Previous Internet connection sharing Index Advanced topics Next

Configuring the DHCP server

DHCP is a network protocol that among other things can dynamically distribute IP addresses and other network setting to computers. When DHCP is used together with Internet connection sharing in Firestarter, the need to individually configure the client machine's TCP/IP settings on the local area network is removed. With DHCP, the process of connecting a new client to the network is as easy as plugging it in.

Specifically, when the DHCP service is enabled in Firestarter, a DHCP server is started on the firewall machine that distributes DHCP leases to the client machines. A lease supplies the clients with all the information needed to connect to the network. This information includes a unique IP address for each client, the default gateway, the subnet mask and the domain name servers in use. DHCP leases are always given with the understanding between client and server that the lease is valid only for a limited time.

Enabling the DHCP Service

Note: Firestarter does not itself include a DHCP server, it depends on the underlying system to provide this feature. The system does not need to have the DHCP server configured, or running. It is sufficient that the dhcpd program is located on the system, after that Firestarter will manage the DHCP server completely on the user's behalf.

If a DHCP binary is not detected on the system, the DHCP controls will remain inactive

Packages that need to be installed for the Firestarter DHCP service to function
DistributionPackage nameInstalled with
Red Hat 9, Fedora Coredhcp"yum install dhcp"
Debiandhcp"apt-get install dhcp"
Mandrakedhcp-server"urpmi dhcp-server"
Gentoodhcp"emerge dhcp"
SuSEdhcp-serverManually during system install or from RPM

The DHCP service can be configured from the firewall wizard, or from the preferences. By checking the "Enable DHCP for local network" option on the connection sharing setup screen the service is activated upon the completion of the wizard or saving of the preferences. Note that DHCP is only available in conjunction with Internet connection sharing, and the DHCP service is only provided to machines connected to the local area network. This way Firestarter does not interfere with the DHCP systems of Internet service providers.

Optionally a few details related to the DHCP server can be configured from the graphical interface. By clicking the "DHCP server details" label or arrow, new options become available. It is possible to change the range of IP addresses that is distributed to clients by changing the values of the lowest and highest IP address to assign controls. By default Firestarter will distribute IP addresses in the 192.168.0.100 to 192.168.0.254 range. The IP range can be freely manipulated, but must fall within the constraints created by the network address and netmask of the local area network connected network adapter.

Finally, the name server can be specified freely. Both dotted decimal IP addresses and hostnames of name servers are accepted. It is also possible to specify several servers at once by entering a comma separated list of servers. A special value of <dynamic> can also be specified, in which case the name servers are determined dynamically at run time from the firewall server's network settings. This is especially useful if the firewall server itself is using DHCP and the provider's name servers are subject to change. The default is to determine the name servers dynamically.

Creating Your Own DHCP Configurations

The option to keep an existing DHCP configuration is available if Firestarter detects that a DHCP configuration is already present on the system. This option has several uses. If you have manually configured a DHCP server on your system previously, it is possible to have Firestarter only manage the server process without touching the actual configuration. Alternatively, you can take the Firestarter generated DHCP configuration and extend it, safe in the knowledge that Firestarter will not overwrite it later on without your permission. There exists a number of interesting DHCP related features you can configure yourself, including whitelisting based on MAC hardware addresses, specifying static IPs for specific hosts, dividing machines into different classes and configurations, providing boot images for network terminals etc. See the dhcpd.conf and dhcpd man pages for more information.

The Firestarter generated DHCP configuration is stored as /etc/dhcpd.conf.

Previous Internet connection sharing Index Advanced topics Next