dhclient blues

Discussion in 'Network Routers' started by Zenon Panoussis, Jul 9, 2004.

  1. I hope someone here can give me a pointer to a solution
    because this has me ripping my hair.

    There is a hole in the wall that brings internet connectivity
    and IP addresses assigned by DHCP. No modem or anything, just
    an ethernet plug. I am entitled to 5 IPs, which are assigned
    to me at random and non-consecutively anywhere within a random
    /26. As long as I put a switch on the wall and connect machines
    to it, I have no problems.

    However, I want a firewall between myself and the net. This
    means a box with two interfaces, say eth0 to the ISP and
    eth1 to the LAN. The machines on the LAN must, for various
    reasons, remain on public IP space. Thus, NAT is ruled out.

    And here comes trouble. eth0 on the firewall gets an IP from
    the ISP alright. I have dhcrelay running, so the machines on
    the LAN can also get their IPs from the ISP as soon as eth1
    on the firewall is up. But how do I get an IP for eth1?

    If I configure eth1 for dhcp, it sends its requests out on
    the LAN, which is pretty useless. At the same time I can't
    configure it statically because I don't have a contiguous
    subnet, so whatever IP I could take at random from the
    random /26 I happen to be part of, might be assigned to
    someone else. And dhcrelay will relay *through* the machine,
    but not *on* it.

    Any ideas anyone how I could get eth1 to send its dhcp
    requests out through eth0? Or how I could get eth0 to request
    an extra IP and then route it through to eth1?

    Zenon Panoussis, Jul 9, 2004
