DHCP Server Configuration (dhcpd.conf)
Where to Find It
The main configuration file for the ISC DHCP server is:
/etc/dhcp/dhcpd.confConfiguration Hierarchy
The file is hierarchical:
- Global Settings – Defaults that apply everywhere (lease times, logging, DNS domain).
- Shared Networks – Group multiple subnets on the same broadcast domain.
- Subnets – Define address ranges, gateways, and subnet-specific options.
- Pools – Split a subnet into smaller groups based on policy (e.g., guest vs corporate).
- Hosts – Define static mappings for specific devices (by MAC address or client ID).
Tip: Always document why a setting is global vs subnet-specific to avoid conflicts.
Key Directives
- authoritative; – Tells clients this server is the definitive DHCP authority for these networks. This reduces client timeouts when they hold invalid leases.
- default-lease-time / max-lease-time – Controls how long clients keep their IPs.
- log-facility – Sends logs to a specific syslog facility for easier filtering.
- option domain-name / option domain-name-servers – Provides DNS configuration to clients.
Maintainability Best Practices
- Use include files to split configs by site or VLAN (keeps the main file clean).
- Add comments to explain why options are set (important for multi-admin environments).
- Keep the config file under version control (e.g., Git) so changes are tracked and rollbacks are easy.
Minimal Example
A basic authoritative DHCP config might look like this:
authoritative; # This server is authoritative
default-lease-time 600; # 10 minutes
max-lease-time 7200; # 2 hours
log-facility local7; # Send logs to syslog facility 'local7'
option domain-name "corp.example";
option domain-name-servers 10.0.0.53, 10.0.1.53; # Primary and secondary DNS
subnet 10.0.10.0 netmask 255.255.255.0 {
option routers 10.0.10.1;
range 10.0.10.50 10.0.10.199; # Address pool for clients
}Why These Choices?
- authoritative; ensures clients quickly discard invalid leases.
- Global options (like DNS servers) apply to all subnets unless overridden.
- Placing defaults at the top makes it easy to override settings in subnet, pool, or host blocks when necessary.
Key Takeaway: Think in layers (global → shared-network → subnet → pool → host). Keep configs clean, documented, and versioned for long-term reliability.