DHCP server not working using dnsmasq config and nat.sh scripts

classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
This post was updated on .
Hi :)

I have configured my alix 2d2 running voyage 0.9.5 with two wireless interfaces. One is in client mode (wlan0) and the other is in AP mode (wlan1). Everything works fine but once the clients are authenticated in the AP network they don't get an IP via DHCP and they can't ping any host on the network.

These are my configuration files

/etc/network/interfaces.d/wlan0.conf
auto wlan0
iface wlan0 inet static
        address 192.168.1.247
        netmask 255.255.255.0
        gateway 192.168.1.1
        dns-nameservers 192.168.1.1 80.58.61.250
        #wpa-driver wext
        wpa-ssid My_SSID
        wpa-psk xxxxxxxxxxxxxxx
        wpa-key-mgmt WPA-PSK
        ## for WPA
        wpa-pairwise TKIP
        wpa-group TKIP
        wpa-proto WPA
        ## for WPA2
        #wpa-pairwise CCMP TKIP
        #wpa-group CCMP TKIP
        #wpa-proto RSN
        #wireless-mode Managed

/etc/network/interfaces.d/wlan1.conf
auto wlan1
iface wlan1 inet static
        address 192.168.3.1
        netmask 255.255.255.0
        broadcast 192.168.3.255
        hostapd /etc/hostapd/hostapd.wlan1.conf
        up nat.sh wlan1 wlan0 "192.168.3.0/24"

/etc/hostapd/hostapd.wlan1.conf
interface=wlan1
driver=nl80211
ssid=testing
channel=11
hw_mode=g
auth_algs=3
ignore_broadcast_ssid=0
wep_default_key=1
wep_key1="abcde"
wep_key_len_broadcast="5"
wep_key_len_unicast="5"
wep_rekey_period=300

/etc/dnsmasq.more.conf
interface=wlan1
dhcp-range=192.168.3.10,192.168.3.250,12h
dhcp-leasefile=/var/tmp/dnsmasq.leases

So, what happens is when the client authenticates in the AP no DHCP request is received. Just in case I am attaching here some logs

iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
wlan1-INBOUND  all  --  anywhere             192.168.3.0/24
wlan1-FORWARD  all  --  192.168.3.0/24       anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain wlan1-FORWARD (1 references)
target     prot opt source               destination
ACCEPT     all  --  192.168.3.0/24       anywhere

Chain wlan1-INBOUND (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             192.168.3.0/24

tail -f /var/log/syslog (on client auth)
Aug 10 21:33:27 localhost dnsmasq[3062]: reading /var/run/dnsmasq/resolv.conf
Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 80.58.61.250#53
Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 192.168.1.1#53
Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: authenticated
Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: associated (aid 1)
Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 RADIUS: starting accounting session 55C91884-00000000

And my routing table
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan1

What is wrong here?
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

Henrik Kressner



I had the same problem, last time this aftenoon.


dnsmasq does not seem diliver the correct DNS to the client.


I have give up on dnsmasq and is using isc-dhcp-server in stead.


Mayby dnsmasq can be configured to work, but i didnt get that far.




On 11-08-2015 18:41, cotarelo2 wrote:

> Hi :)
>
> I have configured my alix 2d2 running voyage 0.9.5 with two wireless
> interfaces. One is in client mode (wlan0) and the other is in AP mode
> (wlan1). Everything works fine but once the clients are authenticated in the
> AP network they don't get an IP via DHCP and they can't ping any host on the
> network.
>
> These are my configuration files
>
> /etc/network/interfaces.d/wlan0.conf
>
>
> /etc/network/interfaces.d/wlan1.conf
>
>
> /etc/hostapd/hostapd.wlan1.conf
>
>
> /etc/dnsmasq.more.conf
>
>
> So, what happens is when the client authenticates in the AP no DHCP request
> is received. Just in case I am attaching here some logs
>
> iptables --list
>
>
> tail -f /var/log/syslog (on client auth)
>
>
> And my routing table
>
>
> What is wrong here? :confused:
>
>
>
> --
> View this message in context: http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374.html
> Sent from the Voyage Linux mailing list archive at Nabble.com.
>
> _______________________________________________
> Voyage-linux mailing list
> [hidden email]
> http://list.voyage.hk/mailman/listinfo/voyage-linux
>


--

-------------------------------------------
Med venlig hilsen / Yours Sincerly
Henrik Kressner


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
Thank you for replying,

Only DNS was not beimg delivered ? In my case I did not get any IP adress. Furthermore if I set a manual IP on the client I could not ping the gateway either.

I suspect I am missing something else ...
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

Henrik Kressner



Can you ping your own manualy set IP address from the client ?




On 12-08-2015 00:00, cotarelo2 wrote:

> Thank you for replying,
>
> Only DNS was not beimg delivered ? In my case I did not get any IP adress.
> Furthermore if I set a manual IP on the client I could not ping the gateway
> either.
>
> I suspect I am missing something else ...
>
>
>
> --
> View this message in context: http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374p4026376.html
> Sent from the Voyage Linux mailing list archive at Nabble.com.
>
> _______________________________________________
> Voyage-linux mailing list
> [hidden email]
> http://list.voyage.hk/mailman/listinfo/voyage-linux
>


--

-------------------------------------------
Med venlig hilsen / Yours Sincerly
Henrik Kressner


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
Yes, I can ping my own IP when I set the IP to manual
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

Henrik Kressner
On 12-08-2015 10:04, cotarelo2 wrote:
> Yes, I can ping my own IP when I set the IP to manual


I would suggest you check your config for error in netmask on both
computers, and se if each one can ping it self, if all thats in order,
and it still not working, I would take a look at the network (the switch)



>
>
> --
> View this message in context: http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374p4026378.html
> Sent from the Voyage Linux mailing list archive at Nabble.com.
>
> _______________________________________________
> Voyage-linux mailing list
> [hidden email]
> http://list.voyage.hk/mailman/listinfo/voyage-linux
>


--

-------------------------------------------
Med venlig hilsen / Yours Sincerly
Henrik Kressner
[hidden email]
Ingeniørfirmaet Synkro / Synkro Engineering
Vædevej 64
5462 Morud
http://www.synkro.dk
Tlf: 75 93 35 70
Mobil: 40 37 40 87


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

Jorge Peña
In reply to this post by cotarelo2
Hi Gerd,

I don’t know why the content is not received in the mail list. It is shown correctly in the forum post here : http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-td4026374.html

However, I tried with Windows, Linux, Android and even SmartTV clients :) none of them gets an IP address. The thing that bugs me is that even if I set the manual IP on the client, I will never reach the gateway on the AP.

I am copy pasting the files so the mail list can read:

/etc/network/interfaces.d/wlan0.conf
auto wlan0
iface wlan0 inet static
        address 192.168.1.247
        netmask 255.255.255.0
        gateway 192.168.1.1
        dns-nameservers 192.168.1.1 80.58.61.250
        #wpa-driver wext
        wpa-ssid My_SSID
        wpa-psk xxxxxxxxxxxxxxx
        wpa-key-mgmt WPA-PSK
        ## for WPA
        wpa-pairwise TKIP
        wpa-group TKIP
        wpa-proto WPA
        ## for WPA2
        #wpa-pairwise CCMP TKIP
        #wpa-group CCMP TKIP
        #wpa-proto RSN
        #wireless-mode Managed

/etc/network/interfaces.d/wlan1.conf
auto wlan1
iface wlan1 inet static
        address 192.168.3.1
        netmask 255.255.255.0
        broadcast 192.168.3.255
        hostapd /etc/hostapd/hostapd.wlan1.conf
        up nat.sh wlan1 wlan0 "192.168.3.0/24"

/etc/hostapd/hostapd.wlan1.conf
interface=wlan1
driver=nl80211
ssid=testing
channel=11
hw_mode=g
auth_algs=3
ignore_broadcast_ssid=0
wep_default_key=1
wep_key1="abcde"
wep_key_len_broadcast="5"
wep_key_len_unicast="5"
wep_rekey_period=300

/etc/dnsmasq.more.conf
interface=wlan1
dhcp-range=192.168.3.10,192.168.3.250,12h
dhcp-leasefile=/var/tmp/dnsmasq.leases

iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
wlan1-INBOUND  all  --  anywhere             192.168.3.0/24
wlan1-FORWARD  all  --  192.168.3.0/24       anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain wlan1-FORWARD (1 references)
target     prot opt source               destination
ACCEPT     all  --  192.168.3.0/24       anywhere

Chain wlan1-INBOUND (1 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             192.168.3.0/24

tail -f /var/log/syslog (on client auth)
Aug 10 21:33:27 localhost dnsmasq[3062]: reading /var/run/dnsmasq/resolv.conf
Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 80.58.61.250#53
Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 192.168.1.1#53
Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: authenticated
Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: associated (aid 1)
Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 RADIUS: starting accounting session 55C91884-00000000

Routing table
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan1



On 11 Aug 2015, at 19:33, G.Bitzer <[hidden email]> wrote:

Hi,

On 08/11/2015 06:41 PM, cotarelo2 wrote:
Hi :)

I have configured my alix 2d2 running voyage 0.9.5 with two wireless
interfaces. One is in client mode (wlan0) and the other is in AP mode
(wlan1). Everything works fine but once the clients are authenticated in the
AP network they don't get an IP via DHCP and they can't ping any host on the
network.

These are my configuration files

/etc/network/interfaces.d/wlan0.conf


/etc/network/interfaces.d/wlan1.conf


/etc/hostapd/hostapd.wlan1.conf


/etc/dnsmasq.more.conf
sorry, the content of these files is missing




So, what happens is when the client authenticates in the AP no DHCP request
is received. Just in case I am attaching here some logs
if the clients have success associating the WLAN, but no broadcasts are
received by the DHCP servers, the clients get no leased IP adress and
for sure can not ping. Then you should check the clients if they really
are configured to be DHCP clients, and if they really perform DHCP
broadcasts




iptables --list


tail -f /var/log/syslog (on client auth)
sorry, no content visible



And my routing table
no content visible. But as DHCP is broadcast based, it works only in one
subnet (without a DHCP proxy). So routing should hardly be the cause of
your prob




What is wrong here? :confused:
Maybe you should post kind of a picture of your networks and your setup.
And regarding your clients, I believe it's kind of a Linux, may be
Debian. Is this the case ?





--
View this message in context: http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374.html
Sent from the Voyage Linux mailing list archive at Nabble.com.

_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux




_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
In reply to this post by cotarelo2

Hi Gerd,


I don’t know why the content is not received in the mail list. It is shown correctly in the forum post here : http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-td4026374.html


However, I tried with Windows, Linux, Android and even SmartTV clients :) none of them gets an IP address. The thing that bugs me is that even if I set the manual IP on the client, I will never reach the gateway on the AP.


I am copy pasting the files so the mail list can read:


/etc/network/interfaces.d/wlan0.conf 

auto wlan0

iface wlan0 inet static

        address 192.168.1.247

        netmask 255.255.255.0

        gateway 192.168.1.1

        dns-nameservers 192.168.1.1 80.58.61.250

        #wpa-driver wext

        wpa-ssid My_SSID

        wpa-psk xxxxxxxxxxxxxxx

        wpa-key-mgmt WPA-PSK

        ## for WPA

        wpa-pairwise TKIP

        wpa-group TKIP

        wpa-proto WPA

        ## for WPA2

        #wpa-pairwise CCMP TKIP

        #wpa-group CCMP TKIP

        #wpa-proto RSN

        #wireless-mode Managed


/etc/network/interfaces.d/wlan1.conf 

auto wlan1

iface wlan1 inet static

        address 192.168.3.1

        netmask 255.255.255.0

        broadcast 192.168.3.255

        hostapd /etc/hostapd/hostapd.wlan1.conf

        up nat.sh wlan1 wlan0 "192.168.3.0/24"


/etc/hostapd/hostapd.wlan1.conf 

interface=wlan1

driver=nl80211

ssid=testing

channel=11

hw_mode=g

auth_algs=3

ignore_broadcast_ssid=0

wep_default_key=1

wep_key1="abcde"

wep_key_len_broadcast="5"

wep_key_len_unicast="5"

wep_rekey_period=300


/etc/dnsmasq.more.conf 

interface=wlan1

dhcp-range=192.168.3.10,192.168.3.250,12h

dhcp-leasefile=/var/tmp/dnsmasq.leases


iptables --list 

Chain INPUT (policy ACCEPT)

target     prot opt source               destination


Chain FORWARD (policy ACCEPT)

target     prot opt source               destination

wlan1-INBOUND  all  --  anywhere             192.168.3.0/24

wlan1-FORWARD  all  --  192.168.3.0/24       anywhere


Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination


Chain wlan1-FORWARD (1 references)

target     prot opt source               destination

ACCEPT     all  --  192.168.3.0/24       anywhere


Chain wlan1-INBOUND (1 references)

target     prot opt source               destination

ACCEPT     all  --  anywhere             192.168.3.0/24


tail -f /var/log/syslog (on client auth) 

Aug 10 21:33:27 localhost dnsmasq[3062]: reading /var/run/dnsmasq/resolv.conf

Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 80.58.61.250#53

Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 192.168.1.1#53

Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: authenticated

Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: associated (aid 1)

Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 RADIUS: starting accounting session 55C91884-00000000


Routing table

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 wlan0

192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0

192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan1



> Date: Tue, 11 Aug 2015 19:33:24 +0200

> From: [hidden email]
> To: [hidden email]
> Subject: Re: [Voyage-linux] DHCP server not working using dnsmasq config and nat.sh scripts
>
> Hi,
>
> On 08/11/2015 06:41 PM, cotarelo2 wrote:
> > Hi :)
> >
> > I have configured my alix 2d2 running voyage 0.9.5 with two wireless
> > interfaces. One is in client mode (wlan0) and the other is in AP mode
> > (wlan1). Everything works fine but once the clients are authenticated in the
> > AP network they don't get an IP via DHCP and they can't ping any host on the
> > network.
> >
> > These are my configuration files
> >
> > /etc/network/interfaces.d/wlan0.conf
> >
> >
> > /etc/network/interfaces.d/wlan1.conf
> >
> >
> > /etc/hostapd/hostapd.wlan1.conf
> >
> >
> > /etc/dnsmasq.more.conf
> sorry, the content of these files is missing
>
>
> >
> >
> > So, what happens is when the client authenticates in the AP no DHCP request
> > is received. Just in case I am attaching here some logs
> if the clients have success associating the WLAN, but no broadcasts are
> received by the DHCP servers, the clients get no leased IP adress and
> for sure can not ping. Then you should check the clients if they really
> are configured to be DHCP clients, and if they really perform DHCP
> broadcasts
>
>
>
> >
> > iptables --list
> >
> >
> > tail -f /var/log/syslog (on client auth)
> sorry, no content visible
>
> >
> >
> > And my routing table
> no content visible. But as DHCP is broadcast based, it works only in one
> subnet (without a DHCP proxy). So routing should hardly be the cause of
> your prob
>
>
> >
> >
> > What is wrong here? :confused:
> Maybe you should post kind of a picture of your networks and your setup.
> And regarding your clients, I believe it's kind of a Linux, may be
> Debian. Is this the case ?
>
>
> >
> >
> >
> > --
> > View this message in context: http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374.html
> > Sent from the Voyage Linux mailing list archive at Nabble.com.
> >
> > _______________________________________________
> > Voyage-linux mailing list
> > [hidden email]
> > http://list.voyage.hk/mailman/listinfo/voyage-linux
>

_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

G.Bitzer
In reply to this post by Henrik Kressner
On 08/12/2015 05:42 PM, Henrik Kressner wrote:
> On 12-08-2015 10:04, cotarelo2 wrote:
>> Yes, I can ping my own IP when I set the IP to manual
>
>
> I would suggest you check your config for error in netmask on both
> computers, and se if each one can ping it self, if all thats in order,
> and it still not working, I would take a look at the network (the switch)

the netmask usually comes from the DHCP server, as the broadcast address
and further details.

He has a setup with WLAN (as far as I remember), so there is no physical
switch, only the AP the clients are associating with. And a switch
operates on Layer 2 based on MAC adresses, not IP adresses or routing

Without further details regarding his setup (he is not willing to show)
this is a waste of time, puzzling details out of the fog, sorry

>
>
>
>>
>>
>> --
>> View this message in context:
>> http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374p4026378.html
>> Sent from the Voyage Linux mailing list archive at Nabble.com.
>>
>> _______________________________________________
>> Voyage-linux mailing list
>> [hidden email]
>> http://list.voyage.hk/mailman/listinfo/voyage-linux
>>
>
>


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
Hi,

Is not that I am not willing to show my setup, but it is rather simple for a drawing... it looks like this

Clients (dhcp) <-> Voyage (wlan1 AP 192.168.3.x, wlan2 wlreless client 192.168.1.x) <-> Wireless Internet Gateway (dhcp 192.168.1.x) <-> Internet

What more about the setup is needed here?

