Aleph 0 Computing: Using Mac OS X as a DHCP Server
[Please note that the following is only known to apply to Mac OS X 10.4 “Tiger”. I have not checked the below setup with any later versions; confirmation is appreciated from any that have. —CDJ]
I used to have an original Mac mini as my primary desktop machine, and I used several laptops (Apple and non-Apple) as well. I leave laptop ethernet ports configured to use DHCP automatically, as that's typically the easiest way to get them to work when connected to airport, hotel, or other destinations' ethernet jacks; I decided it would be nice to connect them directly to the mini when wanting to transfer huge amounts of data, and not have to worry about a reconfiguration every time. Apple's newer machines don't require a crossover cable or hub just to connect to another machine via ethernet, so I essentially just needed to run a DHCP server on the mini providing routing and configuration information, and connect a cable from the mini to the laptop-of-the-day, and have a full, fast connection which I can use to transfer files between the laptop and mini or browse the web.
I have a decent amount of home-networking experience, and with the help of some of Apple Support documents and Mac Help (specifically, an article entitled "Connecting two computers using Ethernet"), it wasn't hard for me to determine the following process—the results, however, were pleasantly surprising. Not only could the two "communicate", but this process in fact establishes the mini as a DHCP server, and after the (quite simple) setup below, everything works adequately, if not ideally.
I'm listing problems with this procedure first for a couple of reasons. First, you should know what will and will not work well after following this procedure. Second, the problems provide the basis for some of the decisions I make later.
Numbers don't work
Some Googling (and cursory testing) seems to suggest that, no matter what, Internet Sharing always uses “internal” numbers on the 192.168.2.0 subnet, a real no-no if there's already another 192.168.2.0 subnet. There are some ways to work around that, but they're far from ideal—they essentially involve disabling the built-in Internet Sharing and setting up your own version. For me, it's fairly easy not to use 192.168.2.0 for any other subnet, so I'm unlikely to pursue it further.
Names don't work
Sure, you can use the IP addresses if you like (it's set above on the Mac, and doesn't change), but the possibility of not doing so is one of the reasons I wanted to do this in the first place. Instead, I'd like to use the machine names: to connect to the Mac, just use the name listed in the Sharing pane (as in “natalie.local” below). To connect to your other computer, check that machine's documentation for how to determine or set its name. This doesn't seem to work at the moment.
This can be partially worked around with either a Mac laptop or by installing Bonjour on a Windows laptop. However, there doesn't seem to be an ideal OS-agnostic solution that doesn't require installing software on the client, though the idea of simply installing software on the Mac seems reasonable.
This can also be worked around in conjunction with the previous problem by running a self-configured nameserver on the Mac instead of the one set up by Internet Sharing. Again, however, in conjunction with that problem, you always know the Mac will be at 192.168.2.1, so you may as well just use that number.
One more thing…
One other caveat seems to apply: this doesn't seem to work (completely) if you're not logged in on your Mac and you use WEP (or possibly WPA) encryption for your AirPort network. This is likely because the encryption key is stored in your “personal” keychain. There are almost certainly ways around this, but I don't tend to have this problem (except in theory), so I'm not likely to pursue it further at the moment.
The Short Version
- Set up ethernet on the Mac
- Enable internet sharing on the Mac
- Enable personal web sharing & any other filesharing services
- If the firewall is enabled, disable UDP blocking on the Mac
- Connect the ethernet port on the Mac to the ethernet port on another computer, and (if necessary) tell the other computer to get its network settings from DHCP
The Long Version
My Mac mini is connected via its built-in AirPort Extreme to my wireless gateway, so the ethernet port is free—I have no idea how well these instructions will work, if at all, if you're using your ethernet connection to connect to the Internet.
I'll assume here you're using the same setup I am—I won't be held responsible if you're not. I'll also assume that you've already got a working connection via your Mac's AirPort to the Internet. Configuring such a connection is beyond the scope of this document.
Set up ethernet on the Mac
Ethernet must somehow be configured on the Mac. I believe the factory configuration is to set it up for DHCP, and that's fine; when it doesn't find a DHCP server, it will just default to a “private” address. If you want to check, open System Preferences and click on the “Network” pane:
Click on the menu next to “Show”, and choose “Built-in Ethernet”; set the “Configure IPv4” menu to “Using DHCP”:
“Apply Now”, and go on….
It's also possible (and some might say preferable) to simply set the ethernet address to 192.168.2.1. Since that's what is used for the sharing, why take up another address, even if it is private? The actual implementation of this is left to the reader.
Enable internet sharing on the Mac
“Internet Sharing” allows your Mac to act as a gateway, assuming it's connected to the Internet. To enable internet sharing, open System Preferences and click on the “Sharing” icon:
Choose the “Internet Sharing” tab and select to share the AirPort connection to computers using the Ethernet connection. Click “Start”:
Enable Personal Web Sharing & Any Filesharing Services
Internet Sharing on the Mac is designed to do just that, not to simply to share data between two computers. If your other computer is running a service to allow uploading and downloading files (Windows file sharing, for instance, or SFTP), this step may not be necessary. However, if you have the Mac OS X firewall running, you may want to “open it up” a bit more with this and the next step.
If you want to use the Mac as your gateway to the web (so that the other computer doesn't need to have its own connection to the Internet), this is also the time to set that up. Note that this also applies if you simply want to share data between the two computers using HTTP, the protocol that runs the web.
Click on the “Services” tab, and check “Personal Web Sharing” and any filesharing services you want to run on the Mac, like Windows Sharing or Personal File Sharing (AppleShare). (Note that Remote Login also includes SFTP.)
Disable UDP Blocking
DHCP and DNS use UDP; if your Mac isn't responding to UDP requests, DHCP won't work. Click on the “Firewall” tab:
If the firewall is running, click on the “Advanced” button, and make sure “Block UDP Traffic” is not checked:
Connect and Go!
That's it from the Mac side of things. Most computers are initially set up to use DHCP on their ethernet ports—refer to your machine's documentation if you're unsure how to check or how to set that up. Connect an ethernet cable between the two machines, and start browsing.
Despite this configuration being rather limited (see the above problems), there are at least one or two more advanced things that can be done quite easily. One of the most useful I've found is static IP assignments based on MAC address. For the specifics (which include adding a NetInfo entry), see the man page for bootpd in the terminal.
All information on this website (http://www.aleph0.com/), unless otherwise noted, is wholly the work of Christian Jones (email@example.com). All information, data, and formatting is hereby released into the public domain, with no rights reserved. For questions, concerns, or comments, please email the author.
The above screenshots are taken from Apple Computer's Mac OS X version 10.4 “Tiger”. They are neither the property nor the creation of Christian Jones, but are believed to be used here under Fair Use. Please avoid reusing them without appropriate legal consideration.