[Dnsmasq-discuss] two dnsmasq servers providing dhcp for one domain
Anand Kameswaran
akameswaran at gmail.com
Fri Jul 17 13:50:32 BST 2009
Maybe this is a lot more straightforward than I am thinking, but I'm not
sure how I should configure DHCP, once I start using DHCP helper.
Let me try and explain the setup. Each embedded device has 2 physical NIC
cards. Eth0 and Eth1. Eth0 is used for public communincations and the VPN
tunnels are setup between the two devices eth0 interfaces. Eth1 had
multiple virtual adapters to handle the subnetting, ie. eth1:1...eth1:n
depending on the number of required subnets.
Now when configuring DNSMasq I had run into an oddity. The machines
absolutely should not provide DHCP over eth0 as that would impact the public
network. Initially I configured dnsmasq to explicitly listen on all eth1.x
interfaces, but it didn't work. However, when I configured dnsmasq to only
exclude eth0 everything worked fine.
Here is the crux of the problem using dhcp_helper. So device 1 is providing
DHCP/DNS. I need to assign a different subnet for nodes on device 2 than
for device 1, so that routing can occur over the tunnels. Obviously each
side of the vpn tunnels needs unique subnets. That is one problem, although
I know dnsmasq can serve up addresses in multiple ranges. The real problem
I suspect is that requests from nodes on device two, sent over broadcast
will probably be received physically on eth0. ALthough their is in fact a
"tunnel" device as well. (btw using GRE tunnels for the VPN - not encrypted
as I am only concerned about network segregation not security)
Now I'm not really a good networking guy - so forgive me if my terminology
is slightly off, but hopefully my problem is clear. And I am not really to
clear on how to configure dnsmasq once I have DHCP helper working. I need
those requests that come over the DHCP_Helper to get a different subnet.
Any suggestions?
Cheers,
AK
On Thu, Jul 16, 2009 at 2:58 PM, Simon Kelley <simon at thekelleys.org.uk>wrote:
> Anand Kameswaran wrote:
> > Simon,
> > The reason I initially discounted this, as my routers are essentially
> > embedded devices based off an old debian Sarge, and somewhat gimped. I
> did
> > not want to tackle trying to get additional packages installed, as the
> > system does not have aptitude, or even apt-get. However, following your
> > suggestion, I will try to get DHCP helper installed. This is more due to
> > implementation details rather than best practice. I am currently
> > unarchiving my old images of Sarge, and will try and get dhcp-helper
> > integrated into the embedded device. I suppose in worst case, I can
> build
> > out a sarge system and try to compile source against it, and move it into
> my
> > device.
> >
>
> Dhcp-helper is very simple: a few hundred lines of C on one source file.
> It only depends on the C library.
>
> There are packages in Sarge, which don't depend in anything other than
> libc, so dpkg should be enough to install them. In extremis you could
> compile it statically-linked on another machine and end up with a binary
> that would just slot in.
>
> Good luck.
>
> Cheers,
>
> Simon.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20090717/72a86b03/attachment.htm
More information about the Dnsmasq-discuss
mailing list