Re: bridge and dhcp
On Sunday 03 August 2008 22:36:00 you wrote: > On Sun, Aug 03, 2008 at 09:43:15PM +0200, Chris Cohen wrote: > > Paul de Weerd wrote: > >> On Sun, Aug 03, 2008 at 11:07:42AM +0200, Chris Cohen wrote: > >> | Hi, > >> | > >> | | I have a small openbsd router running in my network. > >> | > >> | I have vlan10 (my lan), vlan11 (w-lan) and tun0/1 (openvpn tap > >> | devices). I bridged them all toghether on bridge0. Only vlan10 has an > >> | ip address. (10.1.16.1) > >> | Now I want dhcpd to assign 10.1.16.0/24 on all four interfaces, but it > >> > >> just | does on vlan10. All i get is Can't listen on vlan11/tap0/tap1. It > >> has no IP | Address. > >> > >> | Also.. since all interfaces are bridged, shouldn requests on vlan11 or > >> > >> tun0 | reach vlan10 where dhcpd does listen? They do not... > >> > >> You probably want to configure the IP address on the bridge interface > >> and have dhcpd listen there. > > > > $ sudo ifconfig bridge0 10.1.16.100 > > ifconfig: SIOCAIFADDR: Inappropriate ioctl for device > > > > If I remember right I asked that a few years ago... the answer was: > > assign the IP address to one of the bridged interfaces, a bridge is a > > layer2 device. Isn't this true any longer? > > Ugh, I'm an idiot .. bridge != trunk .. I apologize. :) > Yes, you should configure the IP address on one of the bridge > interfaces, and then dhcpd *should* listen only on that interface. > > Can you tcpdump on some of your interfaces when trying to get a lease > to see what is going on ? $ sudo tcpdump -i vlan11 tcpdump: listening on vlan11, link-type EN10MB 07:12:19.643623 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0x1a656058 flags:0x8000 [|bootp] 07:12:22.643563 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0x1a656058 secs:768 flags:0x8000 [|bootp] 07:12:30.645298 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0x1a656058 secs:2816 flags:0x8000 [|bootp] 07:12:44.884417 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0x1a656058 secs:6656 flags:0x8000 [|bootp] $ sudo tcpdump -i bridge0 tcpdump: listening on bridge0, link-type EN10MB 07:13:50.405377 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0xbe1ac21c flags:0x8000 [|bootp] 07:13:53.413579 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0xbe1ac21c secs:768 flags:0x8000 [|bootp] 07:14:01.404793 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0xbe1ac21c secs:2816 flags:0x8000 [|bootp] 07:14:16.407810 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0xbe1ac21c secs:6656 flags:0x8000 [|bootp] $ sudo tcpdump -i vlan10 [all my lan traffic but not bootpc] If I run dhclient on a pc in vlan10 I get: $ sudo tcpdump -i vlan10 port bootpc tcpdump: listening on vlan10, link-type EN10MB 07:20:24.867674 0.0.0.0.bootpc > 255.255.255.255.bootps: xid:0xe29ba5c [| bootp] [tos 0x10] 07:20:24.868464 10.1.16.1.bootps > 10.1.16.10.bootpc: xid:0xe29ba5c Y:10.1.16.10 S: 10.1.16.1 [|bootp] [tos 0x10] -- Thank you Chris
Re: bridge and dhcp
On Sun, Aug 03, 2008 at 09:43:15PM +0200, Chris Cohen wrote: > Paul de Weerd wrote: >> On Sun, Aug 03, 2008 at 11:07:42AM +0200, Chris Cohen wrote: >> | Hi, >> | | I have a small openbsd router running in my network. >> | I have vlan10 (my lan), vlan11 (w-lan) and tun0/1 (openvpn tap devices). >> | I bridged them all toghether on bridge0. Only vlan10 has an ip address. >> | (10.1.16.1) >> | Now I want dhcpd to assign 10.1.16.0/24 on all four interfaces, but it >> just | does on vlan10. All i get is Can't listen on vlan11/tap0/tap1. It >> has no IP | Address. >> | Also.. since all interfaces are bridged, shouldn requests on vlan11 or >> tun0 | reach vlan10 where dhcpd does listen? They do not... >> >> You probably want to configure the IP address on the bridge interface >> and have dhcpd listen there. > > $ sudo ifconfig bridge0 10.1.16.100 > ifconfig: SIOCAIFADDR: Inappropriate ioctl for device > > If I remember right I asked that a few years ago... the answer was: assign > the IP address to one of the bridged interfaces, a bridge is a layer2 > device. Isn't this true any longer? Ugh, I'm an idiot .. bridge != trunk .. I apologize. Yes, you should configure the IP address on one of the bridge interfaces, and then dhcpd *should* listen only on that interface. Can you tcpdump on some of your interfaces when trying to get a lease to see what is going on ? , Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: bridge and dhcp
On Sun, Aug 03, 2008 at 09:27:19PM +0200, Christian Kildau wrote: > On Sunday 03 August 2008 13:19:53 you wrote: > > The file you wanted to create was /etc/dhcpd.interfaces. > That was a typo in my first mail, sorry. > > > Note that as > > of -current this has been deprecated for dhcpd_flags. > I'm running 4.2. > > > http://www.openbsd.org/faq/current.html#20080607 > > > > And just fyi, you should know that dhcpd(8) has never honored > > dhcpd_flags or dhcpd.interfaces. Only /etc/rc does at boot. To start > > dhcpd manually: > > > > # dhcpd vlan10 vlan11 tun0 tun1 > > > > And the respective line in /etc/rc.conf.local: > > > > dhcpd_flags="vlan10 vlan11 tun0 tun1" > snip > > bridge0: flags=41 > priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp > tun1 flags=3 > port 19 ifpriority 0 ifcost 0 > tun0 flags=3 > port 18 ifpriority 0 ifcost 0 > vlan11 flags=f3 > port 14 ifpriority 0 ifcost 0 > vlan10 flags=f3 > port 7 ifpriority 0 ifcost 0 > Addresses (max cache: 100, timeout: 240): > 00:1d:7d:9f:cf:82 vlan10 1 flags=0<> > 00:18:f8:9e:a7:ff vlan10 1 flags=0<> > 00:21:5c:40:dc:99 vlan11 1 flags=0<> > 00:0e:0c:aa:8b:6c vlan10 1 flags=0<> > > Whatever I supply via commandline, dhcpd only listens on vlan10 and doesnt > reply to dhcp requests on other interfaces than vlan10. I suggest you try to bind the ip address on bridge0 interface and use dhcpd_flags="bridge0" This will probably work Regards Robert -- Microsoft: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? OpenBSD: Hey guys you left some holes out there!
Re: bridge and dhcp
Paul de Weerd wrote: On Sun, Aug 03, 2008 at 11:07:42AM +0200, Chris Cohen wrote: | Hi, | | I have a small openbsd router running in my network. | I have vlan10 (my lan), vlan11 (w-lan) and tun0/1 (openvpn tap devices). | I bridged them all toghether on bridge0. Only vlan10 has an ip address. | (10.1.16.1) | Now I want dhcpd to assign 10.1.16.0/24 on all four interfaces, but it just | does on vlan10. All i get is Can't listen on vlan11/tap0/tap1. It has no IP | Address. | Also.. since all interfaces are bridged, shouldn requests on vlan11 or tun0 | reach vlan10 where dhcpd does listen? They do not... You probably want to configure the IP address on the bridge interface and have dhcpd listen there. $ sudo ifconfig bridge0 10.1.16.100 ifconfig: SIOCAIFADDR: Inappropriate ioctl for device If I remember right I asked that a few years ago... the answer was: assign the IP address to one of the bridged interfaces, a bridge is a layer2 device. Isn't this true any longer? -- Thanks Chris
Re: bridge and dhcp
On Sun, Aug 03, 2008 at 11:07:42AM +0200, Chris Cohen wrote: | Hi, | | I have a small openbsd router running in my network. | I have vlan10 (my lan), vlan11 (w-lan) and tun0/1 (openvpn tap devices). | I bridged them all toghether on bridge0. Only vlan10 has an ip address. | (10.1.16.1) | Now I want dhcpd to assign 10.1.16.0/24 on all four interfaces, but it just | does on vlan10. All i get is Can't listen on vlan11/tap0/tap1. It has no IP | Address. | Also.. since all interfaces are bridged, shouldn requests on vlan11 or tun0 | reach vlan10 where dhcpd does listen? They do not... You probably want to configure the IP address on the bridge interface and have dhcpd listen there. Cheers, Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
Re: bridge and dhcp
On Sunday 03 August 2008 13:19:53 you wrote: > The file you wanted to create was /etc/dhcpd.interfaces. That was a typo in my first mail, sorry. > Note that as > of -current this has been deprecated for dhcpd_flags. I'm running 4.2. > http://www.openbsd.org/faq/current.html#20080607 > > And just fyi, you should know that dhcpd(8) has never honored > dhcpd_flags or dhcpd.interfaces. Only /etc/rc does at boot. To start > dhcpd manually: > > # dhcpd vlan10 vlan11 tun0 tun1 > > And the respective line in /etc/rc.conf.local: > > dhcpd_flags="vlan10 vlan11 tun0 tun1" O.K. I tried that. In /v/l/daemon I then found: Aug 3 13:26:17 pf dhcpd: Can't listen on tun1 - it has no IP address. Aug 3 13:26:17 pf dhcpd: Can't listen on tun0 - it has no IP address. Aug 3 13:26:17 pf dhcpd: Can't listen on vlan11 - it has no IP address. Which actually makes sense since they don't need IP adresses. What I have is: vlan10: flags=8943 mtu 1500 lladdr 00:50:8b:95:a4:d2 description: client uplink vlan: 10 priority: 0 parent interface: trunk0 groups: vlan inet6 fe80::250:8bff:fe95:a4d2%vlan10 prefixlen 64 scopeid 0x7 inet 10.1.16.1 netmask 0xff00 broadcast 10.1.16.255 vlan11: flags=8943 mtu 1496 lladdr 00:50:8b:95:a4:d2 description: wlan uplink vlan: 11 priority: 0 parent interface: trunk0 groups: vlan inet6 fe80::250:8bff:fe95:a4d2%vlan11 prefixlen 64 scopeid 0xe bridge0: flags=41 mtu 1500 groups: bridge tun0: flags=9943 mtu 1500 lladdr 00:bd:f7:fa:3f:01 inet6 fe80::2bd:f7ff:fefa:3f01%tun0 prefixlen 64 scopeid 0x12 tun1: flags=9943 mtu 1500 lladdr 00:bd:b5:5d:a4:02 inet6 fe80::2bd:b5ff:fe5d:a402%tun1 prefixlen 64 scopeid 0x13 and bridge0: flags=41 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp tun1 flags=3 port 19 ifpriority 0 ifcost 0 tun0 flags=3 port 18 ifpriority 0 ifcost 0 vlan11 flags=f3 port 14 ifpriority 0 ifcost 0 vlan10 flags=f3 port 7 ifpriority 0 ifcost 0 Addresses (max cache: 100, timeout: 240): 00:1d:7d:9f:cf:82 vlan10 1 flags=0<> 00:18:f8:9e:a7:ff vlan10 1 flags=0<> 00:21:5c:40:dc:99 vlan11 1 flags=0<> 00:0e:0c:aa:8b:6c vlan10 1 flags=0<> Whatever I supply via commandline, dhcpd only listens on vlan10 and doesnt reply to dhcp requests on other interfaces than vlan10. -- Thank you Chris
Re: bridge and dhcp
On Sun, Aug 03, 2008 at 11:07:42AM +0200, Chris Cohen wrote:
> Hi,
>
> I have a small openbsd router running in my network.
> I have vlan10 (my lan), vlan11 (w-lan) and tun0/1 (openvpn tap devices).
> I bridged them all toghether on bridge0. Only vlan10 has an ip address.
> (10.1.16.1)
> Now I want dhcpd to assign 10.1.16.0/24 on all four interfaces, but it just
> does on vlan10. All i get is Can't listen on vlan11/tap0/tap1. It has no IP
> Address.
> Also.. since all interfaces are bridged, shouldn requests on vlan11 or tun0
> reach vlan10 where dhcpd does listen? They do not...
>
> Here is what I have in dhcpd.conf:
> shared-network LOCAL-NET {
> option domain-name "example.org";
> option domain-name-servers 10.1.32.2;
> option netbios-name-servers 10.1.16.3;
> subnet 10.1.16.0 netmask 255.255.255.0 {
> option routers 10.1.16.1;
>
> range 10.1.16.128 10.1.16.254;
> }
> }
>
> and in dhcp.interfaces:
> vlan10
> vlan11
> tun0
> tun1
>
> is there something special I have to configure?
The file you wanted to create was /etc/dhcpd.interfaces. Note that as
of -current this has been deprecated for dhcpd_flags.
http://www.openbsd.org/faq/current.html#20080607
And just fyi, you should know that dhcpd(8) has never honored
dhcpd_flags or dhcpd.interfaces. Only /etc/rc does at boot. To start
dhcpd manually:
# dhcpd vlan10 vlan11 tun0 tun1
And the respective line in /etc/rc.conf.local:
dhcpd_flags="vlan10 vlan11 tun0 tun1"
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net/
bridge and dhcp
Hi,
I have a small openbsd router running in my network.
I have vlan10 (my lan), vlan11 (w-lan) and tun0/1 (openvpn tap devices).
I bridged them all toghether on bridge0. Only vlan10 has an ip address.
(10.1.16.1)
Now I want dhcpd to assign 10.1.16.0/24 on all four interfaces, but it just
does on vlan10. All i get is Can't listen on vlan11/tap0/tap1. It has no IP
Address.
Also.. since all interfaces are bridged, shouldn requests on vlan11 or tun0
reach vlan10 where dhcpd does listen? They do not...
Here is what I have in dhcpd.conf:
shared-network LOCAL-NET {
option domain-name "example.org";
option domain-name-servers 10.1.32.2;
option netbios-name-servers 10.1.16.3;
subnet 10.1.16.0 netmask 255.255.255.0 {
option routers 10.1.16.1;
range 10.1.16.128 10.1.16.254;
}
}
and in dhcp.interfaces:
vlan10
vlan11
tun0
tun1
is there something special I have to configure?
--
Thank you
Chris
