Author Topic: Request Help Moving DHCP from Router to eBox  (Read 15508 times)

Saturn2888

  • Zen Hero
  • *****
  • Posts: 707
  • Karma: +1/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #30 on: April 29, 2009, 01:12:55 pm »
If it's fixed, you don't have to put it under the "Ranges" section, you're supposed to leave it blanked like in my photos. Look at dhcp-page1. Notice how there is nothing in the Range, but there are fixed addresses. Does that help?

SamK

  • Zen Samurai
  • ****
  • Posts: 283
  • Karma: +3/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #31 on: April 29, 2009, 01:38:07 pm »
If it's fixed, you don't have to put it under the "Ranges" section...
I understand this point, and as I mentioned in a previous post in the thread my idea is not neccessary to use eBox.  I find it a more intuitive way of working and therefore am more comfortable with it. 

I have used a variation of the idea in the past.  In an earlier post Sam Graf described the way in which he has used the idea previously, all of which which leads me to conclude that it might be used by a sufficient number of people to suggest it to the eBox staff for consideration.

From my non-programmers perspective all that is required is for eBox not to assume (as is does currently) that a pre-defined block of addresses is only for dynamic allocation.  I have no idea how much work this represents but I do recognise how desirable the feature might be.

Saturn2888

  • Zen Hero
  • *****
  • Posts: 707
  • Karma: +1/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #32 on: April 29, 2009, 01:44:06 pm »
Ah. I dunno how that would work but okay.

SamK

  • Zen Samurai
  • ****
  • Posts: 283
  • Karma: +3/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #33 on: April 29, 2009, 02:11:11 pm »
Ah. I dunno how that would work but okay.
I will wait for a while before I do anything further about this idea.  This will give Sam Graf the opportunity to comment as he has contributed to the thread.  If anyone at eBox has been following this they might advise whether there is/is no need to raise it in the Feature Requests Section.

Now to re-read the posts about using a web browser from the eBox machine.

SamK

  • Zen Samurai
  • ****
  • Posts: 283
  • Karma: +3/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #34 on: April 29, 2009, 02:41:47 pm »
To summarize the earlier posts
At the time of the first post in this thread, reaching the eBox web-GUI from a remote machine was problematical.  To address this a lightweight GUI was locally installed.
Window Manager=Openbox
Various components of LXDE
Web Browser=Firefox

When the static ip address is allocated from the router the web can be browsed from the eBox machine in the usual manner.  When the same static ip address is allocated from eBox the web cannot be browsed.  A page load error is generated and Firefox is unable to establish a connection.

Is eBox preventing this in some way?  The eBox firewall is currently disabled.  nslookup of an external address is successful.

Quote from: Sam Graf
You're using just one DHCP server at a time, correct?
Correct the router DHCP is disabled, eBox DHCP is enabled.

Quote from: Sam Graf
As I recall, if you've ever enabled the firewall module...
This module has not been enabled on this installation.

Quote from: Saturn2888
Short version:
You need to assign a Gateway address for your eBox. Make it whatever the eBox IP is 192.168.2.1 I'm guessing. Don't forget to make a local DNS server too if you want.

Was this not done when setting up DHCP as shown in the attached screenshot?  A Primary Nameserver was specified with the ip address of the router and resolving of names on the WAN works OK using nslookup.  A Default Gateway Custom IP Address was also specified as the router ip address.  If the nameserver element works why not the gateway element?
« Last Edit: April 29, 2009, 02:58:49 pm by SamK »

Sam Graf

  • Guest
Re: Request Help Moving DHCP from Router to eBox
« Reply #35 on: April 29, 2009, 03:33:50 pm »
Where to start...

In the case of the DHCP server, the default gateway to the external world should be "eBox." The correct entry for the name server is more complicated. If you have the DNS module enabled (even if you have no domain names), I believe DNS caching happens (I think I read that somewhere) and "local eBox DNS" would be the correct choice. If not, then the name server(s) assigned by the ISP should be used, not eBox's address.

It's not clear to me at the moment why a DNS lookup is working but not Web access. I'll have to think about this more.

On the DHCP address ranges: We have to look at this from the DHCP server's point of view, not the point of view of the address space or our use of it. When the DHCP module is first enabled, the DHCP server has no addresses to allocate (allocate dynamically -- the only way a DHCP server can allocate addresses). Devices attached to an eBox in this state will get no address assigned, and this is the way it should work.

We have to give the DHCP server permission, in effect, to use some portion (or portions) of the address space by assigning one or more address ranges to it. The size of the range(s) and the start and end points are arbitrary (with the exception that we should not use x.x.x.0 or x.x.x.255 for any purpose, dynamic or fixed). Any address outside the DHCP range(s) is still a valid address, except that we have to assign it manually and "permanently," making it a static assignment rather than a dynamic -- DHCP -- assignment.

From the DHCP server's point of view, there is no such thing as a statically assigned address in any address range it has been given permission to use. If my DHCP range is 192.168.1.100-149, I cannot statically assign 192.168.1.100 to my Xbox. That address has been granted to the DHCP server for dynamic use. So correctly speaking, there can be no "fixed" address ranges under the DHCP's server's control. By definition, all DHCP (Dynamic Host Configuration Protocol) address ranges are not static or fixed assignments. The assignments come and go as needed.

That's the purpose of DHCP in fact, to allow people to attach to a TCP/IP network without having to assign their equipment an address manually. Imagine what it would be like at WiFi hotspots if there were no such thing as DHCP: every device would have to be assigned an address manually, and that assignment would have to be removed manually at the end of a session. The idea of fixed addresses in a DHCP range really is foreign to the intent of DHCP.

At this point eBox potentially creates some confusion, IMHO, by including the fixed address assignments functionality within the DHCP context. The fixed addresses may be being handled on Ubuntu server's technical level by its DHCP component (I don't know), but they are entirely separate ideas. It is convenient to have the DHCP address range(s) in front of you as you assign fixed addresses, but it could still be confusing.

Strictly speaking, we need to think of the DHCP server as seeing only addresses we've given it permission to use as it sees fit. If we want some portion of the address space to be available for static/fixed assignment, that address space should not be thought of as a DHCP range. So in that sense, eBox works exactly as I would expect it to work as a DHCP server. Any change would break it, I think.

Since it's not clear to me, practically speaking, why I would ever want to have multiple DHCP ranges in a single subnet, I can't say how eBox's ability to do so would aid in keeping the use of the address space tidy and easy to remember. To me, without a compelling reason to fragment the DHCP server's address space it would only be confusing to do so.
« Last Edit: April 29, 2009, 03:46:04 pm by Sam Graf »

Saturn2888

  • Zen Hero
  • *****
  • Posts: 707
  • Karma: +1/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #36 on: April 29, 2009, 03:56:15 pm »
Was this not done when setting up DHCP as shown in the attached screenshot?  A Primary Nameserver was specified with the ip address of the router and resolving of names on the WAN works OK using nslookup.  A Default Gateway Custom IP Address was also specified as the router ip address.  If the nameserver element works why not the gateway element?

Yeah whoops. My bad. I used to have it setup like that, but for whatever reason I changed it. If you type it in manually that is just another way to check if that is the issue.

A good way to check if things are working is to ping your ISP from SSH in your eBox. If your eBox has no Internet, well nothing else will. Please show me how you have your network setup.

SamK

  • Zen Samurai
  • ****
  • Posts: 283
  • Karma: +3/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #37 on: April 29, 2009, 04:19:27 pm »
On the DHCP address ranges: We have to look at this from the DHCP server's point of view, not the point of view of the address space or our use of it. ...
...
...without a compelling reason to fragment the DHCP server's address space it would only be confusing to do so.
Sam Graf
Many thanks for a comprehensive, cogent analysis, presented in a most understandable manner.

In view of the advice received from all contributors, I am persuaded that the simplest approach is the best to take.  I am grateful to everyone who has taken the time to share their expertise.

Saturn2888

  • Zen Hero
  • *****
  • Posts: 707
  • Karma: +1/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #38 on: April 29, 2009, 04:35:21 pm »
No problem. Enjoy.

SamK

  • Zen Samurai
  • ****
  • Posts: 283
  • Karma: +3/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #39 on: April 29, 2009, 05:39:11 pm »
A good way to check if things are working is to ping your ISP from SSH in your eBox.
From a LAN Workstation
IP Address=allocated by eBox DHCP
Ping Router LAN address=Successful
Ping Router WAN address=Successful
Ping ISP=Successful
nslookup=Successful
Web Browsing=Successful


From eBox Machine
IP Address=static
DHCP=setup as per attached screenshot
Firewall=Disabled
DNS=Disabled
Ping Router LAN address=Successful
Ping Router WAN address=Fail
Ping ISP=Fail
nslookup=Successful
Web Browsing=Fail




Please show me how you have your network setup.
What information are you looking for?
« Last Edit: May 03, 2010, 10:53:49 am by SamK »

Saturn2888

  • Zen Hero
  • *****
  • Posts: 707
  • Karma: +1/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #40 on: April 29, 2009, 05:43:46 pm »
You can change both the default gateway and the primary nameserver to the "eBox" option.

SamK

  • Zen Samurai
  • ****
  • Posts: 283
  • Karma: +3/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #41 on: April 29, 2009, 06:15:46 pm »
You can change both the default gateway and the primary nameserver to the "eBox" option.
Default Gateway=eBox   Result=No Change in symptoms
Primary Nameserver=None  Result=No Change in symptoms
Primary Nameserver=eBox   Result=Unable to save changes  Error='Must enable eBox DNS'

Settings returned to screenshot values.

Checked the router and MAC Address Filtering=Disabled

Is eBox creating a DNS cache of addresses resolved via the router?
What is the command line to flush the DNS?
« Last Edit: May 03, 2010, 10:54:28 am by SamK »

Sam Graf

  • Guest
Re: Request Help Moving DHCP from Router to eBox
« Reply #42 on: April 29, 2009, 06:24:32 pm »
There should be no router between eBox and the modem if this is to work correctly, so I'm a little confused as to where we're at. We want one DHCP server on the LAN (eBox), we want the modem (via another DHCP mechanism outside eBox on the WAN side) to assign an address to the "external" NIC in the eBox. And if we can get it, we want one NAT between the LAN and the outside world (again, eBox).
« Last Edit: April 29, 2009, 06:26:23 pm by Sam Graf »

Saturn2888

  • Zen Hero
  • *****
  • Posts: 707
  • Karma: +1/-0
    • View Profile
Re: Request Help Moving DHCP from Router to eBox
« Reply #43 on: April 29, 2009, 07:16:01 pm »
I think SamK's eBox only has one NIC.

Sam Graf

  • Guest
Re: Request Help Moving DHCP from Router to eBox
« Reply #44 on: April 29, 2009, 07:41:56 pm »
Ah, that makes sense. I don't think eBox (or any other router for that matter) can route Internet connection traffic without at least two interfaces, one on the WAN side and one on the LAN side.