FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 04-17-2008, 02:31 PM
Celejar
 
Default Forcing specific IP address with DHCP

Hi,

I find myself in a bizarre networking predicament. I need to have
a server (henceforth 'edith') accept incoming connections (e.g. ssh)
from the Internet. edith is behind a home gateway / router / switch
( Trendware / Trendnet TEW-452BRP [0] - henceforth 'gwen'). gwen will
forward specific ports to specific private, internal IP addresses, but
bizarrely, it seems to provide no facility for ensuring that a specific
host will be assigned, via DHCP, a particular IP address. My previous
box, an old Netgear unit, would reserve specific IP addresses for
particular MAC addresses, which was exactly what I want, but after a
fairly exhaustive search through gwen's web interface, I can see no way
to do this with gwen. What use is port forwarding when one can't
guarantee which LAN host will receive the connections? I can see
several solutions, all of which involve telling gwen to exclude some IP
address from its DHCP pool and then somehow guaranteeing that edith
gets a specific one of them:

I) Use static network configuration, rather than DHCP, for edith. The
problem is that edith needs to get my ISP's nameservers from gwen,
which normally occurs through DHCP. Several sub-solutions:

A) Hard code the nameservers, and hope they don't change. The
drawback to this approach is obvious; hope isn't a valid substitute for
correctness.

B) Use other nameservers, such as OpenDNS's [1]. This might
work, but I'd rather use my ISP's.

C) Write a script to extract my ISP's nameservers from the
appropriate page of gwen's web interface, similar to what ddlient can
do to get the router's external IP address. I suppose this is doable,
but far too much trouble for something that should be trivial.

II) Use dhclient's supersede facility to override gwen's DHCP offer.
After struggling with the various DHCP manpages, I can't figure out how
to supersede the IP address; all the examples deal with superseding
things such as the nameservers. Am I missing something?

III) Accept the DHCP offer, but use an alias stanza to alias the
interface to a fixed IP address. This is the solution I'm currently
using; it seems to work fine, but it feels a bit kludgy. I added this
to /etc/dhcp3/dhclient3.conf:

alias {
interface "ath0";
fixed-address 192.168.0.2;
option subnet-mask 255.255.255.0;
}

What would you do in this situation (besides getting a different router
or using a general purpose computer as one)?

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-17-2008, 03:04 PM
"Chris Henry"
 
Default Forcing specific IP address with DHCP

On Thu, Apr 17, 2008 at 10:31 PM, Celejar <celejar@gmail.com> wrote:
> II) Use dhclient's supersede facility to override gwen's DHCP offer.
> After struggling with the various DHCP manpages, I can't figure out how
> to supersede the IP address; all the examples deal with superseding
> things such as the nameservers. Am I missing something?
Have you tried disabling the DHCP server altogether and using one of
your linux boxes as DHCP server? Then you can use all facilities of
dhcpd. Additionally, you can make that box your nameserver (using
bind) as well. That would solve both of your problems at the same
time.

Chris


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-17-2008, 04:07 PM
Brian McKee
 
Default Forcing specific IP address with DHCP

On 17-Apr-08, at 10:31 AM, Celejar wrote:

Hi,

I find myself in a bizarre networking predicament.

[...]


I) Use static network configuration, rather than DHCP, for edith.
The

problem is that edith needs to get my ISP's nameservers from gwen,
which normally occurs through DHCP. Several sub-solutions:
A) Hard code the nameservers, and hope they don't change. The
drawback to this approach is obvious; hope isn't a valid substitute
for

correctness.



I'd do that, and add an additional name server or two (like OpenDNS,
or your ISP's competition's name server) to the list, on the off
chance they do get changed. I don't know your ISP, but mine has
used the same three IP addresses for DNS for many years now.... (and
if you're in the north-east of North America I'd be happy to give
them to you - they've been very reliable)


It's simple, and not prone to breakage

My 2c

Brian
 
Old 04-17-2008, 04:36 PM
Michael Shuler
 
Default Forcing specific IP address with DHCP

On 04/17/2008 09:31 AM, Celejar wrote:

I find myself in a bizarre networking predicament. I need to have
a server (henceforth 'edith') accept incoming connections (e.g. ssh)
from the Internet. edith is behind a home gateway / router / switch
( Trendware / Trendnet TEW-452BRP [0] - henceforth 'gwen'). gwen will
forward specific ports to specific private, internal IP addresses, but
bizarrely, it seems to provide no facility for ensuring that a specific
host will be assigned, via DHCP, a particular IP address.


