Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
dhcpd unable to serve multiple subnets
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: dhcpd unable to serve multiple subnets

  1. #1

    dhcpd unable to serve multiple subnets

    I have found at least on our systems, which are primarily RHES v2, 3 and 4, that dhcpd cannot be used to serve multiple subnets unless each subnet is defined on a seperate network card.

    The use of ip alias addresses does not work. So for example if I have the following statements in /etc/dhcpd.conf:

    subnet 192.168.0.0 netmask 255.255.255.0 {
    range 192.168.0.1 192.168.0.4;
    }

    subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.1 192.168.1.4;

    I must also have eth0 with an address in the 192.168.1/24 network as well as eth1 with an address in the 192.168.2/24 network on the system. The use of eth0:1, for example defined in the 192.168.2/24 network does not work, at least with regard to dhcpd.

    If these statements exist on a system with a single network interface, dhcpd fails to start and complains about overlapping subnet ranges or spans of multiple subnets.

    I cannot find anywhere in the documentation for dhcpd that multiple newtork cards are required for this use.

    The messages posted in the messages file for dhcp on a successful startup would seem to imply that the MAC address of the network card is closely associated with the ip address and so the use of ip aliases would make sense since this could be taken as a conflict.

    I have read the statement about the all 1's broadcast route, but don't see how this could help particularly when trying to start dhcpd with multiple subnets configured.

    This is the dhcp package installed on our systems:
    dhcp-3.0pl2-6.14.1

    What have I missed ? Any help greatly appreciated.

  2. #2
    Administrator Moderator
    Member
    starfish's Avatar
    Join Date
    Apr 2004
    Posts
    141
    You have to define networks for each subnet on your server, plus any other networks the server needs to act as a DHCP server for.

    The trick is not to define a range for any interface on the server that you don't want DHCP to be served out of.

  3. #3
    Thanks for the reply, but can you please be a bit more specific.

    When you say "define the networks", that could mean any number of things.
    Do you mean some network definition other than what I have must be placed in the dhcpd.conf file ?

    Or must we create an address on an interface, which I've already done ?

    More help please.

  4. #4
    I have found a solution to this problem.

    In order for the server, at least the one I am working with and the version of dhcpd that we have, I had to use the shared-network name keyword as such:

    shared-network name {
    subnet 16.112.240.0 netmask 255.255.255.0 {
    range 16.112.240.183 16.112.240.186;
    }
    subnet 192.168.0.0 netmask 255.255.255.0 {
    range 192.168.0.1 192.168.0.4;
    }
    subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.1 192.168.1.4;
    }


    I found this keyword in the man page for dhcpd.conf. It's a shame that the literature doesn't seem to show any examples of this type of server setup.



    subnet 192.168.2.0 netmask 255.255.255.0 {
    range 192.168.2.1 192.168.2.4;
    }
    subnet 192.168.3.0 netmask 255.255.255.0 {
    range 192.168.3.1 192.168.3.4;
    }

    }


    In addition, the system must either have multiple network cards or one nework card with an address in each subnet served via alias:

    i.e.
    eth0 - 192.168.0.107/24
    eth0:1 - 192.168.1.107/24
    eth0:2 - 192.168.2.107/24
    eth0:3 - 192.168.3.107/24

  5. #5
    Administrator Advisor peter's Avatar
    Join Date
    Apr 2004
    Posts
    882
    That's good to know. This link has some good easy to read information too:

    http://www.nominum.com/getOpenSourceResource.php?id=7

    "There is a lot of confusion about when to use the shared-network statement. The only time to use the shared-network statement is when you have 2 or more different IP subnets that share the same wire (some network folks call this one broadcast domain).

    If you only have one subnet on a network, just use a single subnet{} clause to describe it.

    Here is an example of the correct use of the shared-network clause:

    shared-network Inside {
    subnet 10.10.10.0 netmask 255.255.255.0 {
    range 10.10.10.128 10.10.10.254;
    option routers 10.10.10.1;
    }
    subnet 192.168.2.0 netmask 255.255.255.0 {
    range 192.168.2.10 192.168.2.254;
    option routers 192.168.2.1;
    }
    }
    This is a simple network, where the 10.10.10.0 and 192.168.2.0 networks both share the same wire. You might do this where you need more IP addresses than are available on the original network. It might be necessary to add a new network in order to support all the hosts."

  6. #6

    lighting this post up again.

    It appears everything works a explained above with one exception.

    From the documentation on the shared-network bit:

    The server checks if the requesting subnet is in it's configuration, if so it then takes one step backward to the shared-network declaration where ALL listed subnets are within it's scope. Being with the highest address and working down.

    Hmmm, not what I expected. Since the client received an address not within it's scope and therefore could access the network.

    shared-network {

    subnet 10.200.10.0 netmask 255.255.255.0 {

    option routers 10.200.10.1;
    range 10.200.10.20 10.200.10.100;
    }

    subnet 10.200.20.0 netmask 255.255.255.0 {

    option routers 10.200.20.1;
    range 10.200.20.20 10.200.20.100;
    }

    subnet 10.210.20.0 netmask 255.255.255.0 {

    option routers 10.210.20.1;
    range 10.210.20.20 10.210.20.100;
    }

    }

    As explained a host from the 10.200.10.0 subnet requested an address and received the highest within the shared-network. Which in the above case is 10.210.20.100. Which if the port the client is connected is only in the first vlan (10.200.10.0) that configuration will not work.

    Router/Switch config.

    Layer 3 Cisco with multiple vlans configured and intervlan routing enabled.
    The dhcpd server is on none of the networks. However, with the above help and a few other forums which go the routing 255.255.255.255 and proper subnet segment routing it does respond to DHCP requests for any of the subnets and the vlans are configured to use ip helper-address to point to dhcp server.

    So in conclusion, what it appears everyone is asking is:

    How do I tell dhcpd to stay within the subnet declaration and not to use just any of the shared-network subnets.

    I checked on various class definitions, options (agent.remote-id, agent-circuit-id, etc...) yet was unable to get something working reliable. None of them were accurate given the server is not on the vlan it is suppling addresses for. When those items are referenced they always give the same information (the agent connected to the server not the client).

    Also, I was unable to find a method of referencing the ip address of the relay thinking I could create the proposed logic for testing and allow/deny per subnet to get a dirty work around but no luck.

    Any advice on this topic would be very appreciated,

    Thanks,

    -J

    This may be a request for a feature, say ? Multi-VLAN support as a top level or scope declaration? Without requiring multiple NICS or sub interfaces.

  7. #7
    Have you tried using VLAN tagging? (I'm not sure if this is supported in those versions of RHES...) Would you still classify that as a sub interface?
    63,000 bugs in the code, 63,000 bugs,
    ya get 1 whacked with a service pack,
    now there's 63,005 bugs in the code!!

  8. #8

    Answered, don't I feel ignorant.

    I finally understand now. Has been in front of me the whole time. Unfortunately, it was contained in serveral different posts.

    Without recapping the above. I needed dhcpd to serve addresses for X number of VLANs. While not serving the subnet dhcpd is actually on. The individual VLANs are NOT on the same subnet (DO NOT USE shared-network).
    I just never saw a post with a complete config.

    Instead, delare the dhcpd servers own subnet.

    # i.e. your dhcp servers interface is: 172.16.0.25/24

    subnet 172.16.0.0 netmask 255.255.255.0 {
    }

    #This will get rid of the error received about not having #an ethernet adaptor attached to the networks your #serving. That error is specifically for this subdomain. It #is not necessary to create additional subinterfaces or #even add addition network cards for the subnets you #wish to serve.

    #NOW add the additional subnets you are serving:

    subnet 10.200.10.0 netmask 255.255.255.0 {

    option routers 10.200.10.1;
    range 10.200.10.20 10.200.10.100;
    }

    subnet 10.200.20.0 netmask 255.255.255.0 {

    option routers 10.200.20.1;
    range 10.200.20.20 10.200.20.100;
    }

    subnet 10.210.20.0 netmask 255.255.255.0 {

    option routers 10.210.20.1;
    range 10.210.20.20 10.210.20.100;
    }
    #... etc ...

    #DONE

    The first example given above is how to extend a network that the given subnets ARE on the same network. They would have a router elsewhere joining them. While my routers are keeping them separate with inter-vlan routing (actually here I'm using a layer 3 switch).

    SHARING THE SAME WIRE. Well in a sense both of them do. I didn't physically separate the network. However, I am logically separating it by the use of VLANs. So, if your network is using VLANs, they DO NOT use the "same" wire. That being said. I understand how mine is working with VLANs, I still don't understand how to use "shared-network" from the example given above without breaking something. It would appear some networks would still get the wrong information without them sharing the same gateway?

  9. #9
    wait for the shared-network {} from above.

    Is there, by chance, a global routers declaration assigning all hosts the same gateway?

    Then that is the second part not given that may shed light on the shared-network.
    _______________________________
    option routers 10.210.20.1;

    shared-network name {
    subnet 16.112.240.0 netmask 255.255.255.0 {
    range 16.112.240.183 16.112.240.186;
    }
    subnet 192.168.0.0 netmask 255.255.255.0 {
    range 192.168.0.1 192.168.0.4;
    }
    subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.1 192.168.1.4;
    }
    subnet 192.168.2.0 netmask 255.255.255.0 {
    range 192.168.2.1 192.168.2.4;
    }
    subnet 192.168.3.0 netmask 255.255.255.0 {
    range 192.168.3.1 192.168.3.4;
    }

    }
    _____________________________________

    This would explain how shared-network works if they actually have something they share =the= gateway

  10. #10
    If you use VLAN tagging, they can share the same wire.
    Maybe I'm just confused, but I don't think we are talking about the same thing.

    http://en.wikipedia.org/wiki/IEEE_802.1Q
    63,000 bugs in the code, 63,000 bugs,
    ya get 1 whacked with a service pack,
    now there's 63,005 bugs in the code!!

Similar Threads

  1. Problem with subnets.
    By stimburg in forum Linux - Hardware, Networking & Security
    Replies: 0
    Last Post: 03-08-2013, 02:50 AM
  2. Cannot connect two subnets
    By lloowen in forum Linux - Hardware, Networking & Security
    Replies: 0
    Last Post: 05-15-2012, 08:58 PM
  3. Routing two Subnets
    By lorddevi in forum Linux - Hardware, Networking & Security
    Replies: 2
    Last Post: 07-10-2010, 08:19 PM
  4. TROUBLESHOOT: "Unable to open initial console"...PC UNABLE TO BOOT IN LINUX
    By sandeepundale in forum Linux - Software, Applications & Programming
    Replies: 2
    Last Post: 08-17-2006, 08:30 PM
  5. dhcpd
    By friskydrifter in forum Linux - Software, Applications & Programming
    Replies: 6
    Last Post: 11-24-2002, 09:17 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •