multiple subnets Suse 9

lomfs24 · 06-14-2004, 11:33 PM

Brief description first. I have a Suse 9 box connected to the internet, second NIC that shares that internet connection to the rest of my internal network. Firewall between. Then second NIC goes to a switch and wireless AP. All IP's and security come from my Suse box not the wireless AP. I have hosts set up in the dchp.conf file so that only certain MAC addresses can get on my network. However, any MAC can attach to my AP even though they cannot get an IP from the DHCP server.

NOW!!! I want to open a new subnet that will allow anyone who connects to my AP or wired network to pull an IP address. However, I want any new MAC's that attach to my network to pull an IP address on a different subnet, different gateway, router etc...

Is this possible to do with the dhcp server that already has hosts in place and will not dish out IP's to just anyone? And can this be done without putting up a second wireless AP?

In other words, if a MAC is in the hosts list it get's this IP x.x.x.x if it is not in the host list it get's this IP x.x.y.y

Long, story short... I want to do this for two reasons. I want to have a little fun with the local wardrivers.... and I want to collect a list of known MAC addresses for known local wardrivers.

DavidPhillips · 06-15-2004, 04:43 PM

If you configure the interface, and your dhcpd.conf file has the settings in it you want for that interface you should be able to have dhcp give out the ip addresses you specify which are on the network.

The ip address you specify in the dhcp servers config file itself determines the network and therefore the interface.

If the host is specified the address specified will be assigned. If not the ip will be assigned from the range of ip addresses.

This is the basic functionality, so maybe I'm not understanding the question.

Here is an example subnet definition..

Code:

subnet 192.168.0.0 netmask 255.255.255.0 {
        option routers                  192.168.0.1;
        option subnet-mask              255.255.255.0;
        option nis-domain               "dcphillips.net";
        option domain-name              "dcphillips.net";
        option domain-name-servers      192.168.0.1, 68.63.0.5, 68.63.0.6;
        option time-offset              0;
        option ntp-servers              time.nist.gov;
        option netbios-name-servers     192.168.0.1;
        option netbios-node-type 2;
        option smtp-server              192.168.0.1;
 
        range dynamic-bootp 192.168.0.101 192.168.0.200;
        default-lease-time 21600;
        max-lease-time 43200;
 
 
host firedragon {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.0.2;
option host-name "firedragon";
}
 
host slacker {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 192.168.0.3;
option host-name "slacker";
}

}

each subnet would have it's own definition.

Hosts that are not specified would get one assigned from this range..
range dynamic-bootp 192.168.0.101 192.168.0.200;

If you want more than one subnet on an interface setup a virtual interface with a name like this..

eth0:1

You would configure it as any other interface but it would be on a different subnet. It requires the eth0 interface to be up in order for it to be configured.

Code:

Network address
(24 bits)	Subnet number       (1 bit)	Extended network	Host address range
11000000 10101000 00000001	0	192.168.1.0	192.168.1.1 - 192.168.1.127
11000000 10101000 00000001	1	192.168.1.128	192.168.1.129 - 192.168.1.255

Code:

zeus:~ # ifconfig eth0 192.168.1.1 netmask 255.255.255.128 broadcast 192.168.1.127
zeus:~ # ifconfig eth0:1 192.168.1.129 netmask 255.255.255.128 broadcast 192.168.1.255
zeus:~ # ifconfig eth0
          eth0      Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx
          inet addr:192.168.1.1  Bcast:192.168.1.127  Mask:255.255.255.128
          UP BROADCAST NOTRAILERS MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1219 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:717138 (700.3 Kb)
          Interrupt:11 Base address:0xf000
 
zeus:~ # ifconfig eth0:1
          eth0:1    Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx
          inet addr:192.168.1.129  Bcast:192.168.1.255  Mask:255.255.255.128
          UP BROADCAST NOTRAILERS MULTICAST  MTU:1500  Metric:1
          Interrupt:11 Base address:0xf000

I'm not sure how it would work, but try the eth0 subnet for the specified hosts and eth0:1 for the range of ip addresses and see if it works. I have not tried this with a dhcp server.

Code:

zeus:~ # ping -c3 -b 192.168.1.127
WARNING: pinging broadcast address
PING 192.168.1.127 (192.168.1.127) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.092 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.077 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.079 ms
 
--- 192.168.1.127 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.077/0.082/0.092/0.012 ms


zeus:~ # ping -c3 -b 192.168.1.255 WARNING: pinging broadcast address
PING 192.168.1.255 (192.168.1.255) 56(84) bytes of data.
64 bytes from 192.168.1.129: icmp_seq=1 ttl=64 time=0.103 ms
64 bytes from 192.168.1.129: icmp_seq=2 ttl=64 time=0.078 ms
64 bytes from 192.168.1.129: icmp_seq=3 ttl=64 time=0.076 ms
 
--- 192.168.1.255 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.076/0.085/0.103/0.016 ms

Code:

zeus:~ # route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
67.209.0.85     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     0.0.0.0         255.255.255.128 U     0      0        0 eth0
192.168.1.128   0.0.0.0         255.255.255.128 U     0      0        0 eth0
0.0.0.0         67.209.0.85     0.0.0.0         UG    0      0        0 ppp0

The dhcp servers subnet can be seen in the routing table, in this case it's like this..

eth0
subnet 192.168.1.0 netmask 255.255.255.128

eth0:1
subnet 192.168.1.128 netmask 255.255.255.128

In SUSE you copy the file /etc/sysconfig/network/ifcfg-eth0 to /etc/sysconfig/network/ifcfg-eth0:1

edit the new file and change eth0 to eth0:1 if it's named in the file. Also change the ip address.