Running two DHCP Servers in the same network
Solution 1:
Fun question. Basically, if you have two DHCP servers on the same LAN, there will be a race to dish out addresses, and you cannot be sure who wins: you may end up with some addresses served by the raspberry, some by the AP, and a single device, once disconnected, not re-obtaining the same address as before. Or, worse, you might have two devices with the same address.
So it is a good idea to block one of the two. The easiest thing is the following:
First, make sure the ranges from which they draw addresses do not overlap: you might have 192.168.1.11-74 for one, 192.168.1.139-202 for the other. At least, this prevents conflicts.
-
We now prevent the AP from serving IP addresses to wired clients. Suppose the AP is plugged into the raspberry on eth1, then the following command will do:
sudo iptables -A INPUT -i eth1 -p udp --dport 67:68 --sport 67:68 -j DROP sudo iptables -A OUTPUT -i eth1 -p udp --dport 67:68 --sport 67:68 -j DROP
We are done. Two comments:
DHCP uses ports 67 and 68, on protocol UDP; by blocking communication on these, you are preventing DHCP requests from wired clients from reaching the DHCP server on the AP; thus wired clients will be served only by the raspberry.
Second, you must plug the AP directly into the raspberry (I know the raspberry only has one ethernet port, which is already used: you can buy a USB-to-Ethernet adapter, and your raspberry will have a second ethernet card). The reason is that if you plug the AP into a switch, then DHCP requests and replies will reach/come from the AP, without passing through the raspberry, thus the iptables command will be just useless.
EDIT:
I forgot to say that the iptables rule above also prevents dhcp requests from flowing from the AP to the raspberry, so that the situation you have now is that DHCP address in the range 192.168.1.0xx are given by the raspberry to wired clients, while addresses in the range 192.168.1.1xx are given by the AP to wifi clients. At least, this is orderly.