Hi,
I've set up a simple bridged VPN, basically using the sample configuration files supplied with OpenVPN 2.2.1. Server and client both run on Fonera routers with OpenWrt.
The VPN is connecting two LANs, both autonomous when not connected. Once I start the VPN bridge, I would like to stop the DHCP server in the client LAN and force all its clients to renew their leases.
Is this the proper way to go? How could I accomplish the DHCP lease renewal? I found RFC 3202 "DHCP reconfigure extension", but I not sure my clients (Windows XP & 7, Linux) implement the FORCERENEW.
Thanks,
Malte
DHCP lease renewal in bridged VPN
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 7
- Joined: Fri Nov 25, 2011 11:17 am
- Mimiko
- Forum Team
- Posts: 1564
- Joined: Wed Sep 22, 2010 3:18 am
Re: DHCP lease renewal in bridged VPN
In order to stop DHCP server on client side, you have to setup a cron with a script that checks the connection with the VPN server, so if connection is present the script will stop the DHCP server, and when connection is lost, the script starts DHCP server. Anyway I don't see why this is ever needing.
There is some control packets to client to anounce them to renew there ips. But in your case such a packet will be send to all computers even in server's side LAN.
There is some control packets to client to anounce them to renew there ips. But in your case such a packet will be send to all computers even in server's side LAN.
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: DHCP lease renewal in bridged VPN
can you force a DHCPNAK once the VPN is up? this should trigger the client to request a new address.. this is very DHCP -server dependent however: the local DHCP server would need to issue the NAK and then go offlineIs this the proper way to go? How could I accomplish the DHCP lease renewal? I found RFC 3202 "DHCP reconfigure extension", but I not sure my clients (Windows XP & 7, Linux) implement the FORCERENEW.
-
- OpenVpn Newbie
- Posts: 7
- Joined: Fri Nov 25, 2011 11:17 am
Re: DHCP lease renewal in bridged VPN
The VPN connection is opened by the user on the client side from the command line. Instead of starting OpenVPN, he could run a script that performs other management functions as well. So I think using an additional cron job would not be necessary.In order to stop DHCP server on client side, you have to setup a cron with a script that checks the connection with the VPN server, so if connection is present the script will stop the DHCP server, and when connection is lost, the script starts DHCP server. Anyway I don't see why this is ever needing.
The reason I assume I might have to renew the DHCP leases is that machines on both sides of the VPN bridge might not know the IP addresses of machines on the other side because they only know about their local DNS server. But may be there is a way to tell them about the "other" DNS server and revoke that information once the VPN bridge is closed?
I'm not sure. Both LANs use dnsmasq as their DHCP / DNS Server. dnsmasq is pretty flexible, but I have not found a hint on how to issue a NAK. Wouldn't that be send out only in response to a DHCP request anyway? In that case, I'd still have to find a way to force the clients to issue such request.can you force a DHCPNAK once the VPN is up