DHCP and multiple netsegments

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Got a problem; Somethings work, but not all. This is the setup_

I'm running some tests right now, hence th dhcpd placement in the wrong
place in front of the firewall.
Of course the dhcpd will be placed correctly behind the firewall soon,
and the DMZ will be NAT'ed on the router.

(IP#'s changed, but resembles the real ones; netmasks are the aktual
ones)

              233.147.155.0                    10.10.0.0
              255.255.255.192                  255.255.0.0
  ---- router -----+----- firewall/router ---- clientsegment2
                   |
                   +--- dhcpserver
                   |
                   +--- clientsegment1

I can start dhcpd using  /etc/rc.d/init.d/dhcpd start  without problems.
IP#'s are being correctly assigned for clientsegment1, but not for
clientsegment2.
Everything works on clientsegment2 when using static IP#'s.
During tests, no rules are defined on the firewall, only pure
masquerading, all access works the way it's supposed to (using static
IP#'s).

On the dhcpserver, I've created the route 255.255.255.255 dev eth0 due
to
w95 clients (w98 works without this rule with my own non-segmented
setup).

I also tried to add the same route on the firewall/router, on both eth1
and eth1, but not on both simultaneously. Just to try it...
Could I have a problem routing broadcasts between eth0 and eth1?

Haven't yet tried  route add -net 255.255.255.0 dev eth0  as stated as
another possible solution in /usr/doc/dhcp-xxxx/README .

The dhcpd.conf:
Before I added a range to subnet 233.147.155.0, dhcpd complained about
missing some subnet declaration on eth0.
Likewise, it complained until I changed netmask 255.255.255.192 into
netmask 255.255.255.0 . The ".192" was given by the ISP.


shared-network TECH {

    #subnet 233.147.155.0 netmask 255.255.255.192 {
    subnet 233.147.155.0 netmask 255.255.255.0 {
        # works using some range here, doesn't without:
        range 233.247.255.10 233.247.155.20;
    }

    subnet 10.10.0.0 netmask 255.255.0.0 {
        default-lease-time 600;  # ten minutes
        max-lease-time 604800;  # seven days
        option domain-name-servers 195.184.44.18, 195.184.44.34;
        option domain-name "teknik.dk";
        option subnet-mask 255.255.0.0;
        option routers 10.10.0.1;
        range 10.10.0.10 10.10.0.250;
    }
}


If I don't manage to solve the problem by tomorrow, I'll have to
implement the dhcp service on the firewall itself, which I don't like.
Well, at least until I can figure out what's happening...
-- 
Regards,
              Mogens Valentin
    Networking - Security - Programming
  Linux configuration and troubleshooting
http://www.danbbs.dk/~monz - monz@danbbs.dk
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux