dhcp "dhcpd_ifaces" question.
Rob
stopspam at users.sourceforge.net
Sun May 23 14:35:36 PDT 2004
Gary Kline wrote:
> To any network wizards on-list,
>
> I'm just tidying up dhcp and namedb files and would like
> to know what strings to put after this:
>
> dhcpd_ifaces= # ethernet interface(s)
>
> I'm assuming it should be "dc0 dc1" but would like to make
> sure. If it would be just as well to leave it blank and
> let dhcpd figure it out, please advise. (In my old config
> file $IFACES wasn't defined.)
I have dhcpd configured; I'm not using named, so I don't know about that.
As far as I know, you can use dhcpd_ifaces to limit the DHCP service to only
one interface (provided you have more than one interface on your system).
I have rl0 and rl1, where rl0 is on the out-side internet, and rl1 on the
internal network (with IP 10.0.0.1). I only want DHCP server for internal
network: I therefore have in /etc/rc.conf:
dhcpd_ifaces="rl1"
However, when you look at netstat output, dhcpd is still listening to all
interfaces, which may have some security risks. To further limit this, you
probably need a extra global line in /usr/local/etc/dhcpd.conf :
local-address 10.0.0.1;
Then you get a netstat output like this:
udp4 0 0 10.0.0.1.bootps *.*
Regards,
Rob.
More information about the freebsd-questions
mailing list