techblog 

OMAPI is an API to allow you to control and query the ISC DHCP server. Unfortunately finding a nice example of how to use it securely wasn’t easy. So here is one:

Create a TSIG key

dnssec-keygen -a HMAC-MD5 -b 512 -n HOST omapi_key

Add the following to dhcpd.conf replacing XXXXXXXXX with the key you generated in the previous step.

omapi-port 9991;
key omapi_key {
algorithm HMAC-MD5;
secret "XXXXXXXXX";
};
omapi-key omapi_key;

Start dhcpd

Test that you can add a host to dhcpd by using omshell or by using this perl example

#!/usr/bin/perl -w

print "Please enter the MAC address of the client interface.n";
my $mac = <STDIN>;
chomp ($mac);

print "Please enter the IP address.n";
my $ip = <STDIN>;
chomp ($ip);

print "Please enter a name for this client.n";
my $name = <STDIN>;
chomp ($name);

open (OMSHELL, "|omshell") || die ("Unable to open omshelln");
print OMSHELL "port 9991n";
print OMSHELL "key omapi_key \"XXXXXXXXX\"n";
print OMSHELL "connectn";
print OMSHELL "new hostn";
print OMSHELL "set name = \"$name\"n";
print OMSHELL "set hardware-address = $macn";
print OMSHELL "set hardware-type = 1n";
print OMSHELL "set ip-address = $ipn";
print OMSHELL "createn";
close (OMSHELL) || die "Unable to close omshell.n";

Look in the dhcpd.leases file and you should see the host defined like this

host test1 {
dynamic;
hardware ethernet <YOUR MAC ADDRESS>;
fixed-address <YOUR IP ADDRESS>;
}

This dynamic statement indicates that this was created using omapi and did not come from the dhcpd.conf file.