lab04 - Liam-DiFalco/Sys255-FA24 GitHub Wiki

Lab 04: DHCP 

Run a capture session against WKS01's Ethernet0 adapter.

As an administrative power user (-adm), release the current DHCP release and then renew it on WKS01.  Your objective: Capture the four DHCP messages between client and server.

You release your current DHCP release using the following command:

ipconfig /release

Stop the capture and create a Wireshark display filter that shows UDP traffic sourced or destined to port 67.  Browse each of the four messages to get a handle on source, destination addresses (layer 2 & layer 3) and ports and the sequence of messages used to provide WKS01 another leased IP address.

Additionally, representing real-world “documentation drift”, this lab originally documented CentOS 7, and you currently are running its replacement Rocky Linux 8.6. The bulk of the workflow and commands are similar, however there are some minor differences that you will navigate between the two OS’s. One of the earlier differences is Rocky’s package manager.

Objectives: Install and configure Linux DHCP service on dhcp01.yourname.local. Prerequisites: Lab 3 is complete, and the environment is in a happy state. SSH from AD01 -> DHCP01 Disable IE Enhanced Security Configuration 💡Use either PuTTY (which you download + install) or Powershell SSH from AD01 to access your Rocky Linux server from now on! This allows you to copy/paste from your Windows system (you can login into Canvas from here). You can open up multiple windows should you wish.

Note: Powershell SSH is somewhat newer, and you may experience occasional keyboard issues. If this is the case, move to PuTTY. In order to pull down PuTTY from the internet, you will want to disable IE Enhanced Security Configuration on Server Manager as shown below:

💡💡While it may seem otherwise, your Windows Server does indeed have a web browser. There are a number of ways to run the Program File iexplorer.exe.

Install PuTTY

Connect via PuTTY

Install DHCP Services We are going to use the yum update manager to install DHCP on this server with your elevated user.

Configuring DHCP Services Become the system user for a brief period of time using the sudo -i command, and then open the dhcp configuration file using the vi or nano text editor (nano may be easier, but at some point you will need to learn vim so we will use it).

Typing very carefully, enter the following into your new file below the comments (# denotes a comment). Change the domain-name to yourname.local.

When you think you are done, write changes to save and quit vi.

Starting DHCP Services

💣Whenever you change or create a service configuration file, you generally need to start or restart the service involved. This fact trips up many Linux administrators!

The systemd control program systemctl is how you start, stop and status services.

To start dhcp, type the following as root:

systemctl start dhcpd

Start dhcpd and check its status (Fun fact: the dhcpD means it’s a Daemon, which is Linux speak for Service). Note any errors and check the syntax of dhcpd.conf accordingly.

Enabling the service to start at boot.

💣Forgetting to enable a service to start on boot will cause the service to fail when the system is rebooted. Remember this if a service worked fine one day and does not after a reboot.

Configuring the Firewall to allow incoming DHCP requests The default configuration on Rocky is to enable the firewall and allow both ICMP and SSH requests in. The DHCP server will not work until we enable the firewall. We will be using firewalld and the firewall-cmd utility to make this happen. The “firewall-cmd --list-all” option shows the default firewall that allows dhcpv6-client (not to be confused with dhcp server) and ssh. We will add the dhcp service (as opposed to its ports).

The following syntax adds the ports associated with dhcp permanently. The --permanent flag is important. If you fail to add this, the next time you reboot, your changes will be lost. Make sure you reload the firewall to invoke the change. List all the rules and make sure your dhcp service has been added.

💣Don't forget the --permanent flag, nor forget to reload the firewall!

Type exit to leave your elevated state and exit again to exit PuTTY. Windows 10 DHCP Client As a privileged user, you will now re-configure networking on WKS01 to use dynamic addressing rather than static addresses.

Deliverable 1. Take a snapshot of the results of ipconfig /all. Note the DHCP server of 10.0.5.3 should be there, your IP address should be the first IP address in the scope you set earlier. Your domain name, netmask and gateway should also be set correctly.

Deliverable 2. Log back into dhcp01 and find the DHCP log associated with wks01's request for DHCP information. Take a snapshot similar to the one below. The IP address, the workstation name, the layer 2 address should all match between deliverables 1 and 2.

The following command below looks complex, but let's break it down: sudo = raises our privileges because /var/log/messages is owned by the root user. cat = writes the file /var/log/messages to the screen | = Called ‘pipe’, & sends the output of the previous command to the next command grep wks01-yourname = filters input for the string ‘wks01-yourname’.

Wireshark Run a capture session against WKS01's Ethernet0 adapter.

As an administrative power user (-adm), release the current DHCP release and then renew it on WKS01. Your objective: Capture the four DHCP messages between client and server.

You release your current DHCP release using the following command:

ipconfig /release

Stop the capture and create a Wireshark display filter that shows UDP traffic sourced or destined to port 67. Browse each of the four messages to get a handle on source, destination addresses (layer 2 & layer 3) and ports and the sequence of messages used to provide WKS01 another leased IP address.

Deliverable 3. Provide a screenshot similar to the one below that shows the 4 Key DHCP Messages.