Solved

ipchains and DHCP

Posted on 2002-04-07
10
259 Views
Last Modified: 2010-03-18
Hello experts:

Is it possible to have a DHCP server setup on a seperate network and obtain your ip address from that server?

DHCP Server Address is 10.1.102.90
DHCP Server has the following scopes:
10.1.101.100 - 200
10.1.102.100 - 200
10.1.103.100 - 200

How can I setup rules on this linux router to distribute the correct ip address to a requesting client?

For instance, if I'm on the 10.1.101.x network, and perform an ipconfig /renew, how can I obtain the ip parameters from the dhcp server?
0
Comment
Question by:escheider
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 7

Expert Comment

by:HalldorG
ID: 6924959
Think you need seperate network cards as you can only bound one scope to each card.

As the DHCP server would have no chance to deside which network it should give if there where more than one to choose from on the same network card.
0
 
LVL 2

Expert Comment

by:hangman
ID: 6925344
Try setting your network mask to 255.255.0.0
0
 
LVL 40

Accepted Solution

by:
jlevie earned 30 total points
ID: 6925488
DHPC is a broadcast protcol and as such it won't cross router boundaries unassisted. When using hardware routers, like Cisco gear, one configures the router to act as a dhcp forwarder. A similar thing can be done on a linux router with dhcrelay.

Assuming that your linux router can see the DHCP server via eth0 (meaning that eth0 has an IP on the same subnet as the DHCP server, 10.1.102.0/24 in this case) and that eth1 is the subnet that contains the clients you could use 'dhcrelay -i eth1 10.1.102.90'. That will cause dhcrelay to listen for requests on eth1 and forward those requests to the server. You'll want to arrainge for dhcrelay to be started at boot and adding the command to rc.local would be one option. For more information see 'man dhcrelay'.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 4

Author Comment

by:escheider
ID: 6925534
I think you're on the right track jlevie.  I have done this with Cisco routers using ip helper.  

I will try your suggestion and see what happens.

0
 
LVL 4

Author Comment

by:escheider
ID: 6925541
Question, is dhcprelay a module that will need to be installed.  How can I check to see if it is on my linux box?
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6925568
dhcprelay is part of the dhcp server package and will be installed if dhcp is installed.
0
 
LVL 4

Author Comment

by:escheider
ID: 6926212
jlevie:

It actuall works...now, dhcp uses udp ports 67 and 68, so after I switch to a deny all policy, I assume I'll have to open these ports up to communicate to the server?

Let me know and I'll award you the points.

E
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6926367
I'm guessing that your DHCP server is, per my example above, on the untrusted (eth0) interface and that's where you'll be doing a deny all. If that's the case, then yes you'll need to allow thost UDP ports.
0
 
LVL 4

Author Comment

by:escheider
ID: 6926940
Works great...I knew it could be done.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 6926993
Cool...
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Share my Windows 7 C folder with another Ubuntu Linux 15.10 Lenovo desktop computer 42 126
Unix / Linux grid computing 5 169
E-mail settings for Fail2ban 7 153
Measure data download 2 128
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question