How To Set Up DHCP Server on AlmaLinux 10

In this tutorial, we will show you how to set up DHCP server on AlmaLinux 10. Setting up a DHCP (Dynamic Host Configuration Protocol) server on AlmaLinux 10 is essential for automating IP address management in modern network environments. This comprehensive guide will walk you through every step of the process, from initial system preparation to advanced configuration options and troubleshooting techniques.

AlmaLinux 10, as an enterprise-grade Linux distribution, provides excellent stability and performance for hosting DHCP services. Whether you’re managing a small office network or a large enterprise infrastructure, implementing a properly configured DHCP server eliminates manual IP address assignments and reduces network configuration errors significantly.

Understanding DHCP Fundamentals

DHCP operates as a client-server protocol that automatically assigns IP addresses, subnet masks, default gateways, and DNS server information to network devices. The protocol uses a four-step process known as DORA: Discover, Offer, Request, and Acknowledge.

When a client device connects to the network, it broadcasts a DHCP Discover message. The DHCP server responds with a DHCP Offer containing available IP configuration parameters. The client then sends a DHCP Request to accept the offered configuration, and finally, the server confirms the assignment with a DHCP Acknowledge message.

This automated approach offers significant advantages over static IP configuration. Network administrators can manage hundreds or thousands of devices efficiently without manual intervention. DHCP also prevents IP address conflicts and simplifies network troubleshooting by centralizing configuration management.

Common use cases include corporate networks, educational institutions, and residential environments where multiple devices require internet connectivity. DHCP servers can also support advanced features like PXE booting for diskless workstations and integration with directory services.

Prerequisites and System Requirements

Before proceeding with DHCP server installation, ensure your AlmaLinux 10 system meets the following requirements. The server should have at least 1GB of RAM and 20GB of available disk space for basic DHCP operations.

Root or sudo administrative privileges are mandatory for installing packages and modifying system configurations. Additionally, your network interface must be configured with a static IP address that falls outside the DHCP pool range you plan to assign to clients.

Basic understanding of IP addressing concepts, including subnetting and CIDR notation, is crucial for proper DHCP configuration. You should also be familiar with your network topology, including the location of routers, switches, and other network infrastructure components.

Hardware requirements are minimal for most DHCP deployments. A standard x86_64 processor with 2GB RAM can easily handle several thousand DHCP clients. However, larger networks may require additional memory and faster storage for lease database management.

Preparing the AlmaLinux 10 Environment

Start by updating your AlmaLinux 10 system to ensure all packages are current and security patches are applied. Execute the following command to update the system:

sudo dnf update -y

Next, configure your network interface with a static IP address. Edit the network configuration file located at /etc/sysconfig/network-scripts/ifcfg-[interface_name]. Replace [interface_name] with your actual interface name, which you can determine using the ip addr command.

Modify the configuration file to include these essential parameters:

BOOTPROTO=static
IPADDR=192.168.1.10
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DNS1=8.8.8.8
DNS2=8.8.4.4

Restart the network service to apply the changes:

sudo systemctl restart NetworkManager

Verify network connectivity by pinging external hosts and checking routing table entries. Ensure that your server can reach both local network segments and internet destinations before proceeding with DHCP installation.

Installing DHCP Server Package

AlmaLinux 10 includes the ISC DHCP server package in its default repositories. Install the DHCP server software using the DNF package manager:

sudo dnf install dhcp-server -y

The installation process will automatically resolve dependencies and configure the necessary system files. After installation completes, verify the package installation by checking the installed version:

rpm -q dhcp-server

You can also check for the presence of configuration files and directories:

ls -la /etc/dhcp/
ls -la /usr/share/doc/dhcp-server/

The installation creates several important directories and files, including the main configuration directory at /etc/dhcp/ and documentation files containing sample configurations.

DHCP Server Configuration Fundamentals

The primary DHCP server configuration file is located at /etc/dhcp/dhcpd.conf. This file may not exist initially, so you’ll need to create it or copy from the provided example template.

Copy the sample configuration file to begin customization:

sudo cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf

The DHCP configuration file uses a hierarchical structure with global parameters affecting all subnets and subnet-specific parameters applying only to designated network segments. Essential global parameters include domain name settings, DNS server specifications, and default lease times.

Open the configuration file in your preferred text editor:

sudo nano /etc/dhcp/dhcpd.conf

Configure the following essential parameters at the beginning of the file:

option domain-name "example.local";
option domain-name-servers 192.168.1.1, 8.8.8.8;
default-lease-time 600;
max-lease-time 7200;
authoritative;

The authoritative directive is crucial as it tells the DHCP server that it is the official DHCP server for the configured subnets. This prevents conflicts with other DHCP servers on the network.

Set appropriate file permissions and ownership:

sudo chown root:root /etc/dhcp/dhcpd.conf
sudo chmod 644 /etc/dhcp/dhcpd.conf

Detailed Configuration Examples

Here’s a comprehensive configuration example for a typical small office network:

# Global configuration parameters
option domain-name "company.local";
option domain-name-servers 192.168.1.1, 8.8.8.8, 8.8.4.4;
default-lease-time 3600;
max-lease-time 86400;
authoritative;

# Log facility configuration
log-facility local7;

# Subnet configuration for main office network
subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.100 192.168.1.200;
    option routers 192.168.1.1;
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.1.255;
    option domain-name-servers 192.168.1.1, 8.8.8.8;
}

# Subnet configuration for guest network
subnet 192.168.2.0 netmask 255.255.255.0 {
    range 192.168.2.50 192.168.2.100;
    option routers 192.168.2.1;
    option subnet-mask 255.255.255.0;
    option broadcast-address 192.168.2.255;
    option domain-name-servers 8.8.8.8, 8.8.4.4;
    default-lease-time 1800;
    max-lease-time 3600;
}

For networks requiring multiple DHCP options, you can specify additional parameters such as NTP servers, WINS servers, and custom vendor-specific options. The configuration supports over 200 different DHCP options for various network requirements.

Validate your configuration syntax before starting the service:

sudo dhcpd -t -cf /etc/dhcp/dhcpd.conf

This command checks the configuration file for syntax errors without actually starting the DHCP service.

Advanced DHCP Configuration Options

DHCP reservations allow you to assign specific IP addresses to devices based on their MAC addresses. This is particularly useful for servers, printers, and other network infrastructure devices that require consistent IP addresses.

Add host reservations within the appropriate subnet block:

host printer-office {
    hardware ethernet 00:11:22:33:44:55;
    fixed-address 192.168.1.50;
}

host server-main {
    hardware ethernet AA:BB:CC:DD:EE:FF;
    fixed-address 192.168.1.10;
}

For networks with multiple DHCP servers, you can configure failover relationships to provide redundancy. This advanced feature ensures continued DHCP service availability even if one server fails.

PXE boot support enables network-based operating system installations. Configure PXE options by adding these parameters to your subnet configuration:

next-server 192.168.1.10;
filename "pxelinux.0";

Custom DHCP options can be defined for specific vendor requirements or proprietary network equipment. Define custom options at the global level and reference them within subnet configurations.

Starting and Managing DHCP Services

Start the DHCP service using systemctl:

sudo systemctl start dhcpd

Enable automatic startup on system boot:

sudo systemctl enable dhcpd

Verify that the service is running correctly:

sudo systemctl status dhcpd

The output should show the service as “active (running)” with recent log entries indicating successful startup. If the service fails to start, check the system logs for detailed error messages:

sudo journalctl -u dhcpd -f

You can also monitor DHCP lease assignments in real-time by watching the lease file:

sudo tail -f /var/lib/dhcpd/dhcpd.leases

Service management commands include restart, reload, and stop operations:

sudo systemctl restart dhcpd
sudo systemctl reload dhcpd
sudo systemctl stop dhcpd

Firewall Configuration for DHCP

AlmaLinux 10 includes firewalld as the default firewall management tool. DHCP servers require UDP port 67 for incoming client requests and UDP port 68 for outgoing server responses.

Configure firewall rules to allow DHCP traffic:

sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --reload

Verify the firewall configuration:

sudo firewall-cmd --list-services
sudo firewall-cmd --list-ports

For custom port configurations or specific network zones, you can add individual port rules:

sudo firewall-cmd --add-port=67/udp --permanent
sudo firewall-cmd --add-port=68/udp --permanent

Test firewall connectivity from client machines to ensure DHCP requests can reach the server. Security considerations include limiting DHCP service access to specific network segments and implementing proper access controls.

Alternative: Using Dnsmasq as DHCP Server

Dnsmasq provides a lightweight alternative to the traditional ISC DHCP server, combining DNS caching and DHCP services in a single application. This solution is particularly suitable for small to medium-sized networks.

