On Fri, 2017-09-29 at 09:52 -0400, Ken Taylor wrote: > Several months ago I setup a PC to share a VPN connection among the > PCs > on my LAN. A CentOS 7 box serves as a "gateway" and accesses the VPN > using the openvpn client. > > NIC1 connects to my router using DHCP on the router to obtain an IP > address such as 192.168.0.116. > > NIC2 is set to "Share to other computers". ifconfig shows this device > to > have the address 10.42.0.1. By connecting another PC with a hard > coded > IP address in the 10.42.0.xxx range to a switch and thereby to the > dual > NIC machine, my second PC can connect to the Internet. MAGIC :-)
The "Shared" option actually runs its own DHCP server (using dnsmasq), so you shouldn't need a second one anywhere. > I then decided to do a little daisy chaining. I added a second NIC > to > the second PC. I configured that interface to "Share to other > computers." This connection gained the IP address 10.43.0.1 Cool. > > I put the first dual NIC PC in "production" between my Internet > connection and my LAN. I installed a DHCP server on the box and it > serves up 10.42.0.xxx addresses to my LAN PCs. Works great and has > been > in use for about 3 - 4 months. > > Today I needed to setup something to do some firewall experimenting. > I > plugged a test PC with 2 NICs to my LAN with NIC1. It received an IP > address 10.42.0.xxx from my DHCP server. So far, so good. > > I configured the second NIC as "Shared to other computers" as > described > above. This time the second NIC received the address 10.42.0.1 > which > will not work. That is the address of the first dual NIC PC. > > I have redone this several times. I also tried an Ubuntu 16.04 PC. > I > still get the 10.42.0.1 address on the second NIC. I am at a loss. Any time you pick "Shared" the subnet on that NIC will get the default IP subnet of 10.42.x. Unless you change it. Which you can do by either adding an IP address to the connection by editing its config file, or by running nm-connection-editor, finding your "shared" connection, and setting the IP address in the IPv4 tab. When you do that, NM will change its DHCP server to use the subnet that you specify there, and reserve a few addresses for static servers. So for example, if I created a new "Shared" connection and assigned it the IP address 172.16.55.1/24, the sharing NIC would get 172.16.55.1. NM will set up a DHCP server for the 172.16.55.0/24 subnet, and reserve about 10 IPs for static services like printers or servers or whatever. It will then start a DHCP server to provide IPs and DNS to other computers on that NIC's network, starting around 172.16.55.11 or so. It will then NAT everything on that NIC/subnet to the IP address of your upstream connection, whatever that might be. Dan > Was the original 10.43 address a fluke? > Perhaps a newer version of network-manager-applet is hosed? > Something I need to configure manually in the firewall to cause an > new > subnet to be assigned to NIC2? I really have no idea where the > 10.42 > address came from in the first place. > > The test PC is running CentOS 7.4 with network-manager-applet > 1.8.0.3. > > > Any advice appreciated. > > TIA, > > Ken > > _______________________________________________ > networkmanager-list mailing list > [email protected] > https://mail.gnome.org/mailman/listinfo/networkmanager-list _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
