System Administration Guide: IP Services
Previous Next

Document Information

Preface

Part I TCP/IP Administration

1.  Solaris TCPIP Protocol Suite (Overview)

2.  Planning an IPv4 Addressing Scheme (Tasks

3.  Planning an IPv6 Addressing Scheme (Overview)

4.  Planning an IPv6 Network (Tasks)

5.  Configuring TCP/IP Network Services and IPv4 Addressing (Tasks)

6.  Administering Network Interfaces (Tasks)

7.  Enabling IPv6 on a Network (Tasks)

8.  Administering a TCP/IP Network (Tasks)

9.  Troubleshooting Network Problems (Tasks)

10.  TCP/IP and IPv4 in Depth (Reference)

11.  IPv6 in Depth (Reference)

Part II DHCP

12.  About Solaris DHCP (Overview)

About the DHCP Protocol

Advantages of Using Solaris DHCP

How DHCP Works

Solaris DHCP Server

Solaris DHCP Client

13.  Planning for DHCP Service (Tasks)

14.  Configuring the DHCP Service (Tasks)

15.  Administering DHCP (Tasks)

16.  Configuring and Administering DHCP Clients

17.  Troubleshooting DHCP (Reference)

18.  DHCP Commands and Files (Reference)

Part III IP Security

19.  IP Security Architecture (Overview)

20.  Configuring IPsec (Tasks)

21.  IP Security Architecture (Reference)

22.  Internet Key Exchange (Overview)

23.  Configuring IKE (Tasks)

24.  Internet Key Exchange (Reference)

25.  Solaris IP Filter (Overview)

26.  Solaris IP Filter (Tasks)

Part IV Mobile IP

27.  Mobile IP (Overview)

28.  Administering Mobile IP (Tasks)

29.  Mobile IP Files and Commands (Reference)

Part V IPMP

30.  Introducing IPMP (Overview)

31.  Administering IPMP (Tasks)

Part VI IP Quality of Service (IPQoS)

32.  Introducing IPQoS (Overview)

33.  Planning for an IPQoS-Enabled Network (Tasks)

34.  Creating the IPQoS Configuration File (Tasks)

35.  Starting and Maintaining IPQoS (Tasks)

36.  Using Flow Accounting and Statistics Gathering (Tasks)

37.  IPQoS in Detail (Reference)

Glossary

Index

Solaris DHCP Server

The Solaris DHCP server runs as a daemon in the Solaris Operating System (Solaris OS) on a host system. The server has two basic functions:

  • Managing IP addresses – The DHCP server controls a range of IP addresses and allocates them to clients, either permanently or for a defined period of time. The server uses a lease mechanism to determine how long a client can use a nonpermanent address. When the address is no longer in use, it is returned to the pool and can be reassigned. The server maintains information about the binding of IP addresses to clients in its DHCP network tables, ensuring that no address is used by more than one client.

  • Providing network configuration for clients – The server assigns an IP address and provides other information for network configuration, such as a host name, broadcast address, network subnet mask, default gateway, name service, and potentially much more information. The network configuration information is obtained from the server's dhcptab database.

The Solaris DHCP server can also be configured to perform the following additional functions:

  • Responding to BOOTP client requests – The server listens for broadcasts from BOOTP clients discovering a BOOTP server and provides them with an IP address and boot parameters. The information must have been configured statically by an administrator. The DHCP server can simultaneously perform as a BOOTP server and as a DHCP server.

  • Relaying requests – The server relays BOOTP and DHCP requests to appropriate servers on other subnets. The server cannot provide DHCP or BOOTP service when configured as a BOOTP relay agent.

  • Providing network booting support for DHCP clients – The server can provide DHCP clients with information needed to boot over the network: an IP address, boot parameters, and network configuration information. The server can also provide information that DHCP clients need to boot and install over a wide area network (WAN).

  • Updating DNS tables for clients that supply a host name – For clients that provide a Hostname option and value in their requests for DHCP service, the server can attempt DNS updates on their behalf.

DHCP Server Management

As superuser, you can start, stop, and configure the DHCP server with DHCP Manager or with command-line utilities described in DHCP Command-Line Utilities. Generally, the DHCP server is configured to start automatically when the system boots, and to stop when the system is shut down. You should not need to start and stop the server manually under normal conditions.

DHCP Data Store

All the data used by the Solaris DHCP server is maintained in a data store. The data store might consist of plain text files, NIS+ tables, or binary-format files. While configuring the DHCP service, you choose the type of data store to be used. The section Choosing the DHCP Data Store describes the differences between the types of data stores. You can convert a data store from one format to another by using DHCP Manager or the dhcpconfig command.

You can also move data from one DHCP server's data store to another server's data store. You can use export and import utilities that work with the data stores, even if the servers are using different data store formats. You can export and import the entire content of a data store, or just some of the data within it, using DHCP Manager or the dhcpconfig command.

Note - Any database or file format can be used for DHCP data storage if you develop your own code module to provide an interface between Solaris DHCP (server and management tools) and the database. .

Within the Solaris DHCP data store are two types of tables. You can view and manage the contents if these tables by using either DHCP Manager or the command-line utilities. The data tables are as follows:

  • dhcptab table – Table of configuration information that can be passed to clients.

  • DHCP network tables – Tables containing information about the DHCP and BOOTP clients that reside on the network specified in the table name. For example, the network 192.168.32.0 would have a table whose name includes 192_168_32_0.

The dhcptab Table

The dhcptab table contains all the information that clients can obtain from the DHCP server. The DHCP server scans the dhcptab table each time it starts. The file name of the dhcptab table varies according to the data store used. For example, the dhcptab table created by the NIS+ data store SUNWnisplus is SUNWnisplus1_dhcptab.

The DHCP protocol defines a number of standard items of information that can be passed to clients. These items are referred to as parameters, symbols, or options. Options are defined in the DHCP protocol by numeric codes and text labels, but without values. Some commonly used standard options are shown in the following table.

Table 12-1 Sample DHCP Standard Options

Code

Label

Description

1

Subnet

Subnet mask IP address

3

Router

IP address for the router

6

DNSserv

IP address for the DNS server

12

Hostname

Text string for the client host name

15

DNSdmain

DNS domain name

Some options are automatically assigned values when you provide information during server configuration. You can also explicitly assign values to other options at a later time. Options and their values are passed to the client to provide configuration information. For example, the option/value pair, DNSdmain=Georgia.Peach.COM, sets the client's DNS domain name to Georgia.Peach.COM.

Options can be grouped with other options in containers known as macros, which makes it easier to pass information to a client. Some macros are created automatically during server configuration and contain options that were assigned values during configuration. Macros can also contain other macros.

The format of the dhcptab table is described in the dhcptab(4) man page. In DHCP Manager, all the information shown in the Options and Macros tabs comes from the dhcptab table. See About DHCP Options for more information about options. See About DHCP Macros for more information about macros.

Note that the dhcptab table should not be edited manually. You should use either the dhtadm command or DHCP Manager to create, delete, or modify options and macros.

DHCP Network Tables

A DHCP network table maps client identifiers to IP addresses and the configuration parameters associated with each address. The format of the network tables is described in the dhcp_network(4) man page. In DHCP Manager, all the information shown in the Addresses tab comes from the network tables.

DHCP Manager

DHCP Manager is a graphical user interface (GUI) tool you can use to perform all management duties associated with the DHCP service. You can use it to manage the server as well as the data the server uses. You must be superuser when you run DHCP Manager.

You can use DHCP Manager with the server in the following ways:

  • Configuring and unconfiguring the DHCP server

  • Starting, stopping, and restarting the DHCP server

  • Disabling and enabling DHCP service

  • Customizing DHCP server settings

DHCP Manager enables you to manage the IP addresses, network configuration macros, and network configuration options in the following ways:

  • Adding and deleting networks under DHCP management

  • Viewing, adding, modifying, deleting, and releasing IP addresses under DHCP management

  • Viewing, adding, modifying, and deleting network configuration macros

  • Viewing, adding, modifying, and deleting nonstandard network configuration options

DHCP Manager allows you to manage the DHCP data stores in the following ways:

  • Convert data to a new data store format

  • Move DHCP data from one DHCP server to another by exporting it from the first server and importing it on the second server

DHCP Manager includes extensive online help for procedures you can perform with the tool. For more information, see About DHCP Manager.

DHCP Command-Line Utilities

All DHCP management functions can be performed by using command-line utilities. You can run the utilities if you are logged in as superuser or as a user assigned to the DHCP Management profile. See Setting Up User Access to DHCP Commands.

The following table lists the utilities and describes the purpose of each utility.

Table 12-2 DHCP Command-Line Utilities

Command

Description and Purpose

Man Page Links

in.dhcpd

The DHCP service daemon. Command-line arguments enable you to set several runtime options.

in.dhcpd(1M)

dhcpconfig

Used to configure and unconfigure a DHCP server. This utility enables you to perform many of the functions of DHCP Manager from the command line. This utility is primarily intended for use in scripts for sites that want to automate some configuration functions. dhcpconfig collects information from the server system's network topology files to create useful information for the initial configuration.

dhcpconfig(1M)

dhtadm

Used to add, delete, and modify configuration options and macros for DHCP clients. This utility lets you edit the dhcptab table indirectly, which ensures the correct format of the dhcptab table. You should not directly edit the dhcptab table.

dhtadm(1M)

pntadm

Used to manage the DHCP network tables. You can use this utility to perform the following tasks:

  • Add and remove IP addresses and networks under DHCP management.

  • Modify the network configuration for specified IP addresses.

  • Display information about IP addresses and networks under DHCP management.

pntadm(1M)

Role-Based Access Control for DHCP Commands

Security for the dhcpconfig, dhtadm, and pntadm commands is determined by role-based access control (RBAC) settings. By default, the commands can be run only by superuser. If you want to use the commands under another user name, you must assign the user name to the DHCP Management profile as described in Setting Up User Access to DHCP Commands.

DHCP Server Configuration

You configure the Solaris DHCP server the first time you run DHCP Manager on the system where you want to run the DHCP server.

DHCP Manager server configuration dialog boxes prompt you for essential information needed to enable and run the DHCP server on one network. Some default values are obtained from existing system files. If you have not configured the system for the network, there are no default values. DHCP Manager prompts for the following information:

  • Role of the server, either as the DHCP server or as the BOOTP relay agent

  • Data store type (files, binary files, NIS+, or something specific to your site)

  • Data store configuration parameters for the data store type you selected

  • Name service to use to update host records, if any (/etc/hosts, NIS+, or DNS)

  • Length of lease time and whether clients should be able to renew leases

  • DNS domain name and IP addresses of DNS servers

  • Network address and subnet mask for the first network you want to configure for DHCP service

  • Network type, either local area network (LAN) or point-to-point network

  • Router discovery or the IP address of a particular router

  • NIS domain name and IP address of NIS servers

  • NIS+ domain name and IP address of NIS+ servers

You can also configure the DHCP server using the dhcpconfig command. This utility automatically gathers information from existing system files to provide a useful initial configuration. Therefore, you must ensure that the files are correct before running dhcpconfig. See the dhcpconfig(1M) man page for information about the files that dhcpconfig uses to obtain information.

IP Address Allocation

The Solaris DHCP server supports the following types of IP address allocation:

  • Manual allocation – The server provides a specific IP address that you choose for a specific DHCP client. The address cannot be reclaimed or assigned to another client.

  • Automatic, or permanent, allocation – The server provides an IP address that has no expiration time, making it permanently associated with the client until you change the assignment or the client releases the address.

  • Dynamic allocation – The server provides an IP address to a requesting client, with a lease for a specific period of time. When the lease expires, the address is taken back by the server and can be assigned to another client. The period of time is determined by the lease time configured for the server.

Network Configuration Information

You determine what information to provide to DHCP clients. When you configure the DHCP server, you provide essential information about the network. Later, you can add more information that you want to provide to clients.

The DHCP server stores network configuration information in the dhcptab table, in the form of option/value pairs and macros. Options are keywords for network data that you want to supply to clients. Values are assigned to options and passed to clients in DHCP messages. For example, the NIS server address is passed by way of an option called NISservs. The NISservs option has a value that is equal to a list of IP addresses, which is assigned by the DHCP server. Macros provide a convenient way to group together any number of options that you want to supply to clients. You can use DHCP Manager to create macros to group options and to assign values to the options. If you prefer a command-line tool, you can use dhtadm, the DHCP configuration table management utility, to work with options and macros.

About DHCP Options

In Solaris DHCP, an option is a piece of network information to be passed to a client. The DHCP literature also refers to options as symbols or tags. An option is defined by a numeric code and a text label. An option receives a value when it is used in the DHCP service.

The DHCP protocol defines a large number of standard options for commonly specified network data: Subnet, Router, Broadcst, NIS+dom, Hostname, and LeaseTim are a few examples. A complete list of standard options is shown in the dhcp_inittab(4) man page. You cannot modify the standard option keywords in any way. However, you can assign values to the options that are relevant to your network when you include the options in macros.

You can create new options for data that is not represented by the standard options. Options you create must be classified in one of three categories:

  • Extended – Reserved for options that have become standard DHCP options but are not yet included in the DHCP server implementation. You might use an extended option if you know of a standard option that you want to use, but you do not want to upgrade your DHCP server.

  • Site – Reserved for options that are unique to your site. You create these options.

  • Vendor – Reserved for options that should apply only to clients of a particular class, such as a hardware or vendor platform. The Solaris DHCP implementation includes a number of vendor options for Solaris clients. For example, the option SrootIP4 is used to specify the IP address of a server that a client that boots from the network should use for its root (/) file system.

Chapter 15, Administering DHCP (Tasks) includes procedures for creating, modifying, and deleting DHCP options.

About DHCP Macros

In the Solaris DHCP service, a macro is a collection of network configuration options and the values that you assign to them. Macros are created to group options together to be passed to specific clients or types of clients. For example, a macro intended for all clients of a particular subnet might contain option/value pairs for subnet mask, router IP address, broadcast address, NIS+ domain, and lease time.

Macro Processing by the DHCP Server

When the DHCP server processes a macro, it places the network options and values defined in the macro in a DHCP message to a client. The server processes some macros automatically for clients of a particular type.

For the server to process a macro automatically, the name of the macro must comply with one of the categories shown in the following table.

Table 12-3 DHCP Macro Categories for Automatic Processing

Macro Category

Description

Client class

The macro name matches a class of client, indicated by the client machine type, operating system, or both. For example, if a server has a macro named SUNW.Sun-Blade-100, any client whose hardware implementation is SUNW,Sun-Blade-100 automatically receives the values in the SUNW.Sun-Blade-100 macro.

Network address

The macro name matches a DHCP-managed network IP address. For example, if a server has a macro named 10.53.224.0, any client connected to the 10.53.224.0 network automatically receives the values in the 10.53.224.0 macro.

Client ID

The macro name matches some unique identifier for the client, usually derived from an Ethernet or MAC address. For example, if a server has a macro named 08002011DF32, the client with the client ID 08002011DF32 (derived from the Ethernet address 8:0:20:11:DF:32) automatically receives the values in the macro named 08002011DF32.

A macro with a name that does not use one of the categories listed in Table 12-3 can be processed only if one of the following is true:

  • The macro is mapped to an IP address.

  • The macro is included in another macro that is processed automatically.

  • The macro is included in another macro that is mapped to an IP address.

Note - When you configure a server, a macro that is named to match the server's name is created by default. This server macro is not processed automatically for any client because it is not named with one of the name types that cause automatic processing. When you later create IP addresses on the server, the IP addresses are mapped to use the server macro by default.

Order of Macro Processing

When a DHCP client requests DHCP services, the DHCP server determines which macros match the client. The server processes the macros, using the macro categories to determine the order of processing. The most general category is processed first, and the most specific category is processed last. The macros are processed in the following order:

  1. Client class macros – The most general category

  2. Network address macros – More specific than Client class

  3. Macros mapped to IP addresses – More specific than Network address

  4. Client ID macros – The most specific category, pertaining to one client

A macro that is included in another macro is processed as part of the container macro.

If the same option is included in more than one macro, the value for that option in the macro with the most specific category is used because it is processed last. For example, if a Network address macro contains the lease time option with a value of 24 hours, and a Client ID macro contains the lease time option with a value of 8 hours, the client receives a lease time of 8 hours.

Size Limit for DHCP Macros

The sum total of the values assigned to all the options in a macro must not exceed 255 bytes, including the option codes and length information. This limit is dictated by the DHCP protocol.

The macros that are most likely to be impacted by this limit are macros that are used to pass paths to files on Solaris installation servers. Generally, you should pass the minimum amount of vendor information needed. You should use short path names in options that require path names. If you create symbolic links to long paths, you can pass the shorter link names.
Previous Next