Configuring a (User-Side) Hassle-Free Network?

braek asks: "I have been approached by a few locations (Hotels/Convention centers) in regards to providing high speed Internet to clients. Now, I'm sure this has been done a million and one times with a small x86 box running some flavor of Unix or BSD, however the thing that makes this somewhat of a more difficult chore, is the fact that the hotels and convention centers want absolutely NO reconfiguration to be required on the users laptops. So for example, the router must be able to route packets for people who have DHCP, as well as someone who has a static reserved IP address of 192.168.4.8 and someone who has a static global of 206.10.3.9. Basically the router should be able to route packets for the user regardless of their IP configuration. I Have looked around the web ad-nauseum but have found very little help. I'm thinking some form of transparent bridge or proxy-arp solution may be the key. Has anyone ever been in a situation like this, or have any ideas as to how this could be accomplished?"

part of the answer

[repoleved]

...might be that your router has to listen to every packet that comes in through the ethernet port that is connected to all those laptops, so you want a router where all packets are available to everyone (or at least to you).

Another part of the answer is probably that tcp/ip packets from these laptops have to have a return ip address, so WHATEVER the return address is, you'll be masquerading in the address of the server, and remembering who to send it back to. This is pretty much analogous to what happens already.

The DHCP part is easy. just have a dhcp server running, and it ought not to matter what it gives back.

Switch w/VLAN tagging to Host

[regen]

Use a switch with VLAN tagging and one VLAN per port to connect to your router/host. Host will then substitute the real address if the user has static addressing or handle the DHCP request. Since each switch port is on a different VLAN you can use VLAN tags to determine whose machine sent you a packet. You can't do this at layer 3.

Re:ARP-Proxy is way to go

[squeegee-me]

Try this here there was a space.

Can't be done reliably

[pong]

First realize that what you ask is borderline impossible - You would have to handle

* IP's out of their subnet
** The LAN side of the NAT router would have to have a subnet mask of 0.0.0.0 to catch all possible client configurations
* Colliding IP's
* Guessing where to route packages based on port numbers alone (e.g. for local DNS servers and http proxy servers)

It can't be done at the IP level, you'd have to get below that level, and you'd have to keep all machines on separate VLANs (to avoid clients detecting IP address collisions). And the problems don't stop there, I bet.

THEN realize that especially laptops will very often be configured for DHCP.

In my opinion it would be much more interesting to accept that clients will need their computers to be configured for DHCP and ask: How can I offer wireless LAN support without risking abuse from neighbours, ensuring that people are charged etc.

simpliest reason why this can't work.

[GiMP]

This can't work because you can't assume what the users will tell their OS what their gateway/router is.

What happens if you assign IP 168.1.2.32 to a machine and some moron tries to use 168.1.2.32 for their gateway?

Then there are the troubles of ip conflicts, etc.

Juse use DHCP.

Call people who have already done it

[PD]

The Mariott Hotel in Dallas (can't remember which one exactly) already does this. Your configuration matters not a bit. Just plug it in and go.

Give them a call and find out what they are running, and who provided the solution.