Adding a second DHCP server

balanga

Son of Beastie

Reaction score: 133
Messages: 3,050

I've been using pfSense for several years as a gateway/router for my LAN as well as a DHCP server. It's a really nice piece of software and easy to set up by masking the complexity of dhcp. As a consequence I have little or no idea how it works, so I thought I'd install net/isc-dhcp44-server on one of my FreeBSD machines, which I did. But I don't know how to deal with two dhcp servers, so I disabled the dhcp service on pfSense and shortly afterwards there was chaos on the LAN. Some systems couldn't ping others and getting out onto the Internet was impossible.

How should I configure the second dhcp server? Should it have a fixed IP address?

I looked at vermaden's guide on setting up dhcp servers on FreeBSD, and maybe in 10 years time it will begin to make sense, but in the meantime I'd appreciate any advice on adding a second dhcp server into a small network.
 

Phishfry

Son of Beastie

Reaction score: 1,395
Messages: 4,110

Well like I have mentioned many times I run an APU2 Wireless Access Point with HostAPD and dnsmasq for dhcp server.
My setup goes like this:
192.168.1.1 << My OPNSense with DHCP server running

On my APU2 box I assign 2 ethernet ports to their own IP ranges and a wireless network too.
192.168.1.50 << igb0 Static DHCP address assigned from OPNSense. (Think WAN)
192.168.100.0 << ath0 ATHeros Wireless Card for wireless network (Think WIFI)
192.168.101.0 << igb1 Used for a wired network (Think LAN)
192.168.102.0 << igb2 Used for a wired network (Think OPT)
This all takes some more setup, but really is only one line for each additional dhcp server in dnsmasq.conf.

I could do a bridge interface for the box but dislike that idea as bridge slows traffic.
I could let OPNSense issue all IP's but I really like my setup.
I do need to make OPNSense firewall rules to allow traffic between 192.168.1.0 and my subnets on the APU for anything but http.
 
OP
OP
B

balanga

Son of Beastie

Reaction score: 133
Messages: 3,050

I think what I'm looking for is DHCP failover, as described here, but the problem is that I'm using pfSense as my principle DHCP server and that seems to have the configuration files hidden away somewhere, so I'll have to search through the GUI to see if it supports such a feature.
 

Phishfry

Son of Beastie

Reaction score: 1,395
Messages: 4,110

I guess I am a bit lost. What exactly are you trying to accomplish.
I have previously had pfSense at the modem. With dhcp server running on LAN.
I had/have pfSense/opnsense LAN connected to Cisco SG300 switch.
Attached to my SG300 switch I have an PCEngines APU2. I have it setup as router and it runs dnsmasq.
It assignes address in the 192.168.100.0; 192,168.101.0; 192.168.102.0 subnets.
So I have two DHCP servers on the same network. They don't care about one another.
My APU2 dnsmasq is configured as a router and handles the three subnets that are created with ifconfig.

The new network needs the proper range. This means 192.168.xxx.0/24
You can have <254 subnets under this regime. Address ranges from 192.168.2.1 to 192.168.253.253.
It is called a Class C address range meant for internal routing.
So with this you can have 253 IP addresses under 253 subnets for roughly 64K IP's with Class C
pfSense is setup to distribute IP's on the 192.168.1.1 network. So you can't use that range unless you bridge.
 

Phishfry

Son of Beastie

Reaction score: 1,395
Messages: 4,110

Doing some reading for my 10G Switch Project i was parousing the FreeBSD manpage for dhcp server settings.

Notice in the examples the ability to route everything within the same network range. Even for multiple ethernet adapters.
That gave me great guidance as to a method to tackle a problem. Routing without bridging.

In my opinion-
EXAMPLES:
Should be required for every manpage. They are invaluable.
OpenBSD 's manpage helped too.
 
Top