Linux hosts have historically required manual configuration to be added to a network. The protocol enables a DHCP client to lease a variety of network and administrative parameters from a central server that is authorized to distribute them.
Lease parameters include;
- IP address and Subnet
- Gateways
- DNS name servers
- Syslog hosts
- TFTP servers
DHCP is a backward-compatible extension of BOOTP, a protocol that was originally devised to enable disk-less UNIX workstations to boot. A DHCP client begins its interaction with a DHCP server by broadcasting message. When the client's lease time half over, it will renew the lease.
To configure the DHCP Server, edit the /etc/dhcpd.conf. To setup the dhcpd.conf file, need the following informations,
Install & Configure DHCP
#apt-get install dhcpTo configure the DHCP Server, edit the /etc/dhcpd.conf. To setup the dhcpd.conf file, need the following informations,
- The subnets for which dhcpd should manage IP addresses, and the range of addresses.
- The initial and maximum lease durations, in seconds.
- Configuartions for BOOTP clients if have any.
- Any other informations the server should pass to DHCP clients: netmask, default route, DNS domain, name server etc.
#dhcpd.conf
#
#global options
option domain-name "debianfordesktop.blogspot.com"
option domain-name-servers gw.debianfordesktop.blogspot.com;
option subnet-mask 255.255.0.0;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.20 192.168.1.220;
option broadcast-address 192.168.1.255;
option routers gw.debianfordesktop.blogspot.com;
}
subnet 174.172.251.0 netmask 255.255.0.0 {
}
host fantasia {
hardware ethernet 00:50:fc:3a:15:f0;
fixed-address 192.168.1.151;
}
The DHCP client does not really require configuration. It store status files for each connection in the directory /var/lib/dhclient.
Linux has its own special way of tuning kernel and networking parameters. Linux puts a representation of each variable that can be tuned into the /proc virtual filesystem. The networking variables are in /proc/sys/net/ipv4
#cd /proc/sys/net/ipv4
#ls -l
conf
icmp_echo_ignore_all
icmp_echo_ignore_broadcasts
icmp_errors_use_inbound_ifaddr
icmp_ignore_bogus_error_responses
icmp_ratelimit
icmp_ratemask
igmp_max_memberships
igmp_max_msf
inet_peer_maxttl
inet_peer_minttl
inet_peer_threshold
ip_default_ttl
ip_dynaddr
ip_forward
ipfrag_high_thresh
ipfrag_low_thresh
ipfrag_max_dist
ipfrag_secret_interval
ipfrag_time
ip_local_port_range
ip_local_reserved_ports
ip_nonlocal_bind
ip_no_pmtu_disc
neigh
ping_group_range
route
rt_cache_rebuild_count
tcp_abc
tcp_abort_on_overflow
tcp_adv_win_scale
tcp_allowed_congestion_control
tcp_app_win
tcp_available_congestion_control
tcp_base_mss
tcp_challenge_ack_limit
tcp_congestion_control
tcp_cookie_size
tcp_dma_copybreak
tcp_dsack
tcp_ecn
tcp_fack
tcp_fin_timeout
tcp_frto
tcp_frto_response
tcp_keepalive_intvl
tcp_keepalive_probes
tcp_keepalive_time
tcp_low_latency
tcp_max_orphans
tcp_max_ssthresh
tcp_max_syn_backlog
tcp_max_tw_buckets
tcp_mem
tcp_moderate_rcvbuf
tcp_mtu_probing
tcp_no_metrics_save
tcp_orphan_retries
tcp_reordering
tcp_retrans_collapse
tcp_retries1
tcp_retries2
tcp_rfc1337
tcp_rmem
tcp_sack
tcp_slow_start_after_idle
tcp_stdurg
tcp_synack_retries
tcp_syncookies
tcp_syn_retries
tcp_thin_dupack
tcp_thin_linear_timeouts
tcp_timestamps tcp_tso_win_divisor
tcp_tw_recycle
tcp_tw_reuse
tcp_window_scaling
tcp_wmem
tcp_workaround_signed_windows
udp_mem
udp_rmem_min
udp_wmem_min
xfrm4_gc_thresh
The conf subdirectory contains variables that are set per interface. It contains subdirectories 'all' and 'default' and a subdirectory for each interface. Each subdirectory contains the same set of files. Any changes in the 'all' subdirectory, changes applies to all interfaces.
