"Johansson, Anders" <[EMAIL PROTECTED]> writes:
Hello there,
> When configureing SNF to use dhcp on the internet side and act as a
> dhcp-server on the LAN side I would like the dhcp-server to use the
> information provided (mainly the adresses for the dns servers) by the
> dhcp-client, is this possible ?
ok, so you have an internet connection using dhcp.
The firewall expects the eth1 interface to be the external/internet
interface and eth0 is the internal/LAN one. The configuration should also
work the other way around ... When you configure that internet connection
you should specify a DNS server. These entries, DNS primary or secondary,
that are not supposed to change very often on the provider side, will be
copied bye the /usr/share/naat/templates/etc/dhcpd.conf template (see the
perl sections between the { ... } marks) and create the /etc/dhcpd.conf
dhcp configuration file.
> If I configure the interface of eth1 to use dhcp as bootprotocol the
> firewall woorks perfectly but when I configure the eth0 interface to act as
> a dhcp-server I get an empty statement in the domain-server section of the
> dhcpd.conf file resulting in a dead dhcpd. For now I have manually fixed the
> dhcpd.conf file so it works but this would of cause be a problem for less
> experienced administrators ....
The idea is to specify the DNS entries while configuring the eth1, even if
this works without specifying it. Indeed, the provider dhcp server will
provide the dns servers entries too.
> One way to do it would be to have a caching dns in the firewall and
> configure the dhcp-server to export the firewall as a dns server for the
> clients. This is how I have had it configured before since it removes the
> dependency between the information from the internet provider and the
> configuration of the internal dhcp-server.
>
Yes, you could also install a caching name-server on the firewall, you're
right. You can find, if my memory is correct, the right package on the
firewall cd: caching-nameserver and/or bind*.
Sincerely,
--
Florin http://www.mandrakesoft.com
