[Dnsmasq-discuss] 2 subnets, bridged

[David Sankel]

On Tue, 28 Dec 2004 17:27:09 -0500 (EST), Scott Merrill
<skippy@skippy.net> wrote:
> I'd like to assign each side of the bridge a seperate portion of the
> total bridged address space.  Can I do this with dnsmasq?

Yes

> My (possibly naive) hope is that I can construct Shorewall zones for
> each side of the bridge to construct per-zone firewall rules while
> still allowing wired and wireless nodes to communicate without
> restriction (mostly to play games that rely on broadcast UDP for
> discovering partners =).

Doable.

> I _think_ I'll want to assign IP addresses to each interface on my
> router, and run two instances of dnsmasq to respond to incoming
> queries on each interface.  Then configure dnsmasq to hand out DHCP
> addresses with the _bridge_ address as the default gateway.

Should be fine.

> Before I start down a possible dead-end, can anyone offer guidance /
> suggestions?

I suggest 3 nic cards.  One going to the Internet and one going to
each subnet.  If you want a more expandable solution, get one managed
nic card and one managed switch to use VLANS.

I've never used LEAF, but normal linux iptables will do exactly what
you want if you take the time to learn it well.  The dnsmasq part of
it turns out to be the easiest part.

If you want, I can send you all of my conf files which have a similar setup.

David J. Sankel