To see the value of a variable, use cat to set it, eg:
#cat icmp_echo_ignore_broadcasts
0
Shows that this variable's value is 0, meaning the broadcast ping s are not ignored, set it to 1 and deny broadcast pings. But it will set temporary only. If want to set permanently, add appropriate value to /etc/sysctl.conf. The format of the sysctl.conf file is variable=value
icmp_echo_ignore_broadcasts=1
Linux has its own special way of tuning kernel and networking parameters. Linux puts a representation of each variable that can be tuned into the /proc virtual filesystem. The networking variables are in /proc/sys/net/ipv4
#cd /proc/sys/net/ipv4
#ls -l
conf
icmp_echo_ignore_all
icmp_echo_ignore_broadcasts
icmp_errors_use_inbound_ifaddr
icmp_ignore_bogus_error_responses
icmp_ratelimit
icmp_ratemask
igmp_max_memberships
igmp_max_msf
inet_peer_maxttl
inet_peer_minttl
inet_peer_threshold
ip_default_ttl
ip_dynaddr
ip_forward
ipfrag_high_thresh
ipfrag_low_thresh
ipfrag_max_dist
ipfrag_secret_interval
ipfrag_time
ip_local_port_range
ip_local_reserved_ports
ip_nonlocal_bind
ip_no_pmtu_disc
neigh
ping_group_range
route
rt_cache_rebuild_count
tcp_abc
tcp_abort_on_overflow
tcp_adv_win_scale
tcp_allowed_congestion_control
tcp_app_win
tcp_available_congestion_control
tcp_base_mss
tcp_challenge_ack_limit
tcp_congestion_control
tcp_cookie_size
tcp_dma_copybreak
tcp_dsack
tcp_ecn
tcp_fack
tcp_fin_timeout
tcp_frto
tcp_frto_response
tcp_keepalive_intvl
tcp_keepalive_probes
tcp_keepalive_time
tcp_low_latency
tcp_max_orphans
tcp_max_ssthresh
tcp_max_syn_backlog
tcp_max_tw_buckets
tcp_mem
tcp_moderate_rcvbuf
tcp_mtu_probing
tcp_no_metrics_save
tcp_orphan_retries
tcp_reordering
tcp_retrans_collapse
tcp_retries1
tcp_retries2
tcp_rfc1337
tcp_rmem
tcp_sack
tcp_slow_start_after_idle
tcp_stdurg
tcp_synack_retries
tcp_syncookies
tcp_syn_retries
tcp_thin_dupack
tcp_thin_linear_timeouts
tcp_timestamps tcp_tso_win_divisor
tcp_tw_recycle
tcp_tw_reuse
tcp_window_scaling
tcp_wmem
tcp_workaround_signed_windows
udp_mem
udp_rmem_min
udp_wmem_min
xfrm4_gc_thresh
The conf subdirectory contains variables that are set per interface. It contains subdirectories 'all' and 'default' and a subdirectory for each interface. Each subdirectory contains the same set of files. Any changes in the 'all' subdirectory, changes applies to all interfaces.
To see the value of a variable, use cat to set it, eg:
#cat icmp_echo_ignore_broadcasts
0
Shows that this variable's value is 0, meaning the broadcast ping s are not ignored, set it to 1 and deny broadcast pings. But it will set temporary only. If want to set permanently, add appropriate value to /etc/sysctl.conf. The format of the sysctl.conf file is variable=value
icmp_echo_ignore_broadcasts=1
No comments:
Post a Comment