Steve Hoffman wrote:
I'd like to use DHCP to assign two ip addresses to one network
card...I know it's possible to do by hand, but I'd like to automate
the process. I have already got several clients (win and linux)
getting a fixed-address, but only one. I thought about creating
virtual adapter in linux (eth0:0) but I see the MAC is the same as the
real card and I guess I'd expect it would be. But I would like this
to work on the Windows machines as well. The main reson I'm looking
into this is because $BOSS has decided he wants a public IP address
for his laptop in addition to the private IP he needs to access may
features in the office. Naturally he also wants it to just work when
he gets home (using DHCP as well). I setup the alternate
configuration on his machine running XP, he gets a DHCP assigned
private...and no public...
Can this be done with dhcpd?
Thanks,
Steve
This isn't really a DHCP server problem, it's a client / protocol
problem (ie. you're trying to do something that won't work the way you
expect out of the box). First, let's understand how the protocol
works. Your client says, "I am this MAC address, I would like to lease
a DHCP address". The server then has been given that one bit of
information to work with, a MAC address. It can send a response of,
"You may have this lease", and that lease must contain some options such
as the time the lease is valid, and may contain some other options, such
as an IP address, default gateway, subnet mask, dns servers, time
servers, etc, ad nauseum.
Now, consider what the DHCP server has to work with, the MAC address.
In practice, ISC-DHCPd will then turn around and look at it's config
file, and attempt to find a match for the MAC address. It also has one
other bit of information, it knows where the packet came from. It knows
that the packet came in on, for example, eth0, or eth1. That's
expressed as being part of a subnet, that DHCP is listening for requests
on. So it looks in that subnet statement in it's config file, for the
closest MAC address match. When found, it returns the statements
associated with that config, usually just "fixed-address x.x.x.x", as
well as anything inherited from the global config (usually the rest of
the stuff such as gateway, dns, etc).
So, how can you assign two IP addresses? Well, the DNS server could
technically stuff two fixed-address statements in the response packet to
the client, but the client wouldn't understand that and would either
consider it invalid, or choose one at random, or choose the first one,
or some other not-ideal implementation-specific thing. Another option
would be for the client to request two leases, either from different MAC
addresses, or on different paths to the server (i.e. different VLANs
perhaps, or various other ways) but if you're using the same MAC address
for those calls, it's likely to confuse the server anyway, as it will
have trouble determining where to send the response (the scope of why is
beyond this email). Neither of these solutions really works well. If
you've got two network cards and two separate subnets and two separate
paths between the client and the server, the configuration can work, but
isn't all that confusing, and we probably wouldn't be having this
conversation. :)
In short, I think you're probably going about this the wrong way.
Having two IP addresses on the client (unless there are two actual
network connections involved) is not likely to give you the behavior you
think it will. Can you describe your network, in brief? I.e. something
like: "I've got a Linux box, connected to a cable modem, which has an
external and internal set of IP addresses, and I want the boss to have
one of each", or "I have three T1s terminated on a multi-homed Linux
gateway via BGP, and we have a private internal LAN as well as public
address space for workstations", or something in between? Perhaps we
can cook up an appropriate solution for your given situation, that will
meet your boss's needs as well as function properly from a network
perspective. Perhaps a short description of how you've had it working
by hand would also be useful.
Aaron S. Joyner
--
TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
TriLUG Organizational FAQ : http://trilug.org/faq/
TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
