This is the last of four posts related to dnsmasq; it covers the basics on how to set up your own DHCP server on your network. For reference, here are the previous dnsmasq posts on DNS caching, a read-only TFPT server, and a DNS server.
Configure the DHCP Server with dnsmasq
To install dnsmasq you can run the following command:
apt-get install dnsmasq
This installs the package and starts the dnsmasq daemon. Without touching at all the configuration file /etc/dnsmasq.conf, the daemon runs as a DNS caching service.
By default, the TFTP, DNS, and DHCP servers are not launched unless the user explicitly wants to enable them. This is there to avoid any mishaps where the user installs the package and accidentally launches a DHCP server in a network that already has one. That would create quite some confusion.
To disable all DNS functionality that dnsmasq includes by default, comment out the option “port=0” towards the top of /etc/dnsmasq.conf.
To enable the DHCP server, open /etc/dnsmasq.conf and search for “dhcp” to find any relevant options and comments. The DHCP options are gathered towards the end of the file.
You will see that there is a large number of options, and the good thing is that all of them are documented with examples on what they do and how to use them.
Here is the most basic options you need to enable DHCP:
dhcp-range=172.31.0.220,172.31.0.250,255.255.255.0,12h dhcp-option=option:router,172.31.0.1 dhcp-option=option:dns-server,22.214.171.124 dhcp-authoritative
The most basic options that enable DHCP is “dhcp-range.” You have to specify the rage of the addresses, with netmask and lease time both being optional. If you don’t specify a time, the lease time is interpreted as infinite.
There is a long list of options you can specify with the format “dhcp-option=option:<option name>,<option value>. Above, you see two examples were we specify the router and the dns-server to be included in the DHCP lease. If you don’t specify a router and a DNS server, it’s assumed that the host you are running dnsmasq on is the router and the DNS server. There is a long list of options and you can review them all by running “dnsmasq –help dhcp.”
Finally, it’s recommended to enable the ‘authoritative mode’. Dnsmasq barges in and takes over the lease for any client to broadcast on the network, whether it has a record of the lease or not. This avoids long timeouts when a machine wakes up on a new network.
Once you make these changes you have to restart the dnsmasq service with:
systemctl restart dnsmasq
And you should have your own DHCP server in your network. Now try to bounce the interface or reboot a host in the same network to see if your new DHCP server works as expected.
Of course, there is a tone of options and examples that you can go through in /etc/dnsmasq.conf. For example, you can assign a static IP to a host with a specific MAC, manage multiple DHCP networks, and many others.
If you wish, you can enable both the DNS and DHCP services. This is most likely what you should do if you were using dnsmasq. Here I just presented the DHCP part, but you can refer to my previous post and combine the two.