DHCP renumbering and NAT
I'm hiding a small apartment network behind a potato box running IP
masquerading. This all works fine for the most part; I use dhclient
and the ipmasq package, and everything just works.
This morning, I couldn't reach the outside world. Some poking around
revealed that I couldn't even reach the machine my firewall believed
was its gateway. I restarted dhclient, and got a completely new IP
address on a different network. (I assume this is a mistake on the
part of my provider: my understanding is that a DHCP lease should be
valid for the entire length of the lease, and breaking things under me
is Just Wrong.) Even after this, though, things still didn't work;
looking at my syslogs suggested that I might need to reinitialize the
firewall rules (which blocked outgoing packets not on the local
network or from the gateway's public IP), and in fact running
/etc/init.d/ipmasq restart got things running again.
I can take it as a fact of life that I'll occasionally be renumbered;
I can deal with this. I guess my question is this: is the ipmasq
package clueful enough to recognize when this happens, and tweak the
firewall rules appropriately? (Experience this morning suggests not.)
Failing this, is there a good way to put some sort of appropriate hook
into dhclient to make the right thing happen? TIA...
--
David Maze dmaze@mit.edu http://www.mit.edu/~dmaze/
"Theoretical politics is interesting. Politicking should be illegal."
-- Abra Mitchell
Reply to: