There can be only one DHCP server on a network segment at any time. The network administrator decides which system acts as DHCP server, to allocate IP addresses and announce the IPs of the DNS servers and the IP of the gateway. Usually this is the system which is always on. There is no mechanism to set-up a backup DHCP server of sorts.
I'm not exactly sure I understand why would your router be inaccessible at times, so that the computers on the local network can no longer benefit from its built-in DHCP server. However, if you can get a DHCP server installed and running on OMV, you could configure your network as follows:
- DSL router: disable built-in DHCP server and define a fixed IP address, such as 192.168.1.1, so that you can refer to it as DNS and gateway; check what's the subnet accepted by the router configuration and use that one;
- OMV: define a fixed IP address (it is normal for the system with DHCP server to have its own IP manually assigned) - for instance, 192.168.1.2; then configure the DHCP daemon to give IPs in a small range (for instance 192.168.1.11-192.168.1.50) and announce the router's IP address as DNS and gateway.
This way, the computers will always get their IPs from the OMV's DHCP server and be able to communicate on the internal network without issues. Their Internet access will depend whether the DSL router is turned on or not, with no additional configuration. And, you will have some IPs (.3-.10) reserved for manual assignment to other systems which you may need to reference directly by the same IP address every time, such as a network printer or a network camera or whatever.
Hey Dennis,
From what I understand, you will be operating two distinct networks. One will be a private network between the host system with virtual machines on NIC1 connected to OMV and possibly other clients via a switch, with no internet connection. The second network would be between the virtual machines through NIC2 and the DSL router, which has internet connection.
Each network can have a single DHCP server, if you don't want to manually configure IPs etc. On the second network, the router's built-in DHCP server will assign IPs to the virtual machines. On the first network, you'll need a separate DHCP server, unless you want to assign IPs manually.
Note that if you physically combine the two networks in the same switch, you can still assign two completely separate IP classes to them. You'll have the router's DHCP server running, and the clients who are set to receive IPs by DHCP will also get internet access (such as the virtual machines). Separately, for the systems you don't want internet access, you can manually assign a different class of IPs with no gateway and no DNS.
Even that they are physically on the same network, the systems with IPs in different classes will not be able to talk to each other, unless you set up IP aliases for the same network interface (multiple IPs on the same network card; Windows XP/7 knows how to do this).
This makes it easy to switch between the two networks, by allowing a system to receive IP from DHCP for internet access or setting the IP manually to be in the private network. And, since you'll only have a handful of systems, it's not that difficult to ocasionally make the change for half an hour to get Internet access again.
I'm still not so sure why would you bother with having a separate network with no internet access, when you are behind a router. That router is an excellent protection for intrusion; you actually have to explicitly define rules as exceptions to the block-all filter. You could keep all systems on one local network behind the router; perhaps, if the router allows, assign static IPs to known MAC addresses in the router's DHCP section, and even block internet access to specific IPs. It all depends on the capabilities of the DSL router.
Hehe! I'm a photoenthusiast. So my PC is filled with more than 60.000 images since 2007. Win is my Host, and it's a pain to keep Win up to date and secure. So I'm running a Linux-Guest to connect to the web. Secure and easy.
Software-Tests are done in Virtual-Machines. For example: there is one OMV-VM with two NICs and five HDDs for storage. 
And yes: I'm paranoid with my images (most are portaits- and fashion-pix)...
Hah, I know how that goes - I've got about 1 TB of raw photos so far as well. But I'm not that paranoid about security; haven't had a virus or security breach in YEARS. Easy:
- router filters out intrusions;
- don't install crap (malware or pirated software from dubious sources) on your Windows system;
- keep Windows up to date with security patches and updates (Microsoft releases monthly patches on Patch Tuesday = second Tuesday of every month);
- Microsoft Security Essentials is sufficient as a realtime protection; from time to time (monthly) double-check it with TrendMicro HouseCall (free, http://housecall.trendmicro.com or housecall.antivirus.com)
- use OpenDNS.org servers (208.67.222.222 and 208.67.220.220) to protect all your systems from accessing malware sites and botnets - define them in router's DHCP server
If you want to test software, virtual machines are one way of doing it (I love VirtualBox), but it might be easier with Sandboxie (.com) + Windows' built-in System Restore as a backup.
But, bonus points for you for going the extra mile with a separate machine for the web, and a Linux one too!
On Win there is a huge problem. There is no update-service for all your software. There are some ideas to solve that problem (Example: http://secunia.com/vulnerability_scanning/personal/ ), but there are still some problems.
OpenDNS.org is not OpenSource as the name suggests. It's totally commercial, financed by ads.
Sandboxie is great in some ways, same to VirtualBox. I prefer "VMware Workstation" (Versions 7 - 9, still counting), because it has several helpful features. For Example: I've got a "flux capacitor" with fixed date and time. This comes in handy many times.
Another example to secure the systems: sometimes I like to play games. Games are always a risk - example: http://www.h-online.com/securi…-game-engine-1750307.html
So I've got a separate eSATA-HDD for games. On this HDD, there is a normal Win7 and one VHD-Boot-File. This is always clean! There is a incremental second file, which contains the games. So, if there is a copyprotection to the games, there are not affecting my "working-pc". You know, there are several problems with copy-protections.
About Linux: I'm loving it. That's the reason for OMV. I've first tried FreeNAS, but it was not easy to get the files form a Sun-Disk. It's easier on ext4!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!
