Configuration features of a DHCP server accessible via DHCP relay
The DHCP server must have a route to the distributed network in its routing table.
Routes can be checked using the following command:
ip route
The command output should include lines with routes on the IP phone network:
10.7.0.0/16 via 10.56.1.2 dev net.56 proto static
, where
- 10.7.0.0/16 – IP phone network address with a shortened mask. Address may indicate not only a specific netowrk, but a range of networks. In this example, the address 10.7.0.0/16 indicates 256 networks from 10.7.0.0/24 to 10.7.255.0/24;
- 10.56.1.2 – is the address of the gateway via which the IP phone network is accessible;
- net.56 – is the name of the interface via which the gateway is accessible.
Installing the dnsmasq DHCP server
Dnsmasq is a lightweight and easily configurable DNS, DHCP, and TFTP server. It is included in most Linux distributions. It can usually be installed using the distribution's standard package manager.
Installing dnsmasq for distributions using the .deb package format (Debian, Ubuntu, Astra Linux, etc.)
Update the package database:
sudo apt update
Install the dnsmasq package with the following command:
sudo apt install dnsmasq
The dnsmasq service will activate and start automatically.
Installing dnsmasq for distributions using the .rpm package format (RedHat, Alma Linux, CentOS, RedOS, etc.)
Install the dnsmasq package with the command:
sudo dnf install dnsmasq
Checking the status of the dnsmasq.service service
Check the status of the dnsmasq service with the following command:
systemctl status dnsmasq.service
The command output will be roughly as follows:
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2025-04-18 01:56:43 UTC; 1 week 0 days ago
The second line of the output, after the path to the service, shows the service startup status:
- enabled – the service is activated. It will start automatically when the system starts;
- disabled – the service is deactivated. It can only be started manually.
The third line, after the word Active, shows the current status of the service:
- active – the service is running;
- inactive – the service is stopped.
Configuration example
The main configuration file for dnsmasq is /etc/dnsmasq.conf. For specific configurations, such as DHCP configuration, it is recommended to create separate files in the /etc/dnsmasq.d/ directory.
Example of a configuration file for DHCP:
interface=net.56 # Name of the interface which handles requests ## Separation of vendor/phone model classes by tags for convenience and quick configuration dhcp-vendorclass=set:vpold, VP-12P # here vpold is the tag assigned to the device, VP-12P is part of the value received from the DHCP client in the vendor class option, by which phones are filtered dhcp-vendorclass=set:vpold, VP-15P dhcp-vendorclass=set:vpnew, VP-17P dhcp-vendorclass=set:vpnew, VP-20P dhcp-vendorclass=set:vpnew, VP-30P dhcp-vendorclass=set:cisco, Cisco dhcp-vendorclass=set:yealink, Yealink dhcp-vendorclass=set:avaya, ccp.avaya.com ### Configuring DHCP server reply ## Ranges of IP addresses that the server will assign to the client: dhcp-range=set:net7fd,10.7.0.10,10.7.0.254,255.255.255.0,4h # net7fd - an additional tag is assigned, which is further used to assign the default gateway # 10.7.0.10 - the starting address of the range; # 10.7.0.254 - end address of the range; # 255.255.255.0 - subnet mask; # 4h - IP address lease time dhcp-range=set:net7fe,10.7.254.5,10.7.254.254,255.255.255.0,4h # Another phone network dhcp-range=set:loc,10.56.1.150,10.56.1.200,255.255.255.0,14h # A network that is not for phones. For example, just an office network. ## Each network is assigned its own default gateway based on the tag. dhcp-option=tag:net7fe,3,10.7.0.1 # net7fe - The tag assigned earlier. If the tag does not match, the option will not be transmitted to the client # 3 - DHCP option number. 3 — default gateway # 10.7.253.1 - Option value. In this case, it's the address of the default gateway dhcp-option=tag:net7fe,3,10.7.254.1 # Same way for the next network dhcp-option=tag:loc,3,10.56.1.1 # And for the office one ## Assigning options that are not dependent on a specific network. DNS addresses, NTP servers. Domain name dhcp-option=4,10.56.1.1 # timeservers dhcp-option=6,10.56.1.1 # DNS dhcp-option=15,voip.eltex-co.ru # domain dhcp-option=42,10.56.1.1 # NTP dhcp-option=101,"Asia/Novosibirsk" # Timezone ## Setting vendor-specific Autoprovision connection parameters #Eltex VP-12/15 dhcp-option=tag:vpold,43,5|http://10.0.20.13|6|$MAC.yaml|7|firmware.tar.gz|9|Manifest # DHCP option 43 for VP-12/15 phones, where 10.0.20.13 is ip AUP #Eltex VP-17/20 dhcp-option=tag:vpnew,43,5|http://10.0.20.13|6|$MAC.json|7|firmware.tar.gz|9|Manifest # DHCP option 43 for VP-17/20 phones, where 10.0.20.13 is ip AUP #Yealink dhcp-option=tag:yealink,66,http://10.0.20.13 # DHCP option 66 for ТА Yealink phones, where 10.0.20.13 is ip AUP #Cisco dhcp-option=tag:cisco,66,10.0.20.13 # DHCP option 66 for ТА Cisco phones, which specifies the address or DNS name of the TFTP server, a.k.a. AUP address #AVAYA dhcp-option=tag:avaya,242,HTTPSRVR=10.0.20.13 # DHCP option 242 for AVAYA phones, where 10.0.20.13 is ip AuP dhcp-leasefile=/var/log/dnsmasq/dnsmasq.leases # Path to the file where information about the leased addresses will be displayed dhcp-authoritative log-dhcp log-queries # Enables detailed logging of DHCP server activity. Once configured successfully, it is recommended to disable this option, as it writes a significant amount of data to the log file.
Launching the dnsmasq DHCP server
After changing the configuration file, restart the dnsmasq service. Restart command:
sudo systemctl restart dnsmasq.service