Networking :: Gateway Assignment And Use Of DHCP Relay Agents + DHRELAY
Jun 22, 2010
I am having some difficulties comprehending some networking concepts relating to multiple subnets and dhcp servers, or dhcp relay servers. I have built home networks many times before, and they have all followed a very simple formula. A single subnet, let's say 192.168.1.0 which is fairly typical for me. My network's DNS server is always also my networks DHCP server. Typically at 192.168.1.1. When a DHCP client broadcasts for an IP over the subnet, 192.168.1.1(My DNS/DHCP server) will not only tell the client what it's new IP is to be, but will also tell the client what it's Gateway server is. This is ALSO 192.168.1.1 for me typically.
In this manner, a client broadcasts for networking information and is given a usable IP, and told to use 192.168.1.1 for most other functionality. Very simple. However, I am uncertain how to expand this to other subnets. Say.. 192.168.2.0.
A: I can use a separate DHCP server for each subnet. or B: I can use a DHCP Relay agent for 192.168.2.0 to pass the DHCP requests to the primary DHCP server on the 192.168.1.0 subnet.
Option A: is fairly straight forward and have had it functioning fine, but it is really B: I want to know more about. It seems somehow much cleaner to me. I prefer to centralize as much of my network provisioning services as possible. It makes it easier to manage TYPICALLY. My question though is related to Gateways and the use of DHCP Relay Agents....
View 1 Replies
ADVERTISEMENT
May 20, 2010
I have a lab with 1 switch and 2 machines attached. One XP station and a debian lenny server. My debian runs dhcpd with this configuration
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.31 192.168.1.254;
default-lease-time 345600;
[code]....
I'm trying to restrict dhcp to only provide setting for a list of MAC addresses (about 300 macs) Using the following option is not good to me because I have not a pattern in my clients mac.
class "private-hosts" {
match if substring (option hardware,1,11) = "01:00:50:56";
}
[code]....
I've try using iptables with following configuration, but XP still getting IP from dhcpd:
iptables -P INPUT DROP
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
[code]....
View 2 Replies
View Related
Aug 19, 2010
I have a lab with 1 switch and 2 machines attached. One XP station and a debian lenny server. My debian runs dhcpd with this configuration:
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.31 192.168.1.254;
default-lease-time 345600;
max-lease-time 691200;
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option domain-name "lab.com";
option domain-name-servers 192.168.1.12;
option netbios-name-servers 192.168.1.12;
option netbios-node-type 8;
option broadcast-address 192.168.1.255;
option ntp-servers 192.168.1.12;
ddns-updates on;
ddns-update-style interim;
}
I'm trying to restrict dhcp to only provide setting for a list of MAC addresses (about 300 macs)
Using the following option is not good to me because I have not a pattern in my clients mac.
class "private-hosts" {
match if substring (option hardware,1,11) = "01:00:50:56";
}
pool {
range 192.168.1.31 192.168.1.254;
allow members of "private-hosts";
}
I've try using iptables with following configuration, but XP still getting IP from dhcpd:
iptables -P INPUT DROP
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
# Full from Localhost to Localhost
iptables -A INPUT -i lo -j ACCEPT
# Full from My PC
iptables -A INPUT -s 192.168.1.2 -j ACCEPT
So I can't limit DHCP for specific macs.
View 8 Replies
View Related
Oct 22, 2010
Back in April I set up a Ubuntu DHCP server and a multiple VLAN network [URL] to migrate our various servers, workstations, etc off the 192.168.1.1 /24 network that everything was on because we where running out of address space. I built out the new network and everything worked great except our AD server would never get an IP address from the DHCP server (static reservation) and even if I set the IP statically on the AD server it couldn't ping the gateway and noone could log in. After several attempts to resolve this, including bringing in outside help, we where never able to figure out what the problem was.
Now 6 months later I have time to revisit the issue without effecting the live network. I used Acronis and imaged the AD server last Friday, cloned it on to another box with the same hardware, and put it up on the new network that's been sitting unused for the last 6 months. Today when I statically set the IP on the AD server (which is what I want) it connects and I can ping it's gateway 192.168.1.1 and all the way across vlans to a test sales agent workstation at 192.168.8.xxx on vlan 800 but only if I statically assign the agents station an IP address. When I try to get an IP address via DHCP it fails as destination unreachable. Nothing has changed in the last 6 months on the DHCP server but now it for some reason can't ping its default gateway 192.168.1.1. All of the config files are the same as they where left from the post linked above aside from the vlan id's used where changed from 1's to 100's (i.e. vlan 3 is now vlan 300) /etc/network/interfaces
Code:
auto lo
iface lo inet loopback
auto vlan100
iface vlan100 inet static
[code]....
why it can't reach the gateway, when I do a tcpdump I can see the DHCP requests come in on eth0 but the server never responds and I'm pretty sure its because it isn't "seeing" them since it thinks there isn't a network connection but I don't know how to trouble shoot to find out where the problem lies.
View 6 Replies
View Related
Jul 1, 2010
Back in April I set up a Ubuntu DHCP server and a multiple VLAN network [URL] to migrate our various servers, workstations, etc off the 192.168.1.1 /24 network that everything was on because we where running out of address space. I built out the new network and everything worked great except our AD server would never get an IP address from the DHCP server (static reservation) and even if I set the IP statically on the AD server it couldn't ping the gateway and noone could log in. After several attempts to resolve this, including bringing in outside help, we where never able to figure out what the problem was.
Now 6 months later I have time to revisit the issue without effecting the live network. I used Acronis and imaged the AD server last Friday, cloned it on to another box with the same hardware, and put it up on the new network that's been sitting unused for the last 6 months. Today when I statically set the IP on the AD server (which is what I want) it connects and I can ping it's gateway 192.168.1.1 and all the way across vlans to a test sales agent workstation at 192.168.8.xxx on vlan 800 but only if I statically assign the agents station an IP address.
When I try to get an IP address via DHCP it fails as destination unreachable. Nothing has changed in the last 6 months on the DHCP server but now it for some reason can't ping its default gateway 192.168.1.1. All of the config files are the same as they where left from the post linked above aside from the vlan id's used where changed from 1's to 100's (i.e. vlan 3 is now vlan 300) /etc/network/interfaces
Code:
auto lo
iface lo inet loopback
auto vlan100
[code]....
why it can't reach the gateway, when I do a tcpdump I can see the DHCP requests come in on eth0 but the server never responds and I'm pretty sure its because it isn't "seeing" them since it thinks there isn't a network connection but I don't know how to trouble shoot to find out where the problem lies.
View 2 Replies
View Related
Oct 16, 2010
NIC is connected to a LINKSYS WRT54G running DHCP. There are plenty of available IP assignments. All other PC that I have connected to the LINKSYS work fine. The CAT 5 cable is fine.Why is this NIC not taking a DHCP assignment ?
View 14 Replies
View Related
Feb 21, 2011
I'm looking for a method to assign a default gateway via dhcp randomly depending on ether the last char of the mac being odd or even, or the time the user connects. Is there a good reliable way to achieve this?
View 2 Replies
View Related
Jun 16, 2011
I have installed dhcp-server on ubuntu. And server is providing ip address to clients (Window machines) but not default-gateway but I have another network in my network and same configuration and same dhcp-server provides every information.
View 5 Replies
View Related
Jan 15, 2010
I've a DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).
1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.
2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization.
View 2 Replies
View Related
Jan 21, 2010
A DHCP server in RHEL 5 and 100+ users in my network. I mapped 30 users MAC address with ip. Rest are getting ip address automatically. In my network, users tend to move from one department to another frequently. I've created scopes according to departments. (i.e. Dept A - 172.19.54.10-172.19.54.30 and so on for other departments).1) I want to configure DHCP server in this way, that a client have to autheticated by DHCP server before receive and IP address.2) Second, Whether DHCP server have free IPs in scope, but only clients can obtain IPs those MACs are mapped, rest should not without authentication or authorization
View 2 Replies
View Related
Apr 18, 2011
I have a simple system at home where a DSL router is used as a basic dhcp server with one port forward for ssh to a server. I need to allow my daughters, ages 14,12 and 10, to access the net and also email but I want to have complete control and logging. What I'm looking to do is set up the Ubuntu file server I already have on the network to act as a gateway and also add content management and logging as step one.
I also want to add an email server so that all the email comes into the Ubuntu server and then is allowed to be accessed by outlook on their machines after spam/content scanning for valid emails as step two. My question is what, if any, additional software do I need and what options do I have. I've played with dhcp servers at work but never got much beyond ip assignment and network booting so I'm unfamiliar with what is needed for content management and such. As to the email server I've never even played with this at all so I'm completely in the dark as to what I should be looking at to start with. I'm looking for directions, RTFM is fine but right now I'm not sure even WHAT manual/manuals I should be reading.
View 1 Replies
View Related
Jun 29, 2011
I need to place an Ubuntu machine on a network where I have a DHCP server which does not configure the Degault Gateway parameter (we don't want ordinary users to browse the internet). Is it possible to leave the machine using DHCP and define the Default Gateway manually (as in Windows XP i.e.)? How?
View 1 Replies
View Related
Jun 15, 2011
We have a sendmail server located in a DMZ that has normally been able to send SMTP traffic to whatever destination is listed in the address of any given e-mail message. A recent change in network configuration has introduced an e-mail gateway that all servers need to send smtp traffic to in order for the messages to go out to the Internet.
View 1 Replies
View Related
Aug 19, 2009
5.10 Breezy configured as machine controller. Works great eth0 is a fixed IP to communicate with controller comms board. Not easy at all to alter - the comms board is hard coded to listen on eth0 for commands.
I can use eth1 as the default gateway and ping google.com, etc. But when I now attempt to communicate with the controller with netcat, e.g.
Code: echo !HH | nc 192.168.1.6 80
I obviously never get an answer since the request is passed via eth1. Using the -g option with netcat doesn't work either. I had a look at iptables but it doesn't seem to be able to do what I want. How I can still use eth0 as my communication port to the controller whilst eth1 is the default gateway?
View 17 Replies
View Related
May 27, 2010
On a remote system, when all you have is the ssh CLI -
How do you find out the ip addresses for:the Gateway
the DHCP server
the DNS server
Don't need to make any changes.
Which commands will display this info?
View 1 Replies
View Related
Jan 7, 2011
how to simulate mobile agents with NS2 (docs , code ......)
View 2 Replies
View Related
Aug 3, 2011
Our primary mail server is Exchange 2003 Standard on Windows Server 2003 Standard - don't shout at me; I inherited it already set up this way.I have a couple of hardware identical redundant servers (HP ML350 boxes), all with very fast 2 or 4 disk arrays, multiple core CPUs and plenty of memory, and I am looking at two potential new additions to the infrastructure.
A secondary mail server is high on my list of priories. I've been well and truly bitten by Exchange in the past and given that this particular box has been running four years straight and that it's mail store is dangerously large, having a secondary mail server in place suddenly makes a lot of sense.
A new Exchange 2010 box is currently being set up, but the secondary mail server will remain in place even when the new Exchange server is brought online, so this won't be a wasted exercise.... I also want a gateway box in place to filter and relay mail to the primary server, or to the secondary server if the primary is unavailable. Currently our outer perimeter is:
ISP supplied CISCO router
Draytek VigorPro 5510 UTM
Untangle running in bridged mode (primarily used for SPAM filtering, URL blacklisting, and very little else) Exchange 2003 sits behind the Untangle box. This is how I want to end up:
CISCO >> Draytek >> Ubuntu gateway >> Exchange/secondary mail server
I know I could replace/remove the Draytek but I want it to remain for several reasons, including lots of VPN dial-in users already configured and that it offers us an additional layer of email antivirus scanning before things hit the Exchange box. No point switching all of our remote workers over to new tunnels unnecessarily...
