Good that you're reaching the interfaces, but what happens is that when a response is sent out it will be sent through your default route instead of that interfaces default route which will later result in packets not reaching the destination or incorrect packet src IPs.
PF is not starting your dhcp daemon. Take a look under pf.conf file and make sure you've added dhcpd to the pf.conf file under [vlan]. Also, take a look at the networks.conf file and make sure the registration and isolation vlan's are set up with dhcp. If you need more details I can send you a sample. This networks.conf tells PF where to lease IP's in what network and for how long. -Antonio Sent via Mobile. On Feb 16, 2011, at 1:42 PM, "Willis, Ben" <[email protected]> wrote: > No static routes setup for subinterfaces but they are reachable. > > > Output: > --------------------------------- > [root@A5DO-NAC network-scripts]# /usr/local/pf/bin/pfcmd service pf restart > service|command > named|stop > dhcpd|stop > pfdhcplistener|stop > pfmon|stop > httpd|stop > snmptrapd|stop > pfsetvlan|stop > Checking configuration sanity... > service|command > config files|start > named|start > Internet Systems Consortium DHCP Server V3.0.5-RedHat > Copyright 2004-2006 Internet Systems Consortium. > All rights reserved. > For info, please visit http://www.isc.org/sw/dhcp/ > Wrote 0 leases to leases file. > Interface eth4 matches multiple shared networks > > If you did not get this software from ftp.isc.org, please > get the latest from ftp.isc.org and install that before > requesting help. > > If you did get this software from ftp.isc.org and have not > yet read the README, please read it before requesting help. > If you intend to request help from the [email protected] > mailing list, please read the section on the README about > submitting bug reports and requests for help. > > Please do not under any circumstances send requests for > help directly to the authors of this software - please > send them to the appropriate mailing list as described in > the README file. > > exiting. > dhcpd|start > pfdhcplistener|start > pfmon|start > httpd|start > snmptrapd|start > pfsetvlan|start > [root@A5DO-NAC network-scripts]# > > Thanks, > Ben > _______________________ > There is no place like 127.0.0.1 > > http://lmgtfy.com/?q=Anderson+School+District+Five > > > -----Original Message----- > From: Manueco, Antonio [mailto:[email protected]] > Sent: Wednesday, February 16, 2011 1:27 PM > To: [email protected] > Subject: Re: [Packetfence-users] Problem getting dhcpd to start, CentOS5.5 > > Hey Ben, > > How are you trying to start the dhcp daemon? What happens when you try to run > /use/local/pf/bin/pfcmd service pf restart? Can you copy and paste out > output? > > As a side question, do you have static routes for your virtual interfaces set > up on your PF box? > > -Antonio > > On Feb 16, 2011, at 1:05 PM, "Willis, Ben" > <[email protected]<mailto:[email protected]>> wrote: > > Right now I have eth4 separated into 2 sub interfaces. Could that be the > problem? Do i need physical interfaces for these routed networks? > > Output below: > Feb 16 12:52:51 A5DO-NAC dhcpd: If you intend to request help from the > <mailto:[email protected]> [email protected]<mailto:[email protected]> > Feb 16 12:52:51 A5DO-NAC dhcpd: mailing list, please read the section on the > README about Feb 16 12:52:51 A5DO-NAC dhcpd: submitting bug reports and > requests for help. > Feb 16 12:52:51 A5DO-NAC dhcpd: > Feb 16 12:52:51 A5DO-NAC dhcpd: Please do not under any circumstances send > requests for Feb 16 12:52:51 A5DO-NAC dhcpd: help directly to the authors of > this software - please Feb 16 12:52:51 A5DO-NAC dhcpd: send them to the > appropriate mailing list as described in Feb 16 12:52:51 A5DO-NAC dhcpd: the > README file. > Feb 16 12:52:51 A5DO-NAC dhcpd: > Feb 16 12:52:51 A5DO-NAC dhcpd: exiting. > Feb 16 13:00:27 A5DO-NAC dhcpd: Internet Systems Consortium DHCP Server > V3.0.5-RedHat Feb 16 13:00:27 A5DO-NAC dhcpd: Copyright 2004-2006 Internet > Systems Consortium. > Feb 16 13:00:27 A5DO-NAC dhcpd: All rights reserved. > Feb 16 13:00:27 A5DO-NAC dhcpd: For info, please visit > <http://www.isc.org/sw/dhcp/> http://www.isc.org/sw/dhcp/ Feb 16 13:00:27 > A5DO-NAC dhcpd: Wrote 0 leases to leases file. > Feb 16 13:00:27 A5DO-NAC dhcpd: Interface eth4 matches multiple shared > networks Feb 16 13:00:27 A5DO-NAC dhcpd: > Feb 16 13:00:27 A5DO-NAC dhcpd: If you did not get this software from > ftp.isc.org<http://ftp.isc.org>, please Feb 16 13:00:27 A5DO-NAC dhcpd: get > the latest from ftp.isc.org<http://ftp.isc.org> and install that before Feb > 16 13:00:27 A5DO-NAC dhcpd: requesting help. > Feb 16 13:00:27 A5DO-NAC dhcpd: > Feb 16 13:00:27 A5DO-NAC dhcpd: If you did get this software from > ftp.isc.org<http://ftp.isc.org> and have not Feb 16 13:00:27 A5DO-NAC dhcpd: > yet read the README, please read it before requesting help. > Feb 16 13:00:27 A5DO-NAC dhcpd: If you intend to request help from the > <mailto:[email protected]> [email protected]<mailto:[email protected]> > Feb 16 13:00:27 A5DO-NAC dhcpd: mailing list, please read the section on the > README about Feb 16 13:00:27 A5DO-NAC dhcpd: submitting bug reports and > requests for help. > Feb 16 13:00:27 A5DO-NAC dhcpd: > Feb 16 13:00:27 A5DO-NAC dhcpd: Please do not under any circumstances send > requests for Feb 16 13:00:27 A5DO-NAC dhcpd: help directly to the authors of > this software - please Feb 16 13:00:27 A5DO-NAC dhcpd: send them to the > appropriate mailing list as described in Feb 16 13:00:27 A5DO-NAC dhcpd: the > README file. > Feb 16 13:00:27 A5DO-NAC dhcpd: > Feb 16 13:00:27 A5DO-NAC dhcpd: exiting. > > > Thanks, > Ben > > From: Sallee, Stephen (Jake) [mailto:[email protected]] > Sent: Wednesday, February 16, 2011 12:46 PM > To: <mailto:[email protected]> > [email protected]<mailto:[email protected]> > Subject: Re: [Packetfence-users] Problem getting dhcpd to start, CentOS5.5 > > post the output of: service packetfence restart > > Jake Sallee > Godfather Of Bandwidth > Network Engineer > > Fone: 254-295-4658 > Phax: 254-295-4221 > > > From: Willis, Ben [mailto:[email protected]] > Sent: Wednesday, February 16, 2011 11:32 AM > To: <mailto:[email protected]> > [email protected]<mailto:[email protected]> > Subject: [Packetfence-users] Problem getting dhcpd to start, CentOS5.5 > > > I cannot get dhcpd to start on my CentOS installation. I have verified that > my /usr/local/pf/conf/dhcpd.conf file has been created properly and while > monitoring /var/log/messages I see dhcpd start with no errors but then it > exits. I've tried to get it to start with PF and without by copying the > dhcpd.conf file to /etc/dhcpd.conf as well.. same results. > > > Anyone have any ideas? Below are my config files, if anything else is needed > to figure it out please let me know! > > /usr/local/pf/conf/dhcpd.conf: > ---------------------------------------- > authoritative; > ddns-update-style none; > ignore client-updates; > > subnet 10.10.240.0 netmask 255.255.255.0 { > option routers 10.10.10.10; > option subnet-mask 255.255.255.0; > option domain-name "registration.a5do-nac.acsd5.local"; > option domain-name-servers 10.10.240.2; > range 10.10.240.10 10.10.240.254; > default-lease-time 300; > max-lease-time 300; > } > > subnet 10.10.248.0 netmask 255.255.255.0 { > option routers 10.10.10.10; > option subnet-mask 255.255.255.0; > option domain-name "isolation.a5do-nac.acsd5.local"; > option domain-name-servers 10.10.248.2; > range 10.10.248.10 10.10.248.254; > default-lease-time 300; > max-lease-time 300; > } > > > > /usr/local/pf/conf/networks.conf: > ---------------------------------------- > [10.10.240.0] > type=registration > netmask=255.255.255.0 > gateway=10.10.10.10 > pf_gateway= > named=enabled > domain-name=registration.a5do-nac.acsd5.local > dns=10.10.240.2 > dhcpd=enabled > dhcp_start=10.10.240.10 > dhcp_end=10.10.240.254 > dhcp_default_lease_time=300 > dhcp_max_lease_time=300 > > [10.10.248.0] > type=isolation > netmask=255.255.255.0 > gateway=10.10.10.10 > pf_gateway= > named=enabled > domain-name=isolation.a5do-nac.acsd5.local > dns=10.10.248.2 > dhcpd=enabled > dhcp_start=10.10.248.10 > dhcp_end=10.10.248.254 > dhcp_default_lease_time=300 > dhcp_max_lease_time=300 > > > > > > Thanks, > Ben Willis > > > ________________________________ > ANDERSON SCHOOL DISTRICT FIVE NOTICE: This email may contain business related > information that is PERSONAL AND CONFIDENTIAL. If you have received this > email in error, this does not constitute permission to examine, copy or > distribute the accompanying material. > If you receive this message in error, please notify the sender immediately or > call 864-260-5000. > > ________________________________ > ANDERSON SCHOOL DISTRICT FIVE NOTICE: This email may contain business related > information that is PERSONAL AND CONFIDENTIAL. If you have received this > email in error, this does not constitute permission to examine, copy or > distribute the accompanying material. > If you receive this message in error, please notify the sender immediately or > call 864-260-5000. > ------------------------------------------------------------------------------ > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > Packetfence-users mailing list > [email protected]<mailto:[email protected]> > https://lists.sourceforge.net/lists/listinfo/packetfence-users > ------------------------------------------------------------------------------ > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ANDERSON SCHOOL DISTRICT FIVE NOTICE: This email may contain business related > information that is > PERSONAL AND CONFIDENTIAL. If you have received this email in error, this > does not > constitute permission to examine, copy or distribute the accompanying > material. > If you receive this message in error, please notify the sender immediately or > call 864-260-5000. > > ------------------------------------------------------------------------------ > The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: > Pinpoint memory and threading errors before they happen. > Find and fix more than 250 security defects in the development cycle. > Locate bottlenecks in serial and parallel code that limit performance. > http://p.sf.net/sfu/intel-dev2devfeb > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
