Re: DHCPCD on an internal LAN

Responding to Ivan Marsh...
On Mon, 10 Dec 2007 20:55:21 +0000, Mike wrote:

I just confused myself trying to set up dnsmasq on P2 so that other
machines on my internal lan connect in the same way (to P2) using their
dhcpcd rather than static IPs.

I'm getting the idea dnsmasq was designed to provide a method of routing
an internal machine through a gateway machine and out to the external
DHCP server (in this case this would be my broadband service provider).

If I get what you're trying to do here you're not going to have much luck.
Your provider will only allow one IP address to be DHCPed to you local
network, the rest have to come from your internal network.

If you want dynamic internal addresses you have to run a DHCP server on
your Internet connected machine and run IP masquerading to route the
traffic.


Quite the opposite. I don't want the LAN machines to ever connect to
the internet at all. The only machine that should ever connect to the
internet should be the P2 machine. All others on the LAN should only
be able to SSH into an account on the P2 and run P2 applications
remotely via SSH to surf etc. Therefore, only one machine ever goes
online (the P2), and only one internet connection required. And, each
internal LAN machine should remain isolated from any other on the
LAN. A kind of "blind tentacle" arrangement with the P2 as head.

My problem is getting the local machines to ask the P2 for internal
LAN IP addresses, using DHCPCD as they boot up on the LAN, rather
than configuring everything with static IPs as I currently have
things. This way I don't need to keep so many static config details,
and can plug any machine I want to into the LAN, and simply SSH
access a P2 account to use it's internet facilities. (If I want to
drag anything off the P2 to an internal LAN machine, I can use SFTP.)

dnsmasq looked like the tool, but its now looking as if its designed
to work right through the gateway machine and get an IP from the main
DHCP server, that being the ISP. I don't want this at all. I want the
P2 to act as the LAN's DHCP server, isolating the LAN from the
internet connection on it's other NIC (no forwarding either).

Should I press on with dnsmasq until I get a clue? Or is there
something else I would be better playing around with for this
project?

(URLs to favorite howto pages would be welcome about now too. ;)

--
________________.0.________________
The Way of the Chao-Pao! is strong.
http://tinyurl.com/382gmp
-----------.|.-----------
.

Relevant Pages

  • Re: One or two questions.
    ... The only piece of kit that gets the WAN address is my modem/router, everything else communicates using LAN addresses. ... One is the WAN (Wide Area Network - usually the Internet) IP Address ... IP Addresses to the things that Connect to it using its DHCP Server ...
    (uk.people.silversurfers)
  • Re: Static/dynamic NAT and a pool of dynamic/dhcp external addresses?
    ... >> I'm planning to connect a LAN to the Internet. ... >> things about how NAT and DHCP work together. ... >> that my ISP's DHCP server provides on demand a pool of up to five public ...
    (comp.security.firewalls)
  • Re: Moving Exchange Server
    ... Placing them in the LAN gives internal users 100% access with no firewall to ... DMZ, thus 0% risk/ports open between them. ... If Microsoft Exchange and/or Active Directory cannot run ... >> Internet is better? ...
    (microsoft.public.exchange.setup)
  • RE: Firewall Rule Set not allowing access to DNS servers?
    ... > My LAN is configured with static IP addresses, ... > I have full connectivity with the internet from every machine on my ... > # Allow out access to my ISP's Domain name server. ... > # Interrogate packets originating from the public internet ...
    (freebsd-questions)
  • Wirless Connection on WAN side - How to access...
    ... I have the SBS as the DHCP server for the internal LAN. ... only to allow clients access to the internet and not to the SBS LAN. ...
    (microsoft.public.windows.server.sbs)