In lab6, you learned to connect your VMs to a VPN using a fixed IP Address. In this final lab, you will learn how to setup, and run set-up a '''DHCP server on your centos3 machine, and then test-out the DHCP server by setting up your other VMs ''' to receive an automatically assign IP addresses from the DHCP serverAddresses upon connection requests.

{|cellpadding="15" width="40%"#INVESTIGATION_3:_SECURING_THE_SSH_CONNECTION

This lab will demonstrate setting up a DHCP server. The term '''DHCP ''' stands for x'''Dynamic Host Configuration Protocol'''. PurposeDHCP allows computers (eg. workstations, notebooks, smart-phones) to be automatically configured so that they can communicate over a network. This automatic configuration has gained popularity over the years, especially as the need for detecting and configuring portable computer devices increases. DHCP configuration allows for various setups including: '''Dynamic''', '''Automatic''', and '''Static''' allocation.<br><br>

<br><br>{|cellpadding="152" width="4060%"

|width="10%" | <u>'''DAnswer Part 1 observations / questions in your lab log book.'''</u>iscovery:

|- valign="top"= Part 2: Configuring the DHCP Server==

[[Image:dhcp-config.png|thumb|right|width="10%" 500px| <u>The '''dhcpd.config''' file allows the Linux system administrator to customize the DCHP server. Generally in this file are '''global settings''' (options that apply throughout entire network) and '''subnet declarations''' (options that apply only to that subnet). Whenever changes are made to this file, the '''ODCHP service needs to be restarted'''to allow new settings to take effect.</ubr>ffer<br>'''NOTE:Any errors in this file (such as typos or missing semi-colons) can cause the DHCP server not to restart!''' ]]

|width# Remain in your '''centos3''' VM for this section.# Click on the following link to access the online manual page for the following DHCP items to gain an understanding: <ul><li>[http://linux.die.net/man/8/dhcpd dhcpd]</li><li>[https://www.freebsd.org/cgi/man.cgi?query=dhcpd.conf&sektion=5&apropos=0&manpath=FreeBSD+9.0-RELEASE+and+Ports dhcpd.conf]</li><li>[http://linux.die.net/man/5/dhcp-options dhcpd-options]</li><li>[http://linux.die.net/man/5/dhcpd.leases dhcpd.leases]<br><br></li></ul># Study the sample '''dhcpd.conf''' file to see examples of how these options are used.# Edit '''/etc/dhcp/dhcpd.conf''' and examine the top section of the file.# Look for the comment: '''"50%option definitions common to all supported networks" |The DHCP server receives '''# Below that comment change the request from existing global options to reflect the clientnewer values shown below:<br><br><br>'''domain-name''' '''"ops235.org";'''<br>'''domain-name-servers''' '''192.168.235.1;'''<br><br>'''default-lease-time''' '''1200;'''<br>'''max-lease-time''' '''3600;'''<br><br><br>'''Note:''' Any values for time are stated in seconds.<br><br># View your editing sessions for typos (check for missing semicolons), reserves an IP ADDRESS for the client then save and sends a DHCPOFFERexit your editing session.<br><br>

|width="10%" | <u>'''A'''<{{Admon/u>cknowledgement: important |width="50%" Recall Secure SSH Connection Method from Lab7 |The client sends a message of acceptance to Do not forget that you made ssh more secure in the serverprevious lab. In turnTherefore, you will need to use the client receives from the server a packet of information containing the lease duration and other configuration informationsame command in lab7 to securely connect to your VM.}}

# Perform this section Remain in your '''centos3''' VMfor this section.# It is advisable to perform Edit '''/etc/dhcp/dhcpd.conf''' for a yum update on your host second time.# View this file for existing subnet declarations. Note the syntax and the directive for '''range''' and all three of your VMthe option for '''routers'''s(gateway).# It is also advisable that you properly backed up Now, add a new subnet delcaration for your VMs from lab7.virtual network:<br><br>The version of DHCP server that comes with CentOS network address is maintained and distributed by the Internet Software Consortium (http:'''192.168.235.0//www255.isc255.org)255. The source package that you can download 0'''<br>range of host addresses should be from ISC includes not only : '''51 to 60'''<br>default gateway (routers) for the DHCP server, but also a DHCP client and a DHCP relay agentvirtual network is: '''192. CentOS separates it into two RPM packages: the DHCP client package and the DHCP server package168. The DHCP client package is installed by default by the workstation installation235.1'''<br><br># To check that you have Save your editing session, and exit the text editor.<codeol>dhclient</codeli value="6"> installed, enter Open another terminal window (ssh into centos3 from the centos host as user root) and issue the following command:#:: <codebr>rpm -q dhclient</codeb><olcode><li valuespan style="2color:#3366CC;font-size:1.2em;"> If the package is not installed, you will get the message "package dhclient is not installed", otherwise, you will get the version information of the rpm package. Install the tail -f /var/log/messages<code/span>dhclient</code> package if it was not installed.</lib><br><libr>Check (This will show you the last lines of '''/var/log/messages''' continue to display new lines as they are added to see if the dhcp server package is installed. If not - install itlog.)</libr><libr>Enter the command to list all the files installed from the DHCP server package.</li><li>What file appears In your original terminal prompt attempt to be a sample configuration file?start the '''dhcpd''' service.</li><li>Copy You should see new lines being added to the sample <code>dhcpd.conf</code> messages file to the <code>/etc/dhcp</code> directory making sure it is named <code>/etc/dhcp/dhcpd.conf</code></li>

