1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Assign different gateways via DHCP based upon MAC address.

Discussion in 'Tomato Firmware' started by Jaidee, Jul 17, 2007.

  1. Jaidee

    Jaidee Addicted to LI Member

    Hello all,

    I've had a thread going about half-bridge mode on the DSL-320T for a few days now, and now that's all solved, I'm moving on to my next issue.

    The way my home netowrk is designed, we have two routers which operate on eth same subnet. 192.168.0.* These each have their own WAN connections, as my neighbours would rather be in control of their own internet connection. Fair enough.

    Because all computers on the network must have access to one another, they have to be all on the same subnet - either that or complicated routing tables, and I'm crap at that so let's not go there.

    Because both routers are on the same subnet, I can only run one DHCP server. So, my router gives out IPs in the range 192.168.0.50-99, and gives them a gateway of 192.168.0.100, my router. The second router has DHCP disabled, and this requires all my neighbours PCs to have static IPs and gateways of 192.168.0.200 .

    Ideally, we want all PCs to just take IPs from DHCP. I need a way to customise my dnsmasq to hand out a specific gateway (192.168.0.200) to certain MAC addresses on my network. I'm sure this is possible, but how?

    Many thanks,
    Jaidee.
     
  2. azeari

    azeari Addicted to LI Member

    i'm not sure if dnsmasq supports ur configuration, though i do know routing tables will most definitely work (= just draw a route from subnet1 to subnet2(i.e. 192.168.1.0 to 192.168.1.1) with a netmask of 255.255.255.0 through the gateway(router), and vice versa. only issue here is broadcast traffic won't be routed over, which shouldn't usually be an issue
     
  3. ifican

    ifican Network Guru Member

    Have never tried this but dont see a reason why it should not work. Most of these types of routers now adays offer access restriction via mac, i would restrict the machines that you do not want on each router and then let the other router respond to the dhcp request of the allowed host.
     
  4. Jaidee

    Jaidee Addicted to LI Member

    Unfortunately MAC restriction still allows for DHCP requests to be met - it simply prevents traffic to the WAN side.
     
  5. ifican

    ifican Network Guru Member

    Well i think the easiest thing for you to do then is to get a 3rd router and place it between your networks, put it in router mode and let it handle the interdomain traffic. That way both networks can run dhcp with no worry of getting in each others way.
     
  6. mstombs

    mstombs Network Guru Member

    Sorry to follow you around Jaidee, but the documentation for dnsmasq does seem to allow what you asked for in the first post ie in the example config file

    http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq.conf.example

    You could tag your neighbours static dhcp addresses "red" and then for those that are tagged red allocate them a different default gateway, but you probably also need to change the dns server etc as well - don't see how to do this...

    Whether it works or not I have no idea but it looks like you define extra static dhcp leases with this sort of command in the custom config window

    dhcp-host=00:04:E2:23:92:E8,192.168.1.20,1440m,net:red

    and specify the gateway to be used for those tagged red with
    dhcp-option = net:red,option:router,1.2.3.4
     
  7. Jaidee

    Jaidee Addicted to LI Member

    Mstombs, please make no apologies for following me around, this is exactly what I was looking for - fanstastic!

    So, here's my thinking: let's say that nextdoor they have four PCs. The MAC addresses are aa:aa:aa:aa:aa:aa, bb:bb:bb:bb:bb:bb, cc:cc:cc:cc:cc:cc and dd:dd:dd:dd:dd:dd. So I set up four rules to make these MAC addresses "red";

    Code:
    dhcp-mac=red,aa:aa:aa:aa:aa:aa
    dhcp-mac=red,bb:bb:bb:bb:bb:bb
    dhcp-mac=red,cc:cc:cc:cc:cc:cc
    dhcp-mac=red,dd:dd:dd:dd:dd:dd
    
    Then I need to set specific gateway and dns to these MACs:

    To do the gateway I use:
    Code:
    dhcp-option = net:red, option:router, 192.168.0.200
    
    and to do the DNS I think I use:
    Code:
    dhcp-option = net:red, option:6, 192.168.0.200
    
    or it might be:
    Code:
    dhcp-option = net:red, 6, 192.168.0.200
    
    (just removing the "option" as I'm not using the name but the number.)

    I'm actually off to the zoo now (wtf, I know), so I'll implemement this when I return. Cheers for the help folks!
     
  8. Jaidee

    Jaidee Addicted to LI Member

    Just to let you guys know I was bang on with the formatting of the custom config, so my config now looks like this:

    Code:
    dhcp-mac=red,aa:aa:aa:aa:aa:aa
    dhcp-mac=red,bb:bb:bb:bb:bb:bb
    dhcp-mac=red,cc:cc:cc:cc:cc:cc
    dhcp-mac=red,dd:dd:dd:dd:dd:dd
    dhcp-option = net:red, option:router, 192.168.0.200
    dhcp-option = net:red, 6, 192.168.0.200
    
    Which as you can probably guess, sets all of the desired MAC addresses to take gateway and IP address of 192.168.0.200 instead of the default settings.

    Now my network is truly beautiful.

    Many thanks!
     
  9. valiene

    valiene Addicted to LI Member

    2 questions about this config :
    1. where should paste this config to make it working?
    2. what is this "red" parameter?

    Many thanks,
     
  10. mstombs

    mstombs Network Guru Member

    Ans:
    1. In "Dnsmasq Custom Configuration" window under "Advanced->DHCP/DNS"
    2. It is a label local to this custom config, see example in the dnsmasq manual linked above
     
  11. skiv71

    skiv71 Networkin' Nut Member

    i did it....

    dhcp-option = 6, 192.168.0.78, 192.168.11.254
    dhcp-option = 15, "elecref.local"

    in my custom dnsmasq

    i added option 15 to specify dns suffix, great!!

    linux rulezzzzzzz

    thanks for everyones help

    neil
     

Share This Page