1
00:00:00,000 --> 00:00:17,519
Hey everyone and welcome back. So previously we had just walked through the basic configuration

2
00:00:17,519 --> 00:00:25,199
for a DHCP server. Now I just talked about how we configured DHCP services for a particular

3
00:00:25,199 --> 00:00:36,240
interface in our case it was ENP0S8 which happened to reside on the 10110-24 network. Now as it

4
00:00:36,240 --> 00:00:43,200
transpires anyone within the same network segment that is someone who would be attached via a switch

5
00:00:43,200 --> 00:00:50,399
they could ultimately make requests to this particular server all via a layer 2 connection if

6
00:00:50,399 --> 00:00:57,119
you recall we talked about layer 2 in the LPIC1 certification. So anyone attached here can reach

7
00:00:57,119 --> 00:01:04,239
this server therefore they can make the necessary broadcast requests and can ultimately receive IPs

8
00:01:04,239 --> 00:01:10,560
from this address pool but again let's try to imagine a larger network so let's redraw this

9
00:01:10,560 --> 00:01:18,879
once more. We have our server here this is our Ubuntu machine we'll just say Ubuntu DHCP and we have

10
00:01:18,959 --> 00:01:30,239
our interface card here which is our original ENP0S3 and this has got an IP address of 192.1680.44

11
00:01:30,239 --> 00:01:38,719
in my case and we also added this second one here which is 10113 so we can imagine that we are connected

12
00:01:38,719 --> 00:01:44,719
to another client here okay so over here in fact let me change the color let's say that we have

13
00:01:44,719 --> 00:01:50,000
another machine right here this could be another Ubuntu box for whatever we know let's call this an

14
00:01:50,000 --> 00:01:56,400
Ubuntu client so this Ubuntu client here let's say they've got a network interface here and this

15
00:01:56,400 --> 00:02:03,599
interface here has been manually configured or it did a DHCP discover message and received an IP

16
00:02:03,599 --> 00:02:11,039
address whatever it may be the IP address is within this particular range 1100 so let's just say

17
00:02:11,039 --> 00:02:20,000
the IP address here is 101121 let's say okay cool so we have this connection here now let's add

18
00:02:20,000 --> 00:02:26,719
another server into the mix now let's say over here we have another machine once again and we'll

19
00:02:26,719 --> 00:02:32,799
just call this Ubuntu 3 and it's got a network interface card right here as does this one here

20
00:02:32,799 --> 00:02:38,479
this one also has another interface card and let's just imagine this one was configured I don't know

21
00:02:38,560 --> 00:02:49,039
for let's say 172 16 1.15 let's say with a slash 24 mask so let's say that this device is suddenly

22
00:02:49,039 --> 00:02:56,399
switched on and this device wants to get an IP address for this interface here so this device

23
00:02:56,399 --> 00:03:04,000
sends out that DHCP discover message which we know is a broadcast message so it broadcasts that out to

24
00:03:04,000 --> 00:03:10,479
anyone on the segment now you may recall from our lpik one studies that broadcasts are limited to

25
00:03:10,479 --> 00:03:17,039
the same network they cannot traverse into another network meaning that this broadcast message here

26
00:03:17,039 --> 00:03:23,840
it cannot make its way into this network to ultimately reach this interface here which means

27
00:03:23,840 --> 00:03:31,280
that as it stands right now our poor Ubuntu machine cannot talk to the DHCP server therefore it cannot

28
00:03:31,280 --> 00:03:38,000
be allocated an IP address which is really quite sad for that machine so we absolutely want to fix

29
00:03:38,000 --> 00:03:43,840
this problem so how on earth could we fix this then well let's have a look in fact let me just

30
00:03:43,840 --> 00:03:48,479
connect these together like it's an ethernet connection here is the deal what we want to do

31
00:03:48,479 --> 00:03:57,039
is we want this device here as an intermediary between the potential client and the actual DHCP

32
00:03:57,759 --> 00:04:03,199
server we need this intermediary here to play a role and that role is to really the request that

33
00:04:03,199 --> 00:04:09,120
it will hear on this segment here in fact let me change my color this segment here and it wants to

34
00:04:09,120 --> 00:04:17,039
take that and really that request to the DHCP server so here's what's going to happen then first on

35
00:04:17,039 --> 00:04:24,800
our DHCP server we want to configure another pool so like I say we already had a pool for the 10

36
00:04:24,800 --> 00:04:32,480
110 network and we're also now going to have a pool for this network up here which is going to be

37
00:04:32,480 --> 00:04:41,439
172 16 1.0 slash 24 okay so those two pools will be configured that means we have to add an additional

38
00:04:41,439 --> 00:04:47,600
subnet directive on the server right here that is only one step because like I say we still have

39
00:04:47,600 --> 00:04:54,639
this issue of the broadcast from this device here being terminated right here so like I hinted at

40
00:04:54,639 --> 00:05:02,879
this device here also has a role to play meaning that we want to install some particular software

41
00:05:02,879 --> 00:05:08,879
that is going to transform this server into a DHCP really and then we're going to have a

42
00:05:08,879 --> 00:05:16,159
configuration file on this server here and within that configuration file we can actually specify

43
00:05:16,159 --> 00:05:23,279
where about we should really request to IE we would specify the IP address of this interface

44
00:05:23,279 --> 00:05:30,719
which is the IP address of this server here so pretty much when anyone sends a DHCP request

45
00:05:30,719 --> 00:05:37,359
we know we can relate to this device here or this interface on this device so now here is what is

46
00:05:37,359 --> 00:05:43,759
going to happen this device here sends a broadcast message shouting to anyone on the segments hey I'm

47
00:05:43,759 --> 00:05:51,519
looking for a DHCP server this reaches this interface here and this client recognizes this client goes

48
00:05:51,519 --> 00:06:01,759
hey on my interface here which is configured on the 172 16 1.0 slash 24 network I am receiving

49
00:06:01,759 --> 00:06:09,839
a broadcast message for DHCP services I am configured as a DHCP really so I know where to

50
00:06:09,839 --> 00:06:17,519
send that request I send it to this IP address here so now that broadcast message is being transformed

51
00:06:17,519 --> 00:06:24,719
into a unicast message directly to this IP address and it's received right here so now this particular

52
00:06:24,719 --> 00:06:32,240
server has some interesting information it knows it's getting a DHCP request and the DHCP request

53
00:06:32,240 --> 00:06:40,000
is coming from this IP address range this network here okay because it came in on this interface here

54
00:06:40,000 --> 00:06:48,079
now the DHCP server checks its DHCP pools and it notices that it does actually have IP addresses

55
00:06:48,079 --> 00:06:53,680
within this range remember the DHCP server is configured for this range which doesn't match

56
00:06:53,680 --> 00:06:59,600
but the second range where it's configured for the second pool this one does indeed match so we can

57
00:06:59,600 --> 00:07:08,079
now say hey by the way here you go let me pass this on this DHCP offer which is going to be relayed

58
00:07:08,159 --> 00:07:14,159
once again through the relay server and back to this client all the way over here and this client

59
00:07:14,159 --> 00:07:19,680
can just as you expect it can accept to decline this offer so it can send a request so the request

60
00:07:19,680 --> 00:07:26,319
can be relayed and then everything can be acknowledged just as the way it was so even though this server

61
00:07:26,319 --> 00:07:32,799
is ultimately isolated in a completely different network this intermediary right here is just allowing

62
00:07:32,800 --> 00:07:40,079
us to relay that information to the server and as long as a server has that address pool it can

63
00:07:40,079 --> 00:07:46,400
actually provide services to devices which are crying out for broadcasts within this network

64
00:07:46,400 --> 00:07:50,639
segment right here so this can definitely be a little bit confusing when you first hear about

65
00:07:50,639 --> 00:07:57,199
it but this is ultimately the process in action so what I want to show you is the general configurations

66
00:07:57,199 --> 00:08:02,319
that we would go through to make this happen if we happen to be configuring this on a real live

67
00:08:02,319 --> 00:08:09,680
network as opposed to a virtual simulation here so what I have to do of course is I have to go on

68
00:08:09,680 --> 00:08:17,519
to my DHCP server I have to add in this additional pool which is not on my network segment here it

69
00:08:17,519 --> 00:08:24,079
is a completely different pool to anything we are connected to and then on my client right here I'm

70
00:08:24,079 --> 00:08:30,560
going to install my DHCP relay service and I think you will be surprised despite the perhaps complex

71
00:08:30,560 --> 00:08:36,480
logic or theory in play here the actual configurations really are quite simple so with that said now

72
00:08:36,480 --> 00:08:41,679
that we know what is happening under the hood let's see it in practice then shall we okay so let's go

73
00:08:41,679 --> 00:08:48,879
back onto our server right now and I will do sudo nano I'll go into the xe directory my DHCP

74
00:08:48,879 --> 00:08:56,480
directory and again I will go into DHCP dot conf so I'll type in my password so let's scroll on

75
00:08:56,480 --> 00:09:03,360
down and let's add another network so let's say subnet so the network we're going to serve is 172

76
00:09:03,360 --> 00:09:11,600
16 1.0 and the network mask is going to be for a slash 24 and the range let's just give it a range

77
00:09:11,600 --> 00:09:23,120
from between 172 16 let's say 1.25 maybe all the way to 172 16 1.200 okay and we'll have our semicolon

78
00:09:23,200 --> 00:09:29,120
and we'll say option Ritters we can add a default gateway let's just say the default gateway is going

79
00:09:29,120 --> 00:09:36,879
to be 172 16 1.15 and we'll just do the same configurations default least time 2000 max least

80
00:09:36,879 --> 00:09:43,759
time 5000 add the domain name and domain name servers this one can maybe be 8.8.8.8 add our

81
00:09:43,759 --> 00:09:50,960
semicolon and same here and we'll close this off so now we have that configured let's just save

82
00:09:50,960 --> 00:09:57,280
this right here meaning that if we happen to get a request sourced from anyone within this network

