DHCP lease renewal in bridged VPN

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
mafo
OpenVpn Newbie
Posts: 7
Joined: Fri Nov 25, 2011 11:17 am

DHCP lease renewal in bridged VPN

Post by mafo » Sat Nov 26, 2011 11:03 am

Hi,

I've set up a simple bridged VPN, basically using the sample configuration files supplied with OpenVPN 2.2.1. Server and client both run on Fonera routers with OpenWrt.

The VPN is connecting two LANs, both autonomous when not connected. Once I start the VPN bridge, I would like to stop the DHCP server in the client LAN and force all its clients to renew their leases.

Is this the proper way to go? How could I accomplish the DHCP lease renewal? I found RFC 3202 "DHCP reconfigure extension", but I not sure my clients (Windows XP & 7, Linux) implement the FORCERENEW.

Thanks,
Malte

User avatar
Mimiko
Forum Team
Posts: 1564
Joined: Wed Sep 22, 2010 3:18 am

Re: DHCP lease renewal in bridged VPN

Post by Mimiko » Tue Nov 29, 2011 7:15 am

In order to stop DHCP server on client side, you have to setup a cron with a script that checks the connection with the VPN server, so if connection is present the script will stop the DHCP server, and when connection is lost, the script starts DHCP server. Anyway I don't see why this is ever needing.
There is some control packets to client to anounce them to renew there ips. But in your case such a packet will be send to all computers even in server's side LAN.

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: DHCP lease renewal in bridged VPN

Post by janjust » Tue Nov 29, 2011 11:31 am

Is this the proper way to go? How could I accomplish the DHCP lease renewal? I found RFC 3202 "DHCP reconfigure extension", but I not sure my clients (Windows XP & 7, Linux) implement the FORCERENEW.
can you force a DHCPNAK once the VPN is up? this should trigger the client to request a new address.. this is very DHCP -server dependent however: the local DHCP server would need to issue the NAK and then go offline

mafo
OpenVpn Newbie
Posts: 7
Joined: Fri Nov 25, 2011 11:17 am

Re: DHCP lease renewal in bridged VPN

Post by mafo » Wed Nov 30, 2011 10:23 am

In order to stop DHCP server on client side, you have to setup a cron with a script that checks the connection with the VPN server, so if connection is present the script will stop the DHCP server, and when connection is lost, the script starts DHCP server. Anyway I don't see why this is ever needing.
The VPN connection is opened by the user on the client side from the command line. Instead of starting OpenVPN, he could run a script that performs other management functions as well. So I think using an additional cron job would not be necessary.

The reason I assume I might have to renew the DHCP leases is that machines on both sides of the VPN bridge might not know the IP addresses of machines on the other side because they only know about their local DNS server. But may be there is a way to tell them about the "other" DNS server and revoke that information once the VPN bridge is closed?
can you force a DHCPNAK once the VPN is up
I'm not sure. Both LANs use dnsmasq as their DHCP / DNS Server. dnsmasq is pretty flexible, but I have not found a hint on how to issue a NAK. Wouldn't that be send out only in response to a DHCP request anyway? In that case, I'd still have to find a way to force the clients to issue such request.

Post Reply