Re: Filtering DHCP Requests so that ICS DHCPD don't get them
- From: "Stoker" <stokkeland@xxxxxxxxx>
- Date: 30 Jun 2006 13:02:06 -0700
Scenario:
Mobile System with two nic's,
firewall and NAT serving DHCP and some services to internal network
Getting external IP with dhcp client.
Issue:
dhcpd replies "DHCPNAK" to external interface
Config:
ICS dhcpd requires all available nic subnets to be configured, but when
a range does not have any options, the server sends a DHCPNAK, which is
bad when I hook this system up on network which already have dhcp
servers serving that range..
I have tried various things with IP tables blocking udp 67/68, but I
can not seem to find a way to allow my system to be a dhcp client on
the outside network while blocking traffic or not responding at all as
a dhcp server on that side...
Anyone solved this before?
My tests are a bit bozarre as it looks like when I drop all udp 67/68
packets are still reaching dhcpd..
Tell the daemon at start which interfaces to handle, so
thet it does not attemp to handle the external network
interface.
/usr/sbin/dhcpd3 -q eth1
Actually, that doesn't help, it looks like dhcpd looks at all local
configured if's anyway and requires an emptry config...
But I think I got it solved so it don't reply at all to those
inqueries, a bit of my own rtfm fault here; some of the global options
in the default (debian) config needed to be moved to inside the active
scope, after doing that dhcpd logs that it didnt have any address to
give out and simply ignbores it (instead of sending a NAK like
before)..
.
- References:
- Filtering DHCP Requests so that ICS DHCPD don't get them
- From: stokkeland
- Re: Filtering DHCP Requests so that ICS DHCPD don't get them
- From: Tauno Voipio
- Filtering DHCP Requests so that ICS DHCPD don't get them
- Prev by Date: Re: multiple ppp links and routing ..
- Next by Date: IPv6
- Previous by thread: Re: Filtering DHCP Requests so that ICS DHCPD don't get them
- Next by thread: IEEE802.11
- Index(es):
Relevant Pages
|