Install dnsmasq on AlmaLinux 10:

sudo dnf install dnsmasq -y

Configure dnsmasq by editing /etc/dnsmasq.conf:

# Enable DHCP
dhcp-range=192.168.1.100,192.168.1.200,12h

# Set default gateway
dhcp-option=3,192.168.1.1

# Set DNS servers
dhcp-option=6,8.8.8.8,8.8.4.4

# Domain name
domain=example.local

Start and enable the dnsmasq service:

sudo systemctl start dnsmasq
sudo systemctl enable dnsmasq

Dnsmasq offers several advantages including simplified configuration, integrated DNS services, and lower resource consumption. However, it may lack some advanced features available in the ISC DHCP server for enterprise environments.

Testing and Validation

Test DHCP functionality by connecting client devices to the network and configuring them to obtain IP addresses automatically. Monitor the server logs to verify that DHCP requests are being processed correctly.

Use command-line tools to test DHCP server responses:

sudo dhclient -v eth0

On the server side, monitor lease assignments:

sudo cat /var/lib/dhcpd/dhcpd.leases

Verify that clients receive the correct IP addresses, subnet masks, gateway addresses, and DNS server information. Test DNS resolution and internet connectivity from client devices to ensure complete network functionality.

Advanced testing includes verifying DHCP option delivery, testing lease renewal processes, and validating failover scenarios if configured.

Security Best Practices

Implement security measures to protect your DHCP infrastructure from potential attacks. DHCP spoofing attacks can redirect client traffic through malicious servers, compromising network security.

Configure DHCP snooping on managed switches to prevent unauthorized DHCP servers from operating on your network. This feature maintains a database of legitimate DHCP servers and blocks responses from unauthorized sources.

Implement MAC address filtering for sensitive network segments:

class "trusted-devices" {
    match if substring(hardware, 1, 3) = 00:11:22;
}

subnet 192.168.1.0 netmask 255.255.255.0 {
    pool {
        allow members of "trusted-devices";
        range 192.168.1.100 192.168.1.150;
    }
}

Regular security updates and monitoring are essential for maintaining DHCP server security. Implement logging and alerting mechanisms to detect unusual DHCP activity.

Troubleshooting Common Issues

Common DHCP server problems include configuration syntax errors, network connectivity issues, and lease exhaustion. When the DHCP service fails to start, check the configuration file syntax first:

sudo dhcpd -t -cf /etc/dhcp/dhcpd.conf

Network connectivity issues often stem from incorrect interface configurations or firewall restrictions. Verify that the DHCP server can communicate with client networks and that routing is configured correctly.

Lease exhaustion occurs when all available IP addresses in the DHCP pool are assigned. Monitor lease utilization and adjust pool sizes accordingly:

sudo dhcp-lease-list

Client authentication failures may result from MAC address restrictions or network access controls. Review client logs and server configurations to identify authentication issues.

Service dependency conflicts can prevent DHCP from starting properly. Check system logs for detailed error messages and resolve any conflicting services.

Performance Optimization and Monitoring

Monitor DHCP server performance using system monitoring tools and DHCP-specific metrics. Key performance indicators include lease response times, client request rates, and resource utilization.

Configure appropriate lease times based on your network characteristics. Shorter lease times provide more dynamic IP address allocation but increase server load. Longer lease times reduce server overhead but may lead to IP address waste.

Implement database maintenance procedures to prevent the lease database from growing excessively:

sudo systemctl stop dhcpd
sudo rm /var/lib/dhcpd/dhcpd.leases~
sudo systemctl start dhcpd

Log rotation helps manage disk space usage and maintains system performance. Configure logrotate for DHCP log files to prevent excessive disk consumption.

Maintenance and Best Practices

Establish regular backup procedures for DHCP configurations and lease databases. Store backups in secure locations and test restoration procedures periodically.

Implement change management processes for DHCP configuration modifications. Document all changes and maintain configuration version control to facilitate troubleshooting and rollback procedures.

Monitor DHCP server logs regularly for unusual activity or error conditions. Set up automated alerting for critical issues such as lease exhaustion or service failures.

Conduct periodic security audits of DHCP configurations and access controls. Review client access patterns and adjust security policies as needed.

Plan for capacity growth by monitoring lease utilization trends and expanding IP address pools before reaching capacity limits.

Congratulations! You have successfully set up the DHCP server. Thanks for using this tutorial to configure the DHCP server on your AlmaLinux OS 10 system. For additional help or useful information, we recommend you check the official AlmaLinux website.