This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ===== C) DHCP Server without opnSense ===== Using the [[|ISC DHCP server]] is the best and easier choice. You should disable the ISC DHCP client as it is deprecated (and you already have the Gentoo's DHCPCD client anyway), so create the file **/etc/portage/package.use/dhcp**: <file - dhcp> net-misc/dhcp -client </file> then just emerge it: <code bash> emerge net-misc/dhcp </code> Edit the DHCP configuration file **/etc/dhcp/dhcpd.conf**: <file - dhcpd.conf> authoritative; subnet netmask { # disable DHCP on ISP#1 upstream network } subnet netmask { # disable DHCP on ISP#2 upstream network } subnet netmask { range; option domain-name-servers; option domain-name ""; option routers; } host fixed-ip-pc { hardware ethernet 12:34:56:78:9a:bc; fixed-address; } </file> Here i assign a pool od dynamic IP addresses (from 100 to 254) on the subnet. Addresses under 100 can be used for static assignments. For example, i use static IPs for all my OpenWRT Access Points and wired security cameras, and dynamic for all other devices. I have also defined my two ISP's subnets to explicitly disable DHCP assignments on them, which is not needed and might be an attack vector. This config will also ensure that all devices will use the home server both as DNS server and gateway. This will **not work** for devices that use hard-coded DNS servers (like Fire Sticks and Google Chromecasts...) but there is a workaround for those too, which is to forcefully remap port 53 (TCP and UDP) on your firewall to your own DNS resolver. Unfortunately, again, the mess that DNS over HTTPS is (DoH), make it impossible to set your own DNS DoH server over DHCP. Anything using DoH will not be possible to bypass. Well, this is almost all. Start //dhcp// service and make it start on boot: <code bash> rc-update add dhcp default /etc/init.t/dhcp start </code> Now you can connect your devices to the home network and they will get an IP address and a full network configuration to go with it.