Vieri Di Paola <[email protected]> wrote:
> I just got it working with ISC dhcrelay, but it's actually because I
> changed the remote DHCP server's configuration.
> In ISC terminology I'd have to use "shared-network", and in
> Microsoft's lingo it would have to be superscope + scopes. Basically,
> I created an "empty" scope for my "relay agent IP address", then the
> "working" scope for the rest of clients.
You beat me to it. Yes you have a shared network. For the benefit of anyone
else searching the archives, with the ISC DHCP server, if you declare a
shared-network, then the server will consider clients to be on that network as
long as the GI-Addr field in the relayed packets is in **ANY** of the subnets
declared within that shared network. If you don't want to actually serve
clients in any particular subnet, then you simply leave the subnet declaration
empty :
shared-network some-name-goes-here {
<options common to all the subnets on the shared-network can go here>
subnet 10.215.144.0 mask 255.255.255.0 {
}
subnet 10.215.111.0 mask 255.255.255.0 {
<subnet options go here>
range ...
}
}
Just be aware that if you do have ranges of addresses in more than one subnet,
then the server will consider all of them "equal" and interchangeable - so if
you want specific clients to end up in a specific subnet than you will need
some way of categorising them (e.g. using classes and allow/deny statements).
Simon
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
