[Dnsmasq-discuss] DHCP Relay, assign address from other vlan, with no dhcp listening on it
SpiderX
spiderx at spiderx.dp.ua
Thu Sep 15 16:47:00 BST 2011
On Thu, Sep 15, 2011 at 6:38 PM, SpiderX <spiderx at spiderx.dp.ua> wrote:
> On Thu, Sep 15, 2011 at 6:05 PM, Michael Rack
> <michael.rack at rsm-freilassing.de> wrote:
>>
>> Why is schema 2 safe you one ip per interface? You need a ip-address for
>> routing, so that should be that ip-address dnsmasq is listing on. Or is
>> your router not the same device where your dnsmasq is running on?
>>
>> Have your interfaces a /30 Network assigned? Or are they all bind on a
>> bridged interface on your Unix-Router with only one ip-address-range /24
>> or something else?
>>
>> Liebe Grüße aus Freilassing,
>>
>> Michael Rack
>> RSM Freilassing
>> --
>> RSM Freilassing Tel.: +49 8654 607110
>> Nocksteinstr. 13 Fax.: +49 8654 670438
>> D-83395 Freilassing www.rsm-freilassing.de
>>
>>
>> Am 15.09.2011 14:25, schrieb SpiderX:
>> > On Wed, Sep 14, 2011 at 5:42 PM, richardvoigt at gmail.com
>> > <richardvoigt at gmail.com> wrote:
>> >>> I don't agree. Dnsmasq is a great software, I use it for years in a
>> >>> small environment.
>> >>> In bigger networks usage of l2 switches is necessary, and as Michael,
>> >>> I dont know too any l2 switch that supports any dhcp-related RFC,
>> >>> except 3046.
>> >>> There are not some many unix dhcp software that can be used with l2
>> >>> switches, dnsmasq could be one of it. And, as I said earlier, it
>> >>> should be.
>> >>> Solution with taking preference circuit-id and remote-id over
>> >>> sub-option 5 can be implemented as switch, documented with warning in
>> >>> manual, not enabled by default in example config.
>> >> dnsmasq works great in conjunction with L2 switches. Usually you put
>> >> the dnsmasq node on a VLAN trunk port, that way it sees requests from
>> >> all circuits, along with the VLAN tag. I'm not sure why you've chosen
>> >> to relay to a non-trunk port instead.
>> > Let's take a look on situation. There is a network with access type
>> > vlan per user or vlan per switch (not fundamentally),
>> > which builded on globally routed ip addresses (I mean "white ips", not
>> > 10.0.0.0/8, etc.)
>> >
>> > Sheme 1
>> > client — broadcast — l2 switch's port 1 — broadcast — server (dhcp
>> > listening on interface with utilization of one ip in subnet)
>> > client — broadcast — l2 switch's port 2 — broadcast — server (dhcp
>> > listening on interface with utilization of one ip in subnet)
>> > ..............
>> > client — broadcast — l2 switch's port 24 — broadcast — server (dhcp
>> > listening on interface with utilization of one ip in subnet)
>> >
>> > Sheme 2
>> > client — broadcast — l2 switch's port 1 — unicast — server (dhcp
>> > listening on interface with utilization of one ip in subnet)
>> > client — broadcast — l2 switch's port 2 — unicast — server (dhcp
>> > listening on interface with utilization of one ip in subnet)
>> > .............
>> > client — broadcast — l2 switch's port 24 — unicast — server (dhcp
>> > listening on interface with utilization of one ip in subnet)
>> > Dhcp is listening on one interface and utilizes one ip address. This
>> > ip/interface is not directly accessible by clients.
>> >
>> > Which of these schemes is more safer and more reliable?
>> > Which of these schemes is easier to maintain?
>> > Which scheme is more economically viable? (I don't lose one ip per
>> > interface with dhcp server listening on it. One ip = one client.)
>> > Dnsmasq can be used in scheme 1, but not in scheme 2.
>> >
>> > _______________________________________________
>> > Dnsmasq-discuss mailing list
>> > Dnsmasq-discuss at lists.thekelleys.org.uk
>> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>> Or is your router not the same device where your dnsmasq is running on?
> Exactly.
>
>> Have your interfaces a /30 Network assigned? Or are they all bind on a
>> bridged interface on your Unix-Router with only one ip-address-range /24
>> or something else?
> Actually It doesn't matter.
> I use supervlan aka ip unnumbered in one network, in another (vlan per
> switch) I use just a subnets /24, /25, /26 on interfaces.
>
I made a mistake in scheme 2. Sorry for confusing.
Scheme 2 should looks like:
client — broadcast — l2 switch's port 1 — unicast — server (dhcp NOT
listening on interface with utilization of one ip in subnet)
client — broadcast — l2 switch's port 2 — unicast — server (dhcp NOT
listening on interface with utilization of one ip in subnet)
.............
client — broadcast — l2 switch's port 24 — unicast — server (dhcp NOT
listening on interface with utilization of one ip in subnet)
Dhcp is listening on one interface and utilizes one ip address.
I mean that there is no dhcp server in client's vlan.
So, there's ONE ip for dhcp server for whole network, or two — in case
of dhcp failover.
More information about the Dnsmasq-discuss
mailing list