How to Install & Configure DHCP Server on Ubuntu Linux
The ISC DHCP Server, one of the most well-known open-source implementations of the DHCP protocol, has been in widespread use for many years because of its dependability, ease of configuration, and compatibility with operating systems based on GNU/Linux. It became a de facto standard in business networks after being included as a default package in releases like Debian and Ubuntu. However, classic DHCP servers have found it difficult to satisfy the needs of current infrastructures for automation, integration, and dynamic control as networks have become larger and more complicated.
The Internet Systems Consortium (ISC) has designated the legacy isc-dhcp-server as deprecated and created the Kea DHCP Server as a replacement in order to meet these changing requirements.
Comparison Between Kea and ISC DHCP Server
The main differences between KEA and ISC DHCP servers are given below.
| Feature | ISC DHCP Server | Kea DHCP Server |
|---|---|---|
| Developer | ISC | ISC |
| Development Status | Maintenance only (legacy) | Active development |
| Configuration File | dhcpd.conf (plain text) | JSON format |
| API Support | None | Available (REST API) |
| Database Integration | None | MySQL, PostgreSQL, Cassandra |
| Performance & Scalability | Small to medium-sized networks | Large-scale networks and data centers |
| Adoption | High | Increasing |
| Automation/Remote Management | Limited | Advanced API capabilities |
The Development of Kea and Overall Assessment
Even while the conventional ISC DHCP Server has been effectively performing fundamental DHCP tasks for many years, it is unable to meet the quickly changing needs of contemporary networks. More adaptable and scalable solutions that facilitate features like database integration, high availability, centralized management, and API access are needed for today's infrastructure. The Internet Systems Consortium (ISC) created the Kea DHCP Server as a contemporary substitute for its antiquated approach in order to satisfy these demands.
Kea's RESTful API support standardizes remote management and integration procedures, and its JSON-based configuration language enhances readability and automation. Its ability to use relational databases like MySQL, PostgreSQL, and Cassandra to manage IP address pools is one of its most noteworthy characteristics. Because of this, Kea is a strong and centralized DHCP solution that is particularly appropriate for big business networks and service providers.
Technical comparisons make it abundantly evident that ISC DHCP Server is now only supported to a limited extent and is unable to satisfy contemporary demands. In contrast, Kea offers the capability needed by modern network infrastructures thanks to its modular architecture, high degree of adaptability, and active development lifecycle. ISC's choice to completely switch its development focus to Kea is indicative of a larger movement that is being embraced in academic and business settings. From a technical perspective, selecting Kea for new deployments is therefore a more sustainable and future-proof strategy.
Following a broad, step-by-step installation of ISC DHCP on Ubuntu, this study will offer a more thorough installation guide for Kea DHCP Server on Ubuntu.
Installing DHCP Servers: ISC DHCP and Kea DHCP
The following prerequisites must be met before installing either DHCP server.
- A system running Ubuntu 22.04 LTS or a newer version
- A user account with root or sudo privileges
- A network interface configured with a static IP address
- Up-to-date system packages
- Basic knowledge of DNS and network configuration
- Properly configured time synchronization (e.g., using chrony or ntp)
ISC DHCP Server Installation
Using the normal package repositories, Ubuntu-based systems can quickly and easily install ISC DHCP Server, a classic DHCP solution. The fundamental installation and configuration processes are listed below. Deploying the DHCP server in a basic local network context just requires these steps.
1. Update System Packages
Updating the software packages on your computer helps avoid compatibility problems that could occur during installation.
sudo apt update && sudo apt upgrade -y
This command updates the package lists and upgrades all currently installed packages to their latest versions.
2. Install the ISC DHCP Server Package
Use the following command to install the isc-dhcp-server package, which includes the necessary server components.
sudo apt install isc-dhcp-server -y
This process installs the core server software that provides the DHCP service on your system.
3. Edit the Configuration File (/etc/dhcp/dhcpd.conf):
The primary configuration file that specifies how the ISC DHCP Server should operate is located at /etc/dhcp/dhcpd.conf. IP address ranges, DNS servers, gateway addresses, and even static IP assignments are among the parameters that can be specified in this file. Before making any modifications, a backup should be made.
To make changes to the file, use the following command.
sudo nano /etc/dhcp/dhcpd.conf
The subnets and IP address pools defined in this file determine how the DHCP server will operate.
Basic DHCP Configuration Example
The following example demonstrates a basic DHCP configuration for the 192.168.1.0/24 network.
default-lease-time 600;
max-lease-time 7200;
authoritative;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 8.8.8.8, 8.8.4.4;
option domain-name "example.local";
}
Explanations of DHCP configuration parameters are as follows.
- default-lease-time: The default duration (in seconds) for which an IP address is leased to a client.
- max-lease-time: The maximum allowable lease duration.
- authoritative: Declares that this DHCP server is the authoritative server for the network.
- range: The range of IP addresses the DHCP server will assign to clients.
- option routers: The default gateway for the clients (typically the IP address of the router or modem).
- option domain-name-servers: DNS servers that will be provided to clients.
- option domain-name: The domain name assigned to clients (optional).
You must specify a distinct subnet block for every VLAN or subnet that is part of your network. Every subnet block ought to contain gateway details and IP ranges unique to that network segment.
Check the DHCP configuration file's syntax both before and after making modifications in order to avoid configuration issues by running the nex command.
sudo dhcpd -t -cf /etc/dhcp/dhcpd.conf
The terminal will silently return to the command prompt if there are no errors. The precise line and type of mistake will be displayed if there is an issue.
Static IP Assignment (Fixed Address)
It could be preferable to assign the same IP address regularly to some clients (such as servers or printers). In these situations, the client's MAC address can be used to configure a static IP assignment.
host printer1 {
hardware ethernet 00:1A:2B:3C:4D:5E;
fixed-address 192.168.1.10;
option host-name "printer1";
}
When the device's MAC address and IP address match, this setting guarantees that the device will always receive the designated IP address. The subnet's dynamic range should not contain the given IP address.
Lease Record Tracking (dhcpd.leases)
The DHCP server stores the assigned IP addresses and their lease durations in the dhcpd.leases file.
cat /var/lib/dhcp/dhcpd.leases
Even after a system reboot, the server is able to recall which IP address was linked to which client because of this file. Although the file can be viewed, manual editing is not advised.
Configuration Validation
It is important to test the configuration file after making changes and before starting the DHCP service by running the next command.
sudo dhcpd -t -cf /etc/dhcp/dhcpd.conf
The command won't provide any output if the file is free of syntax problems. The output will highlight the problematic line and provide a description of the situation if there is an error.
Restarting the Service
To apply the changes and check the status of the DHCP service, run the next commands.
sudo systemctl restart isc-dhcp-server
sudo systemctl status isc-dhcp-server
Some tips and warnings for proper DHCP configuration are given below.
• To confirm the name of your network interface, use the ip a command.
• Ensure that the right interface definition, such as INTERFACESv4="ens33", is included in the /etc/default/isc-dhcp-server file.
• To prevent disputes, only one DHCP server should be designated as authoritative if there are multiple on the same network.
• Make sure that any fixed address assigned is outside the dynamic range in order to avoid IP address conflicts.
• Only network segment-specific options should be included in each subnet block.
•Accurate system time is necessary for the DHCP server to operate properly.
Multiple Subnet Configurations
Several subnets can be served concurrently by a DHCP server. Environments with several VLANs, physical networks, or virtual network architectures are particularly likely to experience this. Every subnet has a unique IP range, set of settings, and routing details.
Example 1: DHCP Distribution for Two Different Subnets
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
option routers 192.168.1.1;
option domain-name-servers 8.8.8.8;
}
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.50 192.168.2.150;
option routers 192.168.2.1;
option domain-name-servers 1.1.1.1;
}
This configuration allows the DHCP server to distribute IP addresses simultaneously on both the 192.168.1.0 and 192.168.2.0 networks. However, the server must be able to route traffic to these networks physically, such as through two separate NICs or via trunked VLANs.
Example 2: DHCP in VLAN Environments
If multiple VLANs are in use and the DHCP server is expected to serve different VLANs, a DHCP relay (IP helper) is typically required. A separate subnet block must be defined for each VLAN.
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.100 10.10.10.150;
option routers 10.10.10.1;
}
subnet 10.10.20.0 netmask 255.255.255.0 {
range 10.10.20.100 10.10.20.150;
option routers 10.10.20.1;
}
In this scenario, each VLAN does not require a physical connection to the DHCP server. Rather, in order to forward requests to the server, the VLAN router or switch needs to be set up with a DHCP relay (helper address).
Example 3: Multiple Subnets with a Single Gateway
subnet 192.168.10.0 netmask 255.255.255.0 {
range 192.168.10.10 192.168.10.100;
option routers 192.168.10.1;
}
subnet 192.168.20.0 netmask 255.255.255.0 {
range 192.168.20.10 192.168.20.100;
option routers 192.168.10.1;
}
In some cases, all subnets can share the same default gateway. This setup is achievable through static routing or a centralized router.
Each subnet block should include the following parameters.
- Its own IP range (range)
- Its own default gateway (option routers)
- And optionally, DNS and domain name information
These subnets cannot be automatically detected by the DHCP server; suitable router configurations are necessary for proper functioning.
4. Specify the Network Interface (default: /etc/default/isc-dhcp-server)
The /etc/default/isc-dhcp-server file needs to be configured in order to indicate which network interface the ISC DHCP server should listen on for incoming DHCP packets. When launching the DHCP service, problems like "no subnet declaration" could appear if this file is not configured correctly, and the server would not be able to give IP addresses.
To edit the file, use the command below.
sudo nano /etc/default/isc-dhcp-server
In the opened file, locate the following line and ensure it is enabled.
INTERFACESv4="ens33"
Here, "ens33" stands for the name of your system's active network interface. This name can be different on other systems.
Identifying the Network Interface
You can use the following command to see the names of the network interfaces that are defined on your system.
ip a
In the command output, you may see active interface names such as ens33, eth0, or enp0s3. These names must be entered exactly as shown in the configuration file.
INTERFACESv4 is used exclusively for IPv4. If IPv6 support is needed, the INTERFACESv6 variable should also be defined.
To specify multiple interfaces, list the interface names separated by spaces:
INTERFACESv4="ens33 eth0"
The network interface may have been misconfigured or left out if the DHCP service seems to be operating, but clients are not getting IP addresses. Only the interface or interfaces specified in this file are used by the DHCP server to listen.
5. Start and Enable the DHCP Service
After completing the installation and configuration, start the DHCP service and enable it to run automatically at system boot.
sudo systemctl start isc-dhcp-server
sudo systemctl enable isc-dhcp-server
While the second command allows the service to operate upon system startup, the first command launches the service instantly.
Before making any changes, it is advisable to make a backup of the dhcpd.conf file.
IP conflicts may arise if this DHCP server is linked to the same network as another one.
Kea DHCP Server Installation
The Internet Systems Consortium (ISC) created the Kea DHCP Server, a DHCPv4 server that complies with RFC. With its modular component architecture, JSON-based configuration files, RESTful API for remote administration, and SQL database connectivity, Kea was created to satisfy the demands of contemporary networks, such as high availability, automation, and centralized management.
The technical implementation of an example IPv4 configuration and the fundamental installation procedures for the Kea DHCP server are described in the section that follows.
1. Install Required Packages
Kea DHCP Server's modular architecture allows for the installation of various components tailored to your requirements. On Ubuntu or Debian-based computers, Kea's fundamental components can be readily installed using the apt package manager.
Execute the subsequent command to install the requisite components of the Kea DHCP Server on your system.
sudo apt install kea-dhcp4-server kea-common kea-ctrl-agent kea-admin -y
This wil install the following components.
- kea-dhcp4-server: The core server component that implements the DHCPv4 protocol.
- kea-common: The base module that includes shared configuration and runtime files.
- kea-ctrl-agent: A control agent that enables remote management of Kea servers via RESTful API.
- kea-admin: A command-line tool used for managing database schemas and performing basic maintenance tasks.
It is advisable to update your system before to installation. Otherwise, you may face issues relating to dependencies.
sudo apt update && sudo apt upgrade –y
Kea services do not initiate automatically post-installation. They must be initiated manually following the configuration file definitions. Alternatively, you may have warnings such as "configuration file not found" or "failed to bind to socket."
2. Open the Main Configuration File in JSON Format
The configuration of the Kea DHCP Server diverges from the conventional dhcpd.conf standard and is structured in JSON. This framework enhances readability and facilitates automation more efficiently. The primary configuration file for the DHCPv4 service is generally found at /etc/kea/kea-dhcp4.conf
The following key components are configured in this KEA DHCP configuration file.
• interfaces-config: Designates the network interfaces on which Kea will operate.
• subnet4: Outlines IP address pools, subnet masks, gateways, and DNS configurations.
• lease-database: Configures the storage location and method for IP lease information.
• loggers: Establishes logging levels and the directory for log files.
Kea mandates that the configuration file adhere to an acceptable JSON format. A trivial syntax error, like an omitted comma, can hinder the initiation of the service.
Creating a backup of the original file prior to making modifications is advisable.
sudo cp /etc/kea/kea-dhcp4.conf /etc/kea/kea-dhcp4.conf.bak
Additionally, you can verify whether the changes made to the file are valid by using Kea’s test mode.
sudo kea-dhcp4 -t -c /etc/kea/kea-dhcp4.conf
This command verifies the validity of the configuration and identifies any erroneous lines.
If the "interfaces" field is unpopulated in the configuration file, Kea will not monitor any network interface, rendering clients incapable of acquiring IP addresses. Ensure it is delineated as illustrated below.
"interfaces-config": {
"interfaces": [ "ens33" ]
}
You can verify the correct interface name by using the ip a command.
3. Basic Configuration Example
The following example includes the essential settings required for Kea to operate in a small-scale local network environment.
{
"Dhcp4": {
"interfaces-config": {
"interfaces": [ "ens33" ]
},
"subnet4": [
{
"subnet": "192.168.1.0/24",
"pools": [ { "pool": "192.168.1.10 - 192.168.1.100" } ],
"option-data": [
{ "name": "routers", "data": "192.168.1.1" },
{ "name": "domain-name-servers", "data": "8.8.8.8" }
]
}
],
"lease-database": {
"type": "memfile",
"persist": true,
"name": "/var/lib/kea/dhcp4.leases"
},
"loggers": [{
"name": "kea-dhcp4",
"output_options": [ { "output": "/var/log/kea-dhcp4.log" } ],
"severity": "INFO"
}]
}
}
In this setup, the Dynamic Host Configuration Protocol (DHCP) service is enabled over the ens33 interface. Additionally, IP addresses are distributed within the defined range, and clients are provided with DNS and gateway settings. You have the ability to modify the file in accordance with the topology of your own network.
4. Test the Configuration File
To check for syntax errors in the configuration file, run the following command.
sudo kea-dhcp4 -t -c /etc/kea/kea-dhcp4.conf
The message "Configuration appears to be valid" will appear on the screen if the configuration is considered valid. In the event that this is not the case, the terminal will display the line that contains the error along with an explanation that in-depth.
5. Start the Kea DHCP Service
After validating the configuration, start the service and enable it to run automatically at system startup.
sudo systemctl start kea-dhcp4-server
sudo systemctl enable kea-dhcp4-server
These commands start the Kea DHCP server as a system service and ensure that it runs automatically on subsequent system boots.
Kea DHCP Server Troubleshooting
The most common KEA DHCP problems and their troubleshooting methods are given below.
1. Check the Service Status
To determine whether the Kea DHCP server is running as a system service, use the following command.
sudo systemctl status kea-dhcp4-server
This command provides information about the service’s status, the last time it was started, and any error messages if applicable. If the service is in a 'failed' state, the output will clearly indicate the reason.
2. Review Log Files
To monitor KEA DHCP errors in real time and observe client requests, use the following command.
sudo tail -f /var/log/kea-dhcp4.log
These log files include events such as configuration errors and IP address assignments.
To filter and display only error messages, run the next command.
grep ERROR /var/log/kea-dhcp4.log
3. JSON Formatting Error
Configuration parsing failed, JSON parsing error due to the missing commas or unclosed curly braces. To validate the JSON file, run the next command.
jq . /etc/kea/kea-dhcp4.conf
4. Mismatch Between IP Pool and Subnet
“invalid pool” or “out of subnet” error occurs, due to the defined IP range is outside the specified subnet. To solve the issue, the subnet and pool must match (e.g., 192.168.1.0/24 with 192.168.1.10 - 192.168.1.100)
5. Incorrect Network Interface Selection
“Unable to bind to socket” or “No interfaces available for DHCPv4” due to the interface name specified in interfaces-config does not exist on the system. Use the ip a command to check available interfaces on the system. If necessary, you can configure Kea to listen on all interfaces by using:
"interfaces": ["*"]
6. DDNS Module Not Enabled
For Kea to perform DNS updates, the dhcp-ddns module must be enabled. This module runs as a separate service and should be configured as follows in the configuration file.
"D2": {
"enable-updates": true,
...
}
7. ddns-send-updates Setting on the DHCP Server
For Kea to send DNS updates, the following setting must be enabled in the DHCPv4 or DHCPv6 configuration.
"ddns-send-updates": true,
8. TSIG Key May Not Be Properly Defined
DNS updates typically require authentication using a TSIG key. The TSIG configuration must be correctly shared between the Kea D2 service and the target DNS server.
9. DNS Zone Authorization and Delegation Issues
If the DNS zone that Kea is attempting to update is not marked as authoritative on the target DNS server, the update attempts will fail.
10. Missing or Incorrect Hostname Definition
If the hostname information received from the client is missing or malformed, Kea cannot forward it to the DNS server. For DHCPv4, the client-hostname field, and for DHCPv6, the fqdn option must be properly set.
11. Kea Fails to Receive Incoming Traffic
The UDP ports that Kea needs to listen on may be blocked by the system's firewall.
To check:
sudo iptables -L
Required open ports: UDP 67, 546, and 547
Example firewall rules:
sudo ufw allow 67/udp
sudo ufw allow 546/udp
sudo ufw allow 547/udp
On Ubuntu systems, AppArmor may prevent Kea from binding to required ports.
To check the current status:
sudo aa-status
To temporarily disable AppArmor for Kea:
sudo aa-disable /etc/apparmor.d/usr.sbin.kea-dhcp4
12. Root Privileges Required for DHCPv6
The DHCPv6 protocol uses port 547, which requires root privileges to operate.
Correct command to start the service.
sudo kea-dhcp6 -c /etc/kea/kea-dhcp6.conf
13. Hardware or Virtual Network Connection Issues
If the network interface is in a DOWN state or there is no physical connection, Kea will not be able to receive traffic. You can check the interface status using the following command.
tail -f /var/log/kea-dhcp4.log
tail -f /var/log/kea-dhcp6.log
Particularly important log messages include “failed to bind to socket”, and “no interfaces found”.