Is bad practice to install DHCP server "in" (not "for") dmz?

network
(Guillermo Fekete) #1

NethServer Version: 7.5
Module: dhcp

I’m trying to achive this:

network%20general%20schema
network general schema.jpg971x751 118 KB

Dhcp server will grant ip for green and blue nets (not orange)

Is it a bad idea? Ns-dhcp does not seem to be able to grant ips to remote networks (the NS router server has dhcp-relay enabled: NS as dhcp relay agent).
(I currently have a debian running in this way, but I am evaluating changing it to NS)

Thanks for your help!

DHCP reservation for the same device in different nets (green and blue)
(Giacomo Sanchietti) #2

I never tried the DHCP relay, so I don’t know how dnsmasq behaves in such scenario.
Even if it’s not a bad practice to put the DHCP server in the DMZ, I think you’re over complicating the configuration.

Just put the DHCP server on the gateway and configure it to listen only on blue and green.
Server on the DMZ should have a static IP address.