Hi!
Take a look what I need to do...

I need to do a proxy server that will act like that... In a lan with aprox. 50 nodes...
When someone come with u notebook and plug this, no mather the OS, he must to be able to use the Internet without configurations cose hin is a ordinary User.
And the cool part now... Each one simple cannot see the others.

I think in add 50 virtual ips to the Server eth and configure 50 subnets in dhcp.



In my firsts tryes I get frustated with this:

I did some google search and found that noone knows what is talking about.

My last dhcpd.conf :
---
ddns-update-style ad-hoc;
shared-network 0 {
subnet 192.168.0.0 netmask 255.255.255.0 {
option broadcast-address 192.168.0.255;
}
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.5;
option broadcast-address 192.168.1.255;
}
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.2 192.168.2.5;
option broadcast-address 192.168.2.255;
}
---

ifconfig :
---
eth1 Encapsulamento do Link: Ethernet Endereço de HW 00:02:44:25:C0:EC
inet end.: 192.168.0.1 Bcast:192.168.0.255 Masc:255.255.255.0
endereço inet6: fe80::202:44ff:fe25:c0ec/64 Escopo:Link
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
RX packets:6718 errors:0 dropped:0 overruns:0 frame:0
TX packets:15975 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:1000
RX bytes:940656 (918.6 Kb) TX bytes:12740022 (12.1 Mb)
IRQ:10 Endereço de E/S:0x2000

eth1:1 Encapsulamento do Link: Ethernet Endereço de HW 00:02:44:25:C0:EC
inet end.: 192.168.1.1 Bcast:192.168.1.255 Masc:255.255.255.0
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:1000
RX bytes:0 (0.0 b ) TX bytes:0 (0.0 b )
IRQ:10 Endereço de E/S:0x2000

eth1:2 Encapsulamento do Link: Ethernet Endereço de HW 00:02:44:25:C0:EC
inet end.: 192.168.2.1 Bcast:192.168.2.255 Masc:255.255.255.0
UP BROADCASTRUNNING MULTICAST MTU:1500 Métrica:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
colisões:0 txqueuelen:1000
RX bytes:0 (0.0 b ) TX bytes:0 (0.0 b )
IRQ:10 Endereço de E/S:0x2000
---

service dhcpd start
[Failed]

syslog :
---
dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
dhcpd: Wrote 0 leases to leases file.
dhcpd: Interface eth1 matches multiple shared networks
dhcpd:
dhcpd: exiting.
dhcpd: dhcpd inmcio failed
---

Why?


Thanks in advance!

I suspect that dhcpd only can run for one device/subnet at a time.
So you might have to end up running a dhcpd instance for each of your "virtual" eth1:x handles.
And each of those dhcpcds would need it's own config.
Good luck.

Bareego

EDIT, on second thought, I think what you're trying to do might not be possible this way.
I think most places that need this kind of setup use a managed switch, so they can assign different settings for each port.

Cheers

Hi,

I'm working in networking and the solution I'd suggest if it was for a client, would effectively to use a manageable switch -- Cisco's catalyst, as an exemple, got this feature directly on the switch (it's called private vlan if you want to look for doc).

The ad is that doing it this way you won't overload your proxy with all these subnet declaration.

Of course a Catalyst costs about 2000$

Good luck

Agreed. Anyone know what the cheapest manageable switch is? (I'm looking for one as well)

First of all, thanks for the replys!

I found a way to do that by configure a dhcpd.conf like this example:

ddns-update-style none;
shared-network eth1 {
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.2 192.168.0.5;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option domain-name-servers 192.168.0.1, 200.211.7.9;
option routers 192.168.0.1;
}
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.2;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name-servers 192.168.1.1, 200.211.7.9;
option routers 192.168.1.1;
}
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.2 192.168.2.2;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.2.255;
option domain-name-servers 192.168.2.1, 200.211.7.9;
option routers 192.168.2.1;
}
}

Where I have a eth0 with no IP and a PPP conection in an ADSL and eth1 = 192.168.0.1 ; eth1:1 = 192.168.1.1 ; eth1:2 = 192.168.2.1.

If it will overload something I don't know. What I know is that config don't need to be so long. A Global declaration that route and dns is 192.168.0.1 is ok for the rest cose the server will respond with ARP requests or something. Works I know.

And only this
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.2 192.168.1.2; }
will be needed for each subnet.

Next test is trying this with abount 50 or 100 subnets and virtual IPs.
Will overload something? Really don't know. Again the only thing that I know is that Linux can do 255 virtual IPs on each psysical ethernet. A lot .

Somebody knows?