I have done some research and have started testing a pilot secondary mail server using Ubuntu/postfix DNS is properly set up and MX records and reverse PTR records are all present and correct, and things are looking encouraging so far. Before I go out over deep waters and start to flounder, has anyone who has done something like this got any obvious howlers I should be looking to avoid ?
View 2 Replies
View Related
Jun 24, 2010
can i know if there is any way to have how many traps are lost wen agents snmp send some traps to a superviser?? are there any OID to have this information??
View 1 Replies
View Related
Feb 5, 2009
What I need is some information to be studied and learned by me in order to be able to create with Ubuntu Server an Internet Gateway Server. From my ISP I get about 50 public routable IPs through DHCP. Into my LAN I need to forward this public routable IPs to machines but I want to be able to manage bandwidth and also to be able to enable or disable Internet access for every client machine. Maybe with subnets? Maybe with dchp really? It would be nice if it would possible through DHCP!
View 2 Replies
View Related
Jan 29, 2009
Does anyone know if you switch networks Where you have your servers hosted on a Non-DHCP Network, and you switch your IP addresses, then do you have to switch change/assign your new gateway address? I'm not sure if its manually assigned? How do you do it? Also what about nameserver resolving?
View 2 Replies
View Related
Sep 30, 2010
The dhcp doesnt work unless i put a switch or router between the ubuntu gateway and the connecting computer.
setup
Code:
Code:
Code:
Code:
Im on ubuntu 10.04. is this normal? or should i be able to connect without having a router or switch between the ubuntu server and the internal network....
View 3 Replies
View Related
Mar 25, 2010
I am puzzled with trying to configure a linux (openSUSE) client to dhcp to eBox DHCP server. I am using dhclient to lease an IP address with dhclient eth0 -s 10.45.48.108 and get a response
openSUSE11232CL1 dhclient: DHCPDISCOVER on eth0 to 10.45.48.108 port 67 interval 4
openSUSE11232CL1 dhclient: DHCPOFFER from 10.45.48.108
openSUSE11232CL1 dhclient: DHCPREQUEST on eth0 to 10.45.48.108 port 67
openSUSE11232CL1 dhclient: send_packet: Network is unreachable
openSUSE11232CL1 dhclient: send_packet: please consult README file regarding broadcast address.
The server reports eBox141 dhcpd: DHCPDISCOVER from 00:0c:29:3e:57:a3 (openSUSE11232CL1.domain.net) via eth0
eBox141 dhcpd: DHCPOFFER on 10.45.200.2 to 00:0c:29:3e:57:a3 (openSUSE11232CL1.domain.net) via eth0
I interpret this as the server receives the request and the client accepting it but the lease does not last long and the connection breaks. what this could be and why the connection breaks? Or my undestanding is totally wrong on how it works and should work? And BTW, where is that README file that's referenced in the message I receive on the client?
View 2 Replies
View Related
Jul 15, 2010
Why trying to avoid ranting about my Linksys router, I'll try and keep things short. I have a Linksys router in which the default firmware was terrible and would not correctly renew its DHCP lease. After getting feed up with that I flashed dd-wrt on the router and now it works better but randomly DNS queries would stop being resolved. To rule out the chances that it is my ISPs DNS servers I switched my DNS to openDNS, same problem happens (although I have to admit openDNS is a lot better than what my ISP has).
Anyways I'm about feed up with it and about an inch away from drop kicking the thing out my window. To avoid that I figured I will give it one more change and instead of using my Linksys as my network gateway I'll move all of that to my home server, and make the Linksys just an wireless AP. Besides setting up DHCP, DNS, and iptables on the server is there anything else I will need to know and setup on the server to make this work?
Side note anyone using openSUSE for DHCP know if setting up reserved IPs for certain MAC address is possible?
View 2 Replies
View Related
Mar 8, 2010
Currently I have my eth0 interface getting a DHCP address but at times the DHCP server will not be reachable. Sooo what I would like my server to do is if it cannot find a DHCP server assign a static address to eth0. Then start the DHCP service so it can then dish out some addresses.How can I do this? Surely it is possible
View 2 Replies
View Related
Apr 29, 2011
My issue is that i'm trying to send emails with postfix and gmail as the mail relay,i'm trying to send emails to my self by sendmail -bv user@gmail.com
In the logs, i can understand that it been delivered to the destination,
taken from: /var/log/mail.log:
Apr 30 00:05:23 moni postfix/pickup[10490]: 9C7552170C: uid=0 from=<root>
Apr 30 00:05:23 moni postfix/cleanup[10495]: 9C7552170C: message-id=<20110429210523.9C7552170C@moni.localdomain>
Apr 30 00:05:23 moni postfix/qmgr[10491]: 9C7552170C: from=<root@moni.localdomain>, size=283, nrcpt=1 (queue active)
code....
When login in my gmail account i can't see nothing under the sent / inbox / spam folder.
it's seems like the mail are been sent.. but nothing is happening.
View 1 Replies
View Related
Jun 9, 2010
The problem is to make sendmail use different LDA for diferent users in the same domain. For example, deliver bob@some.domain with procmail and genry@some.domain with mail.local.
View 1 Replies
View Related
May 7, 2010
Here is my problems :I have two networks :1. LAN (10.1.x.x subnet 255.255.0.0), and2. my internet public (IP 202.xx.xxx.xxxx subnet 255.255.255.240)I have an application in my LAN PC (10.1.2.240) which broadcast udp packet to its client. The client in my LAN can receive the udp packet, no problem.My question is how netcat/socat can RELAY the udp broadcast packet to one of my IP public address so the message can be received by other client from internet ?
View 5 Replies
View Related
Nov 23, 2010
I would like to set up a TOR relay and add a password so only those that have the password is able to browse the web using my ip.
View 5 Replies
View Related
Feb 21, 2011
On my system, I have built my own tunneling protocol, where I relay packets over a non-standardized but verified medium. What I do is capture the packets using iptables and NFQUEUE, relay them over my medium, and at the other end I reinject them using raw sockets. The packet going into the tunnel is exactly the same as the one coming out, verified. The problem is that this doesn't work for ICMP Ping (Echo Request) if the destination of the ping is the same as the tunnel endpoint. If the destination is not the same as the tunnel endpoint, the ping packet is rerouted and arrives as it should at the receiver, and the ping reply comes back to the sender. Does anyone know whats going on? Isn't it possible to send raw icmp to yourself? If not, anyone have an idea what I should do instead?
View 1 Replies
View Related
Jul 11, 2011
I am trying to get a Linux (Slackware 13.37) working in a Windows networking environment. The IT support for this organisation does not extend to Linux support, so I'm limited in what help I can get for this.
I'm trying to get to the point where I can get to the internet to download what I need on this Linux machine.
The situation is this (*fictitious addresses used) -My Linux machine uses a fixed IP address (10.100.150.21)
My Windows machine uses a DHCP assigned IP address (10.100.150.213)Both Linux and Windows machine are configured to access the gateway server (10.100.150.1)So, I can ping the Linux machine from the Windows machine and vice-versa.I can ping the gateway machine from the Windows machine.I can browse Windows Shares on the network via SMB from the Linux machine.I CANNOT ping the gateway machine from the Linux machine with the Destination Host Unreachable message being the error message.
For actual internet access I need to access a proxy server but since the Linux machine can't even ping the gateway server, it fails to ping the proxy.Now, I have been told the gateway is a HW based router and for Windows machine they use some software for authentication to connect to the network. This software isn't available for Linux, so that's why I've been told to use a fixed IP address.My experience of networking is pretty basic and most of the Linux setup is done via running Slackware's setup program.
View 12 Replies
View Related
