On Fri, 2012-12-07 at 11:38 +0000, Tom Evans wrote:
> Hi all
>
> Using 9.0-STABLE #1 r230946 - I found it out as I rebooted to prepare
> for 9.1, but I think it should be largely irrelevant of version.
>
> I have a freebsd router that provides all the things a soho router
> should on its LAN iface - DNS, DHCP, NAT (via pf). The WAN iface
> connects to a ADSL modem operating in bridge mode.
>
> My ISP has recently forced a change on to me, in order to get service
> I have to connect via DHCP, in order for them to give me my static IP.
> Apparently this makes their lives a lot easier. Even knowing the IP,
> netmask, broadcast and router is not enough, no service will flow
> unless a DHCP request has been registered.
>
> Relevant rc.conf, ale0 is the WAN, em0 is the LAN
>
> ifconfig_ale0="DHCP"
> ifconfig_em0="inet 192.168.1.1 netmask 255.255.255.0"
> gateway_enable="YES"
>
> dhcpd_enable="YES"
> dhcpd_flags="-q"
> dhcpd_ifaces="em0"
> dhcpd_conf="/usr/local/etc/dhcpd.conf"
>
> With this configuration, the default route is over the LAN iface. This
> causes the dhclient for ale0 to get a response from the local dhcpd
> server, not the ISP dhcpd server. This drove me potty! Can anyone
> explain why dhcpd, having been told only to listen for DHCP on em0,
> responds to ale0? Could this be related to my pf rules, or is it down
> to the default route being incorrect?
>
> Changing rc.conf to this allows the network to come up correctly:
>
> ifconfig_ale0="inet xx.xx.110.172 netmask 255.255.255.0 broadcast
> xx.xx.110.255 DHCP"
> defaultrouter="xx.xx.110.1"
>
> This relies on me knowing that these are the values that dhclient on
> the WAN iface will receive from my ISP's DHCP server. How would I
> achieve this setup if this information was dynamic or otherwise
> unknowable? My ISP could easily change my gateway IP, the only
> guarantee I have is that my allocated IP is static.
>
> So:
>
> 1) Why does the LAN dhcpd respond to the WAN dhclient?dhcpd_ifaces="sk0"
> 2) Is there a better way of specifying this setup, so that it does not
> have hard coded addresses in there?
>
> Thanks in advance for any pointers.
>
> Tom
I've been running this exact setup for years (although it's still
running on freebsd 7.x because I've been too lazy to update a setup that
works so well).
Make sure you're telling dhcpd to only listen for broadcasts on the lan
interface. You can do this in rc.conf with
dhcpd_ifaces="sk0"
Also, I found that dhcpd (at least the old version I'm running) whines
if you don't have a subnet statement for the wan interface in the config
even if it's not serving on that interface, so my dhcpd.conf has this
# The subnet that should be active via the cable modem.
# We don't serve it (no range statement).
# I don't remember why I need the broadcast-address thing here.
# It might be to match what comcast sets via their dhcp.
subnet 24.6.2.0 netmask 255.255.254.0 {
not authoritative;
option routers 24.6.2.1;
option broadcast-address 255.255.255.255;
}
-- Ian
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
