Mind Chasers Inc.
Mind Chasers Inc.

Configure a DHCP Server on Linux

Configure a Linux host to act as a DHCP server and assign predefined IP addressees to the supported hosts on our network. Configuration and debug tips are provided for Ubuntu and Yocto systems.


The Dynamic Host Configuration Protocol (DHCP) is typically utilized during startup of a networked device to obtain a valid network configuration, including IP address, from the DHCP server on the local network. This function is almost always included in firewalls found in both homes and businesses, and the vast majority of devices (e.g., tablets, PCs, Xbox, etc.) that you'll find on a network utilize DHCP.

This article describes the use of the Internet Software Consortium's (ISC) DHCP server on both Ubuntu 16.04 and our various Yocto-built hosts. ISC claims that its DHCP server "is the most widely used open source DHCP implementation on the Internet and is a carrier and enterprise grade solution". You can read more at http://www.isc.org/software/dhcp.

We make extensive use of the DHCP server to assign unique, consistent, private addresses to each supported device on our network. For our private networks, we use IPv4. However, the DHCP server can assign both IPv4 and IPv6 addresses, but it requires two daemon instances to be run to do so.

It's also important to point out that a Linux machine can act as the DHCP server on a network that is served by a commercial firewall / router if the DHCP server is disabled in the commercial device. This can be very useful taking control of your network's addressing, which is highly desirable when monitoring or filtering network activity.

Installation on Ubuntu 16.04

Prior to installation, you may notice that an /etc/dhcp directory already exists. If it does exist, then this directory most likely contains configuration files for the DHCP client (e.g, dhclient.conf). Keep in mind that our Linux hosts typically act as both a DHCP server and a DHCP client for retrieving its own IP and DNS address from an upstream firewall.

After a fresh Ubuntu installation, we find the following files in /etc/dhcp:

$ ls
debug  dhclient.conf  dhclient-enter-hooks.d  dhclient-exit-hooks.d
If you want to see your dhclient in action, type the following:
$ sudo dhclient -v <interface> # e.g., enp0s7

To install the DHCP server, type the following:

$ sudo apt install isc-dhcp-server

The DHCP server doesn't start automatically after installation, as can be seen below:

$ ps -e | grep dhcp		

However, we can see that the DHCP server will start automatically on subsequent reboots:

$ ls -l /etc/rc5.d/*dhcp*
lrwxrwxrwx 1 root root 25 Feb 16 15:10 /etc/rc5.d/S02isc-dhcp-server -> ../init.d/isc-dhcp-server


Important Files

File Purpose
/etc/dhcp/dhcpd.conf DHCP server configuration file
/etc/init.d/isc-dhcp-server DHCP initialization script
/etc/default/isc-dhcp-server Defaults for DHCP initialization script
/var/lib/dhcp/dhcpd.leases DHCP client lease database

For both our Ubuntu and Yocto systems, we define a test network at, and this is where we will enable the DHCP server to assign addresses. For our Ubuntu machine, we define the following in our /etc/network/interfaces file:

# experimental / test network
auto enp3s0
iface enp3s0 inet static

Next we modify the /etc/default/isc-dhcp-server file, which provides defaults for initialization of the dhcpd process. We only want the DHCP server to assign addresses on interface enp3s0. We do this by setting the INTERFACES parameter, and this parameter is ultimately passed onto the DHCP sever via its command line interface when it's started.

A snippet of /etc/default/isc-dhcp-server is shown below:

# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
#       Separate multiple interfaces with spaces, e.g. "eth0 eth1".

Before we modify our configuration file, /etc/dhcpd.conf, we make a copy as shown below

$ sudo cp /etc/dhcpd.conf /etc/dhcpd.conf.orig

There are various options supported by the DHCP server that aren't utilized in our simple example configuration file. Two quick resources for finding out more about the available options are the original configuration file and the man page: "man dhcpd.conf".

The configuration file consists of parameter and declaration statements. Parameter statements can be used to assign settings (e.g., authoritative), and we use declaration statements to describe the network topology and clients on the network. We make extensive use of the host declaration statement to assign fixed IP addresses to our known client devices.

Note that most networked devices (e.g., web camera) support static IP address assignment via an administrative interface (e.g., local web server running on a web camera or a settings screen on a tablet). We prefer not to use this method to assign addresses since this is difficult to manage versus our centralized approach.

For this article, we only support our POE SVC3 camera:


subnet netmask {
#        range;
        default-lease-time 86400;
        max-lease-time 86400;
        option subnet-mask;
        option broadcast-address;
        option routers;
        #option domain-name-servers;   

host svc3_cam {
        hardware ethernet C0:99:34:51:77:01;

A few notes to make about the configuration file:

  • The authoritative statement instructs the DHCP server to send a DHCPNAK in response to an invalid DHCPREQUEST
  • The subnet statement defines our local network and the option statements are propagated to each host statement. We are leaving range commented out to prevent the DHCP server from assigning IP addresses to unknown devices that may be attached to our network without permission. However, in some cases it is very convenient to enable this line temporarily to configure a device and record its MAC address, which can be found in the lease file (see below).
  • Each host statement maps an Ethernet MAC address to an IP address. A name is also given to each map (e.g., win_laptop)

Start the DHCP Server on Ubuntu

$ sudo service isc-dhcp-server start

$ ps -e | grep dhcp
 2295 ?        00:00:00 dhcpd

We can see that our camera was assigned an IP address by examining /var/log/syslog:

$ grep DHCP /var/log/syslog

Feb 16 17:12:32 ubuntu1 dhcpd[2295]: DHCPDISCOVER from C0:99:34:51:77:01 via enp3s0
Feb 16 17:12:32 ubuntu1 dhcpd[2295]: DHCPOFFER on to C0:99:34:51:77:01 via enp3s0
Feb 16 17:12:32 ubuntu1 dhcpd[2295]: DHCPREQUEST for ( from C0:99:34:51:77:01 via enp3s0
Feb 16 17:12:32 ubuntu1 dhcpd[2295]: DHCPACK on to C0:99:34:51:77:01 via enp3s0

Using the DHCP Server

The dhcpd.leases file is used as a cache by the server across reboots and power failures. It also provides visibility into what addresses have been granted to devices from the range pool within the defined subnet. New leases are appended to the end of the dhcpd.leases file.

In order to prevent the file from becoming arbitrarily large, from time to time dhcpd creates a new dhcpd.leases file from its in-core lease database. Once this file has been written to disk, the old file is renamed dhcpd.leases~, and the new file is renamed dhcpd.leases. If the system crashes in the middle of this process, whichever dhcpd.leases file remains will contain all the lease information, so there is no need for a special crash recovery process.

Each time the dhcpd.conf file is changed, the DHCP server must be restarted to process the changes. This can be accomplished as follows:

$ sudo service isc-dhcp-server restart

Tips on Debugging

During boot, a client device will make a request to the broadcast IP address of on destination port 67 using a unqiue transaction ID. This request will be made from an IP address of

Nov 15 19:28:55 controller dhcpd: DHCPDISCOVER from C0:99:34:51:77:01 via enp3s0: network no free leases

tcpdump is a very handy tool when debugging DHCP boot issues, especially if they are due to an improperly configured client or perhaps faulty iptables settings on the Linux host running dhcpd. Below we show an example along with a partial dump / result. Notice the wealth of information that can be seen in the dump.

# tcpdump -i eth1 -vvXn port 67
tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 262144 bytes
18:21:27.505459 IP (tos 0x0, ttl 64, id 6222, offset 0, flags [none], proto UDP (17), length 576) > [udp sum ok] BOOTP/DHCP, Request from 00:62:6e:44:a4:67, length 548, xid 0xd5d58328, secs 10, Flags [none] (0x0000)
	  Client-Ethernet-Address 00:62:6e:44:a4:67
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message Option 53, length 1: Discover
	    MSZ Option 57, length 2: 548
	    Lease-Time Option 51, length 4: 4294967295
	    Parameter-Request Option 55, length 14: 
	      Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
	      Domain-Name, RP, TTL, BR
	      MD, Router-Discovery, Static-Route, YD
	      YS, NTP
	    Hostname Option 12, length 19: "ipcam_00626E44A467^@"
	    Vendor-Class Option 60, length 23: "Linux 2.4.20-uc0 armv3l"
	    Client-ID Option 61, length 7: ether 00:62:6e:46:a7:23
	0x0000:  4500 0240 184e 0000 4011 6060 0000 0000  E..@.N..@.``....
	0x0010:  ffff ffff 0044 0043 022c 02b1 0101 0600  .....D.C.,......
	0x0020:  d5d5 8328 000a 0000 0000 0000 0000 0000  ...(............
	0x0030:  0000 0000 0000 0000 0062 6e46 a723 0000  .........blm.p..

The DHCP server supports various command line options. To read about them, type "man dhcpd" or "man dhcp.conf" at a terminal prompt.

To see the options that were used by the system when starting the server, type the following at a terminal prompt:

$ ps -ef | grep dhcp

dhcp     19519     1  0 Feb06 ?        00:00:00 /usr/sbin/dhcpd -q -user dhcp -group dhcp

It can also be helpful to start the dhcpd process as a foreground task (doesn't fork to daemon) and have it dump its output to the console rather than syslog. We can do this by passing dhcpd the '-d' flag.

# dhcpd -4 -d  -lf /var/lib/dhcp/dhcpd.leases -cf /etc/dhcp/dhcpd.conf

Internet Systems Consortium DHCP Server 4.3.6
Copyright 2004-2017 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /etc/dhcp/dhcpd.conf
Database file: /var/lib/dhcp/dhcpd.leases
PID file: /var/run/dhcpd.pid
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 0 leases to leases file.
Listening on ...


Didn't find an answer to your question? Post your issue below or in our new FORUM, and we'll try our best to help you find a solution.

And please note that we update our site daily with new content related to our open source approach to network security and system design. If you would like to be notified about these changes, then please follow us on Twitter and join our mailing list.

subscribe to mailing list:

Please help us improve this article by adding your comment or question:

For enhanced features and capabilities, please sign in or authenticate using a popular third party

your email address will be kept private

to upload an image

previous month
next month