DHCP an NAT

Glenn Satchell Glenn.Satchell at uniq.com.au
Tue Jul 15 12:56:53 UTC 2008


>From: Nathan Burgener <nathan.burgener at stud.hslu.ch>
>To: dhcp-users at isc.org
>Subject: Re: DHCP an NAT
>Date: Tue, 15 Jul 2008 13:39:36 +0200
>
>
>Unfortunately I need the NAT.
>So there is no possibility to configure the server, that it doesn't  
>answer to 192.168.3.1 but on 172.18.1.1 ?
>
>I have another idea. I can install the DHCP server in the same  
>network, where the client is. But I must configure the server with  
>special options, because the client will boot an image from the TFTP  
>in network A.
>I know, how I can configure the filename. But how can I configure,  
>that the filename is not on the DHCP server, but on another server?

There are two possibilities, and you'll need to consult your client's
documentation to see which one it uses (or just try both):

next-server 172.18.1.1;
option tftp-server "172.18.1.1";

next-server is documented in dhcpd.conf man page, and tftp-server in
dhcp-options man page.

regards,
-glenn

>
>Am 15.07.2008 um 13:27 schrieb Simon Hobson:
>
>>
>> At 12:53 +0200 15/7/08, Nathan Burgener wrote:
>>> Hello
>>>
>>> I have 2 networks, which are connected over a VPN. In the network  
>>> A, there is a DHCP server.
>>> In network B I have the client. But all client address from source  
>>> 192.168.3.x get a IP from network 172.18.1.x with NAT and then the  
>>> traffic goes through the VPN tunnel.
>>> On the router in network B I have an ip helper-address to the DHCP  
>>> server.
>>>
>>> Now the server gets the Discover from the client with the following  
>>> informations:
>>> Source IP 172.168.1.1
>>> Destination: Address from DHCP server
>>> Relay Agent IP Address: 192.168.3.1
>>>
>>> The DHCP server will now send back the offer. But the servers sends  
>>> it to 192.168.3.1 and not to the address 172.168.1.1
>>> How can I change that?
>>
>> Quick answer: Fix your network !
>> NAT == broken<period> and DHCP will not work in this setup.
>>
>> You might be able to work around part of it by adding appropriate  
>> routing and/or nat rules to get the packets back to the relay agent,  
>> or by being creative with shared-network, but then the clients will  
>> not be able to renew their leases later and things will still break.
>>
>> Can you remove the nat and make traffic routable between the server  
>> subnet and the 192.163.3.x subnet ?
>>
>>
>
>



More information about the dhcp-users mailing list