Networking question


#1

Does a DHCP Server automatically forward IP packages (that is, does it also act like a router), or does it just assign IP addresses to clients and one would still require a configured router (gateway)? I’m just messing around with my openbsd box and this question isn’t answered in the literature that I’ve read.


#2

DHCP cannot be routed by design, but can be relayed.


#3

DHCP does not forward IP packets.

Routers do not forward DHCP requests by default. If the DHCP server is not on the same wire as the client requesting an IP, the router needs, in cisco speak, an ip helper-address setup on the interface. This relays the DHCP request to the server.

DHCP is done below the network layer, at layer two. So DHCP requests, like Alister said, can not be routed, only relayed.

What is it you are trying to do?


#4

'nutherwards use a hub instead of a router, then IPs will be assigned to clients. The router will be assigned on the LAN side, but will dish out it’s own IPs on the WAN side.


#5

Hubs make jesus cry… get yourself a cheap switch


#6

Here’s what I’m trying to do (please excuse my non-technical language and vague description): I want to set up a gateway (unix box) between my desktop (also unix) and the internet. My first attempt was okay. I could ping from my desktop to the gateway (and vise-versa) and from the gateway to an arbitrary internet website, but I couldn’t ping from my desktop to an arbitrary internet website. I was successful at setting up a bridge between my desktop and the internet. However, a gateway would be much better if only for the fact that I could remote login from my desktop, something that isn’t possible with a bridge. Than I could pack away the extra monitor and keyboard, and hide the extra computer somewhere. I’m sure the answer to my difficulties is somewhere in a volume on understanding IP addresses and route tables, but I haven’t had time yet to read much. But i thought I’d ask the question about DHCP in case it would somehow correct this difficulty…which it doesn’t.


#7

Sounds like you are looking for nat/pat ? if youd be happy with linux I have some scripts that will generate the iptables scripts you need to do it.

firewall.j-enterprises.net/


#8

corrected. I didn’t realize there was still the odd “hub” around.


#9

[quote=“Dave”]

Here’s what I’m trying to do (please excuse my non-technical language and vague description): I want to set up a gateway (unix box) between my desktop (also unix) and the internet. My first attempt was okay. I could ping from my desktop to the gateway (and vise-versa) and from the gateway to an arbitrary internet website, but I couldn’t ping from my desktop to an arbitrary internet website. I was successful at setting up a bridge between my desktop and the internet. However, a gateway would be much better if only for the fact that I could remote login from my desktop, something that isn’t possible with a bridge. Than I could pack away the extra monitor and keyboard, and hide the extra computer somewhere. I’m sure the answer to my difficulties is somewhere in a volume on understanding IP addresses and route tables, but I haven’t had time yet to read much. But i thought I’d ask the question about DHCP in case it would somehow correct this difficulty…which it doesn’t.[/quote]

I thought this might be the case. Ive done this sort of thing a few times before (all with FreeBSD mind you) and Ive always used NAT and two network cards in the gateway machine.

One NIC is facing the internet and has the public IP address, while the 2nd NIC is using a NAT’d address (generally 192.168.x.x). You can pick the address scheme you want. And your desktop will use a 192.168.x.x address as well. But they have to be on the same subnet. eg: 192.168.1.1 for the 2nd NIC and 192.168.1.2 for your desktop. Your desktop would use 192.168.1.1 as its default gateway.

Now the tricky part is setting up NAT on the OpenBSD machine. In FreeBSD you have to recompile the kernel to enable NAT (or the last time I looked at this on a FreeBSD machine you had to anyway…and just took a quick gander at the kernel config for 4.10 of FBSD, yes you have to recompile the kernel to enable NATd and IPFW)

With only one machine behind your gateway just hardcode the IP address’s on your gateway NIC and your desktop. Easier than worrying about setting up DHCP too.

You mentioned before you were using OpenBSD, which I’m not overly familiar with but this link: openbsd.org/faq/pf/nat.html
should point you in the right direction. And it looks like it might not even require a kernel compile…just a few sysctl commands and a conf file to build.

