[Dnsmasq-discuss] DNSMasq, DHCP, Shorewall, and Proxy Arp
richardvoigt at gmail.com
richardvoigt at gmail.com
Sat Feb 2 21:03:06 GMT 2008
On Feb 2, 2008 4:56 AM, Steve H. <steve at csquaredtech.com> wrote:
>
> Hello,
>
> I've been trying to figure out how to get DNSMasq setup to serve DHCP for my
> networks. I have a firewall setup according to the Shorewall
> (http://www.shorewall.net ) proxy arp configuration. My firewall has two
> interfaces :
> eth0 1.2.3.4 (routable, internet facing)
> eth1 192.168.0.1 (internal network)
>
> The firewall does proxy arp for several small networks:
> w.x.159.160/28 (routable)
> w1.x1.81.224/27 (routable)
> (and 2 other /27 ranges)
> The machines behind the firewall are all on the subnets (NOT the 192.168/16)
> and have routes added to use 1.2.3.4 as the gateway. This all works great,
> and simplifies things greatly as my isp caches arp replies for 6 hours (this
> way, they always get replies from my firewall...and I can reconfigure the
> internal network without problem.)
This won't work, because 1.2.3.4 is outside the local subnet of the
device, which therefore uses a gateway to reach it. You need a local
gateway.
>
> I would like for DNSMasq running on eth1 of the firewall to hand out dhcp
> addresses for those address blocks. For testing I just added the 81.224/27:
> dhcp-range=eth1,w1.x1.81.227,w1.x1.81.253,255.255.255.224,24h
> dhcp-host=client22,infinite
>
> However, DNSMasq complains 'no address range available for DHCP request' when
> trying to get an address for client22. Is there a way to configure this
> without having to assign an address from each net-block to eth1 on the
> firewall ?
You'd need this anyway, see above.
>
> also, is there a way to use the hosts file 'en toto' - like an 'ethers' file?
> It would sure cut down on typing if you didn't have to specify
> a 'dhcp-host:foo' for everything you want assigned from your hosts file....
>
> Thanks!
> Steve
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list