Easy-to-follow video tutorials help you learn software, creative, and business skills.Become a member

Deploying DHCP

From: Mac OS X Server 10.6 Snow Leopard: DNS and Network Services

Video: Deploying DHCP

If you've been following along in this class from the beginning, you know by now that we went out and purchased a very inexpensive router to host our network. We left NAT on, but turned DHCP off. Now admittedly, this is a rare configuration option, because DHCP is on by default in just about every router for sale today. I say just about because nothing is 100%, but it's probably all of them. Anyway, if you have been doing this title up until now with DHCP on in your router, go ahead and turn it off now. Don't worry. I'll wait. Oh! If you have an AirPort Base Station, and you want to use that as your router, don't. Not for this chapter anyway.

Deploying DHCP

If you've been following along in this class from the beginning, you know by now that we went out and purchased a very inexpensive router to host our network. We left NAT on, but turned DHCP off. Now admittedly, this is a rare configuration option, because DHCP is on by default in just about every router for sale today. I say just about because nothing is 100%, but it's probably all of them. Anyway, if you have been doing this title up until now with DHCP on in your router, go ahead and turn it off now. Don't worry. I'll wait. Oh! If you have an AirPort Base Station, and you want to use that as your router, don't. Not for this chapter anyway.

You can't turn on NAT and turn off DHCP at the same time on those devices. So, for the purpose of this chapter, the Apple AirPort Extreme or Express Base Stations, though excellent products overall, just won't work here. Now that we have that out of the way, open Server Admin and go to Services. We have Server Admin right here in the dock and yes, we are actually getting onto this from the client, so all of this is happening remotely. We're going to go to Settings > Services > DHCP and we'll click Save and then come over and click on DHCP in the sidebar.

Configuring DHCP is pretty easy, but you have to know your IP ranges before you start the service. Otherwise, if you get it wrong, you'll just end up coming back in here and doing it all over again. In our planning, we decided that we would have a DHCP range from 192.168.12.64 to 192.168.12.127, and that that would be the range that would be handed out to computers using the DHCP service. Now, I know that I'm also going to be using a VPN later in this title and I want different ranges for those clients to be handed out by the VPN server.

My VPN range will be 192. 168.12.12 through 192.168.12.159. So, I can't interfere with those addresses here in the DHCP settings. Since our DHCP range is 192.168.12.64 through 192.168.12.127, but our router is at 192.168.12.1, our server is at 192.168. 12.2, and we want our DHCP clients to be able to see the entire 254 nodes subnet as a local network, we will not be using the CIDR notation that we used in the firewall to configure this.

We start by going into subnets. We click on the name of the default subnet and we delete it. We click Save and we click the Plus button. This gives us a brand-new one. Now this subnet name, I'm just going to call Internal DHCP. The starting IP address, as we said, is going to be 192.168.12.64. Our ending IP address, 192.168.12.127.

Now, this is where this becomes important. What I just said about the subnet mask, if we were using the CIDR notation from our firewall rule, we would be doing this. And that would be bad, because in this case, if we were to set that up, the only computers that any of our DHCP clients would be able to see would be computers between 64 and 127, which means they wouldn't be able to get to our router. The router is at 192.168.12.1.

That wouldn't work, because these systems wouldn't be able to see the router, because it's outside of the subnet. So, we have to make this the 255.255. 255.0 subnet. That would give us full access to that 254-node range. We also want to configure the correct Ethernet interface for the network that will be sending out that DHCP information. So, we're going to go with en0, and once again that we got this, we'll go 192.168.12.1. A lease time typically is actually close to 4 hours.

Once we have that in place, we can go over here to DNS. DNS is currently configured as the local loopback address. That clearly won't work for our clients though, because they're not hosting DNS servers. So, what we need to do is put in our DNS server as the DNS server that's handed out via DHCP. We can also take this opportunity to put in our network's search domain, which means that this will be handed out into the network settings, and this will be handed out into the network settings, and all of the clients will receive an IP address from 64-127, as they come on the network.

With that, we can click Save. Now with your DHCP range configured and assigned to the correct network interface, you can move on to configure the LDAP options that are available here, and you could also configure your WINS options available here. But there are two problems with this. First, as a security best practice, you generally don't want to let your client machines pick up LDAP information for authentication and contacts via DHCP, because they will do that on every network then connect with, potentially opening the client after being compromised by a rogue DHCP server.

A rogue DHCP server is one that is functioning on a network where it shouldn't exist. A malicious rogue DHCP server could be used to pass out LDAP information to clients to allow a hacker to log in to those client machines, because LDAP has the capability of sending that information out, and then the client system would use that information to look back at a directory of user accounts that are able to log into it. Because that would be a bad thing, generally, you probably want to turn off the ability to receive that kind of auto-configured LDAP information on all of your clients.

If you turn it off on all of your clients, it's off by defau on 10.6, then there is really no point in configuring it in OS X Server's DHCP settings. So, I would leave this blank. If you're on a network where WINS isn't used, you can add those settings to the WINS tab, and the Windows clients will pick up that autoconfiguration information as well, which will make it easier for them to find network services on your network. We don't have any network services here offered up in the WINS format. We don't in fact have any Windows clients right now, so that's not going to be configured either.

We're going to leave both LDAP and WINS blank. Configure General and DNS, both as we've shown already, and we've already clicked Save, so all we need to do now is click the Enable check box next to Internal DHCP. And that once saved will be an enabled DHCP range that will be served out over the en0 network interface. Before you start DHCP, it can be useful to go to Settings and turn your Log Levels up to High. That way you'll get full logs on everything that's going on with DHCP, which is being handled by the BOOTP service.

