DHCP with subnets

desn92n · March 30, 2020, 5:32pm

Hi. I would REALLY appreciate a little help here.

I have a standard 192.168.0.0. network. I decided to split it into two equal Subnets of 128 addresses each. /25 in CIDR notation.
It might be a little confusing since it doesn't fall on an octet border.
The second subnet should start at 192.168.0.128.

Now, my issue is understanding how DHCP works here.
I've connected a bunch of devices again, and they're all assigned addresses in the first subnet, and none in the second. Why is this the case?
I've looked at the offset and the limit as to the number of leases, but it shouldn't have anything to do with this.

I've also tried forcefully reserving an IP address to a host in the second subnet. But everytime the host connects, it still asks the DHCP for an address and it gets one that way.

So, essentially, my questions would be:

how does the DHCP work with multiple subnets? IS there a way to limit its operation to only one or to have it operate on all of them?
How can I assign an IP address manually in a subnet that the DHCP doesn't operate it?

I should mention I'm trying to run the two subnets behind one single router.

trendy · March 30, 2020, 5:56pm

Please post the following: uci export network; uci export dhcp

desn92n · March 30, 2020, 6:43pm

I'll do it first thing tomorrow. I'll be away from my PC till then

desn92n · March 31, 2020, 7:54am

uci export dhcp:

config dnsmasq
	option domainneeded '1'
	option localise_queries '1'
	option rebind_protection '1'
	option rebind_localhost '1'
	option local '/lan/'
	option domain 'lan'
	option expandhosts '1'
	option authoritative '1'
	option readethers '1'
	option leasefile '/tmp/dhcp.leases'
	option resolvfile '/tmp/resolv.conf.auto'
	option nonwildcard '1'
	option localservice '1'

config dhcp 'lan'
	option interface 'lan'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '10'
	option limit '180'

config dhcp 'wan'
	option interface 'wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

Uci export network:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fd28:4af7:12e6::/48'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ip6assign '60'
	option ipaddr '192.168.0.1'
	option netmask '255.255.255.128'

config device 'wan_dev'
	option name 'eth0.2'
	option macaddr '68:ff:7b:ab:9b:86'

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'
	option reqaddress 'try'
	option reqprefix 'auto'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '2 3 4 5 0t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '1 0t'

config route
	option interface 'lan'
	option target '192.168.0.128'
	option netmask '255.255.255.128'
	option gateway '192.168.0.1'

trendy · March 31, 2020, 9:42am

Your implementation is wrong.
There is no interface on OpenWrt with address in the range 192.168.0.128/25
The static route is wrong.
If you want another interface you'll need to define it:

config interface 'lan2'
	option type 'bridge'
	option ifname 'eth0.3'
	option proto 'static'
	option ip6assign '60'
	option ipaddr '192.168.0.129'
	option netmask '255.255.255.128'

and create a new vlan for the new interface, assigning it to one of the lan ports or to a new wifi.

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '3 4 5 0t'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option ports '2 0t'

Then you can adjust the dhcp pool:

config dhcp 'lan'
	option interface 'lan'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '10'
	option limit '110'

config dhcp 'lan2'
	option interface 'lan2'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '10'
	option limit '110'

desn92n · March 31, 2020, 2:42pm

I've set up another interface. For the sake of simplicity, to just get it working at first, I used almost exactly what you wrote above and have the two interfaces almost pretty much identical in their configuration. And yet, for some reason, the first interface has internet access, the second doesn't.

My router has 2 access point interfaces - wlan0, and wlan1.
I assigned wlan0 to the 'lan2' interface, and wlan1 to the 'lan' interface. 'lan' has internet access, 'lan2' doesn't.

The dhcp works on both subnets as expected now, so the only problem is the internet connection, which I can't figure out, since, like I said, the configuration is essentially identical.

An mtr report looks like this on this internet-less second subnet.

 1.|-- OpenWrt.lan  0.0%    10    1.2   2.1   1.0   4.8   1.5
  2.|-- OpenWrt.lan 90.0%    10    1.1   1.1   1.1   1.1   0.0
  3.|-- OpenWrt.lan 90.0%    10    1.1   1.1   1.1   1.1   0.0
  4.|-- OpenWrt.lan 90.0%    10    3.2   3.2   3.2   3.2   0.0
  5.|-- OpenWrt.lan 90.0%    10    1.3   1.3   1.3   1.3   0.0
  6.|-- OpenWrt.lan 90.0%    10    1.0   1.0   1.0   1.0   0.0
  7.|-- OpenWrt.lan  0.0%    10    1.2   2.2   0.9   5.0   1.6
  8.|-- OpenWrt.lan 90.0%    10    1.1   1.1   1.1   1.1   0.0
  9.|-- OpenWrt.lan 90.0%    10    4.9   4.9   4.9   4.9   0.0
 10.|-- OpenWrt.lan 90.0%    10    1.3   1.3   1.3   1.3   0.0
 11.|-- OpenWrt.lan 90.0%    10    4.4   4.4   4.4   4.4   0.0
 12.|-- ???         100.0    10    0.0   0.0   0.0   0.0   0.0
 13.|-- OpenWrt.lan  0.0%    10    3.6   2.9   1.0   4.8   1.4

and on it goes. No traffic is making it out of the LAN.

Here's the configuration of the two interfaces, one next to the other.

'LAN' (first subnet, associated with 'wlan1'); then 'LAN2 (second subnet, associated with 'wlan0')

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option ip6assign '60'
        option ipaddr '192.168.0.1'
        option netmask '255.255.255.128'

config interface 'lan2'
        option type 'bridge'
        option proto 'static'
        option ip6assign '60'
        option ipaddr '192.168.0.129'
        option netmask '255.255.255.128'

DHCP:

config dhcp 'lan'
	option interface 'lan'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '10'
	option limit '110'

config dhcp 'lan2'
	option interface 'lan2'
	option leasetime '12h'
	option dhcpv6 'server'
	option ra 'server'
	option ra_management '1'
	option start '10'
	option limit '110'

trendy · March 31, 2020, 2:48pm

You need to allow the lan2 to access wan in firewall.
Either add lan2 interface in lan zone, or create a new zone lan2 in firewall and allow forwarding to wan zone.
In first case inter lan traffic will be allowed, in second case it won't.

desn92n · March 31, 2020, 2:49pm

I'll give it a try, although I did a /etc/init.d/firewall stop, and it made no difference

desn92n · March 31, 2020, 2:52pm

it fixed it! I don't get it though. How come disabling the firewall altogether didn't make a difference, but adding new rules was what it was all about?

trendy · March 31, 2020, 3:22pm

Because by disabling the firewall, you no longer do NAT on the wan interface.

desn92n · March 31, 2020, 3:37pm

Well. Thanks very very much. You have a great day there! You're a damn hero

system · April 10, 2020, 3:37pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.