How to Install and Configure a DHCP Server on Rocky Linux

How to Install and Configure a DHCP Server on Rocky Linux
the CIQ TeamJuly 2, 2024

When a user plugs in an ethernet cable or joins a wifi network, they expect to be connected and online right away. Other than typing in a wifi password, they shouldn’t have to do anything like managing IP addresses or DNS server addresses.

The automatic configuration of your clients’ network interface is done with DHCP (Dynamic Host Configuration Protocol). As an administrator, you want to provide streamlined connectivity while exerting as much (or as little) behind-the-scenes control as possible. You can do that via routers or other network equipment, but you’re often limited to whatever those devices expose. To really get the most out of your DHCP setup, you’ll want to run your own dedicated server.

Using Rocky Linux for this task will get you more security than using a router with firmware that may or may not get updated. On top of that, your server will probably be more powerful than a network device, so the chances of there being resource-based problems will be minimized.

Let’s walk through deploying DHCP on Rocky Linux. It’s easy, fun, and free. (If only there was more of that in the world, right?)

What you'll need for your DHCP server

To deploy a DHCP server, you'll need the following:

  • A running, up-to-date instance of Rocky Linux
  • A user with sudo privileges
  • A network connection
  • Information about your network (such as default gateway and DNS server addresses)

Keep in mind that you must ensure that the configuration of this DHCP server doesn't conflict with any other machine serving the same purpose. For example, you might have a router configured to hand out DHCP addresses in the range through If that's the case, you don't want to configure Rocky Linux to serve up IP addresses within that same range.

Installing dhcp-server with dnf

Rocky Linux uses dnf for package management, so install the DHCP server software with the command:

sudo dnf install dhcp-server -y

The installation shouldn't take much time at all (it’s less than 4MB). When it finishes, it's time to move on to the configuration.

Configuring your DHCP server

Your DHCP requires some configuration before it can do anything useful. In these next sections, we’re going to identify the network interface, subnet and subnet mask, default gateway, and a few other things. Ready to get your hands dirty?

Determine the correct network interface Before we configure the DHCP server, you need to locate the name of the network interface you’ll be using. If you’ve done network stuff on Linux before, you might have used ifconfig but, as of Rocky Linux 8, that’s no longer used. Instead we’re going to use the ip command. You can learn more about network configuration in Rocky Linux from the official docs.

To gather your network interface info, issue the command:

ip address

The output of the above command should look something like this:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000

    link/ether 08:00:27:3b:16:a3 brd ff:ff:ff:ff:ff:ff

    inet brd scope global dynamic noprefixroute enp0s3

Entries for each network interface are followed by a colon. In this example, there are two interface entries (“1:” and “2:”) followed by the names of the interfaces themselves (“lo” and “enp0s3”). You might have more than 2 entries. What you're looking for is the name of the network interface that is capable of reaching the targeted LAN (so not the LOOPBACK device). In the case above, we’re going to use the interface named enps0s3.

Determine the subnet, subnet mask, and IP ranges

One of the more obscure pieces of information you’ll need to derive from this output is the “subnet” and “subnet mask,” which identifies which part of your IP address identifies the network. in our example is CIDR notation, and translates to a subnet of and subnet mask of If your suffix is something other than /24, you can use IP Calculator / IP Subnetting to calculate the subnet and subnet mask for your network.

You should also check your routing table to determine your “default gateway.” (The default gateway serves as an intermediary for the targeted LAN and the rest of the network or internet.) To get this information, use the command:

ip route

The output of this command should look something like this:

default via dev enp0s3 proto dhcp src metric 100 dev enp0s3 proto kernel scope link src metric 100

Here, the “default gateway” is “”

Update your dhcpd.conf file

Next, we’re going to use sudo to open and edit the DHCP configuration file /etc/dhcp/dhcpd.conf.

In this file, we’ll define the DHCP settings to include an IP address range, subnet mask, default gateway, and DNS server. Let's say that you're working with the following information:

  • 192.168.1.x network address scheme
  • Required DHCP range - to
  • Subnet/subnet mask -
  • Default gateway -
  • DNS server - (a public DNS service provided by Cloudflare)

You might want to configure a default lease time of 24 hours and a max lease of 48 hours. That information is configured in seconds, which converts to a default-lease-time of 86400 and a max-lease-time of 172800.

For the above configuration, the file would look like this:

default-lease-time 2592000;

max-lease-time 3888000;


subnet netmask {


    option routers;

    option subnet-mask;

    option domain-name-servers;


We use authoritative to tell the DHCP server that this is the authority for the network it serves. From the dhcp.conf man page, we learn the following about the authoritative statement:

The DHCP server will normally assume that the configuration information about a given network segment is not known to be correct and is not authoritative. This is so that if a naive user installs a DHCP server not fully understanding how to configure it, it does not send spurious DHCPNAK messages to clients that have obtained addresses from a legitimate DHCP server on the network.

Once you’ve finished your dhcpd.conf edits, save and close the file.

Open the firewall and start your DHCP server

We now have to open your server’s firewall to allow DHCP requests to come through. (Rocky Linux uses firewalld.) To do this, issue the following command:

sudo firewall-cmd –add-service=dhcp --permanent

Reload the firewall with:

sudo firewall-cmd --reload

Finally, start and enable the DHCP server with:

sudo systemctl enable --now dhcpd

Your Rocky Linux server is now able to hand out DHCP addresses. If this server doesn't conflict with any others on your network, you shouldn't have any issues with DHCP address assignment.

Achievement unlocked! Here’s your DHCP master trophy: 🏆

Congratulations! You’re now running your own DHCP server on Rocky Linux. This puts you in the elite sysadmin tier. Now it’s time to go give out some private IP addresses. What are you going to do next with all this power you now wield?

Well, if you’re new to Rocky Linux, we have a top 10 list of things to do after you’ve installed Rocky Linux. Or you might want to set up some two-factor authentication with your SSH connections. Who knows? The world is yours now!

If you like this tutorial and want to see some more like it, let us know via email: Or, reach out to us on social media (LinkedIn and Twitter).

Related posts

2023 Holiday Gift Guide for Rocky Linux Users

2023 Holiday Gift Guide for Rocky Linux Users

Dec 19, 2023

Rocky Linux

Why Rocky Linux Is a Rock-Solid Choice in an Economic Downturn

Why Rocky Linux Is a Rock-Solid Choice in an Economic Downturn

Jan 18, 2023

Rocky Linux

6 Signs That It's Time to Move to Rocky Linux

6 Signs That It's Time to Move to Rocky Linux

Feb 23, 2023

Rocky Linux