LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 11-24-2009, 10:08 AM   #1
djekovic.dejan
LQ Newbie
 
Registered: Nov 2009
Posts: 4

Rep: Reputation: 0
internet access for dhcp clients


hello everyone,

I've been trying to solve this problem for some time. but there were no any results.

I have configured dhcp server on centos 5.3 . my windows clients get IP address, but they do not have an internet access.

on my server, eth0 is dhcp server interface, eth1 is internet access. i have internet on server, but not in my LAN.

here is my dhcpd.conf :

default-lease-time 86400;
max-lease-time 86400;
ddns-update-style interim;
ignore client-updates;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.100;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.1 192.168.1.254;
group {
option routers 192.168.1.100;
option subnet-mask 255.255.255.0;

option time-offset -18000; # Eastern Standard Time

host admin {
option host-name "admin";
hardware ethernet 00:03:0D:6F:4A:9E;
fixed-address 192.168.1.100;
}

}
}


as you can see, default gateway is IP address of eth0, which is LAN interface on my dhcp server.

host admin is actually dhcp server, with static IP address.

what should I do?

there must be a way to enable internet access to my windows clients. how?

Last edited by djekovic.dejan; 11-24-2009 at 10:13 AM.
 
Old 11-24-2009, 10:32 AM   #2
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by djekovic.dejan View Post
hello everyone,

I've been trying to solve this problem for some time. but there were no any results.

I have configured dhcp server on centos 5.3 . my windows clients get IP address, but they do not have an internet access.

on my server, eth0 is dhcp server interface, eth1 is internet access. i have internet on server, but not in my LAN.

here is my dhcpd.conf :

default-lease-time 86400;
max-lease-time 86400;
ddns-update-style interim;
ignore client-updates;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.100;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.1 192.168.1.254;
group {
option routers 192.168.1.100;
option subnet-mask 255.255.255.0;

option time-offset -18000; # Eastern Standard Time

host admin {
option host-name "admin";
hardware ethernet 00:03:0D:6F:4A:9E;
fixed-address 192.168.1.100;
}

}
}


as you can see, default gateway is IP address of eth0, which is LAN interface on my dhcp server.

host admin is actually dhcp server, with static IP address.

what should I do?

there must be a way to enable internet access to my windows clients. how?
no internet possibly because of the absense of

Code:
option domain-name-servers x.x.x.x, x.x.x.x
 
Old 11-24-2009, 10:36 AM   #3
djekovic.dejan
LQ Newbie
 
Registered: Nov 2009
Posts: 4

Original Poster
Rep: Reputation: 0
I added that option few minutes ago, but the problem still exists !
 
Old 11-24-2009, 10:46 AM   #4
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by djekovic.dejan View Post
I added that option few minutes ago, but the problem still exists !
and reloaded dhcpd server??

can you give some of the full ifconfigs from the clients? and the routing table

oh - and also can you try pinging something on the internet, say google, 74.125.45.100
and then try pinging the gateway, just so we can establish if it is a dns thing or a routing thing or neither

forgot to add, also give the configs on any client from

Code:
 /var/lib/dhclient/dhclient.leases

or

Code:
/var/lib/dhclient/dhclient-eth0.leases

Last edited by centosboy; 11-24-2009 at 10:53 AM.
 
Old 11-25-2009, 05:43 AM   #5
okcomputer44
Member
 
Registered: Jun 2008
Location: /home/laz
Distribution: CentOS/Debian
Posts: 241

Rep: Reputation: 51
Yeah,

you must reload or restart dhcpd daemon.
And restart the client computers too or issue under cmd line ipconfig/release then ipconfig/renew.

After that you can have a look the ipconfig/all results.

You must have an appropriate IP address from the dhcp server lets say 192.168.1.1 or 192.168.1.xx any higher number ==>>

as well as:
dns server 192.168.1.100
default gateway 192.168.1.100
dhcp server 192.168.1.100

with out any of them it wont work.

Check your IP tables configuration and the ip_forward things too.