== Part 2: What configuration options and directives need to be set in dhcpd.conf?==|{{Admon/note tip | Troubleshooting Tip: | Use Troubleshooting produces the best results when you are methodical in your centos3 VM | Complete approach. Try to fix the first error mentioned before fixing subsequent errors. Often the first error may cause multiple error messages as the configuration file is parsed. When you think you have fixed the following steps on first error try to start your centos3 VMservice and if it fails check the log again. Fix one error at a time.}}

|}# Study the man pages of <codeol>dhcpd</code>, <codeli value="9">If the '''dhcpd''' service fails to start any error messages will be logged in the messages file. Read the errors and attempt to fix your configuration file.conf</codeli>, <code>dhcp-options</code>, and <codeli>If the '''dhcpd.leases</code> and make notes ''' service starts successfully you should see success messages in your the log book. In particular, look up the meaning and possible value(s), if any, for the following configuration options:::* <code>broadcast-address</codeli>::* <codeli>default-lease-timeIf your '''dhcpd''' service starts successfully, try to generate errors by editing the configuration file and introduce an error by removing a semicolon or closing curly bracket.</codeli>::* <codeli>max-lease-time</code> (How Restart your '''dhcpd''' service and observe the error messages generated. This is this different from <code>defaultgood practice to learn how to trouble-lease-timeshoot and solve dhcpd errors.</codeli>?)::* <code>domain-name</code>::* <code>domain-name-servers</code>::* <code>fixed-address</code>::* <code>group</code>::* <code>hardware</code>::* <code>host</code>::* <code>host-name</code>::* <code>range</code>::* <code>routers</code>::* <code>subnet</codeli>Make certain that you have corrected those errors, and that your dhcpd service works properly.::* <code>subnet-mask</code><ol><li value="2"> Study Once the dhcpd service has is running, use the '''systemctl''' command to see if the sample <code>dhcpdservice is enabled.conf</code> file If it is not enabled, use the '''chkconfig''' command to see examples of how these options are usedenable the dhcpd service so it started automatically upon boot-up.</li>

# Edit <code>/etc/dhcp/dhcpd.conf</code> and examine the top section of the file.# Make the following changes to the global settings:::* <code>domain-name</code> should be set to '''ops235.org'''::* <code>domain-name-servers<Answer Part 3 observations /code> should be set to '''192.168.235questions in your lab log book.1'''::* <code>default-lease-time</code> should be set to '''20 minutes'''::* <code>max-lease-time</code> should be set to '''1 hour'''<ol><li value="3">Save and exit your editing session.</li></ol>

'''Answer == Part 3 observations / questions in your lab log book.'''4: How do I test my dhcpd service on my virtual network?=={|width="40%" align="right"

|- valign== Part 4: How do I configure dhcpd to provide IP configuration to my virtual network?=={{Admon/note | Use your centos3 VM | Complete the following steps on your centos3 VM.}}"top"

# Edit <code>/etc/dhcp/dhcpd.conf</code> for a second time, and add a new subnet delcaration for your virtual network# The network address is '''192.168.235.0/255.255.255.0''' and the range of host addresses should be from '''51 to 60'''# Also add a default gateway for the virtual network of '''192.168.235.1'''# Save your editing session, and exit the text editor.|{{Admon/note | Recall Secure SSH Connection Method from Lab7 Identifying DHCP Lease Transaction Information | Do not forget These messages record the DHCP lease transaction that you made ssh more secure in the previous labconsists of 4 broadcast packets, DISCOVER, OFFER, REQUEST and ACKNOWLEDGE. Therefore, you will need to use Try researching on the same command in lab7 to securely connect to your VMinternet how this transaction differs from a DHCP lease renewal.}}

<ol><li value="5">Open another |}# Use your '''centos2''' and '''centos3''' VMs for this section.# On your '''centos3''' terminal window (via ssh into centos3 from the centos host as user rootyour c7host machine) and issue make sure that the following command:::: <codebr><b>tail -f /var/log/messages</codeb>is running.<li>This will show you # On your '''centos2''' VM, change the last 10 lines configuration of '''eth0''' (or your interface name) to receive dynamic address configuration (i.e. via graphical application, for IVP4 tab, change ''Address'' from '''Manual''' to '''DHCP''', and '''Apply''' settings)<codebr>([http:/var/logzenit.senecac.on.ca/wiki/index.php/messagesOPS235_Lab_6_-_CentOS7#Part_2:_Configuring_VM_Network_Setup_Graphically_.28system-config-network.29 Refer to Lab6, Investigation1, Part2]).<br></codebr> continue to display new lines as they Note: if you are added configuring via command line, make certain to restart the lognetwork for centos2.# Logout and restart your '''centos2''' VM.</li><li>In # Observe the messages that get logged from the tail -f command as your original terminal prompt attempt centos2 VM starts. You should see output similar to start the following:<br><codebr>dhcpd::</codespan style="font-family:courier;"> service.Mar 24 13:28:24 centos3 dhcpd: DHCPDISCOVER from 52:54:00:61:00:e7 via eth2</lispan>::<lispan style="font-family:courier;">You should see new lines being added Mar 24 13:28:25 centos3 dhcpd: DHCPOFFER on 192.168.235.51 to the messages file.52:54:00:61:00:e7 via eth2</lispan>::<li>If the <codespan style="font-family:courier;">Mar 24 13:28:25 centos3 dhcpd</code> service fails to start any error messages will be logged in the messages file: DHCPREQUEST for 192.168.235.51 (192.168. Read the errors and attempt to fix your configuration file235.13) from 52:54:00:61:00:e7 via eth2</lispan>::<span style="font-family:courier;">Mar 24 13:28:25 centos3 dhcpd: DHCPACK on 192.168.235.51 to 52:54:00:61:00:e7 via eth2<libr>If the <codebr>dhcpd</codespan> service starts successfully you should see success messages in the log. </liol><livalue="6">If your On '''centos2''', confirm the IP address assignment using <codeb>dhcpd</code> service starts successfully, try to generate errors by editing the configuration file and introduce an error by removing a semicolon or closing curly bracket<span style="color:#3366CC;font-size:1.2em;">ifconfig</lispan><li>Restart your </code>dhcpd</codeb> service and observe the error messages generated. This is good practice to learn how to trouble-shoot and solve dhcpd errors.</li><li>Make certain that you have corrected those errorsHas the IP Address changed? If so, and that your how has the IP Address been assigned according to the '''dhcpd service works properly.conf''' file settings?</li>

== Part 5INVESTIGATION 2: How do I test my dhcpd service on my virtual network?=OBTAINING LEASE & LEASE PERMANENT IP ADDRESS INFORMATION=

# On a centos3 terminal window make sure that the command <code>tail -f /var/log/messages</code> is running.# On your centos2 VM, change the configuration of '''eth0''' (or your interface name) to receive dynamic address configuration.# Save your changes and restart the <code>NetworkManager</code> service.# Observe the messages that get logged. You should see output similar to the following== Part 1:<pre >Mar 24 13:28:24 centos3 dhcpd: DHCPDISCOVER from 52:54:00:61:00:e7 via eth2Mar 24 13:28:25 centos3 dhcpd: DHCPOFFER on 192.168.235.51 to 52:54:00:61:00:e7 via eth2Mar 24 13:28:25 centos3 dhcpd: DHCPREQUEST for 192.168.235.51 (192.168.235.13) from 52:54:00:61:00:e7 via eth2Mar 24 13:28:25 centos3 dhcpd: DHCPACK on 192.168.235.51 to 52:54:00:61:00:e7 via eth2</pre>Obtaining Leased Address Infomation=={{Admon/note | Identifying DHCP Lease Transaction Information | These messages record the DHCP lease transaction that consists of 4 broadcast packets, DISCOVER, OFFER, REQUEST and ACKNOWLEDGE. Try researching on the internet how this transaction differs from a DHCP lease renewal.}}<ol><li valuewidth="40%" align="5right">On centos2, confirm the IP address assignment using <code>ifconfig</code></li></ol>

