Re: bind dhcpd to IP address
Thanks, working like a charm.
From: owner-m...@openbsd.org on behalf of Stuart
Henderson
Sent: Thursday, June 10, 2021 12:15 PM
To: misc@openbsd.org
Subject: Re: bind dhcpd to IP address
On 2021-06-10, Ralf Horstmann wrote:
> Hi Valdrin,
>
> that setup works fine. You would use "ip helper-address" on the Ciscos to
> forward the DHCP requests to your OpenBSD box. The forwarded requests use the
> specified helper address as unicast destination. No need to have the VLANs
> present on your OpenBSD box.
>
> I'm running dhcpd without -u for that. dhcpd will pickup all packets with
> destination port 67 on the specified interface via bpf. No need to bind to a
> specific IP.
dhcpd will need to be listening on the interface containing the helper-address
though; if you don't want it to actually serve clients on that network, the
subnet declaration can be empty e.g. subnet 192.0.2.0 netmask 255.255.255.0 { }
> I understand your last question as: Can dhcpd provide leases for subnets when
> the dhcpd box has no IP addresses within the range? The answer is yes. You
> will
> need subnet declarations for all pools in dhcpd.conf though.
The relay includes its own address on the client-facing interface in the
relayed DHCP request; dhcpd uses that to determine which subnet to use.
Re: bind dhcpd to IP address
On 2021-06-10, Ralf Horstmann wrote:
> Hi Valdrin,
>
> that setup works fine. You would use "ip helper-address" on the Ciscos to
> forward the DHCP requests to your OpenBSD box. The forwarded requests use the
> specified helper address as unicast destination. No need to have the VLANs
> present on your OpenBSD box.
>
> I'm running dhcpd without -u for that. dhcpd will pickup all packets with
> destination port 67 on the specified interface via bpf. No need to bind to a
> specific IP.
dhcpd will need to be listening on the interface containing the helper-address
though; if you don't want it to actually serve clients on that network, the
subnet declaration can be empty e.g. subnet 192.0.2.0 netmask 255.255.255.0 { }
> I understand your last question as: Can dhcpd provide leases for subnets when
> the dhcpd box has no IP addresses within the range? The answer is yes. You
> will
> need subnet declarations for all pools in dhcpd.conf though.
The relay includes its own address on the client-facing interface in the
relayed DHCP request; dhcpd uses that to determine which subnet to use.
Ynt: bind dhcpd to IP address
Thanks. I'll give a try. Gönderen: Ralf Horstmann Gönderildi: 10 Haziran 2021 Perşembe 08:42 Kime: misc@openbsd.org Bilgi: Valdrin MUJA Konu: Re: bind dhcpd to IP address Hi Valdrin, that setup works fine. You would use "ip helper-address" on the Ciscos to forward the DHCP requests to your OpenBSD box. The forwarded requests use the specified helper address as unicast destination. No need to have the VLANs present on your OpenBSD box. I'm running dhcpd without -u for that. dhcpd will pickup all packets with destination port 67 on the specified interface via bpf. No need to bind to a specific IP. I understand your last question as: Can dhcpd provide leases for subnets when the dhcpd box has no IP addresses within the range? The answer is yes. You will need subnet declarations for all pools in dhcpd.conf though. Regards, Ralf * Valdrin MUJA [2021-06-09 23:45]: > Hi misc, > > > I have 5 vlans terminated in Cisco switch as Layer 3. > > So the users' gateway is Cisco switch. > > The default gateway of Cisco switch is OpenBSD 6.9, which works as an office > firewall. > > The switch also works as a dhcp server. However, I want OpenBSD office > firewall to also act as a dhcp server. > > Is this possible while OpenBSD has no vlans on it? Only static routes for > these ip networks are installed. > > > I would set dhcp relay on the Cisco switch side, but when I looked at > dhcpd(8), I was not entirely sure. > > I see that dhcpd can listen on an ip address with the -u[bind_address] > parameter, but these lines confused me: > > ''With this option, dhcpd can answer DHCPINFORM from clients on non Ethernet > interfaces such as tun(4) or pppx(4)’’ > > What I understand from above is; if I configure -u for a physical (em0) > interface’s ip address it will not bind to em0’s IP address. > > It will use 255.255.255.255 instead of this. So it will not work; right? > > > One last and probably related question: > > Can OpenBSD be configured to distribute ip pools which it doesn’t have? > > Thanks for reading… >
Re: bind dhcpd to IP address
Hi Valdrin, that setup works fine. You would use "ip helper-address" on the Ciscos to forward the DHCP requests to your OpenBSD box. The forwarded requests use the specified helper address as unicast destination. No need to have the VLANs present on your OpenBSD box. I'm running dhcpd without -u for that. dhcpd will pickup all packets with destination port 67 on the specified interface via bpf. No need to bind to a specific IP. I understand your last question as: Can dhcpd provide leases for subnets when the dhcpd box has no IP addresses within the range? The answer is yes. You will need subnet declarations for all pools in dhcpd.conf though. Regards, Ralf * Valdrin MUJA [2021-06-09 23:45]: > Hi misc, > > > I have 5 vlans terminated in Cisco switch as Layer 3. > > So the users' gateway is Cisco switch. > > The default gateway of Cisco switch is OpenBSD 6.9, which works as an office > firewall. > > The switch also works as a dhcp server. However, I want OpenBSD office > firewall to also act as a dhcp server. > > Is this possible while OpenBSD has no vlans on it? Only static routes for > these ip networks are installed. > > > I would set dhcp relay on the Cisco switch side, but when I looked at > dhcpd(8), I was not entirely sure. > > I see that dhcpd can listen on an ip address with the -u[bind_address] > parameter, but these lines confused me: > > ''With this option, dhcpd can answer DHCPINFORM from clients on non Ethernet > interfaces such as tun(4) or pppx(4)’’ > > What I understand from above is; if I configure -u for a physical (em0) > interface’s ip address it will not bind to em0’s IP address. > > It will use 255.255.255.255 instead of this. So it will not work; right? > > > One last and probably related question: > > Can OpenBSD be configured to distribute ip pools which it doesn’t have? > > Thanks for reading… >
bind dhcpd to IP address
Hi misc, I have 5 vlans terminated in Cisco switch as Layer 3. So the users' gateway is Cisco switch. The default gateway of Cisco switch is OpenBSD 6.9, which works as an office firewall. The switch also works as a dhcp server. However, I want OpenBSD office firewall to also act as a dhcp server. Is this possible while OpenBSD has no vlans on it? Only static routes for these ip networks are installed. I would set dhcp relay on the Cisco switch side, but when I looked at dhcpd(8), I was not entirely sure. I see that dhcpd can listen on an ip address with the -u[bind_address] parameter, but these lines confused me: ''With this option, dhcpd can answer DHCPINFORM from clients on non Ethernet interfaces such as tun(4) or pppx(4)’’ What I understand from above is; if I configure -u for a physical (em0) interface’s ip address it will not bind to em0’s IP address. It will use 255.255.255.255 instead of this. So it will not work; right? One last and probably related question: Can OpenBSD be configured to distribute ip pools which it doesn’t have? Thanks for reading…