Thank you in advance,


> Date: Wed, 12 Aug 2015 21:34:31 +0200

> From: [hidden email]
> To: [hidden email]
> Subject: Re: [Voyage-linux] DHCP server not working using dnsmasq config and nat.sh scripts
>
> On 08/12/2015 05:42 PM, Henrik Kressner wrote:
> > On 12-08-2015 10:04, cotarelo2 wrote:
> >> Yes, I can ping my own IP when I set the IP to manual
> >
> >
> > I would suggest you check your config for error in netmask on both
> > computers, and se if each one can ping it self, if all thats in order,
> > and it still not working, I would take a look at the network (the switch)
>
> the netmask usually comes from the DHCP server, as the broadcast address
> and further details.
>
> He has a setup with WLAN (as far as I remember), so there is no physical
> switch, only the AP the clients are associating with. And a switch
> operates on Layer 2 based on MAC adresses, not IP adresses or routing
>
> Without further details regarding his setup (he is not willing to show)
> this is a waste of time, puzzling details out of the fog, sorry
>
> >
> >
> >
> >>
> >>
> >> --
> >> View this message in context:
> >> http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374p4026378.html
> >> Sent from the Voyage Linux mailing list archive at Nabble.com.
> >>
> >> _______________________________________________
> >> Voyage-linux mailing list
> >> [hidden email]
> >> http://list.voyage.hk/mailman/listinfo/voyage-linux
> >>
> >
> >
>
>
> _______________________________________________
> Voyage-linux mailing list
> [hidden email]
> http://list.voyage.hk/mailman/listinfo/voyage-linux

_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

G.Bitzer
Hi Jorge,

I have a similar setup:

wired DHCP-Clients <-> OpenWRT (eth0 for DHCP 192.168.1.0/24 with dnsmasq, wlan0 as wireless client) <-> Internet Gateway, DHCP 192.168.8.0/24 with dnsmasq on an Alix

You can fire up tcpdump on your Voyage: tcpdump -i wlan1
to look for DHCP (discovery, lease) requests on wlan1. As soon as the clients have successfully associated with the WLAN, you should see the DHCP broadcasts (and hopefully the replies). Also you should be able to see the DHCP broadcasts with tcpdump on the clients.

It should also be possible to run wireshark on a client and do remote packet capturing on the Alix by using ssh and tshark, if you like to have a GUI. But using tcpdump might be less error-prone

Hope that helps

On 08/13/2015 01:47 PM, Jorge Peña wrote:
Hi,

Is not that I am not willing to show my setup, but it is rather simple for a drawing... it looks like this

Clients (dhcp) <-> Voyage (wlan1 AP 192.168.3.x, wlan2 wlreless client 192.168.1.x) <-> Wireless Internet Gateway (dhcp 192.168.1.x) <-> Internet

What more about the setup is needed here?

Thank you in advance,


> Date: Wed, 12 Aug 2015 21:34:31 +0200
> From: [hidden email]
> To: [hidden email]
> Subject: Re: [Voyage-linux] DHCP server not working using dnsmasq config and nat.sh scripts
>
> On 08/12/2015 05:42 PM, Henrik Kressner wrote:
> > On 12-08-2015 10:04, cotarelo2 wrote:
> >> Yes, I can ping my own IP when I set the IP to manual
> >
> >
> > I would suggest you check your config for error in netmask on both
> > computers, and se if each one can ping it self, if all thats in order,
> > and it still not working, I would take a look at the network (the switch)
>
> the netmask usually comes from the DHCP server, as the broadcast address
> and further details.
>
> He has a setup with WLAN (as far as I remember), so there is no physical
> switch, only the AP the clients are associating with. And a switch
> operates on Layer 2 based on MAC adresses, not IP adresses or routing
>
> Without further details regarding his setup (he is not willing to show)
> this is a waste of time, puzzling details out of the fog, sorry
>
> >
> >
> >
> >>
> >>
> >> --
> >> View this message in context:
> >> http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374p4026378.html
> >> Sent from the Voyage Linux mailing list archive at Nabble.com.
> >>
> >> _______________________________________________
> >> Voyage-linux mailing list
> >> [hidden email]
> >> http://list.voyage.hk/mailman/listinfo/voyage-linux
> >>
> >
> >
>
>
> _______________________________________________
> Voyage-linux mailing list
> [hidden email]
> http://list.voyage.hk/mailman/listinfo/voyage-linux


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

Kim-man 'Punky' TSE-2
In reply to this post by cotarelo2
My always working config are like this:  Wlan0 connects to another AP for outbound, wlan1 as AP and DHCP server (dnsmasq)

auto wlan0
iface wlan0 inet dhcp
         wpa-ssid <>
         wpa-psk <>

auto wlan1
iface wlan1 inet static
         address 10.1.20.1
         netmask 255.255.255.0
         broadcast 10.1.20.255
         hostapd /etc/hostapd/hostapd.wlan1.conf
         up nat.sh wlan1 eth0 "10.1.20.0/24"

/etc/dnsmasq.more.conf
dhcp-range=wlan0,10.1.10.10,10.1.10.250,24h
dhcp-range=eth1,10.1.20.10,10.1.20.250,24h
dhcp-range=eth2,10.1.30.10,10.1.30.250,24h
dhcp-range=eth3,10.1.40.10,10.1.40.250,24h
dhcp-leasefile=/var/tmp/dnsmasq.leases

The different is I don't use WEP but WPA/WPA2.  I use most of default settings in /etc/hostapd/hostapd.wlan0.conf.  Or
perhaps you missed the first tag (eth1 or whatever) in "dhcp-range=eth1,10.1.20.10,10.1.20.250,24h"?

Regards,
Punky


On 8/13/2015 12:45 AM, Jorge Peña wrote:

> I am copy pasting the files so the mail list can read:
>
> /etc/network/interfaces.d/wlan0.conf
>
> auto wlan0
>
> iface wlan0 inet static
>
>         address 192.168.1.247
>
>         netmask 255.255.255.0
>
>         gateway 192.168.1.1
>
>         dns-nameservers 192.168.1.1 80.58.61.250
>
>         #wpa-driver wext
>
>         wpa-ssid My_SSID
>
>         wpa-psk xxxxxxxxxxxxxxx
>
>         wpa-key-mgmt WPA-PSK
>
>         ## for WPA
>
>         wpa-pairwise TKIP
>
>         wpa-group TKIP
>
>         wpa-proto WPA
>
>         ## for WPA2
>
>         #wpa-pairwise CCMP TKIP
>
>         #wpa-group CCMP TKIP
>
>         #wpa-proto RSN
>
>         #wireless-mode Managed
>
>
> /etc/network/interfaces.d/wlan1.conf
>
> auto wlan1
>
> iface wlan1 inet static
>
>         address 192.168.3.1
>
>         netmask 255.255.255.0
>
>         broadcast 192.168.3.255
>
>         hostapd /etc/hostapd/hostapd.wlan1.conf
>
>         up nat.sh wlan1 wlan0 "192.168.3.0/24"
>
>
> /etc/hostapd/hostapd.wlan1.conf
>
> interface=wlan1
>
> driver=nl80211
>
> ssid=testing
>
> channel=11
>
> hw_mode=g
>
> auth_algs=3
>
> ignore_broadcast_ssid=0
>
> wep_default_key=1
>
> wep_key1="abcde"
>
> wep_key_len_broadcast="5"
>
> wep_key_len_unicast="5"
>
> wep_rekey_period=300
>
>
> /etc/dnsmasq.more.conf
>
> interface=wlan1
>
> dhcp-range=192.168.3.10,192.168.3.250,12h
>
> dhcp-leasefile=/var/tmp/dnsmasq.leases
>
>
> iptables --list
>
> Chain INPUT (policy ACCEPT)
>
> target     prot opt source destination
>
>
> Chain FORWARD (policy ACCEPT)
>
> target     prot opt source destination
>
> wlan1-INBOUND  all  --  anywhere 192.168.3.0/24
>
> wlan1-FORWARD  all  --  192.168.3.0/24 anywhere
>
>
> Chain OUTPUT (policy ACCEPT)
>
> target     prot opt source destination
>
>
> Chain wlan1-FORWARD (1 references)
>
> target     prot opt source destination
>
> ACCEPT     all  --  192.168.3.0/24       anywhere
>
>
> Chain wlan1-INBOUND (1 references)
>
> target     prot opt source destination
>
> ACCEPT     all  --  anywhere 192.168.3.0/24
>
>
> tail -f /var/log/syslog (on client auth)
>
> Aug 10 21:33:27 localhost dnsmasq[3062]: reading /var/run/dnsmasq/resolv.conf
>
> Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 80.58.61.250#53
>
> Aug 10 21:33:27 localhost dnsmasq[3062]: using nameserver 192.168.1.1#53
>
> Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: authenticated
>
> Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 IEEE 802.11: associated (aid 1)
>
> Aug 10 21:34:50 localhost hostapd: wlan1: STA 4c:74:03:21:d4:42 RADIUS: starting accounting session 55C91884-00000000
>
>
> Routing table
>
> Kernel IP routing table
>
> Destination     Gateway         Genmask Flags Metric Ref    Use Iface
>
> 0.0.0.0         192.168.1.1     0.0.0.0 UG    0      0        0 wlan0
>
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan0
>
> 192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 wlan1
>
>

--
Regards,
Kim-man "Punky" Tse

* Open Source Embedded Solutions and Systems
   - Voyage Linux (http://linux.voyage.hk)
   - Voyage MPD   (http://linux.voyage.hk/voyage-mpd)
   - Voyage MuBox (http://mubox.voyage.hk)
* Voyage Store   (http://store.voyage.hk)


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
Yes, I was using that configuration at the beginning as it was already there. But it did not work, that's why I started to change values hence removing the device in dhcp-range. I will give a second chance thou.

Just a question Punky, are you using one or two wlan hardware devices?
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

Kim-man 'Punky' TSE-2
I used 2 mini-pci cards, one interface each.

On 8/17/2015 5:18 PM, cotarelo2 wrote:

> Yes, I was using that configuration at the beginning as it was already there.
> But it did not work, that's why I started to change values hence removing
> the device in dhcp-range. I will give a second chance thou.
>
> Just a question Punky, are you using one or two wlan hardware devices?
>
>
>
> --
> View this message in context: http://voyage-linux.34677.n3.nabble.com/DHCP-server-not-working-using-dnsmasq-config-and-nat-sh-scripts-tp4026374p4026387.html
> Sent from the Voyage Linux mailing list archive at Nabble.com.
>
> _______________________________________________
> Voyage-linux mailing list
> [hidden email]
> http://list.voyage.hk/mailman/listinfo/voyage-linux


--
Regards,
Kim-man "Punky" Tse

* Open Source Embedded Solutions and Systems
   - Voyage Linux (http://linux.voyage.hk)
   - Voyage MPD   (http://linux.voyage.hk/voyage-mpd)
   - Voyage MuBox (http://mubox.voyage.hk)
* Voyage Store   (http://store.voyage.hk)


_______________________________________________
Voyage-linux mailing list
[hidden email]
http://list.voyage.hk/mailman/listinfo/voyage-linux
Reply | Threaded
Open this post in threaded view
|

Re: DHCP server not working using dnsmasq config and nat.sh scripts

cotarelo2
Hello!

I don't know why but chaning wep for wpa2 in the hostapd configuration did the trick

interface=wlan1
driver=nl80211
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=2
debug=4
#dump_file=/tmp/hostapd.dump
#ctrl_interface=/var/run/hostapd
#ctrl_interface_group=0
channel=6
hw_mode=g
macaddr_acl=0
auth_algs=3
eapol_key_index_workaround=0
eap_server=0
wpa=3
ssid=voyage-wpa
wpa_passphrase=voyage-wpa
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
eapol_version=1

By the way Punky, on the wlan1 interfaces configuration the last line should be:

        up nat.sh wlan1 wlan0 "192.168.3.0/24"

and not
        up nat.sh wlan1 eth0 "192.168.3.0/24"

correct? the first interface is the one doing nat and the second is the destination network where packets will be encapsulated.