On Wed, Jan 25, 2017 at 4:27 AM, Dusan Ilic <[email protected]> wrote: > Hello Nikola, > > Well, br0 is the local LAN interface on the gateway and the local LAN IP > of the gateway (also DHCP-server) is 10.1.1.1. > So in the network 10.1.1.0/26, 10.1.1.63 is the local broadcast address. > > > > On 2017-01-24 00:17, Nikola Kolev wrote: > >> Hi, >> >> Maybe I'm misreading the bits you posted, but why would you have your >> >> # DHCP server unicast or broadcast IP address. >>> server = 10.1.1.63 >>> >> configured that way? Is that one and the same interface (with 10.1.1.1 >> on br0)? What is the reason of having a network broadcast IP address set >> on a host? >> >> I would focus on either running dnsmasq with full debug or strace-ing >> it to see what's causing that "Operation not permitted". >> >> Cheers >> >> On Sun, 22 Jan 2017 22:33:06 +0100 >> Dusan Ilic <[email protected]> wrote: >> >> Hello, >>> >>> I have a problem with the DHCP plugin. >>> I have Strongswan and DNSmasq on the same host (my Linux gateway) and >>> would like to issue IP adress from local LAN to remote access users, >>> however, I cant get it working. In the logging I can see Strongswan >>> sending DHCP Discover, and DNSmasq responding, however directly after >>> DNSmasq gives a strange error. >>> >>> Jan 22 20:46:42 R6250 daemon.info charon: 08[CFG] sending DHCP >>> DISCOVER to 10.1.1.63 Jan 22 21:46:42 R6250 daemon.info dnsmasq-dhcp >>> [7945]: DHCPDISCOVER(br0) 7a:a7:46:6b:f7:04 Jan 22 21:46:42 R6250 >>> daemon.info dnsmasq-dhcp[7945]: DHCPOFFER(br0) 10.1.1.60 >>> 7a:a7:46:6b:f7:04 Jan 22 21:46:42 R6250 daemon.warn dnsmasq-dhcp >>> [7945]: Error sending DHCP packet to 10.1.1.1: Operation not >>> permitted Jan 22 20:46:47 R6250 daemon.info charon: 08[CFG] DHCP >>> DISCOVER timed out >>> >>> 10.1.1.1 is my gateway. 10.1.1.63 is broadcast adress (local LAN >>> 10.1.1.0/26). I have also tried changing broadcast in charon settings >>> to 255.255.255.255, but then there is no DHCPOFFER seen in the logs. >>> >>> Jan 22 20:44:02 R6250 daemon.info charon: 09[CFG] sending DHCP >>> DISCOVER to 255.255.255.255 Jan 22 20:44:03 R6250 daemon.info charon: >>> 09[CFG] sending DHCP DISCOVER to 255.255.255.255 Jan 22 20:44:05 >>> R6250 daemon.info charon: 09[CFG] sending DHCP DISCOVER to >>> 255.255.255.255 Jan 22 20:44:08 R6250 daemon.info charon: 09[CFG] >>> sending DHCP DISCOVER to 255.255.255.255 Jan 22 20:44:12 R6250 >>> daemon.info charon: 09[CFG] sending DHCP DISCOVER to 255.255.255.255 >>> Jan 22 20:44:17 R6250 daemon.info charon: 09[CFG] DHCP DISCOVER timed >>> out >>> >>> Below is my DHCP-plugin config. >>> >>> dhcp { >>> >>> # Always use the configured server address. >>> force_server_address = yes >>> >>> # Derive user-defined MAC address from hash of IKE identity. >>> # identity_lease = yes >>> >>> # Interface name the plugin uses for address allocation. >>> interface = br0 # Local interface where DNSmasq is listening >>> >>> # Whether to load the plugin. Can also be an integer to increase >>> # the priority of this plugin. >>> load = yes >>> >>> # DHCP server unicast or broadcast IP address. >>> server = 10.1.1.63 >>> >>> } >>> >>> >> > _______________________________________________ > Users mailing list > [email protected] > https://lists.strongswan.org/mailman/listinfo/users >
Hi Dusan, I have a similar setup on an openwrt router, mine works fine, The only difference is I dont use the "interface=" stanza in the dhcp.conf and just use the standard broadcast address 192.168.1.255 I have several VLANs, and just my changing the broadcast address of the server I can get leases from the subnet/vlan I want. -- Kind regards, Yudi
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
