Re: dhcpd question for homemade linux router

From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 05/22/05 

Date: Sat, 21 May 2005 21:15:14 -0500

In article <1116646173.201438.166200@g47g2000cwa.googlegroups.com>,
purple_stars wrote:

>situation is linux box set up as a router between client machines and
>service provider.

        702929 May 4 14:03 IP-Masquerade-HOWTO
         17605 Jul 21 2004 Masquerading-Simple-HOWTO
        278012 Jul 23 2002 Security-Quickstart-HOWTO

Each of those documents has valuable hints

>service provider connection is dhcp'd, that is, linux box gets it's own
>address dynamically when it dials up.

"dials up" meaning using a ppp connection? pppd doesn't use DHCP, which
is an Ethernet protocol. 'ppp' uses IPCP (RFC1332) to negotiate IP addresses,
because ppp is a peer to peer protocol - not a server-client.

>linux box is running dhcpd for clients, that's all working. here's my
>question .... how do the clients get the right dns server address ?

Depends - are you dialing in to more than one ISP? If so, the best solution
would be to configure your DHCP server to tell the clients that the Linux
box is the name server, and then run a caching-forwarding name server on the
Linux box. If you are running windoze clients, this is a good idea anyway,
as they are extremely talkative and are always bothering the name server. If
you are not using multiple ISPs, you could place the ISP's nameserver
addresses in your DHCP server configuration file. The so-called dynamic
configuration of nameservers was invented my microsoft because they figured
that users would make more mistakes configuring their computers than the
"well trained" MCSE who would set up the DHCP server - that's also why they
added ZEROCONF for when the MCSE so screws up the configuration that nothing
works.

The really important point is that the ISP doesn't randomly change the
addresses of their name servers - why should they? I have three ISPs, and
each has had the same nameserver addresses for as long as I've used them - as
much as four years. At work, we haven't changed the addresses of the name
servers since they were first set up in 1986.

>at the moment i have my linux box set up to supply them with it's own
>address as their dns server, a 192.168.x.x address ... is that what i
>want ?

Depends - if you are running windoze clients, yes it's a very good idea. If
your connection is not up all the time, it's also a good idea.

>what do i do, turn on named and just hope it works, hope that
>my box's named forwards requests out to the net and sends the response
>back to the client ? :) if that's not it, what do i do,

Would have helped if you mentioned distribution and release. For several
years, Red Hat has had a package called 'caching-nameserver' which goes
along with the standard bind package.

>how do i get the dhcp dns address from the service provider into the
>dhcp'd clients when they connect ?

If not using multiple ISPs, just hard-code the thing. If using multiple
ISPs _and_ those ISPs have enabled microsoft's RFC2153 hack, _and_ you are
using the 'usepeerdns' option to pppd, then when the link comes up for IP,
the script /etc/ppp/ip-up is run, and has the environmental variables DNS1
and DNS2 which you can use. Additionally, pppd would in that case create
an /etc/ppp/resolv.conf file (NOTE: it does NOT mess with /etc/resolv.conf)
containing one or two 'nameserver' lines with the address(es) supplied by
the peer. It's all spelled out in the pppd man page. If the ISPs are not
running the microsoft hack, what I do in the /etc/ppp/ip-up script is to
look at the value of variable $5 (the remote IP address) and use it in a
'case' statement to copy the appropriate peer specific resolv.conf file to
/etc/ - the files contain the hard coded addresses for the appropriate ISP.
When the link goes down, /etc/ppp/ip-down is used to copy a generic file
back to /etc/resolv.conf.

Personally, since RFC1597 (replaced by RFC1918) created private IP addresses
the only valid reason to be using dynamic addresses is if your computers are
moving from one network to another. DHCP (and it's predecessor BOOTP) was
created for the situation of "to many computers, not enough addresses".
Microsoft adopted the concept as a way to let users with no idea what they
are doing, set up a computer. The burden is transferred to the MCSE who is
trying to set up the DHCP server.

        Old guy

Relevant Pages

  • Re: Is Windows beating Linux behind a Linksys box?
    ... >]dhcpc to give the computers ip addresses. ... > You have the same problem with windows. ... does't require a centralized server which knows the IPname ... dynamically created by a dhcp server, ...
    (comp.os.linux.networking)
  • Re: DNS cilent wont update its HOST A record in DNS AD INTEGRATED ZONE
    ... Pre-Windows 2000 computers are not able to dynamically update their records. ... a DHCP server can perform dynamic updates on the behalf of those ...
    (microsoft.public.windows.server.dns)
  • Re: How to reference dynamic IP with named DNS
    ... > I have a local network with a couple of server computers setup with ... I also have 2 computers with dynamic IP addresses ... Assuming the DHCP server is on the same machine as named, ...
    (Fedora)
  • Re: IP Address Problem
    ... "Joe" schreef in bericht ... >>2 computers lost all internet/network access. ... >>getting their IP Address from the DHCP Server. ... > find a DHCP server, the SBS claimed DHCP was running. ...
    (microsoft.public.windows.server.sbs)
  • Re: Seeking only some information by DHCP
    ... Dan C wrote: ... And what happens when the DHCP server assigns that address to someone else? ... IIRC some ISPs won't allow traffic from computers that don't have an ...
    (comp.os.linux.networking)