0

My network is 10.10.0.0/16. I would like to break this up into /24s.

My environment: I use /etc/hosts with dnsmasq for DNS and isc-dhcp-server for DHCP on an Ubuntu 14.04 server (gateway, router) with two NICs. eth0 connects to the ISP switch and eth1 (10.10.0.1/16) connects to the LAN switch. All clients connect to the LAN switch.

Config on 10.10.0.1:

TCP forwarding is enabled:

:~$ sudo sysctl -p
net.ipv4.ip_forward = 1

/etc/network/interfaces:

auto lo
iface lo inet loopback

auto eth0
        iface eth0 inet dhcp

auto eth1
        iface eth1 inet static
        address 10.10.0.1
        netmask 255.255.0.0

/etc/dhcp/dhcpd.conf:

# general options
authoritative;
ddns-update-style none;
log-facility local7;
deny declines;
default-lease-time 3600;
option routers 10.10.0.1;
option domain-name-servers 10.10.0.1;
option domain-name "lab.info";

subnet 10.10.0.0 netmask 255.255.0.0 {
}

subnet 10.10.1.0 netmask 255.255.255.0 { range 10.10.1.1 10.10.1.254; deny unknown-clients;

        host host1 { hardware ethernet c8:33:eb:6e:df:3e; fixed-address host1; }
}

# Unknown clients
subnet 10.10.255.0 netmask 255.255.255.0 { range  10.10.255.1 10.10.255.254; allow unknown-clients; }

/etc/hosts:

127.0.0.1       localhost
10.10.1.1       host1

host1 is able to receive the correct lease from 10.10.0.1 but cannot ping anything outside its subnet (10.10.1.0/24). As far as I can tell, I need static routes on the router. I have tried with no success:

sudo route add -net 10.10.1.0/24 gw 10.10.0.1

What am I doing wrong?

Kheldar Ambar
  • 1
  • 2

2 Answers2

1

The reason it is not working as intended is that DHCP will look at interface and try to find one network that matches the most

You need 2 interfaces (or 2 IPs on one interface) with different network size.

But you should avoid having overlapping networks

Proper config would be having 2 non-overlapping networks and each of DHCP configs having its own option routers. Example:

RESCUE-CORE (VLAN1001)
subnet 10.0.0.128 netmask 255.255.255.224 {
    authoritative;
#    allow unknown-clients;
    range 10.0.0.148 10.0.0.158;
    option subnet-mask 255.255.255.224;
    option routers 10.0.0.129;
    option domain-name-servers 10.100.101.10;
    option time-servers 10.100.101.5;
    default-lease-time 3600;
    max-lease-time 3600;
    next-server 10.100.101.5;
}

#   RESCUE-ROUTERS (VLAN1002)
subnet 10.0.0.160 netmask 255.255.255.224 {
    authoritative;
#    allow unknown-clients;
    range 172.16.254.180 172.16.254.190;
    option subnet-mask 255.255.255.224;
    option routers 172.16.254.161;
    option domain-name-servers 10.100.101.10;
    option time-servers 10.100.101.5;
    default-lease-time 3600;
    max-lease-time 3600;
    next-server 10.100.101.5;
}
XANi
  • 392
  • 1
  • 3
0

Try these declarations:

shared-network "mynet" {
    # No subnet 10.10.0.0 netmask 255.255.0.0
    # since it would overlap with other subnets

    subnet 10.10.10.0 netmask 255.255.255.0 {
         option routers 10.10.0.1;
    }

    subnet 10.10.1.0 netmask 255.255.255.0 { 
         option routers 10.10.1.1;
         # the range should not overlap with the router
         range 10.10.1.10 10.10.1.254; 
         deny unknown-clients;
    }
}
host host1 { 
     hardware ethernet c8:33:eb:6e:df:3e; 
     fixed-address 10.10.1.5;
}
J.J. Hakala
  • 101
  • 3