First let me describe my environment:
- There is a VM (CentOS) acting as a gateway
- The gateway VM has to NICs, eth0 connects to public network, eth1 connects to private network
- eth0 get IP from public network's DHCP server
- The gateway contains a DHCP server which offers IP to private network through eth1
- Since private network needs to access public network, NAT is enabled on the gateway VM, and thus ip_forward is set to 1 on gateway VM.
Now the issue I'm facing is, when I deploy a new VM on public network, the VM gets IP from gateway VM's DHCP server. But gateway's DHCP server should only offer IP to private network.
How to prevent gateway's DHCP server from offering IP to public network?
Best Answer
DHCP uses broadcast traffic for it's discovery process. Routers do NOT forward broadcast traffic.
If your VM's on the "inside"/eth1 side of your router are getting leases from your modem/router on the "outside"/eth0 side then you have a bridge somewhere between the 2 networks; either your "router" is actually a bridge (do you have an interface called
br0or similar on the router?), or you're using the same switch, something is patched wrong etc.EDIT: I just re-read your question and I may have misunderstood. You want to prevent clients on the "public" network getting a lease from the DHCP server on that network, but that server is NOT your "gateway" server?