RE: [m0n0wall] Several dynamic IPs on WAN?

From:	Fred Wright <fw at well dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	RE: [m0n0wall] Several dynamic IPs on WAN?
Date:	Mon, 23 Aug 2004 22:21:50 -0700 (PDT)

On Fri, 20 Aug 2004, Thomas Hertz wrote:

> > Am Fr, den 20.08.2004 schrieb Thomas Hertz um 8:34:
> > > I'm in the process of changing my ISP from DSL with one static IP to
> > 100mbps
> > > Ethernet with five dynamic, DHCP assigned, addresses. I'm not quite sure
> > how
> > > this would work, but does anyone know of a way to assign more than one
> > IP to
> > > the same physical interface? It would be neat to use 1:1 NAT.
> > 
> > Yes, you have to use proxy arp. Search this list for or for really
> > understanding take a look at
> > http://www.thinkingsecure.com/docs/TCPIP-Illustrated-1/arp_addr.htm#4_6
> > 
> > Ciao ...
> > 	... PIT ...
> 
> [Thomas Hertz once mumbled:] 
> 
> That would be a breeze if my addresses were static, but I've yet to find a
> dhcp client that supports several _dynamic_ addresses! It should even be
> possible using a client identifier instead of the interface MAC (if the dhcp
> server supports it, that I do not know).

That might be iffy.  The Microsoft-originated feature to key on host names
instead of MAC addresses violated the intent of a DHCP option rather than
change the client identifier. :-)

There is a way this *could* work reasonably, but not with existing
software AFAIK:

1) Use ARP to obtain the MAC address of the intended real destination.

2) Use that as the identifier for DHCP.  It should be guaranteed unique.

3) If DHCP succeeeds, install a Proxy ARP mapping on the WAN side.

4) Poll the server periodically, and undo all the above if it goes away.

					Fred Wright