لطفا منتظر باشید ...
Assigning Fixed
Addresses
Client computers can often operate quite well
with dynamic IP addresses. Internet protocols work by having the client
initiate a connection with the server. The client must therefore be able to
locate the server's IP address. The client can pass its own address to the
server when making the connection. Thus, it doesn't matter if the client's IP
address changes periodically, and especially not if the address changes when
the client reboots. (A change in IP address mid-session would cause problems
because it would break existing connections.) There are cases when you might want to
configure DHCP clients with a fixed IP address, though. The main reason for
doing this is if the DHCP client is actually a server for another protocol. You
might also want to do this to aid in network diagnosticsfor instance, to be
able to use ping to test basic connectivity with a computer by a fixed hostname
rather than via an IP address. (The section "
hostname, though.) Fortunately, dhcpd
provides the means to deliver fixed IP addresses to specific computers,
although doing so requires additional work compared to a dynamic IP address
configuration. The most common way of doing this is by locating the target
computer's MAC address and configuring dhcpd
with a fixed association between this address and an IP address of your choice.
Locating
Client MAC Addresses
The MAC address lies at the heart of networking via several types
of network hardware. In the case of Ethernet, the MAC address is a six-byte
number, which is generally expressed in hexadecimal (base 16), using colons or
some other punctuation between bytes, as in 00:80:C8:FA:3B:0A. Every packet
that an Ethernet device sends onto the Ethernet cable is identified by its MAC
address, so dhcpd can use this
fact to identify the network card, and hence the computer to which it's
attached. (Most OSs provide the means to override the MAC address, though, so
it's not a truly reliable and secure way to identify a specific piece of
hardware. This method is good enough for most purposes, however.) Other types
of network hardware also support MAC addresses that are similar in principle to
the Ethernet MAC address.NOTE
align=left border=0> The first three bytes of the Ethernet MAC address identify
the manufacturer of the network card, and the manufacturer assigns the
remaining three bytes itself. You can look up manufacturers for specific MAC
addresses at sites such as target="_blank">http://www.coffer.com/mac_find/
or target="_blank">http://www.cavebear.com/CaveBear/Ethernet/vendorl .
This information isn't required to configure DHCP, but you might find it
helpful in locating particular computers based on their DHCP client
broadcasts. Note that the manufacturer is the manufacturer of the Ethernet card, which may not be the same as the
computer's manufacturer. Indeed, some smaller brands, such as cards sold
under computer superstores' names, are actually built by other companies, and
their MAC addresses probably reflect this fact.
To let dhcpd
use the MAC address to assign a specific IP address to a specific client,
you'll need to locate your client's MAC address. There are several ways to do
this, depending upon the hardware and the client's OS. If you're lucky, the
hardware manufacturer will have printed the MAC address on the network card,
usually on a sticker glued to the card. If this is the case, you can copy the
MAC address from the hardware itself. This isn't a universal practice, however,
and even if your manufacturer has done this, it may not be convenient to open
the computer to read the MAC address from the Ethernet card. For this reason,
there are software methods of obtaining the IP address.NOTE
align=left border=0> If you configure a computer to obtain a temporary dynamic IP
address from your DHCP server in order to bring its interface up so you can determine
the MAC address, the client may request the same IP address when it's next
rebooted. You may need to shut it down until this lease has expired in order
to obtain the new fixed IP address.
Locating the MAC Address
from the Client
In Linux and other UNIX-like clients, you can obtain the MAC
address by using the ifconfig
command. Type ifconfig eth0
(or use another interface identifier, if appropriate) and the system will
respond with a set of information about the interface. Included in this output
will be a line resembling the following: eth0 Link encap:Ethernet HWaddr 00:80:C6:F9:3B:BA
The value identified as HWaddr
(short for hardware address ) is the MAC
address00:80:C6:F9:3B:BA in this case. This command will only work once you've
loaded the Ethernet driver and brought up the interface at least minimally. The
interface need not be bound to the TCP/IP stack, though.In Windows 2000, you can obtain the MAC address through the IPCONFIG program, which is similar to
Linux's ifconfig in many ways.
Type IPCONFIG /ALL in a
DOS prompt window to obtain a complete listing of information on the system's
network interfaces. This listing will include a line similar to the following: Physical Address. . . . . . . . . : 00-50-BF-19-7E-99
In Windows Me, the equivalent to IPCONFIG is called WINIPCFG .
This program is a GUI tool, though. Once launched, it resembles
field labeled Adapter Address.
Figure 5.1. WINIPCFG presents information on network interfaces, and allows you
to control a Windows 9x/Me DHCP client.
find the MAC address from the TCP/IP Control Panel. Click the Info button to
get the TCP/IP Info dialog box, which displays the MAC address (called Hardware
Address in the dialog box). In MacOS X, this information is available in the
Network item in the System Preferences tool, as shown in
the lower left portion of the window.
Figure 5.2. MacOS X displays the MAC
address in the Network portion of System Preferences.
address. As illustrated by the preceding examples, the methods used by
different OSs are quite varied, so you may need to hunt in the OS's GUI
controls or consult its documentation for the appropriate command. If you can't
find a way to locate the MAC address, you may need to do it from the server, as
described next.
Locating
the MAC Address from the Server
Another approach to locating the MAC address is to do so from
the DHCP server. This method relies upon the proper functioning of the client's
network stack. One easy way to ensure at least minimal functionality is to
configure the client to use DHCP and boot it, allowing your DHCP server to
assign it a dynamic IP address from its dynamic address pool, as described in
the earlier section, "
then examine the DHCP leases file on the server (typically /var/lib/dhcp/ dhcpd.leases ) for
information on the client's lease. This file should contain an entry like the
following: lease 192.168.1.50 { starts 4 2002/07/19 21:37:20; ends 4 2002/07/19 23:17:20; binding state active; next binding state free; hardware ethernet 00:50:56:82:01:03; }
This shows the IP address assigned, the lease start and end
time, and assorted other information, including the MAC ( hardware ethernet )
address00:50:56:82:01:03 in this example. Of course, to use this method,
you'll need to have some way of determining what IP address is associated with
the new client. You may be able to spot this information on the client itself,
or you may be able to deduce it from the lease times.The Linux log file (usually /var/log/messages )
may also contain the MAC address. Try the following command to search it for
the most recent log entry from dhcpd : # grep dhcpd /var/log/messages | tail -n 1 Jul 19 18:27:38 speaker dhcpd: DHCPACK on 192.168.1.50 to 00:50:56:82:01:03 via eth0
You'll need to issue this command as soon as the server has
delivered an address to the client. If you're unsure of the IP address the
client has received, you run the risk of getting the wrong address,
particularly if some other client has obtained or renewed a lease just after
your target system. If you know the client's IP address, you can double-check
that you've obtained the correct MAC address by checking the IP address, as
well. If they don't match, use a value higher than 1 for the -n
parameter to tail in order to
review earlier messages from dhcpd
to find the correct entry.Finally, whether you configure the client to use DHCP or give
it a static IP address, you can use the arp
command to determine its MAC address. Type this command, followed by the
client's current IP address, on any Linux computer on your network: # arp 192.168.1.50 Address HWtype HWaddress Flags Mask Iface 192.168.1.50 ether 00:50:56:82:01:03 C eth0
You may need to initiate a data transfer to the client before
you'll get a reading with arp ,
though. Using ping to send a
single packet should do the job, as in ping
-c 1 192.168.1.50 .
Defining
Hosts via MAC Addresses
To configure dhcpd
to deliver a fixed IP address to a computer with a specific MAC address, you
should first configure the server much as for a dynamic IP address setup. You
can begin with
sorts of changes you'd make for your network in any event, such as altering the
DNS server and gateway addresses, or adding any global parameters you might
need. You must then add one host
declaration for each client that will receive a fixed address. These
declarations may go within the subnet
declaration or after it, and they look like this: host teela { hardware ethernet 00:05:02:a7:76:da; fixed-address 192.168.1.2; }
This declaration begins with the keyword host , then provides a hostname (without
the domain name), although this hostname might or might not be passed on to the
client, depending upon other parameters such as use-host-decl-names . Within the curly braces are two
parameters. The first ( hardware )
lists the hardware type and MAC address to which this declaration applies. This
example shows an Ethernet configuration, but you can specify token-ring if you have a Token Ring
network. The second parameter ( fixed-address )
provides the IP address to be delivered to this client. Be sure this address is
outside the range set by the range parameter in the subnet declaration as a whole, but within the specified network block. For instance, the
preceding example (with an address of 192.168.1.2) is outside the range of
192.168.1.50192.168.1.150 provided as the range for dynamic IP addresses in
network block covered by the subnet
declaration.You can define as many specific clients as you like in this
way, and you can mix clients using fixed IP addresses with clients using
dynamic IP addresses. If you have both a range
statement and one or more host
declarations, any computer whose MAC address isn't explicitly listed in a host declaration will receive an IP
address from the dynamic IP address range.
Customizing
Client-Specific Parameters
As noted earlier, multi-line declarations may contain
parameters that apply only within the declaration. In fact, the hardware and fixed-address statements in the host declaration are both parameters. There are many other
parameters you can specify for particular hosts. You can use the options
described earlier, in the section "
you're most likely to want to set on a per-computer basis is option host-name "name" .
This parameter sets the hostname provided to the client by the DHCP server. You
might use this instead of get-lease-hostnames
or use-host-decl-names if you
want to override these options in certain specific cases, or if you only want
to provide hostnames to some clients.You can also apply options to specific groups
of clients. One way to do this is to define separate subnets for each group,
but this approach works best when the clients are isolated on separate physical
or logical subnets. More generally, you can use the group declaration to create a group of identified hosts with some shared parameters. For
instance, you might use something like the following: group { get-lease-hostnames true; host teela { hardware ethernet 00:05:02:a7:76:da; fixed-address 192.168.1.2; } host nessus { hardware ethernet 00:50:BF:19:7E:99; fixed-address 192.168.1.3; } } group { use-host-decl-names true; host hindmost { hardware ethernet 00:50:56:81:01:03; fixed-address 192.168.1.4; } host louiswu { hardware ethernet 00:e0:98:71:60:c1; fixed-address 192.168.1.5; } }
This example provides hostnames via DNS
lookup for the first two clients ( teela and nessus ), and via the name
used in the host declaration for the next two clients ( hindmost and louiswu ). You
might use this feature in other ways as well, such as providing different boot
files for different computers (using the filename and next-server parameters) or configuring certain computers with specific TCP/IP settings that
optimize those systems' performance but that might degrade other computers'
performance.
