mike808@users.sourceforge.net
2002-Nov-29 22:31 UTC
[Shorewall-users] Are multiple DHCP servers needed?
I know it''s not purely a Shorewall issue, but here goes... I''ve got a 3-nic setup - NET, WAP, and LOC. I want to serve up different subnets on the WAP and LOC with DHCP. You advise separate DHCP servers for each NIC, but none of the distros (RH, MDK, SuSE, etc.) really support multple DHCP servers out the box. I''m not really wanting to hack their init scripts to accomodate this. Can you give some more background for the reasoning for separate servers? Is it necessary? Why would not a single server with the following suffice? What are the risks for using a single server per below?> # /etc/dhcpd.conf - Note - 456.456.456.456 is BOGUS, but you get the idea. > # DHCP Configuration for NET > subnet 456.456.456.456 netmask 255.2555.255.0 { not authoritative; } > # DHCP Configuration for WAP > subnet 192.168.1.0 netmask 255.255.255.0 { > range 192.168.1.10 192.168.1.20; > default-lease-time 86400; # 1 day for example > max-lease-time 345600; # 4 days, for example > option subnet-mask 255.255.255.0; > option broadcast-address 192.168.1.255; > option routers 192.168.1.1; > option domain-name-servers 192.168.1.1, 456.456.456.456; > } > # DHCP Configuration for WAP > subnet 192.168.2.0 netmask 255.255.255.0 { > range 192.168.2.10 192.168.2.20; > default-lease-time 86400; # 1 day for example > max-lease-time 345600; # 4 days, for example > option subnet-mask 255.255.255.0; > option broadcast-address 192.168.2.255; > option routers 192.168.2.1; > option domain-name-servers 192.168.1.1, 456.456.456.456; > }Michael --------------------------------------------- http://www.valuenet.net
--On Friday, November 29, 2002 10:31:03 PM +0000 mike808@users.sourceforge.net wrote:> I know it''s not purely a Shorewall issue, but here goes... > > I''ve got a 3-nic setup - NET, WAP, and LOC. > > I want to serve up different subnets on the WAP and LOC with DHCP. > > You advise separate DHCP servers for each NIC,Who does? Not I... but none of the distros> (RH, MDK, SuSE, etc.) really support multple DHCP servers out the box. > I''m not really wanting to hack their init scripts to accomodate this. > > Can you give some more background for the reasoning for separate servers? > Is it necessary? Why would not a single server with the following > suffice?I have no idea what you are talking about. If there is something on my web site that you are interpreting to mean that I advocate multiple DHCP servers, let''s get it corrected. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ teastep@shorewall.net
mike808@users.sourceforge.net
2002-Dec-03 03:38 UTC
[Shorewall-users] Re: Are multiple DHCP servers needed?
>> I want to serve up different subnets on the WAP and LOC with DHCP. >> You advise separate DHCP servers for each NIC, > > Who does? Not I...Hrrrmmm. I re-read the docs more slowly this time so my lips could catch up. You are correct. I know not of what I was thinking.> I have no idea what you are talking about. If there is something on my web > site that you are interpreting to mean that I advocate multiple DHCP > servers, let''s get it corrected. > -TomI guess I confusedly read somewhere else about running separate DHCP servers on individual interfaces (each with their own config and lease files). After re-reading the documentation for Shorewall and DHCP, I see that you indeed describe the KISS solution. I don''t have to know what IPs are from interfaces I don''t want to serve DHCP - they''re simply not being listened for by dhcpd in the first place. Thanks for pointing out (gently) that I was making things more complicated than they need be. Michael King --------------------------------------------- http://www.valuenet.net