DHCP Shared-network setup equivalent?
Our firewall is running OpenBSD 3.8. It has an issue that was fixed in 3.9, but we've been thinking of switching to pfSense instead, so rather than upgrade to 3.9 (which is still quite old for OpenBSD). Our normal Unix guy has gone AWOL, so I've been tasked with building out a virtual network to test it out, but I'm still new to *nix systems.
The only thing I can't figure out is this:
We put our wireless stuff on a 192.168.4.0/24 subnet, but we have a couple dozen WAPs (overkill probably; different problem), so we don't have enough room left over for all the wireless device leases. To solve this, the guy before me gave the 192.168.4.1 NIC a 192.168.5.1 alias and created a shared-network for both of them in dhcpd.conf. This way, when the leases run out on 4.1, hosts start getting 5.1 leases. At least I think this is all he did, but I'm not sure.
First of all, I realize there might be other methods to do this that could be better, but for now, I'm just trying to replicate the way it is before I try to improve upon it since we need this to work with minimal downtime due to an administrative staff that gets hysterical when things don't work :D
Is this methodology possible with pfSense? I added a .5 alias for the .4 NIC in the webGUI's Virtual IPs section, but I couldn't find anything else in the webGUI, so I edited dhcpd.conf with the shared-network setup for .4 and .5 and gave the .4 subnet only one available lease to force a second host onto the .5. The first host gets the lease on .4, but the second host somehow manages to get a .4 lease also. Maybe this is how it's supposed to work…?
Anyway, kind of confused with all this, so any help would be appreciated.
No need for the alias IP address, change the network mask from 24 bits to 23 bits which will give you a subnet with 510 usable IP addresses, 192.168.4.1 to 192.168.5.254.
I thought about that, but I'm not sure how a netmask change would affect the switches on the .4. The WAPs I can configure, but the switches are kind of a mess as it is without me going in and fumbling around.
switches don't normally care about IP addresses (unless they are managed switches in which case they care about their own IP address subnet etc because they are usually IP addressable so they can be configured).
What switches are they? Maybe they get their IP address (if they even have one) by DHCP.
In that case, maybe they won't be a problem, so I'll look into it again. Was just hoping I could setup pfSense equivalently to OpenBSD since that's known to work and would require less configuration on other machines.