== Part 1: Where does the dhcp server store a record of leased addresses?== {{Admon/note | Use your centos2 and centos3 VMs | Complete the following steps on # Remain in your '''centos2 ''' and '''centos3 ''' VMsfor this section.}} # If your '''centos3 ''' DHCP server successfully issued the proper IP address configuration values to '''centos2''', check the file called :<codebr>'''/var/lib/dhcpd/dhcpd.leases''' in your <u>'''centos3''' VM</codeu># . You should see the similar contents similar to:<br><br>::<prespan style="font-family:courier;">lease 192.168.235.51 {</span>::<span style="font-family:courier;"> starts 3 20105 2015/0307/24 10 17:2857:2534;</span>::<span style="font-family:courier;"> ends 3 20105 2015/0307/24 10 18:17:4834;</span>::25<span style="font-family:courier;"> cltt 3 20105 2015/0307/24 10 17:2857:2534;</span>::<span style="font-family:courier;"> binding state active;</span>::<span style="font-family:courier;"> next binding state free;</span>::<span style="font-family:courier;"> rewind binding state free;</span>::<span style="font-family:courier;"> hardware ethernet 52:54:00:610e:007d:e7a4;</span>}::<span style="font-family:courier;"> client-hostname "centos2";</prespan>{{Admon/note | Purpose of ::<codespan style="font-family:courier;">dhcpd.leases}</codespan> File | dhcpd records address leases in this file. If the service is restarted it reads in the file to know which addresses are currently leased and for how long.}}<ol><li value="3">On the client '''centos2 ''' check the contents of the <codeb>/var/lib/dhclient</codeb> directory. The files in this directory is where the dhclient stores its record of leases.<br><br> '''NOTE:''' If there are no files, then in a shell as root in your centos2 VM issue the command: <b><code><span style="color:#3366CC;font-size:1.2em;">dhclient eth0</span></code></b><br>Then check to see if there is file containing lease information in that directory.<br><br></li>

== Part 2: How can I lease the same address every time? Configuring DHCP server to Continually Lease Same IP Address=={|width="40%" align="right"

{{Admon/note | Use your centos2 and centos3 VMs | Complete the following steps on your centos2 and centos3 VMs.}}- valign="top"

|{{Admon/note | Reserving IP Addresses with DHCP | Even though DHCP gives out IP address dynamically, it also has the ability to reserve an IP address for a certain computer. In this sense it's almost as if the client computer has a static IP even though it uses DHCP to get it. This is useful if you want to be able to put entries in your /etc/hosts file and not have to worry about the entry becoming invalid over time. In Linux we refer to this as supplying a fixed address to a host. Microsoft calls it a reservation.}}

|}# Remain in your '''centos2''' and '''cento3''' VMs for this section.# Make certain that you are located in your '''centos3 ''' virtual machine.# Create a host declaration for '''centos2'''. Make sure you record the correct <code>hardware ethernet</code> setting that corresponds to the MAC address of the interface in '''centos2'''.# Give it the fixed-address '''192.168.235.12{{Admon/tip | Avoiding IP Address Conflicts | 42'''<br><br>'''Note:''' When supplying fixed-address it is important that the address assigned is exclusive of any ranges that have been declared. Otherwise it may be possible for 2 different hosts to receive the same address.}}<br><br><ol><li value="35">Start your service and test the address assignment by releasing your current address on '''centos2 ''' and then requesting a new address. Use the following commands on '''centos2''':</li>

::: <b><code><span style="color:#3366CC;font-size:1.2em;">ifdown eth1</span></code></b>::: <b><code><span style="color:#3366CC;font-size:1.2em;">ifup eth1</span></code></b><ol><li value="46">Confirm that you received the fixed address you were supposed to.</li>

{{Admon/important|Time for a new backup, INCLUDING YOUR VIRTUAL HARD DRIVE!|If you have successfully completed this lab, make a new backup of your virtual machines. Remember to also make a backup of the new second virtual disk drive on <br><br>''centos3'' Virtual hard-- drives created lab5 are image files and may have data changed as a result of performing this lab. Therefore, you now have two virtual disks on need to be backed up this hard disk image as well!''centos3'', and therefore two image files, and therefore will need two backup files.}} '''Arrange proof of the following on the screen:''' * <ol><li><span style="color:green;font-size:1.5em;">&#x2713;</span> '''centos2''' VM:<blockquote><ul><li>'''ifconfig eth0''' shows IP address '''192.168.235.42'''</li><li>DHCP client lease file</li></ul></blockquote><li><span style="color:green;font-size:1.5em;">&#x2713;</span> '''centos3''' VM:<blockquote><ul><li>DHCP server log file showing a lease occuring* </li><li>DHCP server configuration file showing subnet and host declaration* </li><li>DHCP server lease file* DHCP client lease file</li></ul></blockquote></li><li><span style="color:green;font-size:1.5em;">&#x2713;</span> '''Lab8''' log-book filled out.</li></ol>

= Preparing for = Practice For Quizzes , Tests, Midterm &amp; Final Exam ==