Tech Journal 04 ‐ DHCP - Liam-DiFalco/Sys255-FA24 GitHub Wiki

Introduction

In this lab, we explore DHCP, a service that automatically assigns IP addresses and other network configurations to devices on a domain.

Steps

Install DHCP Services
    Update the system and install DHCP using the yum package manager:

    sudo yum update -y
    sudo yum install dhcp-server -y

Configure DHCP Services
    Switch to the system user:

    sudo -i

    Open the DHCP configuration file using vi:

    vi /etc/dhcp/dhcpd.conf

    Carefully enter the following, replacing yourname.local with your actual domain name:

    # DHCP Server Configuration file.
    # See /usr/share/doc/dhcp*/dhcpd.conf.example
    # for a sample configuration file.

    subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.10 192.168.1.100;
        option routers 192.168.1.1;
        option subnet-mask 255.255.255.0;
        option domain-name-servers 192.168.1.1, 192.168.1.2;
        option broadcast-address 192.168.1.255;
    }

    Save and exit vi by pressing Esc, typing :wq, and Enter.

Start DHCP Services Use systemctl to start the DHCP service:

    systemctl start dhcpd

    Check the status of the service to ensure it is running correctly:

    systemctl status dhcpd

    If there are any errors, check the syntax of your dhcpd.conf file and correct them as needed.

Enable DHCP Service at Boot
    Ensure the DHCP service starts automatically at boot:

    systemctl enable dhcpd

Configure the Firewall Use firewall-cmd to configure the firewall: firewall-cmd --add-service=dhcp --permanent firewall-cmd --reload firewall-cmd --list-all

Wireshark Analysis

To understand DHCP better, I captured DHCP packets using Wireshark. Here are three key items related to DHCP and their packet analysis:

DHCP Discover
    Description: The initial packet sent by a client to find available DHCP servers.
    Wireshark Filter: bootp.type == 1
    Analysis: This packet includes the client’s MAC address and a transaction ID to identify the session. It is the first step in the DHCP handshake, where the client broadcasts a request for an IP address.

DHCP Offer
    Description: The response from a DHCP server offering an IP address to the client.
    Wireshark Filter: bootp.type == 2
    Analysis: Contains the offered IP address, subnet mask, and lease duration. This packet is sent by the server in response to the DHCP Discover, indicating that the server has an IP address available for the client.

DHCP Request
    Description: The client’s request to accept the offered IP address.
    Wireshark Filter: bootp.type == 3
    Analysis: Reiterates the client’s MAC address and the requested IP address. This packet is sent by the client to the server, indicating that the client has accepted the IP address offered by the server.

DHCP Acknowledgment (ACK)
    Description: The server’s confirmation of the IP address assignment.
    Wireshark Filter: bootp.type == 5
    Analysis: Confirms the lease details and finalizes the IP address assignment. This packet is sent by the server to the client, confirming that the IP address has been successfully assigned and the client can now use it.

Conclusion

This lab was a guide on how to setup a DHCP server on a network using a GUI-less linux box.