If you're unable to get an IP address, there's no use concerning
yourself about
firewalling/forwarding. First get an address and then look at
forwarding.
If your DHCP is running, you should have messages in the log file.
You can test
your config with:
dhcpd -t
Check that dhcp is running with:
[0:root@elmo dhcp]$ netstat -anp | grep
dhcp
udp 0 0 0.0.0.0:67
0.0.0.0:* 3483/dhcpd
udp 0 0 0.0.0.0:29091
0.0.0.0:* 3487/dhcpd
udp 0 0 0.0.0.0:25164
0.0.0.0:* 3483/dhcpd
Your dhcpd.conf doesn't look right (assuming your running ISC DHCP):
DHCPDARGS=em1;
ddns-update-style interim;
subnet 10.10.10.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
broadcast-address 10.10.10.255;
clientsoption routers 10.10.10.1;
option domain-name-servers 10.10.10.1;
}
You don't have a subnet declaration nor any pools. Also, I'm
unfamiliar
with DHCPDARGS. 'clientsoptions' isn't a keyword.
You can watch the traffic with tcpdump:
tcpdump -vv -e -n -i em1 'portrange 67-68'
| tee 2017-09-06.dhcp.traffic
This will show you the MAC address.
My guess is that your dhcpd is not running.
Bill
On 9/7/2017 10:15 PM, JD wrote:
On 09/07/2017 01:31 PM, Bill Shirley wrote:
On 9/6/2017 3:46 PM, JD wrote:
Hi,
My em1 is config'ed as:
ifconfig em1 inet 10.10.10.1 up netmask 0xffffff00
The wifi is connected to and internet and working OK.
em1 is the lan.
I have the following /etc/dhcp/dhcpd.conf file
DHCPDARGS=em1;
ddns-update-style interim;
subnet 10.10.10.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
broadcast-address 10.10.10.255;
clientsoption routers 10.10.10.1;
option domain-name-servers 10.10.10.1;
}
I execute:
sudo systemctl start dhcpd
and I see it is running:
ps -ef | grep dhcpd
dhcpd 24671 1 0 19:30 ? 00:00:00
/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group
dhcpd --no-pid
However, the client, an old skype phone (from the days before
MS bought skype),
is unable to connect and obtain an ip addy.
I have ip forwarding enabled:
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -A FORWARD -i wlp12s0 -o em1 -m state --state
ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o wlp12s0 -m state --state
ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o wlp12s0 -j ACCEPT
/sbin/iptables -A FORWARD -i wlp12s0 -o
em1 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o
wlp12s0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o em1 -j
MASQUERADE
So, there must be a problem with the ip forwarding, and / or
the dhcpd.conf file ???
If the device doesn't get an address, you're still before the
iptables/forwarding stage.
Look in your log files for DHCP messages.
Bill
_______________________________________________
Well, I did look in all the log files under /var/log/ and found
nothing related to failure to provide an IP addy.
But I do not understand what you mean by "you're still before the
iptables/forwarding stage"
Do you mean that there are rules preceding the rules I provided
for ip forwarding and masquerading,
such that the incoming request (for an IP addy) is never making it
down to the rules I had added?
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to
users-leave@xxxxxxxxxxxxxxxxxxxxxxx
|
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx