ethernet bridge and dhcpd

Jax cybercorecentre at gmail.com
Wed Aug 2 03:17:05 UTC 2006 

Purushotham Nayak wrote:
> Hi All,
>
>   
Hey!

Here is a thought, don't setup dhcp server on a bridge. I tried to use 
firewalling on this but it works differently than in linux where you can 
control the traffic with --physdev-in -out, you can't determine that 
which card where the traffic come from and which where it goes, i read 
something in a handbook but dont remember atm so try to accept all 
packet on the firewall. You can try to tell dhcpd which interface you 
want to use but it's possible it won't work.
 
> I have a routerboard with two ethernet ports (sis0 and sis1). I've been trying top setup a bridge and also run the dhcpd server on it. I've setup sis0 with an IP address and sis1 is just marked up in rc.conf. The bridge seems to work because if I statically assign an IP address to a laptop and connect it to sis1 I can ping the routers IP which is what is assigned to sis0. But the laptop cannot get an IP using DHCP. tcpdumping on sis0 doesn't show me the DHCPREQUEST from the laptop that's coming in through sis1 (but it doesn't show me any traffic during ping request either but that's not broadcast so I guess that's expected).
>
> Here's my rc.conf
>
> -------------------------------------------------------------------------------------
> inetd_enable="YES"
> ifconfig_sis0="inet 10.1.1.1 netmask 255.255.255.0"
>   
broadcast parameter?
> ifconfig_sis1="up"
> ifconfig_ath0="down"
>
> gateway_enable="YES"
>
>   
this not requied for a bridge
> dhcpd_enable="YES"
> dhcpd_flags="-q"
>   
try to setup the interface as i told
> dhcpd_conf=/usr/local/etc/dhcpd.conf"
> -----------------------------------------------------------------------
>
> And here is my dhcpd.conf
>
> -------------------------------------------------------------------------
> ddns-update-style ad-hoc;
> default-lease-time 600;
> max-lease-time 7200;
>
> subnet 10.1.1.0 netmask 255.255.255.0 {
>     range 10.1.1.64 10.1.1.250;
>     option routers 10.1.1.1;
> }
> -------------------------------------------------------------------
>
> Can anyone please let me know if there is something I'm doing wrong.
>
> nayak
>  
>   
I hope it will help.

Regards,

JaX

More information about the freebsd-net mailing list