution using nslookup or dig commands:

nslookup google.com
dig @8.8.8.8 example.com

Successful resolution confirms DNS server configuration accuracy and client network functionality.

Troubleshooting Common Issues

Configuration File Errors

Syntax errors in dhcpd.conf prevent service startup and generate descriptive error messages. Common mistakes include missing semicolons, incorrect IP address formats, and invalid option specifications.

Use the configuration test command to identify syntax problems:

sudo dhcpd -t -cf /etc/dhcp/dhcpd.conf

Error messages specify line numbers and problem descriptions for efficient troubleshooting. Validate IP addresses, subnet masks, and range specifications for accuracy.

Network Conflicts

Multiple DHCP servers on the same network segment cause client confusion and connectivity issues. Identify conflicting servers using network scanning tools or DHCP client logs showing multiple offers.

Resolve conflicts by disabling redundant DHCP services or implementing DHCP relay agents for centralized management. Configure IP address ranges to avoid overlaps between different DHCP servers.

Service and Connectivity Issues

Firewall blocking prevents client communication with DHCP servers despite proper configuration. Verify firewall rules using firewall-cmd --list-all and confirm DHCP service or port accessibility.

Interface binding problems occur when DHCP servers cannot access specified network interfaces. Check interface status using ip link show and verify interface names in network configurations.

Network interface failures disable DHCP services until connectivity restoration. Monitor interface status and implement redundant network connections for critical DHCP servers.

Performance and Scalability

High client loads may exhaust available IP address pools or overwhelm server resources. Monitor lease utilization through database analysis and expand address ranges as needed.

Implement multiple DHCP servers with split address ranges for load distribution in large networks. Configure failover relationships between DHCP servers for high availability requirements.

Security Best Practices

Network Security Considerations

DHCP snooping features on managed switches prevent unauthorized DHCP servers from disrupting network operations. Configure trusted DHCP server ports and enable DHCP snooping on access ports to block rogue servers.

MAC address filtering restricts DHCP services to approved devices, though this provides limited security in environments where MAC addresses are easily changed. Consider MAC filtering for additional security layers in controlled environments.

System Security

Maintain current security updates for Rocky Linux and DHCP server software to protect against known vulnerabilities. Subscribe to security announcements and apply patches promptly.

Implement log monitoring and analysis to detect unusual DHCP activity patterns. Automated alerting systems notify administrators of potential security incidents requiring investigation.

Regular backup procedures protect DHCP configurations and lease databases from data loss. Store backups securely and test restoration procedures to ensure recovery capabilities.

Maintenance and Monitoring

Regular Maintenance Tasks

DHCP lease databases grow continuously and require periodic cleanup to maintain optimal performance. Archive old lease data and purge expired entries to prevent excessive disk usage.

Log rotation prevents log files from consuming excessive disk space. Configure logrotate to manage DHCP server logs automatically with appropriate retention periods.

Configuration backup procedures protect against accidental changes and system failures. Maintain current backups of dhcpd.conf and related configuration files in secure locations.

Performance Monitoring

Monitor server resource utilization including CPU usage, memory consumption, and network traffic patterns. Establish baselines for normal operation and alert thresholds for abnormal conditions.

Track client connection patterns and lease utilization rates to identify capacity planning requirements. Document peak usage periods and plan infrastructure upgrades accordingly.

Network performance monitoring ensures DHCP response times remain within acceptable limits. Implement monitoring systems to alert administrators when response times exceed normal parameters.

Congratulations! You have successfully set up the DHCP server. Thanks for using this tutorial to configure the DHCP server on your Rocky Linux 10 system. For additional help or useful information, we recommend you check the official Rocky Linux website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button