Shared Network Behind a Relay
commo dore
commonanog at gmail.com
Mon Nov 3 23:54:19 UTC 2008
Ive been looking for a while on this issue, and I havent had much luck
Basic concept is a centralized DHCP Server
Known users -->
(eth2) Router A
(eth1)-------------------->(eth1) DHCP Server
Unknown Users --->
I want to assign unknown users an iprange of 10.0.0.0/24 untill they are
added to known lists then they will get an ip in the public ip range(ie
A.B.0.0/24)
Basicly an unkown users can only reach internal devices, and cant "go out"
to the public internet
so something like this:
shared-network test {
subnet A.B.0.0 netmask 255.255.255.0 {
option routers A.B.0.1;
range A.B.0.200 A.B.0.210;
deny unknown-clients;
}
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
range 10.0.0.100 10.0.0.1.200;
allow unknown-clients;
}
}
Now Router A
eth2 A.B.0.1
eth2:0 10.0.0.1
DHCP Server
eth1 A.B.0.100
So whenever the Relay on Router A forwards the request the giaddr is A.B.0.1
so it only wants to assign an ip address back in that range. (and that works
just fine). Somehow I need to set it so that if giaddr is A.B.0.1 and its
an unknown host then assign it in the public range.
Any thoughts?
--Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20081103/4434af42/attachment.html>
More information about the dhcp-users
mailing list