Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-12-2014, 02:32 PM
|
#1
|
Member
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105
Rep:
|
Getting IP from wrong DHCP server
My current network set up is as follows. I have an Arch linux server, with a Smoothwall VM running on it as the firewall. Arch linux uses Smoothwall as a gateway. The Smoothwall WAN iface address is 192.168.0.20, and the LAN network address is 172.20.1.0. Arch linux gets it's IP from Smoothwall's dhcp.
The computer this thread is concerning is a Slackware laptop. I want that computer to receive it's IP from my home router(192.168.0.1) and NOT from Smoothwall's dhcp. That would defeat the purpose as it would put this computer behind the firewall as well. Thus far I've connected to the router using wpa_supplicant and dhcpcd in /etc/rc.d/rc.local.
Code:
# Connect to wireless internet
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant.conf
# Uncomment this for public wifi
dhcpcd wlan0
It has worked flawlessly up until now. For some reason, now, it tries to get it's IP from Smoothwall, putting it behind the firewall with a 172.20.1.x address. I still have dhcp turned on on the router, and I've tried setting the IP address statically in rc.local as well:
Code:
# Connect to wireless internet
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant.conf
# Uncomment this for public wifi
#dhcpcd wlan0
# Static home connection
ifconfig wlan0 192.168.0.37 netmask 255.255.255.0 broadcast 192.168.0.255
ifconfig wlan0 up
That only partially works. I get the ip and can ping the router, but I cannot ping anything on the Internet. My /etc/resolv.conf is pointing to 192.168.0.1(the home router), so as far as I can tell there is no reason at all that it should be trying to get an IP from Smoothwall since literally nothing on this computer is pointing to it. Is there a way to point to a specific gateway with dhcpcd? I do not wish to use rc.inet1 because it's never worked for me in the past and I think it's much cleaner to use rc.local.
EDIT: The only thing I can think of is the routes I set up on the home router. However I don't see why this would have an affect because the route only directs traffic intended for 172.20.1.x to the Smoothwall gateway(192.168.0.20). It shouldn't affect 192.168.0.1 at all afaik.
Last edited by slack_; 07-12-2014 at 02:35 PM.
|
|
|
07-12-2014, 03:18 PM
|
#2
|
Slackware Contributor
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559
|
Do not run more than one DHCP server on a network. Period. You have no idea what can of worms is waiting for you. You can not enforce which of the two DHCP servers will answer first to the client request.
Eric
|
|
|
07-12-2014, 03:26 PM
|
#3
|
Member
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105
Original Poster
Rep:
|
Clearly. That seems to be the problem here. How then do I be sure that this computer get's an IP on the 192.168.0.x network instead of the 172.20.1.x network? I figured adding the static ifconfig set up in the second code tag would do it, and it almost does, but for some reason that I'm not aware of, only works internally, and I cannot connect to the Internet if I do that. The DHCP server on Smoothwall appears to only work for the 172.20.1.x network.
|
|
|
07-12-2014, 03:38 PM
|
#4
|
Slackware Contributor
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559
|
That's just how it works. The DHCP on Smoothwall only listens on the "internal" network. You need to check your LAN topology - if all your devices, including the Smoothwall VM's "internal" interface and your internet router's LAN interface are visible to one another then you have an issue. You would be able to solve that by introducing VLANs but since Slackware does not have a configuration for using vlans you will have to create them manually.
Isn't your internet router also providing a firewalled environment? Most internet routers I know do NAT in order to hide your LAN from the internet. The IP address you mention for the internet router's LAN interface (192.168.0.1) indicates that the router does indeed do NAT translation - that IP address is not routed on the Internet. Which raises the question - why use that Smoothwall VM at all?
Eric
|
|
|
07-12-2014, 03:45 PM
|
#5
|
Senior Member
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860
|
I would imagine that the OP is doing that to isolate any mobile devices using the wireless interface from any wired machines in his/her network.
At least, that's why I do it.
|
|
|
07-12-2014, 04:32 PM
|
#6
|
Member
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105
Original Poster
Rep:
|
I'm setting up a test environment. Putting one computer behind a firewall, and another computer on the other side of the firewall. Trying to learn about firewall and IDS evasion.
|
|
|
07-12-2014, 11:06 PM
|
#7
|
Member
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105
Original Poster
Rep:
|
I don't understand why setting the IP manually as I did in /etc/rc.d/rc.local doesn't work. What is preventing it from connecting to the internet? It successfully gets the address requested, and I can successfully ping the router. Yet I get a 'Network Unreachable' error when I try to connect to anything external? I don't see how this makes sense.
EDIT: Solved the problem by disabling DHCP on the router and using rc.inet1.conf + wpa_supplicant in rc.local. It's not the most clean solution ever, and I'm aware that rc.inet1 is supposed to be able to handle this sort of thing, but it simply never worked. So initializing wpa_supplicant in rc.local, and setting the static IP settings in rc.inet1.conf made it work.
Last edited by slack_; 07-12-2014 at 11:47 PM.
|
|
|
07-13-2014, 03:31 AM
|
#8
|
Senior Member
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860
|
Depending upon the DHCP client that Arch uses, you should be able to specify the interfaces that DHCP will listen for broadcasts.
The server bundled with Slackware states...
Code:
COMMAND LINE
The names of the network interfaces on which dhcpd should listen for
broadcasts may be specified on the command line. This should be done
on systems where dhcpd is unable to identify non-broadcast interfaces,
but should not be required on other systems. If no interface names are
specified on the command line dhcpd will identify all network inter-
faces which are up, eliminating non-broadcast interfaces if possible,
and listen for DHCP broadcasts on each interface.
You could also have your firewall block incoming UDP port 67 packets from the router.
|
|
|
07-13-2014, 10:08 PM
|
#9
|
Member
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105
Original Poster
Rep:
|
Quote:
Originally Posted by Richard Cranium
You could also have your firewall block incoming UDP port 67 packets from the router.
|
That's a good idea.
|
|
|
07-13-2014, 11:51 PM
|
#10
|
Member
Registered: Jan 2008
Posts: 426
|
Note that usually iptables cannot block DHCP packets (if clients use raw sockets).
|
|
1 members found this post helpful.
|
07-14-2014, 02:14 PM
|
#11
|
Senior Member
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860
|
Learn something new every day. Thanks bormant!
|
|
|
All times are GMT -5. The time now is 09:11 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|