Troubleshooting DHCP (Reference)

This chapter provides information to help you solve problems that you might encounter when you configure a DHCP server or client. The chapter also helps you with problems you might have in using DHCP after configuration is complete.

The chapter includes the following information:

• Troubleshooting DHCP Server Problems

• Troubleshooting DHCP Client Configuration Problems

See Chapter 14, Configuring the DHCP Service (Tasks) for information about configuring your DHCP server. SeeEnabling and Disabling a Solaris DHCP Client for information about configuring your DHCP client.

Troubleshooting DHCP Server Problems

The problems that you might encounter when you configure the server fall into the following categories:

• NIS+ Problems and the DHCP Data Store

• IP Address Allocation Errors in DHCP

NIS+ Problems and the DHCP Data Store

If you use NIS+ as the DHCP data store, problems that you might encounter can be categorized as follows:

• Cannot Select NIS+ as the DHCP Data Store

• NIS+ Is Not Adequately Configured for DHCP Data Store

• NIS+ Access Problems for the DHCP Data Store

Cannot Select NIS+ as the DHCP Data Store

If you try to use NIS+ as your data store, DHCP Manager might not offer NIS+ as a choice for the data store. If you use the dhcpconfig command, you might see a message stating that NIS+ does not appear to be installed and running. Both these symptoms mean that NIS+ has not been configured for this server, although NIS+ might be in use on the network. Before you can select NIS+ as a data store, the server system must be configured as an NIS+ client.

Before you set up the DHCP server system as an NIS+ client, the following statements must be true:

• The domain must have already been configured.

• The NIS+ domain's master server must be running.

• The master server's tables must be populated.

• The hosts table must have an entry for the new client system, the DHCP server system.

"Setting Up NIS+ Client Machines" in System Administration Guide: Naming and Directory Services (NIS+) provides detailed information about configuring an NIS+ client.

NIS+ Is Not Adequately Configured for DHCP Data Store

After you successfully use NIS+ with DHCP, you might encounter errors if changes are made to NIS+. The changes could introduce configuration problems. Use the following explanations of problems and solutions to help you determine the cause of configuration problems.

Problem: Root object does not exist in the NIS+ domain.

Solution: Type the following command:

/usr/lib/nis/nisstat

This command displays statistics for the domain. If the root object does not exist, no statistics are returned.

Set up the NIS+ domain using the System Administration Guide: Naming and Directory Services (NIS+).

Problem: NIS+ is not used for passwd and publickey information.

Solution: Type the following command to view the configuration file for the name service switch:

cat /etc/nsswitch.conf

Check the passwd and publickey entries for the "nisplus" keyword. Refer to the System Administration Guide: Naming and Directory Services (NIS+) for information about configuring the name service switch.

Problem: The domain name is empty.

Solution: Type the following command:

domainname

If the command lists an empty string, no domain name has been set for the domain. Use local files for your data store, or set up an NIS+ domain for your network. Refer to the System Administration Guide: Naming and Directory Services (NIS+).

Problem: The NIS_COLD_START file does not exist.

Solution: Type the following command on the server system to determine if the file exists:

cat /var/nis/NIS_COLD_START

Use local files for your data store, or create an NIS+ client. Refer to the System Administration Guide: Naming and Directory Services (NIS+).

NIS+ Access Problems for the DHCP Data Store

NIS+ access problems might cause error messages about incorrect DES credentials, or inadequate permissions to update NIS+ objects or tables. Use the following explanations of problems and solutions to determine the cause of NIS+ access errors you receive.

Problem: The DHCP server system does not have create access to the org_dir object in the NIS+ domain.

Solution: Type the following command:

nisls -ld org_dir

The access rights are listed in the form r---rmcdrmcdr---, where the permissions apply respectively to nobody, owner, group, and world. The owner of the object is listed next.

Normally, the org_dir directory object provides full rights to both the owner and the group. Full rights consist of read, modify, create, and destroy. The org_dir directory object provides only read access to the world and nobody classes.

The DHCP server name must either be listed as the owner of the org_dir object, or be listed as a principal in the group. The group must have create access. List the group with the command:

nisls -ldg org_dir

Use the nischmod command to change the permissions for org_dir if necessary. For example, to add create access to the group, you would type the following command:

nischmod g+c org_dir

See the nischmod(1) man page for more information.

Problem: The DHCP server does not have access rights to create a table under the org_dir object.

Usually, this problem means the server system's principal name is not a member of the owning group for the org_dir object, or no owning group exists.

Solution: Type this command to find the owning group name:

niscat -o org_dir

Look for a line that is similar to:

Group : "admin.example.com."

List the principal names in the group using the command:

nisgrpadm -l groupname

For example, this command lists the principal names of the group admin.example.com:

nisgrpadm -l admin.example.com