- I have 2 netcards
enp0s3for WAN andenp0s8for LAN. - WAN has dynamic IP address (received from ISP).
- LAN has class C static IP address for my local network
- I have isc-dhcp-server with this config:
nano /etc/dhcp/dhcpd.conf
# ISC-DHCP-Server Configuration
authoritative;
option wpad code 252 = text;
server-identifier 192.168.0.10;
deny duplicates;
one-lease-per-client true;
deny declines;
deny client-updates;
ping-check true;
log-facility local7;
ddns-update-style none;
host user3 {
hardware ethernet 40:e2:30:f4:00:04;
fixed-address 192.168.0.90;
}
host user1 {
hardware ethernet 40:e2:30:f4:00:02;
fixed-address 192.168.0.50;
}
class "blockdhcp" {
match pick-first-value (option dhcp-client-identifier, hardware);
}
subclass "blockdhcp" 1:90:68:c3:00:00:00;
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.10;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
#option domain-name "example.org";
option domain-name-servers 8.8.8.8,8.8.4.4;
min-lease-time 2592000; # 30 days
default-lease-time 2592000; # 30 days
max-lease-time 2592000; # 30 days
pool {
min-lease-time 60;
default-lease-time 60;
max-lease-time 60;
deny members of "blockdhcp";
range 192.168.0.100 192.168.0.250;
}
}
The problem is that the isc-dhcp-server is showing error messages No subnet declaration for enp0s3 (10.0.2.15) because it asks me to assign a range for WAN, and this is not possible because it is dynamic and the ISP provider can eventually change the IP
sudo systemctl status isc-dhcp-server
● isc-dhcp-server.service - ISC DHCP IPv4 server
Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-01-18 18:29:32 -05; 7min ago
Docs: man:dhcpd(8)
Main PID: 17055 (dhcpd)
Tasks: 4 (limit: 19112)
Memory: 4.9M
CPU: 24ms
CGroup: /system.slice/isc-dhcp-server.service
└─17055 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf
ene 18 18:29:32 uservm dhcpd[17055]: Sending on LPF/enp0s8/08:00:27:8d:e7:c9/192.168.0.0/24
ene 18 18:29:32 uservm dhcpd[17055]:
ene 18 18:29:32 uservm dhcpd[17055]: No subnet declaration for enp0s3 (10.0.2.15).
ene 18 18:29:32 uservm dhcpd[17055]: ** Ignoring requests on enp0s3. If this is not what
ene 18 18:29:32 uservm dhcpd[17055]: you want, please write a subnet declaration
ene 18 18:29:32 uservm dhcpd[17055]: in your dhcpd.conf file for the network segment
ene 18 18:29:32 uservm dhcpd[17055]: to which interface enp0s3 is attached. **
ene 18 18:29:32 uservm dhcpd[17055]:
ene 18 18:29:32 uservm dhcpd[17055]: Sending on Socket/fallback/fallback-net
ene 18 18:29:32 uservm dhcpd[17055]: Server starting service.
How do I avoid this situation so that these error messages that flood the log no longer appear? Thanks in advance
While the other answer is correct in that it is safe to ignore this warning, some people prefer "zero warning policy", by configuring the system in advance so it won't emit warnings for known situations. Then any warnings system will still generate would be meaningful and you won't accidentally miss them in the stream of "known and expected warnings".
You can configure dhcpd to only listen on interfaces that you want it to provide service on, which is configured in
/etc/default/isc-dhcp-server:(by default it is listening everywhere). On newer systems you might need to set it up like this:
Other way to suppress the warning is to let it know the interface/subnet exists, but to not provide any service for it. There is an example how to do that in the stock
dhcpd.conffile (probably not the one Ubuntu or Debian has installed in /etc):(replace it the network you have on the WAN NIC). This is exactly what the warning itself suggests.
What this means is, "I don't know anything about that interface and the subnet it's connected to, thus I'll ignore any DHCP request coming from it". Which is perfectly fine, because you don't actually want to provide a DHCP service on your WAN interface.
Just ignore the warning and carry on.