LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-30-2014, 02:29 PM   #1
rootaccess
Member
 
Registered: Mar 2012
Posts: 311

Rep: Reputation: Disabled
vlan tagging dhcpd.conf for second subnet in centos


Hi all. I've got a multihomed firewall/dhcp/dns centos server that is called my portal. It sits on 192.168.1.254. I basically have the modem coming in on eth0 and eth1 going into my LAN using my dlink router as a switch (i turned off dhcp there). I set up the nat so my machines defined for my eth1 LAN is 192.168.1.0/24 and run fine.

The objective now is to set up a second subnet for 192.168.2.0/24.
I tried adding an alias to eth1 on my portal box, called eth1.1 and I defined a second subnet in dhcpd.conf but when I add this interface in dhcpd.conf as
interface eth1.1;

It throws an error so my subnet will not get defined. Would like to know what I am doing wrong or if there is another way. Thanks!
 
Old 01-30-2014, 04:08 PM   #2
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
aliases have to be in the same subnet as the main interface. Your 192.168.1.0/24 restricts the main subnet to 192.168.1.0 - 192.168.1.255. NO 192.168.2.x allowed in that range. You could change the subnet mask on the original by using a /22 which would then allow for 192.168.0.0 - 192.168.3.255. Your alias could then be 192.168.2.x or even 192.168.3.x.
 
Old 01-30-2014, 04:34 PM   #3
rootaccess
Member
 
Registered: Mar 2012
Posts: 311

Original Poster
Rep: Reputation: Disabled
The objective here is to create two subnets so that I can do the RHCE objective to create a static route from 192.168.2.0 to 192.168.1.0 (or from a host in 2.0 to a host in 1.0)

And from my understanding, I dont need to create any aliases if I just wanted to extend my subnet range. I know I can have a range of 192.168.1.1 - 192.168.3.254 but that isn't the goal here. The goal is that by default the 192.168.2.0 network cannot speak to the 192.168.1.0 network.

Edit: I do know the command to create the static route but brain dumping to pass the exam is not by objective. I've been working on redhat since May 2012 studying as much as I can. I can complete all the objectives for the RHCSA and even the RHCE without a problem but I like to go beyond what I need just to pass the exam. For example, at first, I was a bit eager and I failed the first time I took the RHCSA because I didn't study anything about authenticating LDAP users. Then I went ballistic on LDAP. I now know how to deploy an LDAP server all by hand, convert an older slapd.conf deployment to the current olc config style, add schema to the config backend to automount sole LDAP users over NFS, forget about a simple system-config-authentication just on the client side, that is also done by hand as well.

Last edited by rootaccess; 01-30-2014 at 04:56 PM.
 
Old 01-31-2014, 02:25 PM   #4
MensaWater
LQ Guru
 
Registered: May 2005
Location: Atlanta Georgia USA
Distribution: Redhat (RHEL), CentOS, Fedora, CoreOS, Debian, FreeBSD, HP-UX, Solaris, SCO
Posts: 7,831
Blog Entries: 15

Rep: Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669Reputation: 1669
Even if you extend the subnet range you'd have to assign IPs to the specific interface or alias. That is to say just because the whole subnet is visible doesn't mean you can connect on the whole subnet range of IPs just because you put that netmask on a single IP.

I think the objective you're speaking of assumes you have two different physical interfaces. What you could do is setup your single interface for the whole subnet then setup TWO separate alias IPs for the specific sub-subnets of that one and experiment with your routing. I'll admit that although I've done a fair amount of routing on RHEL I've not yet tried to do routing on aliases.
 
Old 01-31-2014, 08:53 PM   #5
rootaccess
Member
 
Registered: Mar 2012
Posts: 311

Original Poster
Rep: Reputation: Disabled
I'm a bit confused when you say in your first sentence that I still need to assign IPs to the specific interface or alias. I did alter my entire dhcp/dns settings to reflect that of a /22 network with a subnet mask of 255.255.254.0. In dhcpd.conf my range looks as so:

10.100.0.0 - 10.100.1.250

So this has added an addition 254 hosts. Basic stuff, however, all hosts can speak to each other as expected. I'm not sure how to create an alias and have it assigned to a specific subnet. My experience with aliasing is that I can create an alias to either an IP on an interface or I can create an alias on an actual interface like eth1.1. This alias would then be a different network. But since I already am using up the 10.100.1.0/22 within my entire subnet, how could I sub-divide this and have dhcpd assign IPs? The problem is in dhcpd.conf, you cannot assign aliases to anything. It throws an error.

Aliasing, routing, this stuff is new to me.
 
Old 02-01-2014, 05:48 AM   #6
rootaccess
Member
 
Registered: Mar 2012
Posts: 311

Original Poster
Rep: Reputation: Disabled
I ended up buying a usb to ethernet NIC and set it up as eth2 for the second subnet being 192.168.2.0/24. I set up dhcp, a new DNS server being 192.168.2.1 and a new zone example.com. My host gets an address, but cannot get out to the internet. Both routing tables from hosts on the 10.100.0.0/23 network and the host 192.168.2.2 (a laptop) have the same exact routing tables. They both have their own gateway defined. A host 10.100.0.2 has 10.100.0.1 as the router/dns and the host on the other network 192.168.2.2 has the gateway of 192.168.2.1 and thus that is the DNS server, too. They can't ping each other because there are no routes, but the 192.168.2.2 host can ping the portal box by the FQDN or the ip of 10.100.0.1. It's strange that it cannot go out to the net. Any ideas? I really looked at everything. Should there be another route somewhere just to get the 192.168.2.0/24 network out to the internet? I just dont think there should be one, otherwise the 10.100.0.0/23 network wouldn't be able to get out either.

I solved this internet issue. It was a simple edit in iptables, forgot to masquerade my eth2 out.

Last edited by rootaccess; 02-01-2014 at 04:09 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Delete leases from dhcpd.leases when remove a subnet from dhcpd.conf phongnh Linux - Server 2 10-12-2010 04:49 AM
DHCPD: Serve a subnet on a different VLAN. huntkey Linux - Server 4 06-11-2010 02:16 AM
dhcpd.conf multiple subnet / single physical network configuration kovert Linux - Server 0 09-02-2006 01:14 AM
dhcpd subnet declaration problems in dhcpd.conf vcrispo Linux - Networking 6 07-15-2005 10:32 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration