• Print
  • Share
  • Dark

Building ISC DHCP on Solaris 11

  • Updated on 24 Sep 2018
  • 3 minutes to read
  • Contributors 

By default, ISC DHCP is built using raw sockets. For more information see article: How DHCP uses raw sockets.

Starting with versions 4.1-ESV-R3 and 4.2.2, ISC DHCP integrated a patch from Oracle to use BSD/UDP sockets instead of DLPI (with raw sockets) on Solaris 11. This functionality was written for use with Solaris Studio 12.2 and requires the system/header package.

By default this code is disabled in order to minimize disruptions for current users, but since Oracle are distributing their packaged version of ISC DHCP using the new sockets code, ISC recommends that those creating their own build of ISC DHCP on Solaris 11 do the same.

Building ISC DHCP using BSD/UDP sockets on Solaris 11

In order to enable this code you will need to enable both USE_SOCKETS and USE_V4_PKTINFO as part of the configuration step. The command line should include these two options:

./configure --enable-use-sockets --enable-ipv4-pktinfo

Building ISC DHCP using DLPI on Solaris 11

Why might you want to use DLPI instead of UDP/BSD sockets?The BSD/UDP sockets code in ISC DHCP has the drawback that it is unable to provide unicast replies to clients.  For more information see: Why does DHCP use raw sockets?.  This shouldn't be a problem unless the server encounters a client that is unable to accept broadcast responses from the server. In that situation deploying a DHCP relay between the clients and the server subnet may be an adequate operational workaround.

Solaris 11 introduced Network Vanity Names (enabled by default), which means that if you build ISC DHCP to use DLPI, you may encounter problems because ISC DHCP is unaware of the new device files and directories that are used to support this new functionality. ISC DHCP only supports physical rather than virtual network interfaces when using raw sockets - the outcome in an environment that uses virtual interfaces, aliases, split interface or bonded interfaces will be unpredictable.  Specifically in this case with Vanity Names, ISC DHCP may fail to start, for example:

# /var/tmp/dhcpd -cf /etc/inet/dhcpd.conf -4 -d
Internet Systems Consortium DHCP Server 4.1-ESV-R7
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 1 leases to leases file.
Can't open DLPI device for net1: Is a directory

This and similar errors are encountered because on Solaris 11 the network vanity names are kept in directory /dev/net. The interface discovery code correctly identifies the configured networks by their vanity names. However, the DLPI code (raw sockets interface) attempts to open the device - which it assumes is under DLPI_DEVDIR (/dev) with the digits removed.

However, the physical device names still exist under /dev and therefore the workaround for this problem is to rename the vanity network interfaces with their device names.  Here follows a worked example:

     Firstly note that the vanity device name by default is 'net1':

root@test-server:~# dladm show-link
net0 phys 1500 up --
net1 phys 1500 up --

To rename the device it must not be in use, so disable the interface:

root@test-server:~# ipadm down-addr net1/v4static
root@test-server:~# ipadm delete-addr net1/v4static
root@test-server:~# ipadm
lo0 loopback ok -- --
lo0/v4 static ok --
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 dhcp ok --
net0/v6 addrconf ok -- fe80::a00:27ff:fe00:6a95/10
net1 ip down -- --
root@test-server:~# ipadm delete-ip net1

It's now possible to rename the device:

root@test-server:~# dladm rename-link net1 e1000g1
root@test-server:~# dladm show-phys
net0 Ethernet up 1000 full e1000g0
e1000g1 Ethernet unknown 1000 full e1000g1

Now it has its new name. Reconfigure device for IPv4:

root@test-server:~# ipadm create-ip e1000g1
root@test-server:~# ipadm create-addr -T static -a e1000g1/v4static

Running the ISC DHCP server using renamed device names means dhcpd is now able to open /dev/ and it works as it did on older releases of Solaris:

root@test-server:~# /var/tmp/dhcpd -cf /etc/inet/dhcpd.conf -4 -d e1000g1
Internet Systems Consortium DHCP Server 4.1-ESV-R7
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Wrote 1 leases to leases file.
Listening on DLPI/e1000g1/08:00:27:00:cc:a2/
Sending on DLPI/e1000g1/08:00:27:00:cc:a2/
Sending on Socket/fallback/fallback-net

(Workaround for using ISC DHCP with DLPI and vanity interfaces provided by Stacey Marshall of Oracle - many thanks!)

Problems with this site? Email us at marketing@isc.org