David, Yes they need to be there with the internal keyword. You might also want to have a look to your iptables and trunk settings.
On 11-05-19 10:02 AM, Palmer, David W. wrote: > I did this and it looks like dhcp is running but I am not getting an IP even > when assigning the vlan manually in the switch. After doing some looking > around I noticed that the pf.conf file has eth0 declared but not eth0.4 and > eth0.5 (registration and isolation interfaces). Do I also have to add them > here? > > Thanks, > > David > > -----Original Message----- > From: Marc-André Jutras [mailto:[email protected]] > Sent: Thursday, March 31, 2011 10:41 AM > To: [email protected] > Subject: Re: [Packetfence-users] DHCP Question > > David, > > Unfortunately, you will have to set the vlan manually. Those are normally > configured in : > > /etc/sysconfig/network-script/ifcfg-ethX.Y ( where X = interface > number: eth0, eth1, eth2... and Y is the vlan number... ) > > example of ifcfg-eth0 > > DESCRIPTION=MANAGEMENT_INTERAFCE > DEVICE=eth0 > BOOTPROTO=none > ONBOOT=yes > HWADDR=THE:MAC:ADD:OF:YOUR:NIC > TYPE=Ethernet > NETMASK=255.255.255.0 > IPADDR=172.16.1.5 > USERCTL=no > IPV6INIT=no > > > example of ifcfg-eth0.5 > DESCRIPTION=REGISTRATION_INTERFACE > VLAN=yes > DEVICE=eth0.5 > BOOTPROTO=static > ONBOOT=yes > TYPE=Ethernet > IPADDR=172.16.5.5 > NETMASK=255.255.255.0 > > > Regards, > M-A > > > Le 11-03-30 11:10, Palmer, David W. a écrit : >> Ok, >> >> So I went through and re-installed the system and to make sure that DHCP and >> named were correctly pulled down with packetfence-complete package. >> >> Now the issue that I am running into when starting packetfence is DHCP >> is not starting correctly. I believe that I need to setup 802.1Q >> interfaces on the packetfence server. My question is does Packetfence >> do this for me or is this something I need to create >> >> >> Here is my networks.conf: >> >> [10.28.4.0] >> type=registration >> netmask=255.255.255.0 >> gateway=10.28.4.2 >> pf_gateway= >> named=enabled >> domain-name=registration.cazenovia.edu >> dns=10.28.4.2 >> dhcpd=enabled >> dhcp_start=10.28.4.10 >> dhcp_end=10.28.4.254 >> dhcp_default_lease_time=300 >> dhcp_max_lease_time=300 >> >> [10.28.5.0] >> type=isolation >> netmask=255.255.255.0 >> gateway=10.24.5.2 >> pf_gateway= >> named=enabled >> domain-name=isolation.cazenovia.edu >> dns=10.24.5.2 >> dhcpd=enabled >> dhcp_start=10.28.5.10 >> dhcp_end=10.28.5.254 >> dhcp_default_lease_time=300 >> dhcp_max_lease_time=300 >> >> >> Thanks, >> >> David >> >> >> >> -----Original Message----- >> From: Marc-André Jutras [mailto:[email protected]] >> Sent: Tuesday, March 15, 2011 11:25 AM >> To: [email protected] >> Subject: Re: [Packetfence-users] DHCP Question >> >> Hello David, >> >> Ok, first thing to check is your ip definition in networks.conf ( under >> /usr/local/pf/conf ) , PF will regenerate any dhcpd settings based on the >> info included in this file every time you will restart PF daemon. >> Then, adjust your ip in your named template to answers correctly your >> dns request... ( /usr/local/pf/conf/template/ files: >> named-isolation.ca and named-registration.ca, validate the ip there to >> reflect yours... ) >> >> From that point, you should be good to restart PF and validate that >> the DHCPD daemon is now listening on your isolation and registration >> network interface correctly... ( /etc/init.d/packetfence restart or >> service packetfence restart ) >> >> points to keep in mind: >> - PF come with the latest stable version of dhcpd and named, no needs to >> configure or install these daemons included in your Linux distribution... >> - make it work before adding more security to it : disable iptables for >> testing, re-enable it when you'll be ready for your final tests... >> >> Regards, >> M-A >> >> Le 11-03-15 10:19, Palmer, David W. a écrit : >>> Hello All, >>> >>> I am currently working on testing packetfence vs several commercial >>> NAC solutions. However, I am having an issue getting DHCPD to start. >>> I receive this error: >>> >>> **************************************************************** >>> >>> No subnet declaration for eth0 (172.28.4.74). >>> >>> ** Ignoring requests on eth0. If this is not what >>> >>> you want, please write a subnet declaration >>> >>> in your dhcpd.conf file for the network segment >>> >>> to which interface eth0 is attached. ** >>> >>> Not configured to listen on any interfaces! >>> >>> **************************************************************** >>> >>> What I have gathered is that I need to configure my registration >>> (10.28.4.0) and isolation (10.28.5.0) subnets inside of my dhcpd.conf >>> file. What I am wondering is if I do this inside of the >>> /etc/dhcpd.conf or is there a template inside of the pf directory? >>> What should the subnet configuration look like? >>> >>> Thank you, >>> >>> David >>> >>> >>> --------------------------------------------------------------------- >>> - >>> -------- >>> Colocation vs. Managed Hosting >>> A question and answer guide to determining the best fit for your >>> organization - today and in the future. >>> http://p.sf.net/sfu/internap-sfd2d >>> >>> >>> _______________________________________________ >>> Packetfence-users mailing list >>> [email protected] >>> https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > Create and publish websites with WebMatrix Use the most popular FREE web apps > or write code yourself; WebMatrix provides all the features you need to > develop and publish your website. http://p.sf.net/sfu/ms-webmatrix-sf > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users > > ------------------------------------------------------------------------------ > What Every C/C++ and Fortran developer Should Know! > Read this article and learn how Intel has extended the reach of its > next-generation tools to help Windows* and Linux* C/C++ and Fortran > developers boost performance applications - including clusters. > http://p.sf.net/sfu/intel-dev2devmay > _______________________________________________ > Packetfence-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/packetfence-users -- Francois Gaudreault, ing. jr [email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
