DHCPD - can get IPs on Clients, but cant get on the web

[Tokunbo]

hello,

Im trying to configure my DHCPD on my server. My server can assign IPs to clients (192.168.100....) but my client PCs cannot get on the web.

I have set "net.ipv4.ip_forward = 1" in /etc/sysctl.conf.
All the settings in the abovementioned file are set to "1" except "kernel.sysrq".

eth1 is for my internal network and eth0 is for the external. I can ping the IP on eth0 but I cant ping the default gateway on eth0(from client PC).

there are no firewalls in place. Ive even tried connecting with "iptables -F" setting on my server...

pls help, what else can I do so that my client PCs can connect to the web thru my RH9 server..


thanks for all the helps.
Toks

[Dapper Dan]

I'll give it a shot...

Are the client boxes set up for DHCP as well? Have you tried turning off DHCP from your server box and/or assigning static IP's to each of the client boxes? Are you using a router?

[Tokunbo]

hi

Yes, the client computers are set oup for DHCP

Yes, ive tried turining off DHCP on the server and assigning static IPs on the clients etc....

the main problem i have is the passing of traffic through the server.....as in my client PCs cant connect to the web through the server.

Toks

[drakebasher]

Do you have a route from the client to the gateway? On the client machine, try:

Code:

route add default gw <serverinsideIP> netmask 0.0.0.0 eth0

Also, you need to have an iptables entry for forwarding on the server machine. This is the quick and easy way to do that. In fact, you may be able to copy and paste for making a forwarding setup script. Your setup will be insecure until you get a better firewall configuration. Check out Firestarter for that.

[Tokunbo]

thanks for the infos....

pls does anyone have a DHCP server tutorial for total dummies....i mean Linux First-Timers...

Toks

[drakebasher]

I was looking a couple of days ago and was disappointed. Try these links:
RUTE General purpose/applicability
Redhat Manuals Specific to Redhat, but applies mostly generally
Linux Network Administrators Guide from The Linux Documentation Project

[kyle.tk]

you need something like this

www.shorewall.net

[Mandeep]

Dear every thing will work fine. Let me write step by step procedure.

Step 1. check default route on server
#netstat -rn

you should have
....
....
....
....
0.0.0.0 (ipaddressofgateway) 0.0.0.0 UG 0 0 0 eth0
ipaddressofgateway = ip of provider

Step 2. if no firewall is configured, (most probable this is the cause) you are missing masqurading.
minimum you should have this command executed
#iptables -A POSTROUTING -o eth0 -j MASQUERADE
(NOTE: you should configure firewall, it will solve a lot of new problems.)

Step 3. configure ip forwarding
in file /etc/sysctl.conf

net.ipv4.ip_forward = 1

Step 4. put static ip in any client and check wheather everything is working. if not check again from step 1. if everything is fine then read further.

Step 5. i am pasting this simple dhcpd.conf file, i thing this will help you for a quick start.
in example domain is "etu" , ip address for server is "192.168.0.1"
on server DNS is working, and samba for windows network. in example i give host "smiley" fixed ip address
in given example dhcpd is updating zone file automatically (DDNS) you can ignore them.
-----------------------------------
option domain-name "etu";
option domain-name-servers 192.168.0.1;
option netbios-name-servers 192.168.0.1;
default-lease-time 1800;
max-lease-time 2400;
authoritative;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
one-lease-per-client true;
ddns-updates on;
ddns-ttl 120;
#ddns-ttl 600;
ddns-update-style interim;
ddns-domainname "etu";
ddns-rev-domainname "in-addr.arpa";
allow client-updates;

key dhcpupdater {
algorithm hmac-md5;
secret "put your rndc key here";
};

subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.10 192.168.0.254;
}

zone etu. {
primary 192.168.0.1;
key dhcpupdater;
}

zone 0.168.192.in-addr.arpa. {
primary 192.168.0.1;
key dhcpupdater;
}



host smiley {
hardware ethernet 00:02:j3:6d:45:94; #InterPro100S
fixed-address 192.168.0.5;
}
-----------------------------------
Good Luck
Hope for the best.