83
00:09:57,280 --> 00:10:02,080
range we're going to actually pull from this address pull right here that will be our offer from

84
00:10:02,080 --> 00:10:08,320
within these ranges with this additional information as we can see here okay so let's save you and what

85
00:10:08,320 --> 00:10:13,440
I'm now going to do is I'm going to go on to another machine here so if I just minimize this I'll just

86
00:10:13,440 --> 00:10:19,759
use another Zubuntu machine here which can act as my relay agent in this scenario okay so let's go to

87
00:10:19,759 --> 00:10:26,799
the terminal emulator let's do an ip adder so I have my enp0 s3 with an automatically configured

88
00:10:26,799 --> 00:10:33,039
ip address via virtual box let me just change this for now I will say sudo ip add and I will add

89
00:10:33,039 --> 00:10:40,639
let's use those numbers in the description I did 10 11 21 slash 24 and make this on dev

90
00:10:40,720 --> 00:10:51,360
enp0 s3 type in my password to an ip adder and let's remove the 192 168 0.70 so let's check this now

91
00:10:51,360 --> 00:10:59,279
cool so we only have this ip address here let's configure the enp0 s8 interface so I'll say sudo

92
00:10:59,279 --> 00:11:08,960
ip add and I'll add 172 I think I said 16 1.15 slash 24 and I'll make this on enp0 s8 to clear the

93
00:11:08,960 --> 00:11:14,720
screen and I'll say ip adder so just so you can visualize so let's pretend this is our relay

94
00:11:14,720 --> 00:11:20,879
server right here and here is our DHCP server pretending these are connected via ethernet

95
00:11:20,879 --> 00:11:30,240
this interface here can be the enp0 s3 which is this one here that's on the 10 110 network and

96
00:11:30,879 --> 00:11:38,560
this interface here is going to be this one here enp0 s8 and that's being configured for 172

97
00:11:38,559 --> 00:11:47,119
16 1.15 which is on the 172 16 1.0 slash 24 network so we have these interfaces both configured

98
00:11:47,119 --> 00:11:52,639
and we are imagining some type of new server happens to connect looking for an address it's

99
00:11:52,639 --> 00:11:58,959
going to send out this message here a broadcast looking for DHCP servers now we want to install

100
00:11:58,959 --> 00:12:06,079
the DHCP relay server so what we'll do here is I will say really quite simply sudo apt install

101
00:12:06,879 --> 00:12:15,360
isc DHCP hyphen really if I hit enter and I say yes open I've just realized because I changed the

102
00:12:15,360 --> 00:12:21,360
ip address configuration I actually can't reach the internet anymore so let me just quickly change

103
00:12:21,360 --> 00:12:27,759
that back so let me just add this back once again there we go I'll just do the app update I can now

104
00:12:27,759 --> 00:12:33,680
reach the internet once again apologies about that and now I'll try installing that once again

105
00:12:33,679 --> 00:12:40,399
so I'll say yes and as we can see here it's going to ask us to enter the ip address of the DHCP

106
00:12:40,399 --> 00:12:46,319
server that we should actually send these requests to so I believe the ip address we said in the example

107
00:12:46,319 --> 00:12:54,159
was 10 113 let's say okay and the interfaces that should be listening that will be enp0 s8

108
00:12:54,159 --> 00:12:59,039
and I will say okay and if we want to add additional options we can do so but for now I'll leave that

109
00:12:59,120 --> 00:13:04,319
blank now that should be our configuration in play if we wanted to modify this configuration we could

110
00:13:04,319 --> 00:13:13,039
go into the etsy directory and then into the default directory and then isc DHCP relay if I hit enter

111
00:13:13,039 --> 00:13:19,039
type in my passwords we can see here which server we should actually send the relay to this will be

112
00:13:19,039 --> 00:13:25,919
the ip address of my DHCP server on my original Ubuntu box and this is the interface on my machine

113
00:13:26,000 --> 00:13:32,399
right here for where I am listening for those DHCP broadcast messages so if we wanted to change

114
00:13:32,399 --> 00:13:38,159
these server addresses or these interfaces you could easily modify this within this configuration

115
00:13:38,159 --> 00:13:44,719
file right here so now with that said if that client happened to send out a broadcast message it would

116
00:13:44,719 --> 00:13:51,679
be heard on this interface and forwarded to this address on my server and here is my server right

117
00:13:51,679 --> 00:13:57,439
here with this ip address and as we know within my DHCP configuration we would actually have a

118
00:13:57,439 --> 00:14:03,679
suitable range for that request so I know that was a lot to deal with but it really is important to

119
00:14:03,679 --> 00:14:10,239
understand the fundamentals of what is actually going on under the hood with respect to our DHCP

120
00:14:10,239 --> 00:14:15,039
relays so if you find it a little bit confusing then definitely I would advise you to watch the video

121
00:14:15,039 --> 00:14:20,559
one two three more times just to solidify the concepts within your head but for now that is

122
00:14:20,559 --> 00:14:26,000
us for DHCP relays I hope this has been informative for you and I'd like to thank you for viewing