DHCP/DNS Server

[Jim.Alles]

Hate to drum this up, but I had a question....

I am wondering if it is possible; based on a specific MAC Address to utilize the DHCP to assign not just the IP, but the DNS servers as well. I have a feeling I might be able to do this with DNSMASQ, but I'm a little shaky on the configuration of it.

For my solaredge inverter I would like to set to the 8.8.8.8, 8.8.4.4 DNS servers to avoid issues; while on the computers and mobile devices utilize another DNS server (NextDns).

Well yes it is possible in dnsmasq.
It means you need to configure it in Advanced #config/network/advanced/dns_and_dhcp
But you will need to understand the process. If you look at this thread, you will see dnsmasq gets a 'set' directive in the first line, and then the following custom options use the same 'tag'. That set/tag terminology pertains to dnsmasq specifically (It has nothin to do with VLAN tags in this context). In a similar fashion, these tags are being used to identify VLAN interfaces, but those dnsmasq tags can also be used for a single host.
https://forums.untangle.com/networking/43343-dnsmasq-dhcp-relay-target-ignores-relay-server-ip.html

I am not sure this would be better configured with VLANs, but I'm not 100% sure how to properly configure a VLAN

You won't be able to use a tagged VLAN (what NGFW does) and connect to a single device, unless it supports tagged VLANs, or you put a managed switch inbetween that does. Very much a complication.

If this were a Windows or Linux client machine, I would just override the DNS settings for it's adapter/interface, despite using DHCP. That is also a common option with IoT devices. That is the easiest way to be done with this, IMHO.

[sky-knight]

I think so... but you have to do it in the DHCP&DNS advanced mode

dhcp-host=40:6C:8F:07:5C:E2,set:solaredge (Tag's the MAC)

dhcp-option=tag:solaredge,6,8.8.8.8,8.8.4.4 (Uses the Tag, to set the DNS servers for that MAC)

*Edit*
That might break an IP reservation... needs testing.

[Jim.Alles]

I think so... but you have to do it in the DHCP&DNS advanced mode

dhcp-host=40:6C:8F:07:5C:E2,set:solaredge (Tag's the MAC)

dhcp-option=tag:solaredge,6,8.8.8.8,8.8.4.4 (Uses the Tag, to set the DNS servers for that MAC)

*Edit*
That might break an IP reservation... needs testing.

Good point.

I think it is OK if you specify the entire reservation in the dhcp-host line, and be sure to not have that one in the NGFW GUI.

[sky-knight]

I think that would be safer yes.

[flynhawaiian]

That was it worked perfectly

[DocCountry]

Untangle has been up since april. This week several workstations could not get IP address. I reset router. It did not help. I became suspicious of a switch, don't know why, moved the workstations to another switch in network and it fixed. So I changed the switch out. Now some other stations are not getting DHCP server and have dropped off the network, so it was not the switch. I have not made any changes in the server. The VPN is working to other site and connected stations that still have their Ip addresses can access the internet. I feel like the emoji with a finger pulling down the corner of my mouth. Help please.

[oj88]

Check that your DHCP pool is not already exhausted and that the link to your DHCP server (Untangle or otherwise) is stable.

I would troubleshoot Layer-1 and 2. A lot of things could go wrong at this level that will prevent higher-layer traffic, including DHCP, to get through. For example, there could be a network loop somewhere that you're not aware of.

We had a rookie engineer install a dumb switch on his test bench. He then proceeded to connect said switch to the corporate network using two LAN ports, thinking it would be best to have some redundancy. And for some reason, spanning-tree wasn't enabled on the upstream switches so the whole network started to experience intermittent outages and eventually went down.