Gaah - re-adding the mailing list.. On Saturday 02 February 2008 03:22:01 pm you wrote: > On Feb 2, 2008 3:48 PM, Steve H. <st...@csquaredtech.com> wrote: > > On Saturday 02 February 2008 01:03:06 pm you wrote: > > > This won't work, because 1.2.3.4 is outside the local subnet of the > > > device, which therefore uses a gateway to reach it. You need a local > > > gateway. > > > > Actually, it works perfectly - and has for over a year...All the machines > > are on 1 physical wire (actually, a hub/switch), and I just add a route > > to the network and gateway in /etc/network/interfaces. For example, if > > my firewall/gateway was 1.2.159.162 on a 1.2.159.160/28 net-block, I'd > > use: up route add -net 1.2.159.160 netmask 255.255.255.240 eth0 > > up route add -host 1.2.159.162 eth0 > > up route add default gw 1.2.159.162 eth0 > > > > This works great, and I don't eat up an address in the /28's for a > > gateway. This is one reason I'd like to move to DHCP - I'd like to pass > > the routes to be added (1.2.159.160/28 and 1.2.159.162/32) via DHCP so if > > my configurations change, I don't have to manually update all the > > machines. > > I can see how that configuration might work, but it is far more > complex than originally described. I'm also not sure you could pass > those routes, which involve specific device specifications instead of > next-hop routers, over DHCP. > Hmm - I was just going to pass a route to 1.2.159.160/28 and a default gateway to all DHCP devices. I think that should be ok via DHCP options (i.e. the 'static routes' option ?)
> > > You'd need this anyway, see above. > > > > No I don't - see above. If DNSMasq doesn't support this on its own, can > > I use a 'dhcp relay agent' to achieve this. ('this' being 1 dhcp server > > that responds to all the net-blocks on the local ether segment). I'm > > guessing the error here is due to DNSMasq not having an address in the > > net-blocks its serving. Perhaps having a DHCP relay forward requests to > > the actual I.P. of the interface DNSMasq is sitting on (192.168.0.2) > > would 'fix' this ? > > What if the netmask for the interface on the DNSMasq box/gateway was > expanded to include all addresses? I guess that could mess up your > global routing. A DHCP relay sounds like a reasonable solution. > yeah - I'm leaning towards a DHCP relay solution. What I don't understand is why DNSMasq is confused. I told it to serve a specific range, and the client gave it a hostname to match (via /etc/hosts) to a specific I.P. in the range. Even more confusingly, the firewall has static routes to every host in the ranges due to shorewall (it adds a route for every host it does proxy arp for). So I can't figure out why DNSMasq is so unhappy :-/ Steve