IP plug and play

azurtem · December 3, 2012, 1:47pm

Hi

Is it possible to setup an RB device to act as DHCP server
and to pply IP plug and play distribution of addresses
i.e. even if the workstation is already equipped with a static
IP address, the server will ‘allow’ the workstation through ?
Or is is this solely a hotspot feature ?

thanks

yann

Discus · December 6, 2012, 9:03am

As long as that IP address doesn’t conflict with another, it should be OK as long as your firewall rules allow it.

I am of course assuming that the static IP addresses are something you know in advance (i.e. you use DHCP to hand out addresses from e.g. the bottom half of 192.168.1.0/24 and statically assign the top half), and not something people randomly assign to their device.

If the latter, it may be possible to set up a NAT on the interface to which those static devices connect that translates any random static address to something the router (and your internet connection) will be able to do something with, but this would be a pretty crazy setup.

azurtem · December 13, 2012, 8:57am

Thanks for your reply Discus

I should have mentioned that the Zyxel hotpot devices (g4100 or n4100)
for example, and others aswell I’m sure, can assign an IP address to a
customer whether he/she is in DHCP mode or not.

That is the behaviour I was trying to obtain from the RB

possible ?

yann

Discus · December 18, 2012, 9:29am

I can’t imagine that Zyxel magically over-rides the client’s DHCP mode; they must be doing some sort of (symmetric) NAT on such devices. This is more or less what I was talking about in the second paragraph - it’s certainly possible to do this.

I suspect you may have to run some scripts to get this to work precisely as you wish it to (which I can’t help you with, but you’d have to record the client’s IP, then use that to build your NAT rules dynamically, which I suspect will be tricky).

It will be much easier if you don’t want symmetric NAT (i.e. 1 of your addresses to 1 client address); if you tell the SRC NAT rule on your client-facing interface(s) to masquerade or src-nat <any IP that isn’t one of yours> (address lists is usually the most flexible way), this should achieve similar functionality to what I suspect the Zyxels are doing. Incoming (dst-nat) rules will be rather more tricky and require you to know that address the end user is using. That said, routing could get extremely ugly, and I would suggest you tell clients they really ought to be using DHCP.

Good luck!

azurtem · December 22, 2012, 9:06am

Thanks Discus for such a precise answer