Re: ip forwarding/masquerading and dhcpd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



If you're unable to get an IP address, there's no use concerning yourself about
firewalling/forwarding.  First get an address and then look at forwarding.

If your DHCP is running, you should have messages in the log file. You can test
your config with:
dhcpd -t

Check that dhcp is running with:
[0:root@elmo dhcp]$ netstat -anp | grep dhcp
udp        0      0 0.0.0.0:67              0.0.0.0:*                           3483/dhcpd
udp        0      0 0.0.0.0:29091           0.0.0.0:*                           3487/dhcpd         
udp        0      0 0.0.0.0:25164           0.0.0.0:*                           3483/dhcpd         
        


Your dhcpd.conf doesn't look right (assuming your running ISC DHCP):
DHCPDARGS=em1;
ddns-update-style interim;
subnet 10.10.10.0 netmask       255.255.255.0 {
option subnet-mask              255.255.255.0;
broadcast-address               10.10.10.255;
clientsoption routers           10.10.10.1;
option domain-name-servers      10.10.10.1;
}

You don't have a subnet declaration nor any pools.  Also, I'm unfamiliar
with DHCPDARGS.  'clientsoptions' isn't a keyword.

You can watch the traffic with tcpdump:
tcpdump -vv -e -n -i em1 'portrange 67-68' | tee 2017-09-06.dhcp.traffic
This will show you the MAC address.

My guess is that your dhcpd is not running.

Bill

On 9/7/2017 10:15 PM, JD wrote:


On 09/07/2017 01:31 PM, Bill Shirley wrote:

On 9/6/2017 3:46 PM, JD wrote:
Hi,
My em1 is config'ed as:
ifconfig em1 inet 10.10.10.1 up netmask 0xffffff00

The wifi is connected to and internet and working OK.

em1 is the lan.

I have the following /etc/dhcp/dhcpd.conf  file

DHCPDARGS=em1;
ddns-update-style interim;
subnet 10.10.10.0 netmask       255.255.255.0 {
option subnet-mask              255.255.255.0;
broadcast-address               10.10.10.255;
clientsoption routers           10.10.10.1;
option domain-name-servers      10.10.10.1;
}

I execute:
sudo systemctl start dhcpd
and I see it is running:
ps -ef | grep dhcpd
dhcpd    24671     1  0 19:30 ?        00:00:00 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid


However, the client, an old skype phone (from the days before MS bought skype),
is unable to connect and obtain an ip addy.

I have ip forwarding enabled:

echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -A FORWARD -i wlp12s0 -o em1 -m state --state ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o wlp12s0 -m state --state ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o wlp12s0          -j ACCEPT
/sbin/iptables -A FORWARD -i wlp12s0 -o em1                              -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o wlp12s0                          -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o em1              -j MASQUERADE

So, there must be a problem with the ip forwarding, and / or the dhcpd.conf file ???

If the device doesn't get an address, you're still before the iptables/forwarding stage.

Look in your log files for DHCP messages.

Bill
_______________________________________________
Well, I did look in all the log files under /var/log/ and found nothing related to failure to provide an IP addy.

But I do not understand what you mean by "you're still before the iptables/forwarding stage"

Do you mean that there are rules preceding the rules I provided for ip forwarding and masquerading,
such that the incoming request (for an IP addy) is never making it down to the rules I had added?
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx

_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux