How to make a dhcp server listen for broadcast req

2019-09-15 17:21发布

问题:

I am working on udhcpd, a light weight dhcp server that comes with busy box.

I have made some code changes and to test those i need to run udhcpd, send it request (to obtain ip) from a client and view its response.

This requires multiple machines and the suitable option for me was to use multiple virtual box VMs.

I used two linux VM's (Fedora for running udhcpd and a ubuntu for running udhcpc - a client that comes with busy box for generating dhcp requests).

Now there are multiple modes of networking in virutal box. I have tried them all. NAT the most simple allows vm to use my windows internet without any configuration.

I tried various types of virtual box cards i.e. host only, internal network and assigned a 192.168.0.1 address to fedora which is udhcpd and sent dhcp discover requests from udhcpc clients.

Both are on the same interface i.e. eth0 and i can see the broadcast request from 0.0.0.0 to 255.255.255.255 for dhcp discover. But udhcpd - the dhcp server, never receives and answers the request.

I also tried by assigning an ip to the dhcp client first i.e. 192.168.0.2.

But never get a response.

If i use NAT or another mode in which Virtual box own's dhcp server is running, then it is that server which responds to the dhcp discover and still my udhcpd from busy box does not pick the packets.

I feel it has something to do with the subnet mask may be of udhcpd server.

Any one has any idea?

回答1:

My bad, the firewall in fedora VM(ip tables) was blocking incoming connections by default.

Here is the way to allow that.

Open and edit /etc/sysconfig/iptables

vi /etc/sysconfig/iptables

There would be several entries like the following:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5800 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5900 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 6000 -j ACCEPT

I added an entry for my dhcp port as follows:

-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 67 -j ACCEPT

Save and close the file. Restart iptables:

service iptables restart

Note that commands would differ on ubuntu or debian based Linux distribution because ip tables on these platforms might not run as a service. Look for OS specific manipulation too which is widely documented.