Raspberry Pi DHCP Server (Linux / Raspberry Pi)

Previously I have connected my Raspberry Pi devices to my home wi-fi and that raised the question, could I have my own home dev network which would keep my Pi devices away from my home network?

I disconnected the Raspberry Pi boards from their various locations in the house, grabbed a desktop switch, some ethernet cables and some newly images microSD cards to find out.

For this project I’m using:

1x Raspberry Pi 4 4GB as the DHCP server.

2x Raspberry Pi 4 2GB as regular Pi devices.

1x TP Link 5 port desktop switch.

3x Ethernet cables, to physically connect everything.

Each of the Raspberry Pis have been imaged up with Ubuntu 20.04 Server 64-bit. Other operating systems are available and I’ve chose Ubuntu because I wanted to see how it runs on the Pi. A list of operating systems for the Raspberry Pi is available at: https://www.raspberrypi.org/software/operating-systems/

Note: This project got a bit physically messy for me as I sprawled the Pis and cables over my desk whilst testing.

The configuration was carried out on the Pi 4 4GB, with the Pi 4 2GBs just testing that they could get an IP address and still ping my website.

I’ve connected the Pi 4 4GB to my home wi-fi and it is going to act as the gateway to the new dev network. So:

wlan0 = home wi-fi

eth0 = dev network

On the Raspberry Pi 4 4GB I’ve installed DHCP using the command:

sudo apt-get install isc-dhcp-server

Next the settings of DHCP need amending, I recommend copying the file (i.e. keeping a copy of the original settings as a back up) before making alterations:

cp /etc/dhcp/dhcpd.conf ~/dhcpd.conf_original

sudo nano /etc/dhcp/dhcpd.conf

And adjust dhcpd.conf to contain:

option domain-name: "test.local";

option domain-name servers: 8.8.8.8,8.8.4.4;

subnet 10.0.0.0 netmask 255.255.255.0 {

range 10.0.0.1 10.0.0.100;

option subnet-mask 255.255.255.0;

option broadcast-address 10.0.0.255;

option routers 10.0.0.1; }

default-lease-time 6000;

max-lease-time 7200;

authoritative;

If you don’t like nano, then please use a different text editor (e.g. Vim).

The domain name is the name I am giving my dev network, I’ve used test.local here. The domain name servers (DNS) are used to turn names (e.g. geektechstuff.com) into IP addresses. I’ve used Google’s DNS servers (8.8.8.8 and 8.8.4.4) but any DNS servers that are reachable can be used.

Subnet is the IP addressing of my dev network. I’m using the 10.0.0.0 IP range with a net mask of 255.255.255.0, the net mask controls how many IP addresses can be available. Range is the range of addresses that are available, e.g. I’m allowing DHCP to give out addresses from 10.0.0.1 to 10.0.0.100.

The router option is where traffic is routed through (i.e. I’m asking for traffic to be routed through 10.0.0.1).

The default lease time and max lease time is how long address leases can last.

The isc-dhcp-server also needs to be told to only server DHCP requests on the ethernet port of the Raspberry Pi, otherwise there could be a conflict.

sudo nano /etc/defaults/isc-dhcp-server

Edit the line “INTERFACESV4=”” to read:

INTERFACESV4="eth0"

If you want the Pi to give out IPV6 addresses then the INTERFACESv6 line can be edited. If a different network interface is being used then please adjust eth0 to match it, e.g. wlan0 if you want to serve DHCP requests over wi-fi.

At this point the isc-dhcp-server can be restarted and should be able to give out IP addresses. If it doesn’t then I recommend checking the status of the service, and double checking the configuration file (I was caught out by a missing curly brace).

Internet Access

At this point any devices connected to the Raspberry Pi 4 4GB gained an IP address but could not access the internet. To resolve this:

sudo nano /etc/sysctl.conf

Edit net.ipv4.ip_forward to read:

net.ipv4.ip_foward=1

Save the file.

IPTables can be used to route traffic, but I found that it loses configuration settings on a reboot / restart, so first iptables-persistent needs to be installed:

sudo apt-get install iptables-persistent

Then run the commands:

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE

sudo iptables -A FORWARD -i wlan0 -o eth0 -m state -—state RELATED,ESTABLISHED -j ACCEPT

sudo iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

Test that connectivity works (e.g. on one of the other Raspberry Pi devices try pinging geektechstuff.com. If it works then run the commands:

sudo netfilter-persistent save

sudo netfilter-persistent reload

Then restart the device.

I would recommend setting the names of any devices within the /etc/hostname file on the device, as (if like me) if you use freshly imaged devices you may end up with a lot of hosts with the same hostname.

To check that IP addresses are being assigned, and which host has which IP, use the command:

dhcp-lease-list