[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] dhcp/dial in help needed

On 10/7/05, Dawson, Alan <DawsonA [at] chesterfield.ac.uk> wrote:
> shef-lug-admin [at] list.sheflug.org.uk wrote:
>
> > I want to run a dhcp server to run on that interface but it
> > keeps trying to listen on eth0. I need to be able to keep the two
> > networks seperate.
> >
>
> In Debian based distros you can specify which interface dhcpd listens on in
>
> /etc/defaults/dhcp
>
>
> Otherwise, you could listen on all interfaces but have an empty configuration stanza in your dhcpd.conf for the networks and interfaces you _dont_ want to supply addresses to.
>
> I think this is documented in the example dhcpd.conf that comes most distros's
>
> something like
> if you have
>
> eth0 = 192.168.9.1/255.255.255.0
> ppp0 = 192.168.10.1/255.255.255.0
>
> subnet 192.168.9.0 netmask 255.255.255.0 {
> # empty configuration section so that DHCPD understands the network
> # but issues no addresses on eth0
> }
>
> subnet 192.168.10.0 netmask 255.255.255.0 {
> #configuration to bind to ppp0 interface
>   range 192.168.10.10 192.168.10.20;
>   option broadcast-address 192.168.10.255;
>   option routers 192.168.10.1;
> }
>
>
>
>
> > has anyone tried this before?
> >
>
> no i've not ;-)
>
>
> Alan Dawson
> --
> "If you make decisions about software -- or anything -- based solely on
> short-term cost and benefit, someone with a longer view can easily
> manoeuver you into a trap from which it is hard to escape."
> ___________________________________________________________________
>
> Sheffield Linux User's Group -
> http://www.sheflug.co.uk/mailfaq.html
>
>   GNU the choice of a complete generation.
>

Call me lazy, but for a single modem, I woulddn'y bother with DHCP. I
used to setup these kind of solutions, and because PPP is
point-to-point, we used to assign a "/30" address in on of the PPP
configs (/etc/ppp/options.ttyX if i remember correctly). You just
enter something like:

192.168.1.10:192.168.1.11

Your machine that dials in get's the second IP (I think). I do not
think this get's entered into the routing table, so you entere IP
address that fall under currently existing networks, they might be
able to see eachother.
You also need to enter:

ms-dns DNS_SERVER_IP

I've never tried to keep apart two networks when people dialed in, but
if you are using IP forwarding, then you can use a FORWARD statement
in iptables to block them out.

I hope I havent been talking utter non-sense!

Cheers
Andre
___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.