[Dnsmasq-discuss] two dnsmasq servers providing dhcp for one domain
Simon Kelley
simon at thekelleys.org.uk
Fri Jul 17 14:21:05 BST 2009
Anand Kameswaran wrote:
> Maybe this is a lot more straightforward than I am thinking, but I'm not
> sure how I should configure DHCP, once I start using DHCP helper.
>
> Let me try and explain the setup. Each embedded device has 2 physical
> NIC cards. Eth0 and Eth1. Eth0 is used for public communincations and
> the VPN tunnels are setup between the two devices eth0 interfaces. Eth1
> had multiple virtual adapters to handle the subnetting, ie.
> eth1:1...eth1:n depending on the number of required subnets.
>
> Now when configuring DNSMasq I had run into an oddity. The machines
> absolutely should not provide DHCP over eth0 as that would impact the
> public network. Initially I configured dnsmasq to explicitly listen on
> all eth1.x interfaces, but it didn't work. However, when I configured
> dnsmasq to only exclude eth0 everything worked fine.
>
> Here is the crux of the problem using dhcp_helper. So device 1 is
> providing DHCP/DNS. I need to assign a different subnet for nodes on
> device 2 than for device 1, so that routing can occur over the tunnels.
> Obviously each side of the vpn tunnels needs unique subnets. That is
> one problem, although I know dnsmasq can serve up addresses in multiple
> ranges. The real problem I suspect is that requests from nodes on
> device two, sent over broadcast will probably be received physically on
> eth0. ALthough their is in fact a "tunnel" device as well. (btw using
> GRE tunnels for the VPN - not encrypted as I am only concerned about
> network segregation not security)
>
> Now I'm not really a good networking guy - so forgive me if my
> terminology is slightly off, but hopefully my problem is clear. And I
> am not really to clear on how to configure dnsmasq once I have DHCP
> helper working. I need those requests that come over the DHCP_Helper to
> get a different subnet. Any suggestions?
>
> Cheers,
> AK
You're worrying too much. It all happens automagically. Set up
dhcp-helper to listen for broadcasts on the correct interface and bounce
them to dnsmasq. When dhcp-helper does this, it puts the address of the
interface on which the broadcast was received into the packet, in the
giaddr field. When dnsmasq gets a packet with giaddr set, it uses that
address to decide which subnet to allocate an address on, not the
interface that dnsmasq received the packet on.
So:
dnsmasq, just list all the subnets you will need as dhcp-ranges.
dhcp-helper, select the interfaces to listen for broadcasts using -i
<interface> and/or -e <interface> and tell dhcp-helper where to send the
packets to with -s <ip-addr of server running dnsmasq>
If the dnsmasq server is multi-homed you can use any of its addresses,
as long as they are routable from the relay. The address of any
interface that dhcp-helper is listening on must be routable from the
host running dnsmasq.
HTH
Simon.
More information about the Dnsmasq-discuss
mailing list