Though you will need two NICs in that gateway box, if you dont already. Have any questions ask away…might be able to answer them.


#10

Unless you’re one of those game players who must absolutely have the lowest ping possible. Switches, especially the cheaper ones, add to your ping times. While they may transfer data at a higher rate than hubs, they do so slightly slower. Of course, the more devices you have on a hub, the more collisions, so your mileage may vary.

But to blindly say that hubs are bad and switches are good (especially cheap ones), isn’t right. Especially for home use.


#11

Thank you VMS for the suggestions and information. I’ll keep you posted as to how it works (or doesn’t). I’m planning this as one of my Christmas holiday “things to do”, so I probably won’t get to it until next weekend.


#12

[quote=“MiG”]

Unless you’re one of those game players who must absolutely have the lowest ping possible. Switches, especially the cheaper ones, add to your ping times. While they may transfer data at a higher rate than hubs, they do so slightly slower. Of course, the more devices you have on a hub, the more collisions, so your mileage may vary.

But to blindly say that hubs are bad and switches are good (especially cheap ones), isn’t right. Especially for home use.[/quote]

Hair splitting is fun… I still have a hub my maximum data transfer rate through it is 500KB/s when transferring data at over 200k/s my ping times are around 10ms inside my network. With the switch transferring at over 1Mb/s my ping times are around 5ms. so if you are planning on doing anything while you are transferring files or playing games etc. having a hub is useless.

Im not a gamer but wouldnt packet loss kinda matter too? either of the two would cause lag. Not saying hubs wouldnt be good for gaming but i dont see it when you are having a lan party or whatever the packet loss would be nice and high.


#13

Why would there be packet loss over a hub?

Packet loss and collisions are two different things.

Yes, generally, switches are better than hubs. But in some cases they’re slower, despite the higher bandwidth.

But anyway, you said “get a cheap switch” and that’s just not right. Don’t. Don’t replace a nice hub with a cheap switch.


#14

When packets collide, dont’ they like die or something? Then the netowrk ecnalubma comes, right?

NCIX has doznes of fairly inexpensive (not ‘cheap’) switches and routers for sale eh… Check that out. Packet collisions kinda sucks, so I guess hubs kinda suck… Especially when more than one machine is trying to transfer large files.

Plus, buying more networking equipment helps the inner geek ego grow.


#15

edit:

ok im wrong because in some cases collided packets can be recovered.


#16

Packets don’t collide. Hubs and switches don’t deal with packets.

You’re thinking about an ethernet frame. When you see “packet loss” or “dropped packets” on a game or whatever, it rarely has anything to do with ethernet collisions. You get just as much “packet loss” on switches as you do on hubs.


#17

Ahh yes… welcome back to CCNA1 dont mind me its final exam time and i just finished coding a bunch of asp :cry: really im not dumb


#18

I had more time than I expected today. After putting a fresh openbsd install on my pc last night I decided to tackle NAT today. Actually on openbsd it really only involved editing 3 files. 2 were just minor changes and the other included the pf (package filter) rules. My main confusion came from the fact that NAT documentation is included in the firewall section of the material that I’ve been reading, not in the networking parts. (Openbsd has very rich documentation, some think it has the best man pages.)
Thanks again VMS for pointing me in the right direction.


#19

So you got things working then today?

NAT docs are also included in the IPFW docs on FreeBSD as well…sometimes you can stumble on something that you wanted to know in a completely (seemingly) unrelated section.

Acutally I think the fellow who wrote most of the pf(1) stuff lives in the lower mainland…I read some stuff on openBSD a while ago. Was interesting.


#20

Yes, it is all up and working. I might have to tweak the rules a little.

I like openbsd for 3 main reasons: (1) it’s canadian (although the developers live all over the world, the project started in Canada), (2) it’s completely free, and (3) great mascot “puffy”. :smile: But it’s not very friendly to newbies (which I am one), but I’m learning.