Skip to content

Instantly share code, notes, and snippets.

@jumpyvi

jumpyvi/dhcp.md

Last active May 18, 2025 18:01
Show Gist options
  • Save jumpyvi/d37b7736aaf7cf79d57bc0c8a8097ddd to your computer and use it in GitHub Desktop.
Save jumpyvi/d37b7736aaf7cf79d57bc0c8a8097ddd to your computer and use it in GitHub Desktop.
Download ZIP
Raw
dhcp.md

Border Router for RHEL

DHCPD

Create DHCP server

  1. sudo dnf install dhcp-server
  2. sudo vim /etc/dhcp/dhcpd.conf
subnet 10.0.0.0 netmask 255.255.255.0 {
  authoritative;
  range 10.0.0.10 10.0.0.100;
  option routers 10.0.0.1;
  option subnet-mask 255.255.255.0;
  option domain-name-servers 8.8.8.8, 8.8.4.4;
  default-lease-time 600;
  max-lease-time 7200;
}
  1. FirewallD Config
sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --permanent --add-masquerade
sudo firewall-cmd --permanent --zone=public --add-interface={ENP-INTERNE}
firewall-cmd --reload
  1. Configuration IP
sudo nmcli con modify {ENP-INTERNE} ipv4.addresses 10.0.0.1/24
sudo nmcli con modify {ENP-INTERNE} ipv4.method manual
sudo nmcli con up {ENP-INTERNE}
  1. sudo vim /usr/lib/systemd/system/dhcpd.service
[Unit]
Description=DHCPv4 Server Daemon
Documentation=man:dhcpd(8) man:dhcpd.conf(5)
Wants=network-online.target
After=network-online.target
After=time-sync.target

[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/dhcpd
ExecStart=/usr/sbin/dhcpd -4 -f -cf /etc/dhcp/dhcpd.conf {ENP-INTERNE}
StandardError=null

[Install]
WantedBy=multi-user.target
  1. sudo systemctl enable --now dhcpd

Create DNS server

{DOMAIN} -> Domain name (suce) {SERVICE} -> Service (nginx)

  1. sudo dnf install dnsmasq
  2. sudo vim /etc/dnsmasq.d/{domain}.local
no-dhcp-interface=
bogus-priv
strict-order
domain={domain}.local
expand-hosts
local=/{domain}.local/
domain-needed
no-resolv
no-poll
server=8.8.8.8
server=8.8.4.4
dhcp-option=15,{DOMAIN}.local
addn-hosts=/etc/hosts
listen-address=10.0.0.1
  1. sudo vim /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

10.0.0.1 {SERVICE}.{DOMAIN}.local {SERVICE}
  1. sudo vim /etc/dhcp/dhcpd.conf
subnet 10.0.0.0 netmask 255.255.255.0 {
  authoritative;
  range 10.0.0.10 10.0.0.100;
  option routers 10.0.0.1;
  option subnet-mask 255.255.255.0;
  option domain-name-servers 10.0.0.1; # The google DNS are not set in dnsmasq
  default-lease-time 600;
  max-lease-time 7200;
}
  1. sudo systemctl start dnsmasq (+enable)
  2. sudo systemctl restart dhcpd
  3. On client (linux):
sudo rm /etc/resolv.conf
sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved
# + Release/Renew

NGINX on DNS

  1. sudo dnf install nginx
  2. sudo vim /etc/nginx.conf # server_name -> {SERVICE}.{DOMAIN}.local
  3. sudo systemctl enable --now nginx
  4. Setup firewalld
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --zone=public --add-port=53/udp --permanent
sudo firewall-cmd --zone=public --add-port=53/tcp --permanent
sudo firewall-cmd --reload

Useful Client Commands (Linux)

Release

sudo rm -f /var/lib/dhcp/dhclient.leases
sudo dhclient -r {ENP-CLIENT}

Renew

sudo dhclient -v {ENP-CLIENT}

Get current DNS

resolvectl status

Useful Server Commands

See leases

Get live leases update

tail -f /var/lib/dhcpd/dhcpd.leases
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment