Answer the question
In order to leave comments, you need to log in
T
T
tayanov2017-09-23 12:17:02
tayanov, 2017-09-23 12:17:02
How to separate the work of 2 dhcp servers connected by a VPN bridge?
There are two openwrt routers at different points, houses.
Everyone has their own internet connection.
The first 10.0.0.1 VPN client
The second 10.0.0.100 VPN server
between them is an openvpn ethernet tap tunnel, without ip at the end.
Thus, the clients of one are visible to all clients of the other network.
Broadcast packets work. Without any routing. All clients in the same network segment 10.0.0.0
Each has its own local wifi and lan clients.
And each router has its own DHCP.
The problem is that you want to limit the work of DHCP in each home.
Otherwise, sometimes the dhcp client gets the ip and gateway from the remote router. Thus, the Internet does not adequately work on devices.
It seems that some kind of "triangular" routing is obtained - it seems that's what it's called.
and the problem is not in the received ip but in the received gateway.
How to separate their work?
2 answer(s)
@tayanov
T
tayanov, 2017-11-26 @tayanov
ebtables will help with the solution
OpenWRT will have to deliver the kernel module kmod-ebtables-ipv4
#!/bin/sh
# Select port $BAN_IF=tap0
# Add rules
ebtables -A INPUT -i $BAN_IF -p ipv4 --ip-prot udp -- ip-sport 67:68 -j DROP
ebtables -A INPUT -i $BAN_IF -p ipv4 --ip-proto udp --ip-dport 67:68 -j DROP
ebtables -A FORWARD -i $BAN_IF -p ipv4 -- ip-proto udp --ip-dport 67:68 -j DROP
ebtables -A FORWARD -i $BAN_IF -p ipv4 --ip-proto udp --ip-sport 67:68 -j DROP
Similar questions
B
S
G
M
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question