On 09/09/2017 01:03 PM, Bill Shirley wrote:
If you're unable to get an IP address, there's no use concerning
yourself about
firewalling/forwarding. First get an address and then look at forwarding.
If your DHCP is running, you should have messages in the log file. You
can test
your config with:
dhcpd -t
Check that dhcp is running with:
[0:root@elmo dhcp]$ netstat -anp | grep dhcp
udp 0 0 0.0.0.0:67 0.0.0.0:*
3483/dhcpd
udp 0 0 0.0.0.0:29091 0.0.0.0:*
3487/dhcpd
udp 0 0 0.0.0.0:25164 0.0.0.0:*
3483/dhcpd
Your dhcpd.conf doesn't look right (assuming your running ISC DHCP):
DHCPDARGS=em1;
ddns-update-style interim;
subnet 10.10.10.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
broadcast-address 10.10.10.255;
clientsoption routers 10.10.10.1;
option domain-name-servers 10.10.10.1;
}
You don't have a subnet declaration nor any pools. Also, I'm unfamiliar
with DHCPDARGS. 'clientsoptions' isn't a keyword.
You can watch the traffic with tcpdump:
tcpdump -vv -e -n -i em1 'portrange 67-68' | tee 2017-09-06.dhcp.traffic
This will show you the MAC address.
My guess is that your dhcpd is not running.
Bill
On 9/7/2017 10:15 PM, JD wrote:
On 09/07/2017 01:31 PM, Bill Shirley wrote:
On 9/6/2017 3:46 PM, JD wrote:
Hi,
My em1 is config'ed as:
ifconfig em1 inet 10.10.10.1 up netmask 0xffffff00
The wifi is connected to and internet and working OK.
em1 is the lan.
I have the following /etc/dhcp/dhcpd.conf file
DHCPDARGS=em1;
ddns-update-style interim;
subnet 10.10.10.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
broadcast-address 10.10.10.255;
clientsoption routers 10.10.10.1;
option domain-name-servers 10.10.10.1;
}
I execute:
sudo systemctl start dhcpd
and I see it is running:
ps -ef | grep dhcpd
dhcpd 24671 1 0 19:30 ? 00:00:00 /usr/sbin/dhcpd -f
-cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
However, the client, an old skype phone (from the days before MS
bought skype),
is unable to connect and obtain an ip addy.
I have ip forwarding enabled:
echo 1 > /proc/sys/net/ipv4/ip_forward
/sbin/iptables -A FORWARD -i wlp12s0 -o em1 -m state --state
ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o wlp12s0 -m state --state
ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i em1 -o wlp12s0 -j ACCEPT
/sbin/iptables -A FORWARD -i wlp12s0 -o
em1 -j ACCEPT
/sbin/iptables -t nat -A POSTROUTING -o
wlp12s0 -j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -o em1 -j MASQUERADE
So, there must be a problem with the ip forwarding, and / or the
dhcpd.conf file ???
If the device doesn't get an address, you're still before the
iptables/forwarding stage.
Look in your log files for DHCP messages.
Bill
_______________________________________________
Well, I did look in all the log files under /var/log/ and found
nothing related to failure to provide an IP addy.
But I do not understand what you mean by "you're still before the
iptables/forwarding stage"
Do you mean that there are rules preceding the rules I provided for
ip forwarding and masquerading,
such that the incoming request (for an IP addy) is never making it
down to the rules I had added?
$ netstat -anp | grep dhcp
udp 0 0 0.0.0.0:32389 0.0.0.0:*
32096/dhcpd
udp 0 0 0.0.0.0:67 0.0.0.0:*
32096/dhcpd
udp6 0 0 :::47925 :::*
32096/dhcpd
raw 0 0 0.0.0.0:1 0.0.0.0:* 7
32096/dhcpd
unix 2 [ ACC ] STREAM LISTENING 21743
728/NetworkManager /var/run/NetworkManager/private-dhcp
unix 3 [ ] STREAM CONNECTED 26939069 32096/dhcpd
unix 2 [ ] DGRAM 26939072 32096/dhcpd
$ dhcpd -t
Internet Systems Consortium DHCP Server 4.2.7
Copyright 2004-2014 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were
not specified in the config file
PS: The skype phone is not connected.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
