Topic: dhcpd providing static routes

[erroneus]

I did some searching but didn't see this specifically on the first couple of pages... if it's buried in there deeper, I'm sorry -- perhaps I didn't search for the right terms.

Here's what I want to do:

In my office network, I am using SME 7.5 to provide DHCP services.  For most things I have been able to get it to provide all sorts of customized things including static routes.  But the problem is that it is ugly on the client side.

My clients are Windows machine.  The normal "option static-routes <ip.ad.dr.es> <g.at.ew.ay>" only specifies routing to one IP address [ip.ad.dr.es/32] and a gateway.  I would like to specify a range like ip.ad.dr.es/24 or something.  I have read where there are some other ways to get dhcpd to send out such info to Windows clients, but have been unable to get them to work.  Does anyone have any experience or insight into this?

[Stefano]

well, telling us what did you try and what problems you've got could be a good start

[CharlieBrady]

In my office network, I am using SME 7.5 to provide DHCP services.  For most things I have been able to get it to provide all sorts of customized things including static routes.

Why are you doing this? Most hosts don't need static routes - just knowing one router is usually enough. How many routers do you have on the LAN?

[erroneus]

Well, I thought I did, but I will say it another way and hopefully more clearly.

using the "option static-routes <ip.ad.dr.es> <g.at.ew.ay>, <ip.ad.dr.es> <g.at.ew.ay>" method, I added routes for four different single IP addresses on the same subnet through the same single gateway.  In my dhcpd.conf, it looked similar to this:

Code: [Select]

option static-routes 10.10.20.1 10.10.10.254, 10.10.20.2 10.10.10.254, 10.10.20.3 10.10.10.254, 10.10.20.4 10.10.10.254;
And the resulting "route print" output was very ugly in that each additional route used an additional line in the routing table each mentioning a single IP address with a host mask of 255.255.255.255.

What I would like to see is something like this:

Code: [Select]

option static-routes 10.10.20.0/24 10.10.10.254;
But dhcpd.conf doesn't offer this sort of option to my knowledge.

[erroneus]

Why are you doing this? Most hosts don't need static routes - just knowing one router is usually enough. How many routers do you have on the LAN?

Why?  Because I have a Cisco VoIP network that lives on the same ethernet cabling as the rest of the business network and I would like to be able to hit those resources from the PCs as well.  We will then be able to have access to additional services using the desktops syncing phone directory information and such.

As in the example I posted earlier, the business network would live on 10.10.10.0/24 and the VoIP network would live on 10.10.20.0/24.

[CharlieBrady]

But dhcpd.conf doesn't offer this sort of option to my knowledge.

DHCP option 33 doesn't include a netmask:

http://www.networksorcery.com/enp/protocol/bootp/option033.htm

[CharlieBrady]

Why?  Because I have a Cisco VoIP network that lives on the same ethernet cabling as the rest of the business network and I would like to be able to hit those resources from the PCs as well.

As long as the default router knows about the route, the hosts should learn the correct route the first time they try to send via the default router:

http://en.wikipedia.org/wiki/ICMP_Redirect_Message

[erroneus]

As long as the default router knows about the route, the hosts should learn the correct route the first time they try to send via the default router:

http://en.wikipedia.org/wiki/ICMP_Redirect_Message

I don't have access to the router to program these routing rules.  The router is owned by the network provider and I have having no luck getting them to add this functionality.  Using DHCP is the next best way to make it happen... the next worst way will be to add a "route add" command line to some sort of login script to add this routing rule.

Additionally, there have been times in the past where I wanted to reduce internet traffic on the business network by sending all traffic not bound for a 10.x.x.x range to an alternate gateway.  In cases where I do not have access to the router, I would like to be able to use such a technique.

[mmccarn]

The ISP router does not have to be the default router for your workstations.

Clearly, your SME server is supplying IPs to your workstations via DHCP -- so as long as the SME knows how to route traffic itself (using it's 'default gateway' and 'local networks' settings), your workstations should route correctly if you use the SME as the default router for the rest of your LAN.

If your SME is in server-only mode, the same ICMP_Redirect_Message capability will apply - the first time a workstation tries to get to the internet, the SME will tell it to use the "real" router.

(That's the theory, anyway).

[erroneus]

The ISP router does not have to be the default router for your workstations.

Clearly, your SME server is supplying IPs to your workstations via DHCP -- so as long as the SME knows how to route traffic itself (using it's 'default gateway' and 'local networks' settings), your workstations should route correctly if you use the SME as the default router for the rest of your LAN.

If your SME is in server-only mode, the same ICMP_Redirect_Message capability will apply - the first time a workstation tries to get to the internet, the SME will tell it to use the "real" router.

(That's the theory, anyway).

Yeah... I'm not certain I want to trust that all the workstations will acknowledge and respond properly to the ICMP_Redirect.  In the end, I think I will either have to specify explicit IP to Gateway lines or use a login script to tell the machines to update their routes.  There is an option-249 that ms clients are supposed to understand, but I don't think the dhcpd that runs on SME 7.x will submit that information properly... at least it didn't when I was testing it.

[johnp]

FWIW, The IP Phone systems I install are usually setup on a separate vlan using tagged ports for the phones and specific ports only on the phone vlan for the app servers.

Since I tend to trust these devices, I just add the subnet to the local networks for the routing. Of course the default gateway for the phone subnet needs to be aware of the sme subnet too.

[forolinux]

Here you can find how to add classless static routes to your dhcpd configuration:

http://ignoresysprereqs.blogspot.com/2011/05/dhcpd-ruteo-estatico-sin-clase-dhcpd.html