DHCPD.conf error: bad subnet number/mask combination

Hi all,

I am trying to install DHCP service via terminal, so, I edit dhcpd.conf in order to set the network settings of the service.

Here is the code of configuration of the “dhcpd.conf” file I modified


option domain-name "house.com";


#option domain-name-servers ns1.example.org, ns2.example.org;


option domain-name-servers 8.8.8.8, 8.8.4.4;


server-identifier 192.168.213.133;
option routers 192.168.213.2;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.213.255;
subnet 192.168.213.133 netmask 255.255.255.0
{
        range 192.168.213.150 192.168.213.180;
}


But, in the line underlined in bold I get one the following error: ** subnet 192.168.213.133 netmask 255.255.255.0: bad subnet number/mask combination. Configuration file errors encountered – exiting.
**
I dont know where I fail. I would appreciate any help to solve the issue.

Thanks

Regards


option domain-name "house.com";


option domain-name-servers 8.8.8.8, 8.8.4.4;


server-identifier 192.168.213.133;
option routers 192.168.213.2;
option subnet-mask 255.255.255.0;
subnet 192.168.213.133 netmask 255.255.255.0 {
    option broadcast-address 192.168.213.255;
    pool {
        	range 192.168.213.150 192.168.213.180;
         }
}

Your subnet cannot be .133.

This would work:


option domain-name "house.com";


#option domain-name-servers ns1.example.org, ns2.example.org;
option domain-name-servers 8.8.8.8, 8.8.4.4;


server-identifier 192.168.213.133;
option routers 192.168.213.2;
option subnet-mask 255.255.255.0;
subnet 192.168.213.0 netmask 255.255.255.0 {
    option broadcast-address 192.168.213.255;
    pool {
        	range 192.168.213.150 192.168.213.180;
        }
}

Naturally this all depends on your network topology.

On 2015-01-28 22:36, lanz wrote:

> But, in the line underlined in bold I get one the following error: *
> subnet 192.168.213.133 netmask 255.255.255.0: bad subnet number/mask
> combination. Configuration file errors encountered – exiting.
> *
> I dont know where I fail. I would appreciate any help to solve the
> issue.

Well, yes, the mask “0” is wrong for “133”.

try this:

http://www.subnet-calculator.com/subnet.php?net_class=C

docus:

http://en.wikipedia.org/wiki/Private_network
http://en.wikipedia.org/wiki/IPv4_subnetting_reference


Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)

On 01/28/2015 04:36 PM, lanz wrote:
>
> Hi all,
>
> I am trying to install DHCP service via terminal, so, I edit dhcpd.conf
> in order to set the network settings of the service.
>
> Here is the code of configuration of the “dhcpd.conf” file I modified
>
>
> Code:
> --------------------
>
> option domain-name “house.com”;
>
>

You cannot pick a domain name out of thin air and use it as it will come
back to bite you in the arse. The domain, house.com, is a registered
domain name and should not be used for your home domain.


pc1:~ # whois house.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Server Name: HOUSE.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
IP Address: 66.226.72.11
Registrar: INSTRA CORPORATION PTY, LTD.
Whois Server: whois.instra.net
Referral URL: http://www.instra.com

Domain Name: HOUSE.COM
Registrar: ENAME TECHNOLOGY CO., LTD.
Sponsoring Registrar IANA ID: 1331
Whois Server: whois.ename.com
Referral URL: http://www.ename.net
Name Server: NS1.4.CN
Name Server: NS2.4.CN
Status: clientDeleteProhibited
http://www.icann.org/epp#clientDeleteProhibited
Status: clientTransferProhibited
http://www.icann.org/epp#clientTransferProhibited
Status: clientUpdateProhibited
http://www.icann.org/epp#clientUpdateProhibited
Updated Date: 29-dec-2014
Creation Date: 06-jun-1994
Expiration Date: 05-jun-2017


Ken

Some comments:

First, instead of trying to edit server configuration files (in this case DHCP) directly, install the YAST applet for that server service and configure using it instead. You’ll avoid all sorts of problems unless you’re <very> experienced. The original posted problem in this thread can be avoided this way.

zypper in yast2-dhcp-server

To my eye, I don’t see anything wrong with the config file you posted, but this is why you should use the YAST applet… If there is anything that easily missed like formatting, typos, etc. those would be avoided.

