LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 07-12-2014, 02:32 PM   #1
slack_
Member
 
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105

Rep: Reputation: Disabled
Getting IP from wrong DHCP server


My current network set up is as follows. I have an Arch linux server, with a Smoothwall VM running on it as the firewall. Arch linux uses Smoothwall as a gateway. The Smoothwall WAN iface address is 192.168.0.20, and the LAN network address is 172.20.1.0. Arch linux gets it's IP from Smoothwall's dhcp.

The computer this thread is concerning is a Slackware laptop. I want that computer to receive it's IP from my home router(192.168.0.1) and NOT from Smoothwall's dhcp. That would defeat the purpose as it would put this computer behind the firewall as well. Thus far I've connected to the router using wpa_supplicant and dhcpcd in /etc/rc.d/rc.local.
Code:
# Connect to wireless internet
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant.conf

# Uncomment this for public wifi
dhcpcd wlan0
It has worked flawlessly up until now. For some reason, now, it tries to get it's IP from Smoothwall, putting it behind the firewall with a 172.20.1.x address. I still have dhcp turned on on the router, and I've tried setting the IP address statically in rc.local as well:
Code:
# Connect to wireless internet
wpa_supplicant -B -Dwext -i wlan0 -c /etc/wpa_supplicant.conf

# Uncomment this for public wifi
#dhcpcd wlan0

# Static home connection
ifconfig wlan0 192.168.0.37 netmask 255.255.255.0 broadcast 192.168.0.255
ifconfig wlan0 up
That only partially works. I get the ip and can ping the router, but I cannot ping anything on the Internet. My /etc/resolv.conf is pointing to 192.168.0.1(the home router), so as far as I can tell there is no reason at all that it should be trying to get an IP from Smoothwall since literally nothing on this computer is pointing to it. Is there a way to point to a specific gateway with dhcpcd? I do not wish to use rc.inet1 because it's never worked for me in the past and I think it's much cleaner to use rc.local.

EDIT: The only thing I can think of is the routes I set up on the home router. However I don't see why this would have an affect because the route only directs traffic intended for 172.20.1.x to the Smoothwall gateway(192.168.0.20). It shouldn't affect 192.168.0.1 at all afaik.

Last edited by slack_; 07-12-2014 at 02:35 PM.
 
Old 07-12-2014, 03:18 PM   #2
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559

Rep: Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116
Do not run more than one DHCP server on a network. Period. You have no idea what can of worms is waiting for you. You can not enforce which of the two DHCP servers will answer first to the client request.

Eric
 
Old 07-12-2014, 03:26 PM   #3
slack_
Member
 
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105

Original Poster
Rep: Reputation: Disabled
Clearly. That seems to be the problem here. How then do I be sure that this computer get's an IP on the 192.168.0.x network instead of the 172.20.1.x network? I figured adding the static ifconfig set up in the second code tag would do it, and it almost does, but for some reason that I'm not aware of, only works internally, and I cannot connect to the Internet if I do that. The DHCP server on Smoothwall appears to only work for the 172.20.1.x network.
 
Old 07-12-2014, 03:38 PM   #4
Alien Bob
Slackware Contributor
 
Registered: Sep 2005
Location: Eindhoven, The Netherlands
Distribution: Slackware
Posts: 8,559

Rep: Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116Reputation: 8116
That's just how it works. The DHCP on Smoothwall only listens on the "internal" network. You need to check your LAN topology - if all your devices, including the Smoothwall VM's "internal" interface and your internet router's LAN interface are visible to one another then you have an issue. You would be able to solve that by introducing VLANs but since Slackware does not have a configuration for using vlans you will have to create them manually.

Isn't your internet router also providing a firewalled environment? Most internet routers I know do NAT in order to hide your LAN from the internet. The IP address you mention for the internet router's LAN interface (192.168.0.1) indicates that the router does indeed do NAT translation - that IP address is not routed on the Internet. Which raises the question - why use that Smoothwall VM at all?

Eric
 
Old 07-12-2014, 03:45 PM   #5
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860

Rep: Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229
I would imagine that the OP is doing that to isolate any mobile devices using the wireless interface from any wired machines in his/her network.

At least, that's why I do it.
 
Old 07-12-2014, 04:32 PM   #6
slack_
Member
 
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105

Original Poster
Rep: Reputation: Disabled
I'm setting up a test environment. Putting one computer behind a firewall, and another computer on the other side of the firewall. Trying to learn about firewall and IDS evasion.
 
Old 07-12-2014, 11:06 PM   #7
slack_
Member
 
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105

Original Poster
Rep: Reputation: Disabled
I don't understand why setting the IP manually as I did in /etc/rc.d/rc.local doesn't work. What is preventing it from connecting to the internet? It successfully gets the address requested, and I can successfully ping the router. Yet I get a 'Network Unreachable' error when I try to connect to anything external? I don't see how this makes sense.

EDIT: Solved the problem by disabling DHCP on the router and using rc.inet1.conf + wpa_supplicant in rc.local. It's not the most clean solution ever, and I'm aware that rc.inet1 is supposed to be able to handle this sort of thing, but it simply never worked. So initializing wpa_supplicant in rc.local, and setting the static IP settings in rc.inet1.conf made it work.

Last edited by slack_; 07-12-2014 at 11:47 PM.
 
Old 07-13-2014, 03:31 AM   #8
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860

Rep: Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229
Depending upon the DHCP client that Arch uses, you should be able to specify the interfaces that DHCP will listen for broadcasts.

The server bundled with Slackware states...
Code:
COMMAND LINE
       The names of the network interfaces on which dhcpd  should  listen  for
       broadcasts  may  be specified on the command line.  This should be done
       on systems where dhcpd is unable to identify non-broadcast  interfaces,
       but should not be required on other systems.  If no interface names are
       specified on the command line dhcpd will identify  all  network  inter-
       faces  which  are up, eliminating non-broadcast interfaces if possible,
       and listen for DHCP broadcasts on each interface.
You could also have your firewall block incoming UDP port 67 packets from the router.
 
Old 07-13-2014, 10:08 PM   #9
slack_
Member
 
Registered: Oct 2013
Distribution: Slackware, Arch
Posts: 105

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Richard Cranium View Post
You could also have your firewall block incoming UDP port 67 packets from the router.
That's a good idea.
 
Old 07-13-2014, 11:51 PM   #10
bormant
Member
 
Registered: Jan 2008
Posts: 426

Rep: Reputation: 240Reputation: 240Reputation: 240
Note that usually iptables cannot block DHCP packets (if clients use raw sockets).
 
1 members found this post helpful.
Old 07-14-2014, 02:14 PM   #11
Richard Cranium
Senior Member
 
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860

Rep: Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229Reputation: 2229
Learn something new every day. Thanks bormant!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
wrong dhcp assignment orielgalvez Linux - Newbie 2 02-02-2010 02:17 AM
Problem on acquiring IP addr. on client from dhcp server through dhcp relay server haariseshu Linux - Server 5 08-10-2009 01:20 AM
Instead of Router DHCP Server, Pass DHCP Server control to Slackware orbit Slackware 6 05-11-2009 02:00 AM
Wrong server IP being sent in DHCP offer Garybtx Linux - Server 2 11-14-2006 11:29 PM
Redboot gets wrong default server IP-addr from DHCP ? waynix Linux - Networking 4 06-10-2005 12:44 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 09:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration