Im trying to implement the layout shown in the picture attached.
The problem im facing right now is the following:
My isp offers 4 dynamic DHCP addresses.
I want the routerboard to use 1 of them for the LAN where i got my clients and use NAT.
i want my 2 servers witch is connected on different ports on the routerboard to be able to get one ip each from the external DHCP server.
My current configuration is a DHCP client on eter0 (wan) and a bridge between ports 1 → 5 (where the lan is located) and this works fine.
I have tryed to change the dhcp client to the “bridge” interface but then it wont pickup an ip from the external dhcp server.
Can anyone give me any clue on what i need to do?
I can also add that it dosn’t matter if i have to setup an dhcpserver for the servers (on the 2 other interfaces) just as long as im able to have the ipaddresses separated from the lan.
I also want to know if its possible to set firewall rules with dynamic ipadresses lets say from WAN (eter1) to server1 (eter2) i want to allow ssh, can i then make a rule that trafic to port 22 from wan(eter1) to eter2 on the routerboard should be forwarded?
So im working kind of blindly here.
What i tryed today was to add a vrrp (“virtual router” according to wikipedia) and added a dhcp client to it. i removed the “add default route” option and both my client on eter 1 and the vrrp router got ip addresses from the dhcp, the problem is that when i add this i also loose the connection from the lan thats using NAT.
Well im able to solve this by moving my NAT rule to the vrrp instead of my ether 1.
But what i cant do is disable the dhcp on the eter1 interface, if i do that the vrrp just turns red and i cant connect to the internet.
So could there be some route im loosing?
Am im on right track here?
So im still lost.
To be honest i haven’t mutch time to research this.
But i was thinking. On my *nix boxes i just set promiscuous mode and a bridge (br) to make my virtualbox machines able to obtain an (outside) ip adress, anyone know how this would work in the bridge in the RB?
each of the physical ports got there own mac adress, so if i just put a DHCP server on the lan part. a 0.0.0.0/0 adress on the if 1 (wan) port and let the bridge handle the rest…
The first thing was to add the 0.0.0./0 on wan.
i was thinking if i could get that interface in to promiscuous mode all trafic would just flow down the bridge and let me set the dhcp clients on the other interfaces, but no go, i just get “error in address, network address expected.”
Well the next idea was to add a virtual interface. On *nix you can use virtual interfaces based on “ifconfig eth0:0” were eth0 is the real interface and :0 is the virtual. i can then use both of them with diffrent ip addresess.
The problem here is that i don’t se an option on what interface to bind it to, it’s just there as a virtual interface, eg standalone.
So the question now is how to bind it to eter0 (wan)
No i haven’t had any luck yet, i will look at your link tho.
My latest tests were:
do Vlans, (1,2) tag=1 ether0,eter5
(3,4)Tag=2 eter0,eter5
Forward between wlan 1,2 3,4 and forward rules beween 3,4
no change cant get ip adress.
Wanted to forward all trafic from eter0 to dst MAC adress 00:11:22:33:44:55
Didn’t work, can’t find the way to route to a dst mac adress.
made firewall rules based on bridgedports.
Added the local dhcp server to eter5 but it couldn’t be added, was hoping to be able to add it to eter5 and make a forward rule between eter0 and eter2.
