That’s not enough! Something is screwy. SEE
The FIB table error, you can disregard.
If you see a 169.254.x.x address, it means that the DHCP server is not reachable. It seems the range for the DHCP server on green is not setup correctly so you can run setup from the console and define it.
2 Likes
@smice-byte , could you please state your networks red, green, blue in CIDR notation?
The DHCP server configuration must define subsets of green ( and blue ) as IP pool.
Example: if green is 192.168.2.0/24, DHCP addresses for green can be 192.168.2.10 - 192.168.2.99
1 Like
You may have to delete the green interface, then add it again and in the process it will pop the DHCP config screen for lan.
1 Like
Deleted all the interfaces. Interface section Blank. Resinstalled interfaces. The DHCP configuration screen did not show.
The dhcp server configuration on the console only shows one time at first setup. You can change this in the WebGUI. (you have to manually set the IP of the client to a matching address to reach the webserver or use elinks on console)
2 Likes
Could you post the contents of /etc/dhcp/dhcpd.conf ?
1 Like
By the way, for what it’s worth, I have NEVER been able to reconfigure the RED interface from the command line SETUP. It takes me through the normal options and allows the GREEN interface to be set up, but never gives me the RED interface option. That only occurs on the actual first time setup.
Also note that trying to change the GREEN subnet (eg from 192.168.32.0/24 to say 192.168.64.0/24) via console command SETUP causes a problem, as the old configs still remain in some other module’s config. It seems like the DHCP and the GREEN’s ip address are no longer sync’d.
Hello Bernhard and Rejjy. By using elinks the Green Interface ws corrected. And accessed via the web. The DNS is broken, because it points to the Red rather than the Green.
Your IPFire green address is 192.168.2.2.
So your DHCP IP pool should start at 192.168.2.3 and the primary DNS is 192.168.2.2
I don’t believe your modem/router is a DNSSEC capable DNS server, so you should use a DNS server listed in the wiki. For first checks suffices 8.8.8.8
1 Like
Hi @smice-byte
You need to change the start address for your Green dhcp dynamic range. You have it set to 192.168.2.2 but that is also the address you have used for the green interface of IPFire. So I would change it to something like 192.168.2.3.
Your Primary DNS on the green interface dhcp page is shown as 192.168.2.1 but if you intend to use IPFire as the DNS server then this should be the IPFire green interface IP address (192.168.2.2)
On your DNS Servers page you should not use either the red or the green interface IP address. These should be external DNS server addresses.
See https://wiki.ipfire.org/dns/public-servers
and https://wiki.ipfire.org/configuration/network/dns-server
1 Like
Hello Adolf. Made the recommended change. The DNS of 192.168.8.1 Name Server is the problem. Where is that coming from, on the Mini Appliance?
That is coming from your ISP’s modem/router. As @bbitsch said it looks likely thgat your modem/router is not DNSSEC capable, which is a must for IPFire.
I would uncheck the box marked “Use ISP-assigned DNS servers” on the DNS Servers page and press Add which will open up the add DNS Server page on the WUI. You can then add a DNS Server taken from the list in the link I provided earlier.
Just to confirm that you can get everything working then you can start with the 8.8.8.8 server that @bbitsch mentioned and use the UDP or TCP protocol. However later I would recommend using the TLS protocol but read through the wiki before changing to this as it requires additional fields to be filled out that UDP or TCP do not require to be provided.
2 Likes
I’ve used ipFire for more than five years, the previous two have been with IpFires own Mini Appliance. And the DNS area was configured for TLS but worked with both the IPS and TLS and is DNSSEC compliant - checked at https://dnssec.vs.uni-due.de/. the issue that needs to be resolved is the 192.168.8.1 . Is that a legitimate response from the Appliance or a mis-configuration?
According your bootlog the 192.168.8.1 was set by the DHCP Server on the RED network. (not on the IPFire machine)
You can disable the use of this dns server by disabling “ISP assigned dns server” on the dns configuration in the WebGUI
2 Likes
Back to normal. Will now try reimplementing the previous Hardened configuration. Berhard: asked about the dhcpd.conf:
I hope enlarging the inquiry at this location is acceptable. The HostPad Wifi installed and configured. The wireless nic is ‘ac’: will that work with the Mini Appliance, and are the HT/VHT CAPS correct? The wifi is not visible on the laptop.
Thw Wifi is visible on the Laptop - was found in “Other” area. The Appliance conencts. The Wifi does not connect. It is visible in the Networks area.
Is the “ac” nic compatible with older Mini-Appliance?
If you have got a blue IP address, the 802.11 part and the DHCP functionalty are running.
I think your laptop has a problem not using this network.