DHCPD and IP Ranges -- Wireless vs. Wired
 

Good morning LQ!

I have just set up a small DHCP server on my local area network, and I was attempting to give different IP addresses out depending on the type of connection -- wired clients would get IPs from one pool, wireless from another. Not being able to find either the answer or the right search terms to find suggestions, I turn to you.

Since wireless traffic must pass through the wireless router on my network, is there a way for me to map any traffic passing through device X (known mac address) into a different pool than devices hardwired to my switch? I'd rather not filter every potential wireless card manufacturer's mac address prefix, as many of the manufacturers also make wired cards.

The reason behind this is that I will be using iptables to filter a lot of traffic from wireless devices who have received DHCP addresses, where as my known hosts sit safely on a different range.

-- Christopher

If I am understanding this correctly, the server is hardwired to a consumer-type router/AP, which is allowing both wired and wireless devices to connect to the network?

So then, all DHCP requests would be received on a single Ethernet interface on the server?

Currently the wireless AP connects to a switch, into which the server is plugged. In other words, yes, all requests will be coming through the same interface.

Well, I am no expert on DHCPD, but from my understanding that is going to be a problem. If you had requests coming from two interfaces you could give them separate scopes; but with everything coming from one interface it seems like you would have to fall back on MAC filters which are certainly not ideal, as you said.

Would it be possible in your current setup to physically connect the AP to a second network card in the server?

Unfortunately by the constraints of the server I cannot fit any more network cards into the box, and this isn't so crucial as to necessitate another NIC being installed. I didn't know if I could shape traffic, for lack of a better phrase, based on the router through which it first entered.

I admit I haven't taken a look at deep packet inspection to see how the routers add information to the packets, if at all.

You could get a USB ethernet adaptor and attach the WAP directly to that.

Thanks, but the current network configuration is that it would be easier to leave the AP plugged into the switch. If it can't be done I'll just have to go the manufacturer route.