I click save there and I click Start DHCP. We're now handing out DHCP over that network interface. All we need to do now is open up a client and have it attached to the network. We can see if clients have attached to the network by clicking over here on the Clients interface and as people come on the network, we'll see the computer name, their Mac address, their client ID, their IP address that we've given them, and the lease time remaining on their DHCP lease.

So, we've opened up a laptop, and there we go! Excellent! We just click Refresh a few times and it's popped right up. So, we see the computer's name, we see its Mac address, we see the IP address that it's been handed, and how much lease time now remains. Now the nifty thing about this is that once we've got somebody that's received an IP address, this gives us an opportunity to create a static map. All we have to do is click the Create Static Map button and come up here and click Create Map, flip down the triangle, and here you've got all of the information that the client just received.

If we want to change any of that information, we click the Edit button, leave the Computer Name exactly what it is unless you want to mess with the client. Leave the Mac Address exactly as it is. But we can change this IP Address. We can say, I don't want this to receive the 64-address. I want this one to always receive the 127-address, and we just do that by coming out here to the end and giving it an IP address that's in the DHCP range. This is a really handy way of using DHCP, but still providing a device with the same address all the time.

It's sort of a mixture between this dynamic addressing and static addressing, making it easy to locate the device over and over again. This could be a really cool trick to use with printers, where they are configured to pick up a DHCP address, when new without any local configuration right out of the box. Once the device is in the table, just use that information to get into this interface to set the IP address information you want for that printer and bam! You're done! Click OK and that device will always get that same address every time. Click Save.

It will ask you if you want to restart DHCP, but that's no big deal, and you're done. DHCP is a solid technology that's been around for years, but there are still plenty of things that can go wrong with it. Let's look at ways to troubleshoot DHCP in the next movie.

Show transcript

This video is part of

Start learning today

Get unlimited access to all courses for just $25/month.

Become a member
Sometimes @lynda teaches me how to use a program and sometimes Lynda.com changes my life forever. @JosefShutter
@lynda lynda.com is an absolute life saver when it comes to learning todays software. Definitely recommend it! #higherlearning @Michael_Caraway
@lynda The best thing online! Your database of courses is great! To the mark and very helpful. Thanks! @ru22more
Got to create something yesterday I never thought I could do. #thanks @lynda @Ngventurella
I really do love @lynda as a learning platform. Never stop learning and developing, it’s probably our greatest gift as a species! @soundslikedavid
@lynda just subscribed to lynda.com all I can say its brilliant join now trust me @ButchSamurai
@lynda is an awesome resource. The membership is priceless if you take advantage of it. @diabetic_techie
One of the best decision I made this year. Buy a 1yr subscription to @lynda @cybercaptive
guys lynda.com (@lynda) is the best. So far I’ve learned Java, principles of OO programming, and now learning about MS project @lucasmitchell
Signed back up to @lynda dot com. I’ve missed it!! Proper geeking out right now! #timetolearn #geek @JayGodbold
Share a link to this course

What are exercise files?

Exercise files are the same files the author uses in the course. Save time by downloading the author's files instead of setting up your own files, and learn by following along with the instructor.

Can I take this course without the exercise files?

Yes! If you decide you would like the exercise files later, you can upgrade to a premium account any time.

Become a member Download sample files See plans and pricing

Please wait... please wait ...
Upgrade to get access to exercise files.

Exercise files video

How to use exercise files.

Learn by watching, listening, and doing, Exercise files are the same files the author uses in the course, so you can download them and follow along Premium memberships include access to all exercise files in the library.


Exercise files

Exercise files video

How to use exercise files.

For additional information on downloading and using exercise files, watch our instructional video or read the instructions in the FAQ .

This course includes free exercise files, so you can practice while you watch the course. To access all the exercise files in our library, become a Premium Member.

Join now Already a member? Log in

Are you sure you want to mark all the videos in this course as unwatched?

This will not affect your course history, your reports, or your certificates of completion for this course.


Mark all as unwatched Cancel

Congratulations

You have completed Mac OS X Server 10.6 Snow Leopard: DNS and Network Services.

Return to your organization's learning portal to continue training, or close this page.


OK
Become a member to add this course to a playlist

Join today and get unlimited access to the entire library of video courses—and create as many playlists as you like.

Get started

Already a member ?

Become a member to like this course.

Join today and get unlimited access to the entire library of video courses.

Get started

Already a member?

Exercise files

Learn by watching, listening, and doing! Exercise files are the same files the author uses in the course, so you can download them and follow along. Exercise files are available with all Premium memberships. Learn more

Get started

Already a Premium member?

Exercise files video

How to use exercise files.

Ask a question

Thanks for contacting us.
You’ll hear from our Customer Service team within 24 hours.

Please enter the text shown below:

The classic layout automatically defaults to the latest Flash Player.

To choose a different player, hold the cursor over your name at the top right of any lynda.com page and choose Site preferences from the dropdown menu.

Continue to classic layout Stay on new layout
Exercise files

Access exercise files from a button right under the course name.

Mark videos as unwatched

Remove icons showing you already watched videos if you want to start over.

Control your viewing experience

Make the video wide, narrow, full-screen, or pop the player out of the page into its own window.

Interactive transcripts

Click on text in the transcript to jump to that spot in the video. As the video plays, the relevant spot in the transcript will be highlighted.

Are you sure you want to delete this note?

No

Your file was successfully uploaded.

Thanks for signing up.

We’ll send you a confirmation email shortly.


Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

Keep up with news, tips, and latest courses with emails from lynda.com.

Sign up and receive emails about lynda.com and our online training library:

Here’s our privacy policy with more details about how we handle your information.

   
submit Lightbox submit clicked
Terms and conditions of use

We've updated our terms and conditions (now called terms of service).Go
Review and accept our updated terms of service.