On 01/06/2012 02:02 PM, Michael DeHaan wrote:
Also (though this really isn't quite as useful except in smaller
home-lab sort of cases, I think), you can configure ISC dhcpd to
listen on only one interface.
Another option is to get the main DHCP admins to set "next-server" and
"filename" for your subnet to point at Cobbler so you don't have to
run your own DHCP, but this is not always possible.
-- Michael
The listen-to-one-interface is quite useful:
I've got a seperate vlan for Linux deployments and the cobbler server
has two interfaces.
- One is on the regular LAN so I can ssh and http into the Cobbler server
- One is on the Linux-install lan and has DHCP enabled.
This is quite a practical setup, but there are a few things where I need
the installed server to communicate with the outside-world. For this, I
create a port-forwarding SSH on the cobbler server:
ssh -N -f -g \
-L 0.0.0.0:8080:proxy.example.com:8080 \ <- proxy
-L 0.0.0.0:2049:dsl.example.com:2049 \ <- DSL nfs link
-L 0.0.0.0:123:server6.example.com:123 \ <- NTP time server
-L 0.0.0.0:80:server9.example.com:80 \ <- Satellite server
-L 0.0.0.0:443:server9.example.com:443 \ <- Satellite server
root@localhost
(For this to work, root must have it's own public SSH certificate in the
authorized_keys. Any other user will do too.)
This way, if you need the proxy from the installing server, you can use
the ipaddress of the cobblerserver with port 8080.
Regards,
Ger Apeldoorn
_______________________________________________
cobbler mailing list
[email protected]
https://fedorahosted.org/mailman/listinfo/cobbler
