[ previous ] [ next ] [ threads ]
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] DHCP Weirdness
 Date:  Sun, 13 Feb 2005 17:26:41 -0800 (PST)
On Thu, 10 Feb 2005, Chris Buechler wrote:
> On Thu, 10 Feb 2005 10:44:13 -0500, Daniel L. Hunter
> <dhunter at techmethods dot com> wrote:
> > First, please forgive my ignorance.  I'm a programmer, not a network
> > guy.  And before I get flamed, I did search the archives and didn't find
> > anything relevant to my problem.
> > 
> > I'm testing out m0n0wall on a WRAP board.  During this testing phase
> > there is only one machine on the LAN side while the rest of my network
> > (~ 10 machines) is on the WAN side.  I have a DSL connection using an
> > Efficient 5861 DMT Router.  DHCP is enabled on the DSL router.  Several
> > of the machines on the WAN side are getting their IP from the DSL DHCP
> > server.  The WAN interface on the m0n0wall is set up as Type=Static.
> > The DHCP server on the m0n0wall is not enabled.  In other words, I don't
> > want m0n0wall to have anything to do with distributing IP addresses.
> > M0n0wall's WAN interface has a static IP address as will the machines on
> > the LAN side.
> > 
> > The problem I'm having is that when the m0n0wall is connected to the
> > network, it seems to take all of the leases from the DSL DHCP server and
> > knock the rest of the  DHCP enabled machines on the WAN side off the
> > network.
> Somebody posted something similar within the past couple months, iirc.
>  I don't believe any answer was given.  Can't say that I've seen it
> myself.  I believe the other person that reported this was using DHCP
> on the WAN, which makes this at least a little more feasible.
> Have you been able to sniff the network to see what's going on?  If
> you can tcpdump to a file while it's doing this and email me the data,
> maybe I can see something in the output.
> Technically this shouldn't be feasible.  Even if m0n0wall requested an
> IP from DHCP a billion times, the DHCP server should only give it one
> since it should always be requested from the same MAC address.

Though if it's inappropriately acting as a DHCP *server* on the WAN side
it could screw things up.

					Fred Wright