Hello everyone.
Im trying to implement the layout shown in the picture attached.
The problem im facing right now is the following:
My isp offers 4 dynamic DHCP addresses.
I want the routerboard to use 1 of them for the LAN where i got my clients and use NAT.
i want my 2 servers witch is connected on different ports on the routerboard to be able to get one ip each from the external DHCP server.
My current configuration is a DHCP client on eter0 (wan) and a bridge between ports 1 --> 5 (where the lan is located) and this works fine.
I have tryed to change the dhcp client to the "bridge" interface but then it wont pickup an ip from the external dhcp server.
Can anyone give me any clue on what i need to do?
I can also add that it dosn't matter if i have to setup an dhcpserver for the servers (on the 2 other interfaces) just as long as im able to have the ipaddresses separated from the lan.
I also want to know if its possible to set firewall rules with dynamic ipadresses lets say from WAN (eter1) to server1 (eter2) i want to allow ssh, can i then make a rule that trafic to port 22 from wan(eter1) to eter2 on the routerboard should be forwarded?
Will be thankful for any advice
//Calle
Ps made the pic using http://draw.labs.autodesk.com/ADDraw/draw.html just wanted to give them the cred for the tool.
More then one dhcp address from WAN to diffrent ports on RB?
You do not have the required permissions to view the files attached to this post.
Re: More then one dhcp address from WAN to diffrent ports on
So im working kind of blindly here.
What i tryed today was to add a vrrp ("virtual router" according to wikipedia) and added a dhcp client to it. i removed the "add default route" option and both my client on eter 1 and the vrrp router got ip addresses from the dhcp, the problem is that when i add this i also loose the connection from the lan thats using NAT.
Well im able to solve this by moving my NAT rule to the vrrp instead of my ether 1.
But what i cant do is disable the dhcp on the eter1 interface, if i do that the vrrp just turns red and i cant connect to the internet.
So could there be some route im loosing?
Am im on right track here?
//Calle
What i tryed today was to add a vrrp ("virtual router" according to wikipedia) and added a dhcp client to it. i removed the "add default route" option and both my client on eter 1 and the vrrp router got ip addresses from the dhcp, the problem is that when i add this i also loose the connection from the lan thats using NAT.
Well im able to solve this by moving my NAT rule to the vrrp instead of my ether 1.
But what i cant do is disable the dhcp on the eter1 interface, if i do that the vrrp just turns red and i cant connect to the internet.
So could there be some route im loosing?
Am im on right track here?
//Calle
Re: More then one dhcp address from WAN to diffrent ports on
So im still lost.
To be honest i haven't mutch time to research this.
But i was thinking. On my *nix boxes i just set promiscuous mode and a bridge (br) to make my virtualbox machines able to obtain an (outside) ip adress, anyone know how this would work in the bridge in the RB?
each of the physical ports got there own mac adress, so if i just put a DHCP server on the lan part. a 0.0.0.0/0 adress on the if 1 (wan) port and let the bridge handle the rest...
Will have to try that tomorrow.
To be honest i haven't mutch time to research this.
But i was thinking. On my *nix boxes i just set promiscuous mode and a bridge (br) to make my virtualbox machines able to obtain an (outside) ip adress, anyone know how this would work in the bridge in the RB?
each of the physical ports got there own mac adress, so if i just put a DHCP server on the lan part. a 0.0.0.0/0 adress on the if 1 (wan) port and let the bridge handle the rest...
Will have to try that tomorrow.
Re: More then one dhcp address from WAN to diffrent ports on
Im bumping my own thread here, sorry.
I've tryed some more this morning.
The first thing was to add the 0.0.0./0 on wan.
i was thinking if i could get that interface in to promiscuous mode all trafic would just flow down the bridge and let me set the dhcp clients on the other interfaces, but no go, i just get "error in address, network address expected."
Well the next idea was to add a virtual interface. On *nix you can use virtual interfaces based on "ifconfig eth0:0" were eth0 is the real interface and :0 is the virtual. i can then use both of them with diffrent ip addresess.
The problem here is that i don't se an option on what interface to bind it to, it's just there as a virtual interface, eg standalone.
So the question now is how to bind it to eter0 (wan)
Hope your all well
//Calle
I've tryed some more this morning.
The first thing was to add the 0.0.0./0 on wan.
i was thinking if i could get that interface in to promiscuous mode all trafic would just flow down the bridge and let me set the dhcp clients on the other interfaces, but no go, i just get "error in address, network address expected."
Well the next idea was to add a virtual interface. On *nix you can use virtual interfaces based on "ifconfig eth0:0" were eth0 is the real interface and :0 is the virtual. i can then use both of them with diffrent ip addresess.
The problem here is that i don't se an option on what interface to bind it to, it's just there as a virtual interface, eg standalone.
So the question now is how to bind it to eter0 (wan)
Hope your all well
//Calle
Re: More then one dhcp address from WAN to diffrent ports on
ive been trying to do the same thing have you had any luck? i found something for *nix called multimac http://www.primianotucci.com/default.php?view=57
but i havent tried it.. let me know if you are still working on this, your problem is akit like mine.
but i havent tried it.. let me know if you are still working on this, your problem is akit like mine.
Re: More then one dhcp address from WAN to diffrent ports on
have you had any success in your quest on this?
Re: More then one dhcp address from WAN to diffrent ports on
No i haven't had any luck yet, i will look at your link tho.
My latest tests were:
do Vlans, (1,2) tag=1 ether0,eter5
(3,4)Tag=2 eter0,eter5
Forward between wlan 1,2 3,4 and forward rules beween 3,4
no change cant get ip adress.
---
Wanted to forward all trafic from eter0 to dst MAC adress 00:11:22:33:44:55
Didn't work, can't find the way to route to a dst mac adress.
---
made firewall rules based on bridgedports.
Added the local dhcp server to eter5 but it couldn't be added, was hoping to be able to add it to eter5 and make a forward rule between eter0 and eter2.
//Calle
My latest tests were:
do Vlans, (1,2) tag=1 ether0,eter5
(3,4)Tag=2 eter0,eter5
Forward between wlan 1,2 3,4 and forward rules beween 3,4
no change cant get ip adress.
---
Wanted to forward all trafic from eter0 to dst MAC adress 00:11:22:33:44:55
Didn't work, can't find the way to route to a dst mac adress.
---
made firewall rules based on bridgedports.
Added the local dhcp server to eter5 but it couldn't be added, was hoping to be able to add it to eter5 and make a forward rule between eter0 and eter2.
//Calle