[CentOS] Centos 7 dhcpd failure to allow a 2nd network over same interal nic

Sun Jan 15 22:05:37 UTC 2017
Gordon Messmer <gordon.messmer at gmail.com>

On 01/15/2017 10:19 AM, Gregory P. Ennis wrote:
> It seems apparent to me that a
> better way to do what I wanted would be to have two wireless routers,
> one wifi being controlled by the dhcpd server that assigns ip addresses
> through it to known and trusted connections with one subnet, and the
> other wifi router assigning addresses on a different subnet to less
> trusted users with less access.


Probably, but if you're trying to restrict access, you need to be clear 
about how you're going to achieve that.  If your router only has one 
internal interface, it may be difficult to achieve.

If you have two WAPs behind your router, with one in bridging mode 
(therefore getting addresses from your CentOS DHCP server) and the other 
in NAT or routing mode, you will have effectively segregated the two.  
However, systems behind the NAT/routing WAP would still typically have 
access to the other subnet.  You'd need to not only have the untrusted 
clients behind a WAP of their own, but that WAP would need to allow you 
to specify firewall rules for outbound traffic.  That's not a feature 
present on most consumer devices.