Multiple HotSpot servers sharing public IP pool

broonu · September 3, 2013, 1:12pm

Can I use multiple Hotspot servers (one per vlan), each with a private IP address pool for DHCP and share a pool of public IP addresses for 1:1 NAT? My goal is to save the public IP’s, I don’t want to provide a /24 class for each VLAN, as at the beginning will be 10 VLAN’s but I will not have many customers that would justify a /24 class for each VLAN, so I thought to share the pool of IP’s public to all VLANs. For the test I did, it only works if I add a public IP of the pool on the VLAN interface, but with this I can not share this pool. Does anyone have an idea how I can do this sharing?
This is my conf:

[admin@HotSpot/01] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
 #	ADDRESS                    NETWORK          INTERFACE
 0	X.X.X.X/24                  X.X.X.0             ether1
 1	172.16.255.254/16       172.16.0.0         vlan202
 2	172.17.255.254/16       172.17.0.0         vlan203

[admin@HotSpot/01] > ip pool print
 #	NAME                         RANGES
 0	pool_hotspot               Y.Y.Y.1-Y.Y.Y.253
 1	pool-dhcp-172.16	        172.16.0.1-172.16.255.253
 2	pool-dhcp-172.17	        172.17.0.1-172.17.255.253

[admin@HotSpot/01] > ip dhcp-server print
Flags: X - disabled, I - invalid
 #	NAME			        INTERFACE	   RELAY	ADDRESS-POOL		LEASE-TIME	ADD-ARP
 0	server-dhcpd-01		vlan202			pool-dhcp-172.16	        1h
 1	server-dhcpd-02		vlan203			pool-dhcp-172.17	        1h

[admin@HotSpot/01] > ip hotspot print
Flags: X - disabled, I - invalid, S - HTTPS
 #   NAME                              INTERFACE                      ADDRESS-POOL                   PROFILE                          IDLE-TIMEOUT
 0   server_hotspot_202                vlan202                      pool_hotspot                      profile-clients                   1h
 1   server_hotspot_203                vlan203                      pool_hotspot                      profile-clients                   1h

[admin@HotSpot/01] > ip hotspot profile print
Flags: * - default
 0 * name="profile-clients" hotspot-address=0.0.0.0 dns-name="hs.mysite.com" html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0 smtp-server=0.0.0.0
     login-by=cookie,http-chap http-cookie-lifetime=1d split-user-domain=no use-radius=yes radius-accounting=yes radius-interim-update=1h nas-port-type=ethernet
     radius-default-domain="" radius-location-id="" radius-location-name="" radius-mac-format=XX:XX:XX:XX:XX:XX

This configuration works if I add the last line (3):

[admin@HotSpot SuperOnda/01] > ip address print
Flags: X - disabled, I - invalid, D - dynamic
 #   ADDRESS            NETWORK         INTERFACE
 0   X.X.X.X/24    X.X.X.0     ether1
 1   172.16.255.254/16  172.16.0.0      vlan202
 2   172.17.255.254/16  172.17.0.0      vlan203
 3   Y.Y.Y.254/24  Y.Y.Y.0    vlan202

maxfava · December 15, 2013, 10:49am

I have found the same challange.
I have seen no one answered btw.

I’m thinking
subnet with private ip for each interface
each interface with own dhcp server
each interface in a single bridge
bridge filter to block traffic from each interface (needed to separate each dhcp)
on ip public on bridge.

irsup · April 28, 2019, 8:25pm

Hi

I have exact same problem, nobody can help?