Firewall Wizards mailing list archives

RE: Dual-homed firewall with DHCP on one of the interfaces.

From: "Cottrell, Ian" <ICottrel () justice gc ca>
Date: Tue, 23 Mar 1999 14:13:48 -0500

Dan
     I'm not sure that I understand your problem.  Is the outside
interface of the Linux box the only one that receives a dhcp address?
If so, I don't see the problem.  There is no need to pass dhcp traffic
through the firewall; the dhcp client will continue to monitor the
outside interface and re-synch as necessary.  I have a couple of fwtk
linux firewalls running this way at home with no problems whatsoever.

     Feel free to correct me if I've completely misunderstood your
message.:=)  ................................Ian

-----Original Message-----
From: Daniel Knighten [SMTP:daniel () knighten org]
Sent: Monday, March 22, 1999 7:20 PM
To:   
Subject:      Dual-homed firewall with DHCP on one of the interfaces.

I have connected a small office to the Internet through a Linux based
router/firewall.  This machine employs network address translation and
a combination of packet filtering and proxies to firewall the internal
network.  The problem I am having is that the external (Internet)
interface receives it's IP address via DHCP.  When the machine first
boots the firewall is not initialized till after DHCP has obtained
it's address.  However once the firewall has been initialized DHCP
traffic is no longer passed.  I thought I had anticipated the problem
by creating holes in the firewall for TCP/UDP ports 67-68, but
nonetheless the problem exist.  My current solution is to simply squat
on an IP after DHCP has acquired it, however I would like to
understand the full ramifications. Has anybody encountered this before
and are there any suggestions?

Thanks,
Dan
-- 
____________________________________
                                    |
Daniel Knighten                     |
                                    |
Quad Group Computer Solutions, Inc. |
P.O. Box 590                        |
Dupont, WA 98327-0590               |
                                    |
Voice: (360) 507-7842               |
Fax  : (360) 455-0463               |
                                    |
dknighten () qgcs com                  |
http://www.qgcs.com                 |
____________________________________|

Current thread:

Dual-homed firewall with DHCP on one of the interfaces. Daniel Knighten (Mar 23)
- Re: Dual-homed firewall with DHCP on one of the interfaces. Steve George (Mar 23)
- <Possible follow-ups>
- RE: Dual-homed firewall with DHCP on one of the interfaces. Cottrell, Ian (Mar 23)
  - Re: Dual-homed firewall with DHCP on one of the interfaces. Daniel Knighten (Mar 24)
- RE: Dual-homed firewall with DHCP on one of the interfaces. Keller, Dennis (Mar 23)
- RE: Dual-homed firewall with DHCP on one of the interfaces. Peter Capelli (Mar 24)