Monthly Archives: December 2008

dhcpd inside ezjail

I have had all kinds of problems getting dhcpd running properly inside a FreeBSD jail.  I finally got it running this morning and wanted to document what I’ve done in hopes that I can recreate it.

On the host system I had to allow sockets within jails.  This is done by adding this line to your /etc/sysctl.conf:

security.jail.allow_raw_sockets=1

The above will make it a persistent change, but you’ll also need to make it an immediate change using the sysctl tool directly:

sysctl -w security.jail.allow_raw_sockets=1

Within the jail I then installed the net/isc-dhcp30-server port.  I configured this with just two of the available options.

  1. Allow sockets instead of bpf (jails-only)
  2. Use base openSSL

After this was compiled I configured my /usr/local/etc/dhcpd.conf and added the following lines to my /etc/rc.conf:

## dhcpd options
dhcpd_enable=”YES”
dhcpd_flags=”-q”
dhcpd_conf=”/usr/local/etc/dhcpd.conf”
dhcpd_ifaces=””
dhcpd_withumask=”022″

The last thing that always caught me was that I never saw any log output in the /var/log/messages.  Turns out, at least on my installation, it doesn’t log there.  It does however log to /var/log/all.log, which is where I found that it was actually working.

I hope this works for the rest of you.  I had trouble with it for the longest time.