Not such a bizarre thing - I do this for several servers running behind
a Debian router/firewall server for my home connection. I don't know
about the particular router you are using, but if it does not allow
MAC->IP mapping, I think assuming that it has no dynamic DHCP client is
fair :P



What would you do in this situation (besides getting a different router
or using a general purpose computer as one)?


Stick a Debian box behind your ISP modem and set it up as your gateway
and DHCP server - then run ddclient with a service like DynDNS
(apt-cache show ddclient) - I do this at home, at work, on my laptop - I
can always get to the machines I might need by hostname - who cares what
the IP is


--
Kind Regards,
Michael Shuler


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-17-2008, 07:04 PM
Celejar
 
Default Forcing specific IP address with DHCP

On Thu, 17 Apr 2008 12:07:25 -0400
Brian McKee <map@map-heb.com> wrote:

>
> On 17-Apr-08, at 10:31 AM, Celejar wrote:
> > Hi,
> >
> > I find myself in a bizarre networking predicament.
> [...]
> >
> > I) Use static network configuration, rather than DHCP, for edith.
> > The
> > problem is that edith needs to get my ISP's nameservers from gwen,
> > which normally occurs through DHCP. Several sub-solutions:
> > A) Hard code the nameservers, and hope they don't change. The
> > drawback to this approach is obvious; hope isn't a valid substitute
> > for
> > correctness.
>
>
> I'd do that, and add an additional name server or two (like OpenDNS,
> or your ISP's competition's name server) to the list, on the off
> chance they do get changed. I don't know your ISP, but mine has
> used the same three IP addresses for DNS for many years now.... (and
> if you're in the north-east of North America I'd be happy to give
> them to you - they've been very reliable)

Thanks. I may try this. If I do, I'll probably give OpenDNS's a try;
thanks for your offer.

> It's simple, and not prone to breakage
>
> My 2c
>
> Brian

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-17-2008, 07:12 PM
Celejar
 
Default Forcing specific IP address with DHCP

On Thu, 17 Apr 2008 11:36:53 -0500
Michael Shuler <michael@pbandjelly.org> wrote:

> On 04/17/2008 09:31 AM, Celejar wrote:
> > I find myself in a bizarre networking predicament. I need to have
> > a server (henceforth 'edith') accept incoming connections (e.g. ssh)
> > from the Internet. edith is behind a home gateway / router / switch
> > ( Trendware / Trendnet TEW-452BRP [0] - henceforth 'gwen'). gwen will
> > forward specific ports to specific private, internal IP addresses, but
> > bizarrely, it seems to provide no facility for ensuring that a specific
> > host will be assigned, via DHCP, a particular IP address.
>
> Not such a bizarre thing - I do this for several servers running behind
> a Debian router/firewall server for my home connection. I don't know
> about the particular router you are using, but if it does not allow
> MAC->IP mapping, I think assuming that it has no dynamic DHCP client is
> fair :P

I don't quite follow you here. What's a dynamic DHCP client? gwen has
both a DHCP server for the LAN, as well as a client for getting its own
external IP address from the ISP. Can you elaborate?

> > What would you do in this situation (besides getting a different router
> > or using a general purpose computer as one)?
>
> Stick a Debian box behind your ISP modem and set it up as your gateway
> and DHCP server - then run ddclient with a service like DynDNS
> (apt-cache show ddclient) - I do this at home, at work, on my laptop - I
> can always get to the machines I might need by hostname - who cares what
> the IP is

For logistical reasons, alternating the current topology of my network,
specifically the connection of the modem to the router and the physical
location of them both, is not currently practical. I actually do use
ddclient with DynDNS, to reach edith using DNS from the Internet.
ddclient runs on edith; it reads gwen's external IP address from the
relevant status page on gwen's web interface, and then records it with
DynDNS. DynDNS translates the DNS name to gwen's external IP address,
and gwen then forwards the incoming connections to edith. Did you mean
something else?

Thanks for the suggestions.

> Kind Regards,
> Michael Shuler

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-17-2008, 07:33 PM
Michael Shuler
 
Default Forcing specific IP address with DHCP

On 04/17/2008 02:12 PM, Celejar wrote:

On Thu, 17 Apr 2008 11:36:53 -0500
Michael Shuler <michael@pbandjelly.org> wrote:

dynamic DHCP client


I don't quite follow you here. What's a dynamic DHCP client?


bleh.. s/DHCP/DNS/ I meant dynamic DNS there..

--
Kind Regards,
Michael



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-17-2008, 08:00 PM
Celejar
 
Default Forcing specific IP address with DHCP

On Thu, 17 Apr 2008 15:12:22 -0400
Celejar <celejar@gmail.com> wrote:

> On Thu, 17 Apr 2008 11:36:53 -0500
> Michael Shuler <michael@pbandjelly.org> wrote:
>
> > On 04/17/2008 09:31 AM, Celejar wrote:
> > > I find myself in a bizarre networking predicament. I need to have
> > > a server (henceforth 'edith') accept incoming connections (e.g. ssh)
> > > from the Internet. edith is behind a home gateway / router / switch
> > > ( Trendware / Trendnet TEW-452BRP [0] - henceforth 'gwen'). gwen will
> > > forward specific ports to specific private, internal IP addresses, but
> > > bizarrely, it seems to provide no facility for ensuring that a specific
> > > host will be assigned, via DHCP, a particular IP address.
> >
> > Not such a bizarre thing - I do this for several servers running behind
> > a Debian router/firewall server for my home connection. I don't know
> > about the particular router you are using, but if it does not allow
> > MAC->IP mapping, I think assuming that it has no dynamic DHCP client is
> > fair :P
>
> I don't quite follow you here. What's a dynamic DHCP client? gwen has
> both a DHCP server for the LAN, as well as a client for getting its own
> external IP address from the ISP. Can you elaborate?

[Michael clarified:]

>> bleh.. s/DHCP/DNS/ I meant dynamic DNS there..

gwen actually does have a dynamic DNS client, with support for DynDNS,
No-IP and EasyDNS, but I am still using ddclient on edith.

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-18-2008, 12:01 AM
Alex Samad
 
Default Forcing specific IP address with DHCP

On Thu, Apr 17, 2008 at 10:31:27AM -0400, Celejar wrote:
> Hi,
>
[snip]
>
> What would you do in this situation (besides getting a different router
> or using a general purpose computer as one)?

does gwen do proxy dns ? if so just point edith to gwen and gewn will
update automatically


I would also guess that you isp doesn't change their dns very regularly
so hard coding them should be okay as well

>
> Celejar
> --
> mailmin.sourceforge.net - remote access via secure (OpenPGP) email
> ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>

--
"After the bombing, most Iraqis saw what the perpetuators of this attack were trying to do."

- George W. Bush
03/13/2006
Washington, DC
Regarding the bombing of the Golden Mosque of Samarra in Iraq
 
Old 04-18-2008, 03:58 AM
Celejar
 
Default Forcing specific IP address with DHCP

On Fri, 18 Apr 2008 10:01:40 +1000
Alex Samad <alex@samad.com.au> wrote:

> On Thu, Apr 17, 2008 at 10:31:27AM -0400, Celejar wrote:
> > Hi,
> >
> [snip]
> >
> > What would you do in this situation (besides getting a different router
> > or using a general purpose computer as one)?
>
> does gwen do proxy dns ? if so just point edith to gwen and gewn will
> update automatically

Is proxy dns caching dns? In any event, I don't think gwen does it.

> I would also guess that you isp doesn't change their dns very regularly
> so hard coding them should be okay as well

Yes, Brian also recommends that. So far my aliasing hack seems to be
working, so I may just keep it.

Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 09:50 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org