[lug] DHCP surrogate?

D. Stimits stimits at idcomm.com
Wed Aug 7 09:07:17 MDT 2002


Peter Hutnick wrote:
>>I am wondering something about DHCP, while figuring out the best ways to
>> add the cable modem network for 3+ computers to share (independently,
>>and simultaneously). If 3 DHCP addresses are paid for, but the three
>>machines behind the linux bridge turn off or on randomly, then in theory
>> the address issued by the DHCP can change between reboots. If the linux
>> bridge/firewall/filter (up 24/7) were to somehow be able to remember
>>the  MAC address of machines which previously were attached, and provide
>>a  fake "stub" MAC address for machines that shut down, then the IP
>>address  could be held all of the time. Does anyone know if it is
>>possible for a  bridge or gateway to act as a holding stub for DHCP
>>addresses when the  machines that really used the address shut down? It
>>isn't necessary, but  could be useful.
> 
> 
> Most DHCP servers have some degree of MAC affinity.  You'll probably find
> that it just works.
> 
> Beyond that, your math seems to be off, 3 IPs, 3 PCs and a router . . .

Nope, 3 IPs, 3 PCs, 1 bridge. Both NICs on a bridge can operate without 
any IP address at all. But in this case, the internal side will have a 
static IP that is not visible or available to the outside world. I am 
looking at all of the possibilities though. I am convinced for a network 
where all machines must access the outside, but do not care about each 
other, that the bridge mechanism is the best solution; however, two of 
the machines (win98 and win2k) may want to see each other on network 
neighborhood on rare occasions. If I block ports 137 through 139 (and a 
whole lot of other ports) for those two machines on the outside world 
(and I will block them), then they cannot use their Internet routable 
IPs to go out through the cable and back in to talk to each other. Even 
if they could, the internal net is 100 Mbit, the cable modem would choke 
  it down to almost nothing in comparison. So the reason I am looking 
beyond the bridge is for having the possibility of internal network 
between machines.


> 
> As for trying to hold onto an IP with the router you /could/ just put the
> machine that needs the "stable" IP on a private IP, allow the router to
> take one of the DHCP addresses and just forward the ports you need.

I would forward if I could do a 1:1 NAT, and not just a passive 
masquerade type connect, on all 3 workstations. What I could do is 
switch the bridge to instead be a router; then I would have to figure 
out how to make the router appear to have 3 MAC addresses on a single 
ethernet card, so it would do DHCP for all 3 MAC addresses, followed by 
1:1 forwarding. I believe this would be non-trivial, or even possible.

If all of the machines were Linux, I could assign both DHCP and static 
IP to the NIC on each, but with windows 98 (and even win2k), I am 
somewhat crippled when it comes to network abilities.

One [very remote] possibility I wonder about: A bridge puts both NICs in 
promiscuous mode, and perhaps SAMBA could help out. If SAMBA could be 
made to receive on eth1 (inside NIC) in promiscuous mode, and instead of 
bridging it out to eth0 (outside NIC), it were to send it back out to 
eth1, then the internal net would not have to have non-DHCP IPs to talk 
without the cable modem being involved. It sounds impossible though, 
having 1 NIC like a network neighborhood bridge, there would be conflicts.

D. Stimits, stimits AT idcomm.com




More information about the LUG mailing list