You need to have ip_forward between the cards to get forwarded the packets. That one might cause your problem.

Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
If you don't have IPTABLES firewall script you can download this one: http://www.linuxquestions.org/questi...script-719523/

Laz
 
Old 11-25-2009, 05:49 AM   #6
djekovic.dejan
LQ Newbie
 
Registered: Nov 2009
Posts: 4

Original Poster
Rep: Reputation: 0
ok, here's the situation :

I am creating a "test net" in my company, as a network administrator. company uses class A address pool , with next parameters :

domain-name-servers 10.101.100.102
dhcp-server-identifier 10.101.100.100

i use address pool 192.168.x.x .

IP address of eth 1 (my access to company network) is 10.101.2.226 , and its default gateway is 10.101.2.1.

IP address of eth 0 (static IP of my dhcp server) is 192.168.1.100 .

IP addresses of my clients are inside a pool 192.168.1.200 - 192.168.1.154

here's ifconfig of my server :

[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1C:F0:BB:0E:FB
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21c:f0ff:febb:efb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:71 errors:0 dropped:0 overruns:0 frame:0
TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:11716 (11.4 KiB) TX bytes:16243 (15.8 KiB)
Interrupt:50 Base address:0x2000

eth1 Link encap:Ethernet HWaddr 00:30:05:A8:65:51
inet addr:10.101.2.226 Bcast:10.101.2.255 Mask:255.255.255.0
inet6 addr: fe80::230:5ff:fea8:6551/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:892 errors:0 dropped:0 overruns:0 frame:0
TX packets:430 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:210627 (205.6 KiB) TX bytes:166710 (162.8 KiB)
Interrupt:169

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1501 errors:0 dropped:0 overruns:0 frame:0
TX packets:1501 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2425236 (2.3 MiB) TX bytes:2425236 (2.3 MiB)


dhclient eth 0 :

lease {
interface "eth0";
fixed-address 10.101.2.232;
option subnet-mask 255.255.255.0;
option routers 10.101.2.1;
option dhcp-lease-time 600;
option dhcp-message-type 5;
option domain-name-servers 10.101.100.102;
option dhcp-server-identifier 10.101.100.100;
option domain-name "mod-montenegro.info";
renew 2 2009/11/24 14:03:18;
rebind 2 2009/11/24 14:07:21;
expire 2 2009/11/24 14:08:36;
}


dhclient eth 1 lease :

lease {
interface "eth1";
fixed-address 10.101.2.226;
option subnet-mask 255.255.255.0;
option routers 10.101.2.1;
option dhcp-lease-time 600;
option dhcp-message-type 5;
option domain-name-servers 10.101.100.102;
option dhcp-server-identifier 10.101.100.100;
option domain-name "mod-montenegro.info";
renew 3 2009/11/25 10:35:58;
rebind 3 2009/11/25 10:39:51;
expire 3 2009/11/25 10:41:06;
}


also, I can ping 192.168.1.100 , and 10.101.2.226 , but I can't ping any public IP.
 
Old 11-25-2009, 10:31 AM   #7
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by djekovic.dejan View Post
ok, here's the situation :

I am creating a "test net" in my company, as a network administrator. company uses class A address pool , with next parameters :

domain-name-servers 10.101.100.102
dhcp-server-identifier 10.101.100.100

i use address pool 192.168.x.x .

IP address of eth 1 (my access to company network) is 10.101.2.226 , and its default gateway is 10.101.2.1.

IP address of eth 0 (static IP of my dhcp server) is 192.168.1.100 .

IP addresses of my clients are inside a pool 192.168.1.200 - 192.168.1.154

here's ifconfig of my server :

[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:1C:F0:BB:0E:FB
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::21c:f0ff:febb:efb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:71 errors:0 dropped:0 overruns:0 frame:0
TX packets:106 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:11716 (11.4 KiB) TX bytes:16243 (15.8 KiB)
Interrupt:50 Base address:0x2000

eth1 Link encap:Ethernet HWaddr 00:30:05:A8:65:51
inet addr:10.101.2.226 Bcast:10.101.2.255 Mask:255.255.255.0
inet6 addr: fe80::230:5ff:fea8:6551/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:892 errors:0 dropped:0 overruns:0 frame:0
TX packets:430 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:210627 (205.6 KiB) TX bytes:166710 (162.8 KiB)
Interrupt:169

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1501 errors:0 dropped:0 overruns:0 frame:0
TX packets:1501 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2425236 (2.3 MiB) TX bytes:2425236 (2.3 MiB)


dhclient eth 0 :

lease {
interface "eth0";
fixed-address 10.101.2.232;
option subnet-mask 255.255.255.0;
option routers 10.101.2.1;
option dhcp-lease-time 600;
option dhcp-message-type 5;
option domain-name-servers 10.101.100.102;
option dhcp-server-identifier 10.101.100.100;
option domain-name "mod-montenegro.info";
renew 2 2009/11/24 14:03:18;
rebind 2 2009/11/24 14:07:21;
expire 2 2009/11/24 14:08:36;
}


dhclient eth 1 lease :

lease {
interface "eth1";
fixed-address 10.101.2.226;
option subnet-mask 255.255.255.0;
option routers 10.101.2.1;
option dhcp-lease-time 600;
option dhcp-message-type 5;
option domain-name-servers 10.101.100.102;
option dhcp-server-identifier 10.101.100.100;
option domain-name "mod-montenegro.info";
renew 3 2009/11/25 10:35:58;
rebind 3 2009/11/25 10:39:51;
expire 3 2009/11/25 10:41:06;
}


also, I can ping 192.168.1.100 , and 10.101.2.226 , but I can't ping any public IP.

mr okcomputer44 mentioned that you needed routing set up...did you confirm you have that set up??
 
Old 11-26-2009, 05:27 AM   #8
djekovic.dejan
LQ Newbie
 
Registered: Nov 2009
Posts: 4

Original Poster
Rep: Reputation: 0
I have turned on ip forwarding :

[root@localhost ~]# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

[root@localhost ~]# iptables --flush

[root@localhost ~]# iptables --table nat --flush

[root@localhost ~]# iptables --delete-chain

[root@localhost ~]# iptables --table nat --delete-chain

[root@localhost ~]# iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE

[root@localhost ~]# iptables --append FORWARD --in-interface eth0 -j ACCEPT

[root@localhost ~]# route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.100 dev eth0

the problem still exists.
 
Old 11-26-2009, 09:42 AM   #9
centosboy
Senior Member
 
Registered: May 2009
Location: london
Distribution: centos5
Posts: 1,137

Rep: Reputation: 116Reputation: 116
Quote:
Originally Posted by djekovic.dejan View Post
I have turned on ip forwarding :

[root@localhost ~]# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

[root@localhost ~]# iptables --flush

[root@localhost ~]# iptables --table nat --flush

[root@localhost ~]# iptables --delete-chain

[root@localhost ~]# iptables --table nat --delete-chain

[root@localhost ~]# iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE

[root@localhost ~]# iptables --append FORWARD --in-interface eth0 -j ACCEPT

[root@localhost ~]# route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.100 dev eth0

the problem still exists.
if you flush the iptables rules, it wouldnt work anyway as no masquerading or nat translation can happen.
so, can you turn the iptables rules back on, but also add a rule to log anything that isnt allowed and tail these logs whilst trying to get wan access.

can you paste the sections of the log here
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Iptables: LAN clients cannot access internet Sum1 Linux - Security 28 09-21-2009 12:42 AM
how to access internet on linux clients By our Squid Proxy server farrukhndm Linux - Server 2 03-07-2009 07:22 AM
How to network USB modem and clients behind external router for internet access? husten Linux - Networking 4 10-26-2008 08:07 AM
Clients can't access internet through server Lenard Spencer Linux - Networking 1 09-02-2006 04:57 PM
windows clients have access to the internet, linux ones don't esanchez Linux - Networking 1 04-28-2004 08:21 PM


All times are GMT -5. The time now is 06:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration