Q re dhcpd.conf setup

Gene Heskett gene.heskett at verizon.net
Thu Apr 27 22:55:20 UTC 2006 

On Thursday 27 April 2006 13:11, A.Fadyushin at it-centre.ru wrote:
>> -----Original Message-----
>> From: fedora-legacy-list-bounces at redhat.com
>
>[mailto:fedora-legacy-list-
>
>> bounces at redhat.com] On Behalf Of Gene Heskett
>> Sent: Thursday, April 27, 2006 4:11 AM
>> To: Discussion of the Fedora Legacy Project
>> Subject: Re: Q re dhcpd.conf setup
>>
>> On Wednesday 26 April 2006 13:09, A.Fadyushin at it-centre.ru wrote:
>> >Yes, you can give clients the address of gateway via DHCP. The
>> > necessary option in dhcp configuration is called 'routers'. You
>> > should put in the dhcpd.conf file (usually in the subnet
>> > definition) the following line
>> >
>> >option routers <gateway_address>;
>> >
>> >Change the '<gateway_address>' with the address of your gateway. If
>> > yor network is complex and includes more than gateway for the
>
>client,
>
>> > list on that line all the gateways addresses separated by commas
>
>(see
>
>> > the description of this option in 'dhcp-options' manpage).
>> >
>> >The dhcpd server does not support the client authentication at this
>> > time (howewer, it may support it in the future). You could try to
>> > make something similar to protection you need using dhcpd's
>> > ability to include conditions in its configuration (see
>> > 'dhcpd-eval' manpage).
>>
>> There doesn't seem to be a man 'dhcpd-eval' on that box.
>
>Oops, I mistyped the manpage name - it should be 'dhcp-eval', not
>'dhcpd-eval'.
>
>> And whatever I've done, there is no response in the logs on that box
>
>for
>
>> a dhcp negotiation session.  Here is the last restart of the dhcpd
>> daemon as it shows in /var/log/messages:
>> Apr 26 19:34:43 gene dhcpd:
>> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth1/192.168.71.0
>> Apr 26 19:34:43 gene dhcpd: Sending on   Socket/eth1/192.168.71.0
>> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth0/192.168.1.0
>> Apr 26 19:34:43 gene dhcpd: Sending on   Socket/eth0/192.168.1.0
>> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth1/192.168.71.0
>> Apr 26 19:34:43 gene dhcpd: Sending on   Socket/eth1/192.168.71.0
>> Apr 26 19:34:43 gene dhcpd: Listening on Socket/eth0/192.168.1.0
>> Apr 26 19:34:43 gene dhcpd: Sending on   Socket/eth0/192.168.1.0
>> Apr 26 19:34:43 gene dhcpd: dhcpd startup succeeded
>>
>> Here is the networks lashup:
>>
>> HP-laptop<rf>wap11<eth>[8-port-switch]<eth>firewall-
>> 1.92.168.71.1<iptables>firewall-191.168.1.1<router>[DSL-modem]
>>
>> Here is the current, I think identical to what WAS working partially
>> I think, dhcpd.conf on the firewall box:
>> subnet 192.168.71.0 netmask 255.255.255.0 {
>> # --- default gateway
>>         option routers                  192.168.1.1;
>
>The router should be in 192.168.71.0 network, not in 192.168.1.0
>network.
>
>>         option subnet-mask              255.255.255.0;
>>
>>         option nis-domain               "coyote.den";
>>         option domain-name              "coyote.den";
>>         option domain-name-servers      192.168.71.1;
>>
>>         option time-offset              -18000; # Eastern Standard
>
>Time
>
>> #       option ntp-servers              192.168.1.1;
>> #       option netbios-name-servers     192.168.1.1;
>> # --- Selects point-to-point node (default is hybrid). Don't change
>
>this
>
>> unless
>> # -- you understand Netbios very well
>> #       option netbios-node-type 2;
>>
>>         range dynamic-bootp 192.168.71.101 192.168.71.105;
>>         range 192.168.71.101 192.168.71.105;
>>         default-lease-time 21600;
>>         max-lease-time 43200;
>>
>>         # we want the nameserver to appear at a fixed address
>>         host ns {
>>                 next-server 192.168.71.1; #gene.coyote.den;
>>                 hardware ethernet 00:09:5B:07:7E:7D;
>>                 fixed-address 192.168.71.1;
>>         }
>> }
>>
>> # I've NDI why I even need this section, nothing comes from there
>> that # needs to have access to dhcpd services.
>> subnet 192.168.1.0      netmask 255.255.255.0 {
>>         option routers                  192.168.1.1;
>>         option subnet-mask              255.255.255.0;
>>         option nis-domain               "coyote.den";
>>         option domain-name              "coyote.den";
>>         option domain-name-servers      192.168.71.1;
>>         host ns {
>>                 next-server 192.168.1.1;
>>                 hardware ethernet       00:40:33:57:28:51;
>>                 fixed-address           192.168.1.100;
>>                 }
>> }
>> -----------------------------
>> There is more than just the routers wrong in the above file, as I
>> did try it at 71.1, and that broke it even when converted back to
>> 1.1.
>>
>> Here is the currently working ifcfg-wlan0 from diablo[HP laptop]
>>
>> [root at diablo network-scripts]# cat ifcfg-wlan0
>> DEVICE=wlan0
>> ONBOOT=yes
>> BOOTPROTO=none
BOOTPROTO=dhcp
>> TYPE=Wireless
>> MODE=Managed
>> ESSID=ICECAP4NIGHTCAP
>> CHANNEL=6

IPADDR=192.168.71.6<--wrong, needed to be wap11's IP of 192.168.71.102
The wap11 is the other end of the radio link, connecting to the switch 
and the rest of the local ethernet network.

>> DOMAIN=coyote.den
>> NETMASK=255.255.255.0
>> GATEWAY=192.168.71.1
>> USERCTL=no
USRCTL=yes
>> PEERDNS=no
PEERDNS=yes
>> IPV6INIT=no
>> RATE=Auto
>> DHCP_HOSTNAME=diablo.coyote.den
>> HWADDR=00:14:A5:75:32:C9
>> ----------------------------
>> Now, if I change to BOOTPROTO=dhcp
>> and comment out the gateway & local addresses, then restart the

And it all works.

>network
>
>> on the lappy, there is no query for dhcp showing in the firewalls
>
>logs.
>
>It seems that you have a problem with DHCP client, not with DHCP
> server configuration because you do not see the DHCH requests in the
> server logs. The client just does not ask for its network settings.
> Try to comment out all parameters in ifcfg-wlan0 on the client,
> except for DEVICE, ONBOOT and BOOTPROTO.

Twasn't the dhcpd although I've moved it to a machine with only one nic 
in it, making the config a heck of a lot cleaner.

>> I'm obviously in over my head here as that was working this morning
>> before I took it to the tv station and tried and failed to connect
>> to their wifi network, for about 2 hours of the infinite monkeys
>> routine.
>>
>> The wap11 currently has an address, obtained before trying to figure
>
>out
>
>> howto dhcp connect to a new network.  XP on that same lappy even
>> remembered the key from the session before, so it Just Worked(TM)
>> when I tried it today.
>>
>> Is the above enough to see what it is I need to do?
>
>Alexey Fadyushin.
>Brainbench MVP for Linux.
>http://www.brainbench.com
>
>--
>fedora-legacy-list mailing list
>fedora-legacy-list at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-legacy-list

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.

More information about the fedora-legacy-list mailing list