On Thursday 27 April 2006 13:11, A.Fadyushin@xxxxxxxxxxxx wrote: >> -----Original Message----- >> From: fedora-legacy-list-bounces@xxxxxxxxxx > >[mailto:fedora-legacy-list- > >> bounces@xxxxxxxxxx] On Behalf Of Gene Heskett >> Sent: Thursday, April 27, 2006 4:11 AM >> To: Discussion of the Fedora Legacy Project >> Subject: Re: Q re dhcpd.conf setup >> >> On Wednesday 26 April 2006 13:09, A.Fadyushin@xxxxxxxxxxxx wrote: >> >Yes, you can give clients the address of gateway via DHCP. The >> > necessary option in dhcp configuration is called 'routers'. You >> > should put in the dhcpd.conf file (usually in the subnet >> > definition) the following line >> > >> >option routers <gateway_address>; >> > >> >Change the '<gateway_address>' with the address of your gateway. If >> > yor network is complex and includes more than gateway for the > >client, > >> > list on that line all the gateways addresses separated by commas > >(see > >> > the description of this option in 'dhcp-options' manpage). >> > >> >The dhcpd server does not support the client authentication at this >> > time (howewer, it may support it in the future). You could try to >> > make something similar to protection you need using dhcpd's >> > ability to include conditions in its configuration (see >> > 'dhcpd-eval' manpage). >> >> There doesn't seem to be a man 'dhcpd-eval' on that box. > >Oops, I mistyped the manpage name - it should be 'dhcp-eval', not >'dhcpd-eval'. > >> And whatever I've done, there is no response in the logs on that box > >for > >> a dhcp negotiation session. Here is the last restart of the dhcpd >> daemon as it shows in /var/log/messages: >> Apr 26 19:34:43 gene dhcpd: >> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth1/192.168.71.0 >> Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth1/192.168.71.0 >> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth0/192.168.1.0 >> Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth0/192.168.1.0 >> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth1/192.168.71.0 >> Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth1/192.168.71.0 >> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth0/192.168.1.0 >> Apr 26 19:34:43 gene dhcpd: Sending on Socket/eth0/192.168.1.0 >> Apr 26 19:34:43 gene dhcpd: dhcpd startup succeeded >> >> Here is the networks lashup: >> >> HP-laptop<rf>wap11<eth>[8-port-switch]<eth>firewall- >> 1.92.168.71.1<iptables>firewall-191.168.1.1<router>[DSL-modem] >> >> Here is the current, I think identical to what WAS working partially >> I think, dhcpd.conf on the firewall box: >> subnet 192.168.71.0 netmask 255.255.255.0 { >> # --- default gateway >> option routers 192.168.1.1; > >The router should be in 192.168.71.0 network, not in 192.168.1.0 >network. > >> option subnet-mask 255.255.255.0; >> >> option nis-domain "coyote.den"; >> option domain-name "coyote.den"; >> option domain-name-servers 192.168.71.1; >> >> option time-offset -18000; # Eastern Standard > >Time > >> # option ntp-servers 192.168.1.1; >> # option netbios-name-servers 192.168.1.1; >> # --- Selects point-to-point node (default is hybrid). Don't change > >this > >> unless >> # -- you understand Netbios very well >> # option netbios-node-type 2; >> >> range dynamic-bootp 192.168.71.101 192.168.71.105; >> range 192.168.71.101 192.168.71.105; >> default-lease-time 21600; >> max-lease-time 43200; >> >> # we want the nameserver to appear at a fixed address >> host ns { >> next-server 192.168.71.1; #gene.coyote.den; >> hardware ethernet 00:09:5B:07:7E:7D; >> fixed-address 192.168.71.1; >> } >> } >> >> # I've NDI why I even need this section, nothing comes from there >> that # needs to have access to dhcpd services. >> subnet 192.168.1.0 netmask 255.255.255.0 { >> option routers 192.168.1.1; >> option subnet-mask 255.255.255.0; >> option nis-domain "coyote.den"; >> option domain-name "coyote.den"; >> option domain-name-servers 192.168.71.1; >> host ns { >> next-server 192.168.1.1; >> hardware ethernet 00:40:33:57:28:51; >> fixed-address 192.168.1.100; >> } >> } >> ----------------------------- >> There is more than just the routers wrong in the above file, as I >> did try it at 71.1, and that broke it even when converted back to >> 1.1. >> >> Here is the currently working ifcfg-wlan0 from diablo[HP laptop] >> >> [root@diablo network-scripts]# cat ifcfg-wlan0 >> DEVICE=wlan0 >> ONBOOT=yes >> BOOTPROTO=none BOOTPROTO=dhcp >> TYPE=Wireless >> MODE=Managed >> ESSID=ICECAP4NIGHTCAP >> CHANNEL=6 IPADDR=192.168.71.6<--wrong, needed to be wap11's IP of 192.168.71.102 The wap11 is the other end of the radio link, connecting to the switch and the rest of the local ethernet network. >> DOMAIN=coyote.den >> NETMASK=255.255.255.0 >> GATEWAY=192.168.71.1 >> USERCTL=no USRCTL=yes >> PEERDNS=no PEERDNS=yes >> IPV6INIT=no >> RATE=Auto >> DHCP_HOSTNAME=diablo.coyote.den >> HWADDR=00:14:A5:75:32:C9 >> ---------------------------- >> Now, if I change to BOOTPROTO=dhcp >> and comment out the gateway & local addresses, then restart the And it all works. >network > >> on the lappy, there is no query for dhcp showing in the firewalls > >logs. > >It seems that you have a problem with DHCP client, not with DHCP > server configuration because you do not see the DHCH requests in the > server logs. The client just does not ask for its network settings. > Try to comment out all parameters in ifcfg-wlan0 on the client, > except for DEVICE, ONBOOT and BOOTPROTO. Twasn't the dhcpd although I've moved it to a machine with only one nic in it, making the config a heck of a lot cleaner. >> I'm obviously in over my head here as that was working this morning >> before I took it to the tv station and tried and failed to connect >> to their wifi network, for about 2 hours of the infinite monkeys >> routine. >> >> The wap11 currently has an address, obtained before trying to figure > >out > >> howto dhcp connect to a new network. XP on that same lappy even >> remembered the key from the session before, so it Just Worked(TM) >> when I tried it today. >> >> Is the above enough to see what it is I need to do? > >Alexey Fadyushin. >Brainbench MVP for Linux. >http://www.brainbench.com > >-- > >fedora-legacy-list@xxxxxxxxxx >https://www.redhat.com/mailman/listinfo/fedora-legacy-list -- Cheers, Gene People having trouble with vz bouncing email to me should add the word 'online' between the 'verizon', and the dot which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2006 by Maurice Eugene Heskett, all rights reserved. -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list
