ISC-DHCP server with FreeBSD

Install

We are looking for from the package

root@fbsdsrv01:~ # pkg search dhcp
...
...
...
isc-dhcp44-client-4.4.2P1      The ISC Dynamic Host Configuration Protocol client
isc-dhcp44-relay-4.4.2P1       The ISC Dynamic Host Configuration Protocol relay
isc-dhcp44-server-4.4.2P1_1    ISC Dynamic Host Configuration Protocol server
...
...
...
root@fbsdsrv01:~ #

We install it

root@fbsdsrv01:~ # pkg install isc-dhcp44-server-4.4.2P1_1
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
 isc-dhcp44-server: 4.4.2P1_1

Number of packages to be installed: 1

The process will require 6 MiB more space.
1 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/1] Fetching isc-dhcp44-server-4.4.2P1_1.pkg: 100%    1 MiB   1.3MB/s    00:01    
Checking integrity... done (0 conflicting)
[1/1] Installing isc-dhcp44-server-4.4.2P1_1...
===> Creating groups.
Creating group 'dhcpd' with gid '136'.
===> Creating users
Creating user 'dhcpd' with uid '136'.
[1/1] Extracting isc-dhcp44-server-4.4.2P1_1: 100%
=====
Message from isc-dhcp44-server-4.4.2P1_1:

--
****  To setup dhcpd, please edit /usr/local/etc/dhcpd.conf.

****  This port installs the dhcp daemon, but doesn't invoke dhcpd by default.
      If you want to invoke dhcpd at startup, add these lines to /etc/rc.conf:

   dhcpd_enable="YES"    # dhcpd enabled?
   dhcpd_flags="-q"    # command option(s)
   dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file
   dhcpd_ifaces=""    # ethernet interface(s)
   dhcpd_withumask="022"   # file creation mask

****  If compiled with paranoia support (the default), the following rc.conf
      options are also supported:

   dhcpd_chuser_enable="YES"  # runs w/o privileges?
   dhcpd_withuser="dhcpd"  # user name to run as
   dhcpd_withgroup="dhcpd"  # group name to run as
   dhcpd_chroot_enable="YES"  # runs chrooted?
   dhcpd_devfs_enable="YES"  # use devfs if available?
   dhcpd_rootdir="/var/db/dhcpd" # directory to run in
   dhcpd_includedir="<some_dir>" # directory with config-
      files to include

****  WARNING: never edit the chrooted or jailed dhcpd.conf file but
      /usr/local/etc/dhcpd.conf instead which is always copied where
      needed upon startup.
root@fbsdsrv01:~ #

Configuration

We look for the service and its variable in rc.d to enable it at system startup.

root@fbsdsrv01:~ # service -r | grep dhcp
/usr/local/etc/rc.d/isc-dhcpd
/usr/local/etc/rc.d/isc-dhcpd6
root@fbsdsrv01:~ # /usr/local/etc/rc.d/isc-dhcpd rcvar
# dhcpd
#
dhcpd_enable="NO"
#   (default: "")

root@fbsdsrv01:~ #

Lo habilitamos

root@fbsdsrv01:~ # sysrc dhcpd_enable="YES"
dhcpd_enable:  -> YES
root@fbsdsrv01:~ #

We create a copy of the base configuration, even though we have an example in /usr/local/etc/dhcpd/dhcpd.conf.sample

root@fbsdsrv01:~ # cp /usr/local/etc/dhcpd.conf /usr/local/etc/dhcpd.conf.0
root@fbsdsrv01:~ #

And we create a configuration file according to the needs of our network

authoritative;

default-lease-time 3600;
max-lease-time 86400;

ddns-updates on;
ddns-domainname "example.org.";
ddns-rev-domainname "1.168.192.in-addr.arpa.";
ddns-update-style interim;

log-facility local7;

server-name "fbsdsrv01.example.org";
server-identifier fbsdsrv01.example.org;

allow client-updates;
allow unknown-clients;
do-forward-updates true;

include "/usr/local/etc/namedb/rndc.key";

# example.net
subnet 192.168.1.0 netmask 255.255.255.0 {
        range 192.168.1.200 192.168.1.249;
        option domain-name-servers 192.168.1.4;
        option subnet-mask 255.255.255.0;
        option routers 192.168.1.1;
        option broadcast-address 192.168.1.255;
        option ntp-servers 192.168.1.1;
        option domain-name "example.org.";
        default-lease-time 3600;
        max-lease-time 86400;
        next-server 192.168.1.4;
        option root-path "192.168.1.4:/tftpboot";
        filename "/gpxelinux.0";
        }

# Hosts Forward
zone example.net. {
        primary 127.0.0.1;
        key rndc-key;
        }

# Hosts Reverse
zone 1.168.192.in-addr.arpa. {
        primary 127.0.0.1;
        key rndc-key;
        }

Inicio del servicio

We call the rc.d script to start the service

root@fbsdsrv01:~ # service isc-dhcpd start
Starting dhcpd.
Internet Systems Consortium DHCP Server 4.4.2-P1
Copyright 2004-2021 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /usr/local/etc/dhcpd.conf
Database file: /var/db/dhcpd/dhcpd.leases
PID file: /var/run/dhcpd/dhcpd.pid
Wrote 0 leases to leases file.
Listening on BPF/genet0/dc:a6:32:5e:ec:72/192.168.0.0/16
Sending on   BPF/genet0/dc:a6:32:5e:ec:72/192.168.0.0/16
Sending on   Socket/fallback/fallback-net
root@fbsdsrv01:~ #