dhcpd, firewall gateway, two internal LANs

Hi all,

Celeron system, Fedora Core 2, 3 network cards.

eth0 will connect to our Internet feed and give 4 static IPs, all of
which will be aliased on eth0 through eth0:2

eth1 will be a 192.168.0.x network, eth2 will be a 192.168.1.x
network.

I have a firewall script that wil manage everything in terms of
NAT/MASQ, so that's taken care of already.

The two internal LAN's need to be managed via DHCP which I'd like to
do on this machine as well.

Do I create two dhcpd.conf files and run instances of dhcpd for each
internal LAN network card (ie: "dhcpd eth1" and "dhcpd eth2") and pass
a separate configuration to each dhcpd instance? Or can I specify
somewhere in a single dhpcd.conf that *this* configuration is for eth1
and *that* configuration is for eth2?

Finally, for security purposes, we'd like to log the MAC addresses
that are requesting DHCP so that we can later do something like this:
host mycomputer {
hardware ethernet 01:02:03:04:05:06 ;
fixed address 192.168.0.10 ;
}

.... but does that recognize 'mycomputer' as a netbios name, or what?

Thanks,
Ian

You can use a single dhcpd.conf file with two subnet / netmask blocks, one
for 192.168.0.x network and one for 192.168.1.x network.
If eth1 will have a static IP address in the 192.168.0.x network, then the
subnet block for this network in dhcpd.conf will serve that network as DHCP
server.
If eth2 will have a static IP address in the 192.168.1.x network, then the
subnet block for this network in dhcpd.conf will serve that network as DHCP
server.

I believe that in host declarations, the name following the host keyword is
simply a placemarker: you can use all you want.
I know that inside a host declaration you can use host-name option to give
the hostname to a client: there is also the "use-host-decl-names" directive
inside host declarations, by means of which the name used in host
declaration is used in an implicit host-name option (inside the host
declaration).

Best regards
Damiano


ian douglas wrote:

> Hi all,
>
> Celeron system, Fedora Core 2, 3 network cards.
>
> eth0 will connect to our Internet feed and give 4 static IPs, all of
> which will be aliased on eth0 through eth0:2
>
> eth1 will be a 192.168.0.x network, eth2 will be a 192.168.1.x
> network.
>
> I have a firewall script that wil manage everything in terms of
> NAT/MASQ, so that's taken care of already.
>
> The two internal LAN's need to be managed via DHCP which I'd like to
> do on this machine as well.
>
> Do I create two dhcpd.conf files and run instances of dhcpd for each
> internal LAN network card (ie: "dhcpd eth1" and "dhcpd eth2") and pass
> a separate configuration to each dhcpd instance? Or can I specify
> somewhere in a single dhpcd.conf that *this* configuration is for eth1
> and *that* configuration is for eth2?
>
> Finally, for security purposes, we'd like to log the MAC addresses
> that are requesting DHCP so that we can later do something like this:
> host mycomputer {
> hardware ethernet 01:02:03:04:05:06 ;
> fixed address 192.168.0.10 ;
> }
>
> ... but does that recognize 'mycomputer' as a netbios name, or what?
>
> Thanks,
> Ian

ian douglas schrieb:
> Do I create two dhcpd.conf files and run instances of dhcpd for each
> internal LAN network card (ie: "dhcpd eth1" and "dhcpd eth2") and pass
> a separate configuration to each dhcpd instance? Or can I specify
> somewhere in a single dhpcd.conf that *this* configuration is for eth1
> and *that* configuration is for eth2?

You can try it the way Dam suggested, or you have a look at the output of an
invalid dhcpd-call:

8<-----------------------------------------------------------------------
Internet Software Consortium DHCP Server
Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.
All rights reserved.

Please contribute if you find this software useful.
For info, please visit http://www.isc.org/dhcp-contrib.html

Usage: dhcpd [-p <UDP port #>] [-d] [-f] [-cf config-file]
[-lf lease-file] [-pf pidfile] [if0 [...ifN]]
exiting.
8<-----------------------------------------------------------------------

As you can see, you could use

$ dhcpd -cf eth1_config
$ dhcpd -cf eth2_config

--
Bernhard | theEdge
-Linux User #368478-
http://www.alf.at.tc
Austrian Linux Forum

Dam <(E-Mail Removed)> wrote in message news:<wtCbd.40962$(E-Mail Removed)>. ..
> You can use a single dhcpd.conf file with two subnet / netmask blocks, one
> for 192.168.0.x network and one for 192.168.1.x network.

Figured that out after posting... The dhcpd daemon was having issues
before but I think it was a problem with the system itself - I moved
the hard drive and network cards to a new motherboard and it's been
behaving since with a single config file.

Thanks,
ian