Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 266
  • Last Modified:

ipchains and DHCP

Hello experts:

Is it possible to have a DHCP server setup on a seperate network and obtain your ip address from that server?

DHCP Server Address is 10.1.102.90
DHCP Server has the following scopes:
10.1.101.100 - 200
10.1.102.100 - 200
10.1.103.100 - 200

How can I setup rules on this linux router to distribute the correct ip address to a requesting client?

For instance, if I'm on the 10.1.101.x network, and perform an ipconfig /renew, how can I obtain the ip parameters from the dhcp server?
0
escheider
Asked:
escheider
1 Solution
 
HalldorGCommented:
Think you need seperate network cards as you can only bound one scope to each card.

As the DHCP server would have no chance to deside which network it should give if there where more than one to choose from on the same network card.
0
 
hangmanCommented:
Try setting your network mask to 255.255.0.0
0
 
jlevieCommented:
DHPC is a broadcast protcol and as such it won't cross router boundaries unassisted. When using hardware routers, like Cisco gear, one configures the router to act as a dhcp forwarder. A similar thing can be done on a linux router with dhcrelay.

Assuming that your linux router can see the DHCP server via eth0 (meaning that eth0 has an IP on the same subnet as the DHCP server, 10.1.102.0/24 in this case) and that eth1 is the subnet that contains the clients you could use 'dhcrelay -i eth1 10.1.102.90'. That will cause dhcrelay to listen for requests on eth1 and forward those requests to the server. You'll want to arrainge for dhcrelay to be started at boot and adding the command to rc.local would be one option. For more information see 'man dhcrelay'.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
escheiderAuthor Commented:
I think you're on the right track jlevie.  I have done this with Cisco routers using ip helper.  

I will try your suggestion and see what happens.

0
 
escheiderAuthor Commented:
Question, is dhcprelay a module that will need to be installed.  How can I check to see if it is on my linux box?
0
 
jlevieCommented:
dhcprelay is part of the dhcp server package and will be installed if dhcp is installed.
0
 
escheiderAuthor Commented:
jlevie:

It actuall works...now, dhcp uses udp ports 67 and 68, so after I switch to a deny all policy, I assume I'll have to open these ports up to communicate to the server?

Let me know and I'll award you the points.

E
0
 
jlevieCommented:
I'm guessing that your DHCP server is, per my example above, on the untrusted (eth0) interface and that's where you'll be doing a deny all. If that's the case, then yes you'll need to allow thost UDP ports.
0
 
escheiderAuthor Commented:
Works great...I knew it could be done.
0
 
jlevieCommented:
Cool...
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now