Okay I'm back. Sorry for the delay...
I installed a FreeBSD OS on a virtual machine, same
pf.conf, same
ipfw.rules, same
dhcpd.conf. I added some other virtual workstations into the network and it all worked flawlessly....?!
I trashed the aliases.
Now the
dhcpd.conf is looking clean, like this:
Code:
#
# Options
#
default-lease-time 86400;
max-lease-time 86400;
min-lease-time 86400;
ddns-update-style none;
log-facility local3; # Note: syslog-ng filters by program
#
# Network options
#
shared-network camin
{
authoritative;
option domain-name "c3.campus.utcluj.ro";
option domain-name-servers 193.226.6.229, 193.226.5.151, 193.226.6.233, 217.73.173.3, 193.226.5.33, 8.8.8.8;
#option domain-name-servers 193.226.6.229;
subnet 172.23.0.0 netmask 255.255.240.0
{
# pool
# {
# max-lease-time 300;
# min-lease-time 150;
# range 172.23.14.10 172.23.15.240;
# allow unknown-clients;
# }
range 172.23.14.10 172.23.15.240;
option routers 172.23.0.1;
option subnet-mask 255.255.240.0;
option broadcast-address 172.23.15.255;
}
}
#
# Leases
#
include "/var/db/c3/dhcpd.conf";
I swapped to 172.23.0.0/24 network. I have tried to achieve this using a pool or the
range
directly but it did not work. Also, I changed the dhcp interface to bge1 so I'll post the output of
ifconfig bge1
Code:
bge1: flags=88843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,STATICARP> metric 0 mtu 1500
options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
ether 00:11:0a:e9:9b:5e
inet 172.23.0.1 netmask 0xfffff000 broadcast 172.23.15.255
inet6 fe80::211:aff:fee9:9b5e%bge1 prefixlen 64 scopeid 0x5
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
media: Ethernet autoselect (1000baseT <full-duplex,master>)
status: active
The
ipconfig
on windows machines returns the proper IP, Mask, Gateway, DNS and all other informations on the NIC connected to that network...
I am getting an IP from 172.23.14.0/24 or 172.23.15.0/24 network but I am not able to communicate with 172.23.0.1 (FreeBSD server).
If a rogue DHCP server would release IP addresses, I should get some other IP (192.168.x.x usually) and the router's IP address as gateway, which I do not.
I am running no packet filtering at this moment. I changed pf.conf to
Code:
ext_if="em0"
int_if="bge1"
internal_net="172.23.0.0/20"
external_addr="10.134.168.54"
table <campus> { 172.22.0.0/21, 172.23.0.0/20, 172.24.0.0/21, 172.25.0.0/21 }
# NAT
nat on $ext_if from $internal_net to !<campus> -> $ext_if
# Pass all
pass all
Any other ideas?
Thank you for the struggle
Later edit:
STUPID STUPID STUPID STUPID!
I would have never think about this. It seems that the script that generates the .leases file, also generates an ARP file, which is loaded and the command
ifconfig bge1 staticarp
is loaded. The script is old and I was never curious enough (and to be honest I didn't think that one would create static ARP lists) to look for something like this.
I modified that into
ifconfig bge1 -staticarp
and it all works great now. Sorry for wasting your time but I think that we all learned something today
)