Any domain name for your LAN can be chosen but if you choose a domain name that already exists (like home.com) then it will mean that you will only be able to access addresses you define locally and not the public addresses. Only in special cases will you want to intentionally “poison” a dns zone so <usually> it’s something to be avoided, but not always.

That said, always follow the KISS principle. Many networks don’t need to assign a Domain name using DHCP, so may be unassigned.

TSU

Subnets do not work well if the 4th set in the address is not divisible by 2.

The subnet ending in 133 would allow one and only one address, requiring a netmask of 255.255.255.255

For best results with subnets, they should at least be divisible by 8.

To include 133 in the subnet, and also include a range of addresses from 150 to 180, as the OP seems to want, the tightest possible subnet would be CIDR 192.168.213.128/26

That is:

Subnet 192.168.213.128
netmask 255.255.255.192

This would give the range of 62 addresses 192.168.213.129 to 192.168.213.190, which includes the 133, and the 150-180 range.

Broadcast address would be 192.168.213.191

Where are people getting this interpretation of the “133” number?
Typically when I’ve seen the last octet in a Default Class C subnetted address with a non-zero or non-broadcast (255) value, I’ve seen that number interpreted as the Host portion of an address, the result then is that a specific address instead of a range of addresses is specified.

But,
That doesn’t even apply here… From the original post it appears to be a value for the “server-identifier” as follows

server-identifier 192.168.213.133;

Not having seen that before, I decided to find out what this setting is, and in the DHCP MAN pages as follows

The server-identifier statement
server-identifier hostname;
The server-identifier statement can be used to define the value that is sent in the DHCP Server Identifier
The use of the server-identifier statement is not recommended - the only reason to use it is to force a value
The usual case where the server-identifier statement needs to be sent is when a physical interface has more…
Supplying a value for the dhcp-server-identifier option is equivalent to using the server-identifier state-
server-duid EN enterprise-number enterprise-identifier ;

So, it appears to be like much like the other things I see in the OP’s config file which I already alluded to… He’s setting options which aren’t necessary and in this case it bit him (the others aren’t obviously harmful yet).

So, I again highly recommend the use of a config tool like YAST (which I previously posted about) to do your configuration unless you’re and even then I don’t know if an expert would turn down the opportunity to use a config tool instead of relying entirely on his personal expertise.

Hopefully helpful NOTE:
When configuring DHCP in a “non-enterprise” environment which typically means you don’t have LDAP or some other DHCP-integrated network security running, you should specify things like a Domain Name, although DNS might be desirable. Specifying may be result in no harm/no foul, but like this other setting can also prove to be a real problem.

Lastly, if you’re curious what a “basic” /etc/dhcpd.conf should look like, the following is an example of what is absolutely minimally necessary(specifies DG and issues an address, a couple DNS servers and default timeout) and was generated by the YAST DHCP configuration applet

/etc/dhcpd.conf

option domain-name-servers 127.0.0.1, 127.0.0.1;
option routers 127.0.0.1;
default-lease-time 14400;
ddns-update-style none;
subnet 192.168.248.0 netmask 255.255.255.0 {
  range 192.168.248.245 192.168.248.250;
  default-lease-time 14400;
  max-lease-time 172800;
}

HTH,
TSU

From here:

**subnet 192.168.213.133** netmask 255.255.255.0

He’s setting options which aren’t necessary and in this case it bit him (the others aren’t obviously harmful yet).

So, I again highly recommend the use of a config tool like YAST (which I previously posted about) to do your configuration unless you’re <very expert> and even then I don’t know if an expert would turn down the opportunity to use a config tool instead of relying entirely on his personal expertise.

You are probably quite correct with that statement.

… and the rest of your information/advice in this post is quite good.:wink:

OK,
Yeah, I couldn’t see that and is definitely wrong.
The consequence for “192.168.213.133” vs “192.168.213.0” utilizing a Class C Default Subnet mask is exactly as I described… It defines a single address for the supposed subnet instead of a range of addresses, thereby causing the error.

Which is why if you’re doing this by hand you need a good template to work from (which I posted) but even better can be avoided simply by using available tools like YAST.

TSU