[Openswan Users] Pushing routes to clients
5dxnea3pw8 at snkmail.com
5dxnea3pw8 at snkmail.com
Tue May 8 16:59:56 EDT 2012
>>> Is this possible or ever likely to be possible ?
>>
>> I think I have seen it done with/by Mac OS/X using DHCPINFORM over the
>> established link. That is, once the VPN link comes up, the client sends
>> a DHCPINFORM to (where, I don't recall. The remote gateway address
>> probably?) the remote side and gets a DHCP response with the routes in it.
>>
>
>Yes, that works.
>
>DHCP client has to request dhcp-option 121 (according to RFC 3442).
>However Windows clients request dhcp-option 249 in DHCPINFORM query.
>.
>I just installed dhcp-server, which only sends DHCPACK
>with options 121 and 249 on every DHCPINFORM query from client.
>
>dnsmasq.conf:
>dhcp-range=X.X.X.X,X.X.X.X
>#dhcp-option= option ID, network/prefix, gateway
>dhcp-option=121,192.168.77./24,192.168.99.254 # for rfc-client
>dhcp-option=249,192.168.77./24,192.168.99.254 # for win-client
>
>-= or for ISC DHCP Server =-
>dhcpd.conf:
>
>option rfc3442-classless-routes code 121 = array of unsigned integer 8;
>option ms-classless-routes code 249 = array of unsigned integer 8;
>subnet X.X.X.X netmask X.X.X.X {
> option rfc3442-classless-static-routes 24, 192,168,77, 192,168,99,254;
> option ms-classless-static-routes 24, 192,168,77, 192,168,99,254;
>}
Brian & SVM,
Thank you very much for this. At least it confirms I wasn't missing a simple
solution.
Its going to take me a while to digest this, and the implications of running
another DHCP server in our environment, and how to get a client to instigate
a DHCPINFORM.
Thanks again
Greg
More information about the Users
mailing list