Friday, March 18, 2011

DHCP Server with 2 Segment Network


Still on the DHCP server, but this time I will discuss about how to configure a DHCP server on 2 different network segments. In this case, there is a two-story building, has a network on the 1st floor and 2nd floor. The owner of the building is desired, for different network 1st floor with floor 2, but for convenience he wants to use a DHCP server. Previously he budgeted 2 pieces of servers for Internet connections at each floor 1 and floor 2. I think not need 2 servers for Internet connections, especially the number of computers floors 1 and 2 and the bandwidth which is owned not too big. Finally, the landlord was willing to accept my advice with making a DHCP server for both the network connection.

How to make it not too difficult, it only needs a very simple configuration and 2 Lancard that her listen as a DHCP server to the second network. How to install DHCP server is no different from my previous writings. The difference, in this case is to use 2 Lancard network netwrok 1 and 2, and 1 Lancard longer a public network.

Configuration required is as follows:

In the file / usr / local / etc / dhcpd.conf added:

option domain-name-servers 192.168.1.254, 192.168.0.254;
option netbios-node-type 2;
default-lease-time 86400;
max-lease-time 86400;
authoritative;
ddns-update-style none;
# Top
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.254;
option broadcast-address 192.168.1.255;
range 192.168.1.10 192.168.1.100;
}
# Bottom
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.254;
option broadcast-address 192.168.0.255;
range 192.168.0.10 192.168.0.100;
}

That's all on his dhcpd.conf. In his need ditambahakan rc.conf:

dhcpd_enable = "YES" # dhcpd enabled?
dhcpd_flags = "-q" # command option (s)
dhcpd_conf = "/ usr / local / etc / dhcpd.conf" # configuration file
dhcpd_ifaces = "rl1 rl2" # ethernet interface (s

nor is it simple?

chance to grout I use ipnat and to my firewall using ipfw.

for it is sebb ipnat configuration:

# ------------------------------------------------- -----------
# Use ipfilter FTP proxy for the firewall is doing the transfer mode
# Active.
# ------------------------------------------------- -----------
map rl0 0.0.0.0 / 0 -> 0.0.0.0/32 proxy port ftp ftp / tcp
# ------------------------------------------------- -----------
# Use ipfilter FTP proxy for the hosts behind NAT doing transfers
# Mode active.
# ------------------------------------------------- -----------
map rl0 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp / tcp
map rl0 192.168.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp / tcp
# ------------------------------------------------- ----------
# Map all UDP and TCP traffic internal to the external IP address
# ------------------------------------------------- ----------
map rl0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp / udp 40000:60000
map rl0 192.168.0.0/24 -> 0.0.0.0/32 portmap tcp / udp 40000:60000
# ------------------------------------------------- ----------
# Map all other traffic e.g. ICMP to the external IP address
# ------------------------------------------------- ----------
map rl0 192.168.1.0/24 -> 0.0.0.0/32
map rl0 192.168.0.0/24 -> 0.0.0.0/32
# # # # Transparent PROXY ###################
RDR rl1 0.0.0.0 / 0 port 80 -> localhost port 3128
RDR rl2 0.0.0.0 / 0 port 80 -> localhost port 3128

Note: rl0 is the public interface

Easy is not it?

For his firewall may also use an open type or if necessary + dummynet you now can smile because maybe you have a problem like this and not have a solution.

Sincerely,
ogeb

0 comments: