LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-09-2005, 01:20 PM   #1
slacky
Member
 
Registered: Feb 2004
Location: USA
Distribution: Debian
Posts: 174

Rep: Reputation: 16
DHCP Server on Bridge


Today I needed to replicate a Cisco PIX firewall setup with a PC running Linux (Debian, Kernel 2.6). Pretty much the same setup as your standard NAT/Router/firewall box, except I added a caching BIND9 dns server too. I have three network ports - eth0, eth1, eth2 - I figured I'd make eth0 the external real ip address and bridge eth1 and eth2 and the br0 bridge interface would be 192.168.1.1. I tested this out and with a Knoppix 3.7 client - wouldn't get an ip address via DHCP, but the DHCP server logged the following to syslog:
Code:
Mar  9 10:07:13 server dhcpd: DHCPDISCOVER from 00:04:75:78:63:30 via br0
Mar  9 10:07:14 server dhcpd: DHCPOFFER on 192.168.1.10 to 00:04:75:78:63:30 via br0
the Mac address is correct for the Knoppix client.

I used the dhcp3 server package from Debian, there is a /etc/default/dhcp3 file used by its init.d script to tell it what interfaces to server on (br0).

Anyway, so I got rid of the bridging and assigned 192.168.1.1 directly to eth1 and it works great as a NAT router/firewall, so I needed to have it working right away and set it up like that. Anyone have any ideas why it wouldn't work with the bridge - I plan on playing with this again in the future (& adding a squid transproxy...)

Thanks,
Slacky


Here is my /etc/dhcpd.conf:
Code:
# (add your comments here)
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.1;
option domain-name "mydomain.org";

subnet 192.168.1.0 netmask 255.255.255.0 {
   range 192.168.1.10 192.168.1.100;
}
 
Old 03-10-2005, 09:44 AM   #2
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
So with the bridge set up, you can type this and it shows the bridge, not one of the NICs?
Code:
root@server:~# ps -ef | grep dhcpd
root       504     1  0 Feb24 ?        00:00:00 /usr/sbin/dhcpd br0
root 32246 33456  0 07:42 pts/0    00:00:00 grep dhcpd
 
Old 03-11-2005, 06:50 AM   #3
slacky
Member
 
Registered: Feb 2004
Location: USA
Distribution: Debian
Posts: 174

Original Poster
Rep: Reputation: 16
Code:
root      2184  0.0  0.1  2552 1420 ?        Ss   Mar09   0:00 /usr/sbin/dhcpd3 -q br0
Yes, and the man page says -q is to suppress printing out a copyright message on start, doesn't affect functionality.

Also, I forgot to mention in my original post - the bridging configuration worked fine when I hardcoded the network settings instead of using DHCP on the client.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
quick question. dhcp server + bridge emetib Linux - Networking 2 06-02-2005 07:56 PM
DHCP over bridge thinkninja Linux - Networking 1 03-02-2005 01:01 PM
Bridge and debian and DHCP catmaster Linux - Networking 2 06-11-2004 01:08 PM
bridge and DHCP peekaa Linux - Networking 1 05-24-2004 10:17 PM
Passing DHCP over a transparent bridge wildefire Linux - Networking 2 11-24-2003 09:17 PM


All times are GMT -5. The time now is 08:44 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration