DHCP leases.

General questions.
ChrisK
Posts: 86
Joined: November 10th, 2014, 7:19 am

Re: DHCP leases.

Post by ChrisK » October 26th, 2019, 1:21 pm

Hi Darkness,

I think Arne already hit the mark:
You can't use the same IP-ranges for two different networks. In your case how shall the IPfire "know" if it should route the network directly via the green interface or use the MikroTic as the next hop? This setup is simply preset to fail!

What you could do is connect the MirkoTic via LAN (not WAN!) to the IPfire an then follow the HowTo here to bridge GREEN and BLUE:
https://wiki.ipfire.org/configuration/n ... green-blue

HTH

BeBiMa
Posts: 2842
Joined: July 30th, 2011, 12:55 pm
Location: Mannheim

Re: DHCP leases.

Post by BeBiMa » October 26th, 2019, 7:07 pm

If I do understand right the installation drawing, then the MikroTik device is part of the green network ( despite the fact that his outgoing interface is WLAN ). This is ok. But the MikroTik must be configured as AP ( or bridge ). Enabling NAT spans a new network on the wireless side and switches to router mode, IMHO.
Image
Unitymedia Cable Internet ( 32MBit )

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: DHCP leases.

Post by Darkness » October 28th, 2019, 7:19 am

ChrisK wrote:
October 26th, 2019, 1:21 pm
Hi Darkness,

I think Arne already hit the mark:
You can't use the same IP-ranges for two different networks. In your case how shall the IPfire "know" if it should route the network directly via the green interface or use the MikroTic as the next hop? This setup is simply preset to fail!

What you could do is connect the MirkoTic via LAN (not WAN!) to the IPfire an then follow the HowTo here to bridge GREEN and BLUE:
https://wiki.ipfire.org/configuration/n ... green-blue

HTH
Hi ChrisK,

I am not using the ip for two different networks. It really is the same network and the same client, the only thing that changes is the way it connects, wired or wireless.
So, the IPFire just have to send the request via Green network.

If I'm not mistaken, the client makes a DHCP request and the IPFire responds with the IP if it has the reservation made for said MAC.
After Mikrotik, he should distribute on broadcast the request to reach his destination, and I think he does this through DHCP Relay.

I don't want to bridge the green network with the blue network, since in the blue network I have a different configuration, with transparent proxy captive portal etc. And this is other different network (172.24.20.x).
Last edited by Darkness on October 28th, 2019, 8:40 am, edited 1 time in total.

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: DHCP leases.

Post by Darkness » October 28th, 2019, 7:35 am

BeBiMa wrote:
October 26th, 2019, 7:07 pm
If I do understand right the installation drawing, then the MikroTik device is part of the green network ( despite the fact that his outgoing interface is WLAN ). This is ok. But the MikroTik must be configured as AP ( or bridge ). Enabling NAT spans a new network on the wireless side and switches to router mode, IMHO.

This is exactly what I want to do.

The microtik is just a "dumb son" who must expand the network and replicate the request and the concession of the IP served by the DHCP.

I have the MT configured as AP, but I can't do it work properly.
I was asked in the Mikrotik forum too, because it has several AP configuration modes. And I don't know if I'm setting it the right way.

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: DHCP leases.

Post by Darkness » October 28th, 2019, 8:30 am

While I wait for your answers I continue testing configurations.

Currently I have changed the configuration of the "Local Network" part and have given it an IP in the same subnet as the one that DHCP has to serve me. And I removed the NAT tick in the local part.
Image

I have the DHCP Relay configured in the bridge to apply to all interfaces.
The client makes the request
Image

The IPFire receives it and offers the ip
Image

But DHCP Relay doesn't receive it and I don't understand why.


Emphasize that MikroTik is already receiving an IP by DHCP. The "Internet" IP. And it works fine.
Image

ChrisK
Posts: 86
Joined: November 10th, 2014, 7:19 am

Re: DHCP leases.

Post by ChrisK » October 28th, 2019, 8:47 am

Why do you think so complicated? If I got you right, all you want to achive is to use the same network on cabled and wireless LAN - is that correct?

If so, all you need to do is:
1) Deactivate routing mode in the MikroTik (aka Access Point mode)
2) Connect it via LAN to the IPFire, not WAN-port

As long as you have NAT enabled in the MikroTik, the routing will not work correctly.
Because the IPFire can not know if the target can be reached directly (as when connected to LAN) or needs to be routed via the MikroTik as a gateway. This is what I meant when I wrote the setup is preset to fail.

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: DHCP leases.

Post by Darkness » October 28th, 2019, 9:07 am

ChrisK wrote:
October 28th, 2019, 8:47 am
Why do you think so complicated? If I got you right, all you want to achive is to use the same network on cabled and wireless LAN - is that correct?

If so, all you need to do is:
1) Deactivate routing mode in the MikroTik (aka Access Point mode)
2) Connect it via LAN to the IPFire, not WAN-port

As long as you have NAT enabled in the MikroTik, the routing will not work correctly.
Because the IPFire can not know if the target can be reached directly (as when connected to LAN) or needs to be routed via the MikroTik as a gateway. This is what I meant when I wrote the setup is preset to fail.
Thanks for the fast reply.

Yes it's correct. The same network and the same IP.

1. Actually its configured like an Access Point (with NAT disabled).
2. The MikroTik device its connected to the green part by cable.


So if I haven't misunderstood you, as I have configured it should work, but it doesn't.

ChrisK
Posts: 86
Joined: November 10th, 2014, 7:19 am

Re: DHCP leases.

Post by ChrisK » October 28th, 2019, 9:22 am

Ok, if that's the case then I don't understand your drawing. What's that 192.168.88.1 IP there?
If the MirkoTik is really in AP-mode, the interfaces of wireless and lan should be bridged internally, so there can't be any different network for LAN and wireless?!
So if the LAN-port still shows an IP from an other network than the green network range, then there's still some sort of NATting running inside that will prevent your setup from working as expected.

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: DHCP leases.

Post by Darkness » October 28th, 2019, 9:31 am

ChrisK wrote:
October 28th, 2019, 9:22 am
Ok, if that's the case then I don't understand your drawing. What's that 192.168.88.1 IP there?
If the MirkoTik is really in AP-mode, the interfaces of wireless and lan should be bridged internally, so there can't be any different network for LAN and wireless?!
So if the LAN-port still shows an IP from an other network than the green network range, then there's still some sort of NATting running inside that will prevent your setup from working as expected.
Correct, now we are in the same situation.

I also don't understand why in AP mode it has a LAN part. That's why I asked in the MikroTik forum about it.

I had 192.168.88.1 because it is the default IP, and I thought that IP was only for device management.

As it seems that it is not just for that, I decided to give an IP, a 172.16.197.201, which is in the same range as the one I want to serve with DHCP to the client that is 172.16.197.6.

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: DHCP leases.

Post by Darkness » October 28th, 2019, 11:37 am

Well guys, it has finally worked. The problem was on MikroTik configuration.

The cfg of MicroTik now is the next:
Image

(Thanks @ChrisK I discovered it thanks to your comment about "natting runing inside...").

Now, I have to set the "Default lease time (mins):" and "Max lease time (mins): " to 1

This is because if the concession is greater, until the time passes, it does not release the IP.
And Windows assign me this IP cause the other one was leased for the other interface.
Image

I would like to somehow be able to release the IP once I have disconnected, without having to wait for the maximum concession time.
Because having to make concessions every 1 minute can greatly overload the network.

I don't know if there is any way to do this... ??

Post Reply