[SOLVED]: How to create a dhcp server for intranet (with multi-homed alias)? To make clear what I want to do, I explain my network: 1. GW+firewall (public IP address) 2. mail and web server (public IP address) 3. Several workstation with public IP adresses I want to make one of the workstation as a DHCP server and gateway for lan with a single NIC (multi homing like eth0 for internet and eth0:0 for the intranet) I installed dnsmasq on the workstation that I am using and the multi homed it. Specified interface=eth0:0 in dnsmasq.conf. added necessary parameters for eth0:0 in the /etc/network/interfaces. Then installed firehol and created a configuration (firehol.conf) like this: # Require release 5 of FireHOL configuration directives version 5 # A space separated list of all the IPs on the internet, I trust office="gw.mydomain.tld" # The IP address of this Linux and LAN for the rest of the world public_ip="aaa.xxx.yyy.zzz" # My LAN. Everything is allowed here. interface eth0:0 lan policy accept # The default is 'drop'. # Make sure the traffic coming in, comes from valid Internet IPs, # and that is targeting my public IP interface eth0 internet src not "$UNROUTABLE_IPS" dst "$public_ip" # Protect me from various kinds of attacks. protection strong # Public servers. server smtp accept server http accept server ftp accept server ssh accept src "$office" # Make sure idents do not timeout. server ident reject with tcp-reset # This is also a workstation. client all accept # Route the LAN requests to the internet. router lan2internet inface eth0:0 outface eth0 # Masquerading on outface. masquerade # Route all requests from inface to outface # and their replies back. route all accept Still I could not achieve to make the standalone workstation as DHCP server and gateway for the intranet using multi-homed alias. Comments appreciated
After changing the firehol.conf as output by ' /etc/init.d/firehol helpme > /tmp/firehol.conf', I could get access to the internet, but it does NOT seem broadcasting (using dnsmasq) dhcp address to the localnet using eth0:0 How can I identify a reason why the DHCP is not broadcasted? wondering)
The dnsmasq started broadcasting after I added the following in the /etc/dnsmasq.conf: However, the client machine could not access to the Inernet. I made needed change for the /etc/resolv.conf (also replaced with opendns.org servers without any result). I am wondering what is preventing the client machine to access Internet!
Please check the client settings with Code: ifconfig and Code: route -nee What are the outputs of Code: ping -c2 google.de and Code: ping -c2 216.239.59.104 ?
I would like to add that there is a firewall at gw.mydomain.tld and it has in its firewall script (ip_chains) assigned two IP ranges for public and private. public IPs. xxx.yyy.56.zzz and private IPs are xxx.yyy.39.zzz And the machine that I am using as a dhcp server is in the 39 range which will further broadcast dhcp to its subnet. Just to make it clear.
192.168.7.2 is not connected to the internet. but assigned to eth0:0 interface. eth0 has a public static IP but uses gw.mydomain.tld as gateway. The machine that I would like to create a local DHCP server (using dnsmasq) to create a parallel network to the existing one is behind the gw.mydomain.tld and the gw has its own firewall.
Dear Falko: Now the client machines could access the network after I did install ipmasq: %apt-get install ipmasq %dpkg-reconfigure ipmasq %/etc/init.d/ipmasq start Thanks Falko.
