Old Tired Question: 'Not configured to listen on any interfaces'

[Simon Hobson]

Alex Bligh wrote:

>What is broken about this config and what subnet declaration would
>you prefer to see given the above?

The whole network<period>
NAT == Broken, NAT with overlapping subnets == doubly broken
NAT is expressly incompatible with the two most important rules of IP 
addressing - global uniqueness and globally routeable.

I agree that *for your application* the 0/0 declaration appears at 
first sight to be a workaround to a broken network. But how do you 
deal with the problem of returning packets to the relay agent when 
the relay agent addresses (or rather the subnets they are in) are not 
unique ?

If two tenants are using the same RFC1918 subnet (say 
192.168.1.0/24), then you've got two subnets the same. If you get a 
packet from a relay agent with address 192.168.1.1, how do you know 
which 192.168.1.1 it is, and how to route the packet ?
When you get a renewal request from a client at (say) 192.168.1.57, 
how do you route the packet back to it ? I'm guessing you don't and 
rely on the client reverting to broadcasts before it's lease runs 
out, in which case your DHCP isn't working as well as you thought.

>The real solution here is the ability to turn the ability to turn the
>requirement for a subnet off entirely in a relaying only config, but
>dchpd doesn't currently support that to my knowledge. A 0.0.0.0/0
>subnet effectively does the same thing

**ONLY** for the sort of broken network you are supporting.
The obvious value to use would be the actual subnet configured on the 
interface. I can't see why some people put so much effort into not 
describing their network properly - yourself excused since there is a 
genuine reason to need to do this.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.