LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-18-2011, 09:40 AM   #1
shams
Member
 
Registered: Jan 2004
Posts: 454

Rep: Reputation: 30
Arrow Windows XP network can't acquire DHCP address from debian squeeze?


Hi,
I setup the dnsmasq in debian squeeze as dhcp and dns server, for the debian host i assigned the static ip addresses, and configured the xp for dhcp.
Windows XP network can't acquire DHCP address from debian squeeze with this error:
Quote:
error unable to contact your dhcp server Request has timed out.
this is the tcpdump output in debian for the xp network:
Quote:
15:12:10.631635 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:07:e9:a8:ea:93 (oui Unknown), length 300
15:13:16.611793 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:07:e9:a8:ea:93 (oui Unknown), length 300
15:13:16.611793 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:07:e9:a8:ea:93 (oui Unknown), length 300
15:12:42.631730 ARP, Request who-has 169.254.202.161 tell 169.254.202.161, length 4615:12:44.613568 ARP, Request who-has 169.254.202.161 tell 169.254.202.161, length 46
15:13:06.190376 IP 169.254.202.161.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
15:13:06.940327 IP 169.254.202.161.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
15:13:07.690364 IP 169.254.202.161.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
15:13:08.440244 IP 169.254.202.161.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
15:13:09.190132 IP 169.254.202.161.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
15:13:09.940145 IP 169.254.202.161.netbios-ns > 169.254.255.255.netbios-ns: NBT UDP PACKET(137): REGISTRATION; REQUEST; BROADCAST
15:13:10.690284 IP 169.254.202.161.netbios-dgm > 169.254.255.255.netbios-dgm: NBT UDP PACKET(138)
15:13:10.690760 IP 169.254.202.161.netbios-dgm > 169.254.255.255.netbios-dgm: NBT UDP PACKET(138)
15:13:13.424496 IP 169.254.202.161.netbios-dgm > 169.254.255.255.netbios-dgm: NBT UDP PACKET(138)
15:13:16.611793 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:07:e9:a8:ea:93 (oui Unknown),
length 300
15:13:16.611793 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:07:e9:a8:ea:93 (oui Unknown), length 300
15:13:16.611793 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:07:e9:a8:ea:93 (oui Unknown), length 300

Last edited by shams; 04-18-2011 at 09:58 AM.
 
Old 04-18-2011, 11:29 AM   #2
beanhead
LQ Newbie
 
Registered: Aug 2010
Location: MN USA
Distribution: fedora
Posts: 9
Blog Entries: 1

Rep: Reputation: 0
As this is a forum and walking you through the install process is long I suggest you look at the Debian sarge tutorial for DHCP and ask any questions you have then.
I will help you get it running.

Click here for the guide

Last edited by beanhead; 04-18-2011 at 11:31 AM. Reason: add link
 
Old 04-19-2011, 12:36 AM   #3
beanhead
LQ Newbie
 
Registered: Aug 2010
Location: MN USA
Distribution: fedora
Posts: 9
Blog Entries: 1

Rep: Reputation: 0
The 254.169 address in your out put is APIPA Automatic Private IP Addressing. What computer has this mac -> Request from 00:07:e9:a8:ea:93 The command ifconfig -a will show the mac on Linux.
IF you have added the Linux DHCP server to your network that has a router then you should rest your router and turn DHCP off in your router if you are using one.
What does your network consist of ? Router ? Switch ?
On your XP clients run ipconfig /flushdns
Then ipconfig /Registerdns
On your windows clients you can check if your getting your address using ipconfig /release and ipconfig /renew.
Let me know how your doing.
 
Old 04-19-2011, 09:01 AM   #4
manyrootsofallevil
Member
 
Registered: Dec 2010
Distribution: Red Hat, Kubuntu
Posts: 130

Rep: Reputation: 14
Since you don't mention whether you have established network connectivity between server and client, I would check the firewall on the windows box and then on the server.
 
Old 04-19-2011, 01:40 PM   #5
devwatchdog
Member
 
Registered: Jan 2010
Posts: 202

Rep: Reputation: 47
Can you set a static IP on the Windows system w/ the requisite default route and DNS server and see if that works?

That, and do you have anything else that connects via DHCP?

I imagine that tcpdump capture was taken from the DHCP server, which, of course, would indicate the request is getting there. Determining if your DHCP server is functional is paramount.

Last edited by devwatchdog; 04-19-2011 at 01:42 PM.
 
Old 04-20-2011, 01:26 AM   #6
shams
Member
 
Registered: Jan 2004
Posts: 454

Original Poster
Rep: Reputation: 30
Thanks for the replies, the 00:07:e9:a8:ea:93 is the xp pc adapter MAC address, the two pc's network adapters are directly connected with each other with a network cable and i didn't use any router or switch, this is the dnsmasq.conf for the dnsmasq to work as dhcp server:
Quote:
dhcp-range=192.168.1.50,192.168.1.150,12h
dhcp-option=option:router,192.168.1.1
dhcp-option=option:dns-server,192.168.1.1
dhcp-option=option:domain-name,example.net
dhcp-option=option:domain-search,example.net
The 192.168.1.1 is the debian static ip address.
i did the ipconfig/fulshdns, then registerdns then realse and renew but the result was same above errors the xp show the message of " limited or no connectivity" and the ipconfig result is:
Quote:
Autoconfiguration IP Address: 169.254.202.16
Subnet Mask: 255.255.0.0
i did the static ip for the xp pc but the xp cannot share the internet connection from the debian, and the share folders with samba some how works. but i want i can plug any xp pc to the network cable and that can get the ip from the dhcp server and share the internet connection from the debian.
The windows firewall is disabled and debian shorewall firewall is configured for two interfaces.

Last edited by shams; 04-20-2011 at 02:07 AM.
 
Old 04-20-2011, 04:45 AM   #7
devwatchdog
Member
 
Registered: Jan 2010
Posts: 202

Rep: Reputation: 47
Straight out of the dnsmasq Debian Wiki page:

Code:
Choosing Your Interfaces

One you will probably want to do is tell dnsmasq which ethernet interface it can and cannot listen on,
as we really don't want it listening on the internet. Around line 69 of the /etc/dnsmasq.conf file, you will see:

#interface=

Uncomment the line and specify which ethernet interface(s) you want it server IPs to. For example, if
I want it to listen on eth1 (my DMZ) and eth2 (my local network), then it should look like:

interface=eth1
interface=eth2

If I didn't edit this line, it would also listen on eth0, my internet connection. I personally wouldn't
 recommend this, as it gives those evil guys a few doors to try to break into.
From what I can tell from that little blurb, it should be listening on both interfaces of your Debian system without defining the interface. I'd define the interface you want to use anyhow.

Which leads us back to the question as to why this DHCP server isn't answering. It sounds like your Debian system is connected to whatever internet source you are using, which I'd imagine is providing a public IP address, thus shouldn't be a conflict.

Something I'd do to eliminate the firewall as the issue, is disconnect the ethernet cable on the public interface, and drop the firewall. If the DHCP lease is provided then, you'll know you need to look at your firewall.

I doubt it is a Windows related issue, but to check you could boot your Windows system off a Linux live CD to see if the problem persists.
 
Old 04-20-2011, 06:03 AM   #8
shams
Member
 
Registered: Jan 2004
Posts: 454

Original Poster
Rep: Reputation: 30
Thanks again for the reply, The problem solved with the specifying the interface as:
Quote:
interface= eth0
Ok now the xp can get an ip from the Debian dhcp as:
Quote:
Connection specified DNS suffix : example.net
Ip Adrress ......................: 192.168.1.85
Subnet Mask .....................: 255.255.255.0
Default Gateway .................: 192.168.1.1
but still the web browser in windows cannot open the web pages:
this is the dnsmasq log from the /var/log/syslog for the windows xp the web browser want to open the google website:
Quote:

Apr 20 14:21:36 mypc dnsmasq[1816]: query[A] www.google.com from 192.168.1.85
Apr 20 14:21:36 mypc dnsmasq[1816]: forwarded www.google.com to 208.67.222.123
Apr 20 14:21:36 mypc dnsmasq[1816]: forwarded www.google.com to 208.67.222.222
Apr 20 14:21:36 mypc dnsmasq[1816]: forwarded www.google.com to 208.67.220.220
Apr 20 14:21:36 mypc dnsmasq[1816]: forwarded www.google.com to 208.67.222.123
Apr 20 14:21:37 mypc dnsmasq[1816]: reply www.google.com is <CNAME>
Apr 20 14:21:37 mypc dnsmasq[1816]: reply www.l.google.com is 209.85.231.104
and this is the dnsmasq log from the /var/log/syslog for the debian that can open the google.com:
Quote:
Apr 20 14:57:40 mypc dnsmasq[1816]: query[AAAA] www.google.com.af from 127.0.0.1Apr 20 14:57:40 mypc dnsmasq[1816]: forwarded www.google.com.af to 208.67.220.220
Apr 20 14:57:40 mypc dnsmasq[1816]: reply www.google.com.af is <CNAME>
Apr 20 14:57:40 mypc dnsmasq[1816]: reply www.google.com is <CNAME>
Apr 20 14:57:40 mypc dnsmasq[1816]: reply www.l.google.com is 209.85.231.104
Apr 20 14:57:40 mypc dnsmasq[1816]: reply www.google.com.af is <CNAME>
Apr 20 14:57:40 mypc dnsmasq[1816]: reply www.google.com is <CNAME>
Apr 20 14:57:40 mypc dnsmasq[1816]: reply www.l.google.com is NODATA-IPv6
Apr 20 14:57:45 mypc dnsmasq[1816]: reply www.google.com.af is <CNAME>
Apr 20 14:57:45 mypc dnsmasq[1816]: reply www.google.com is <CNAME>
Apr 20 14:57:45 mypc dnsmasq[1816]: reply www.l.google.com is 209.85.231.104
Apr 20 14:57:45 mypc dnsmasq[1816]: reply www.google.com.af is <CNAME>
Apr 20 14:57:45 mypc dnsmasq[1816]: reply www.google.com is <CNAME>
Apr 20 14:57:45 mypc dnsmasq[1816]: reply www.l.google.com is NODATA-IPv6
In the windows pc the quey just stopping in the:
Quote:
Apr 20 14:21:37 mypc dnsmasq[1816]: reply www.google.com is <CNAME>
Apr 20 14:21:37 mypc dnsmasq[1816]: reply www.l.google.com is 209.85.231.10

Last edited by shams; 04-20-2011 at 06:30 AM.
 
Old 04-20-2011, 10:16 AM   #9
beanhead
LQ Newbie
 
Registered: Aug 2010
Location: MN USA
Distribution: fedora
Posts: 9
Blog Entries: 1

Rep: Reputation: 0
Shams you said "the two pc's network adapters are directly connected with each other with a network cable and i didn't use any router or switch"
Are you using a cross over cable ?
If you are Using a regular networking cable it will not work.
 
Old 04-20-2011, 10:12 PM   #10
devwatchdog
Member
 
Registered: Jan 2010
Posts: 202

Rep: Reputation: 47
Quote:
Originally Posted by beanhead View Post
Shams you said "the two pc's network adapters are directly connected with each other with a network cable and i didn't use any router or switch"
Are you using a cross over cable ?
If you are Using a regular networking cable it will not work.
Heh. You might want to reread the analysis of the activity shams has seen thus far then reconsider your question. Auto-MDIX tends to solve issues such as this.

Hint: it is impossible to get a tcpdump capture showing layer 3 traffic where layer 2 connectivity hasn't been established.

shams:

I'd recommend using nslookup on the Windows system to determine if it is resolving DNS requests properly. From what it looks like there is a request sent and a response received -- and it appears that an answer was sent. DNS resolution is the first thing I check as well when troubleshooting issues such as these because without it, nothing else will work properly. It does not, however, establish that proper routing has been established for traffic. Even if your Debian system has its DNS service configured properly, it might not be forwarding traffic.

Check the Windows system with nslookup, see if it is getting a response. Caching/forwarding DNS servers are rather simple, and there really isn't very much to define in order to set them up.

Once you establish that DNS resolution is working, you should see if you can ping google. Use tcpdump to see if it is reaching the connected interface on the Debian system. Use this:

Code:
tcpdump -nni <ethX> icmp
If you see it arriving at that interface, then go to the public facing interface and run tcpdump on it, or just fire up two tcpdump sessions simultaneously in two terminals. If you see traffic exiting the public interface, but it is exiting at the 192.168.x.x address, you're not natting the traffic properly, and the problem resides with your firewall rules/configuration. If you don't see the traffic exit the public interface, you might not have packet forwarding set up:

Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Although I would think that Shorewall would handle setting the system up for ip forwarding. I really doubt you will have to set that manually.

My impression is that for whatever reason, Shorewall isn't forwarding the traffic. We'll see if that is the case when you report back.

Oh yeah - double check you're getting a default gateway on the Windows machine with the DHCP lease.
 
Old 04-21-2011, 04:11 AM   #11
shams
Member
 
Registered: Jan 2004
Posts: 454

Original Poster
Rep: Reputation: 30
thanks for the reply devwatchdog, i enabled the packet forwarding in the shorewall.conf:
Quote:
IP_FORWARDING=On
as well in the kernel from the /etc/sysctl.conf:
Quote:
net.ipv4.ip_forward=1
and as well now i did echo 1 > /proc/sys/net/ipv4/ip_forward.
The nslookup is working from windows:
Quote:
nslookup google.com
Server: example.net
Address: 192.168.1.1

Non-Authotirative Answer:
Name: google.com
Address: 209.85.231.104
but ping is not working:
Quote:
Ping: 209.85.231.104
Pinging 209.85.231.104 with 32 bytes of data:

Rquest timedout
Rquest timedout
Rquest timedout
Rquest timedout
Ping statistics for 209.85.231.104:
Packets: Sent=4, recieved= 0, lost=4 <100% loss>
and this is the tcpdump output from debian when pinging from windows:
Quote:
tcpdump -nni eth0 icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
12:19:55.907615 IP 192.168.1.85 > 209.85.231.104: ICMP echo request, id 512, seq 1024, length 40
12:20:01.073681 IP 192.168.1.85 > 209.85.231.104: ICMP echo request, id 512, seq 1280, length 40
12:20:06.573380 IP 192.168.1.85 > 209.85.231.104: ICMP echo request, id 512, seq 1536, length 40
12:20:12.073055 IP 192.168.1.85 > 209.85.231.104: ICMP echo request, id 512, seq 1792, length 40
locally can open the debian web server from the windows, with the web browser.
I disable the shorewall and this is the iptables policy:
Quote:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
but still cannot ping the google from the windows there is timedout as above.

Last edited by shams; 04-21-2011 at 06:13 AM.
 
Old 04-22-2011, 05:38 AM   #12
devwatchdog
Member
 
Registered: Jan 2010
Posts: 202

Rep: Reputation: 47
I'd enable Shorewall and attempt to ping google.com again, but this time capture traffic on the public/external interface. It is established you're getting traffic on eth0. We need to check that it is attempting to exit on the other interface. If it isn't, your firewall is not configured correctly. If the traffic exits as the originating 192.168.1.x address, your NAT rules are not working.

As for Shorewall, I don't use it although believe I installed it a few years ago for a short while. At a glance, I would start looking at what it logs, and enable logging if it isn't doing it now.

This should help provide some direction as to where your problem might lie:

Code:
Shorewall does not maintain a log itself but rather relies on your system's logging configuration. The following 
commands rely on knowing where Netfilter messages are logged:

shorewall show log (Displays the last 20 netfilter log messages)

shorewall logwatch (Polls the log at a settable interval

shorewall dump (Produces an extensive report for inclusion in Shorewall problem reports)

It is important that these commands work properly because when you encounter connection problems when Shorewall
is running, the first thing that you should do is to look at the Netfilter log; with the help of Shorewall
FAQ 17, you can usually resolve the problem quickly.

The Netfilter log location is distribution-dependent:

Debian and its derivatives log Netfilter messages to /var/log/kern.log.

Recent SuSE/OpenSuSE™ releases come preconfigured with syslog-ng and log netfilter messages to /var/log/firewall.

For other distributions, Netfilter messages are most commonly logged to /var/log/messages.
Taken from here.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Debian/Squeeze fails to get DHCP address on startup garydale Linux - Networking 5 03-04-2010 01:10 PM
[SOLVED] dhcp-client get assigned a network address instead of a regular IP address kenneho Linux - Networking 3 11-27-2009 04:43 AM
Cannot acquire DHCP IP address from router dwhitney67 Linux - Newbie 10 11-02-2007 05:17 PM
Unable to acquire an IP Address ras777 Linux - Wireless Networking 13 12-03-2005 12:07 PM
Linux dhcp client can't get address on Windows network km4hr Linux - Networking 12 03-10-2005 09:35 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:51 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration