carbcycle Posted August 21, 2009 Share Posted August 21, 2009 Hi, I'm the only admin here and I need some advice please! I have two sites on our WAN and both sites currently have a DHCP server issuing clients addresses at their respective sites. DHCP and DNS are running on Windows Server 2003. I need to decommission the Windows Server at one site and then configure the router using ip-helper to route DHCP requests over the WAN to the other DHCP server. I understand the concept but I have a question regarding the DHCP scope of the server now issuing addresses for both sites..... So at the moment it only has one scope for it's local clients.... But do I need to define an additional scope on this server with the same network addresses as the local ones or must they be in the original scope of the other LAN? So.... LAN 1 DHCP scope : 10.240.240.0/24 LAN2 DHCP scope: 10.216.114.0/23 becomes... LAN 1 DHCP scope : 10.240.240.0/24 DHCP scope: 10.216.114.0/23 LAN2 ip-helper or LAN 1 DHCP scope : 10.240.240.0/24 LAN2 ip-helper Does this makes sense? I hope I'm explaining this right. Please help!!! Carbo Quote Link to comment Share on other sites More sharing options...
Brian Sierakowski Posted August 21, 2009 Share Posted August 21, 2009 Do both of the networks have the same gateway? I think we have a similar setup to what you're trying to do, we have a local site, then secondary office over a point to point T1. Both share internet access, and use a common set of DHCP, DNS, etc servers. How we've done this is plugged both scopes into our DHCP (.69.5), then we have identical scope options EXCEPT the router, which is different for our device over ppp. For example, the scope options for .69.x are: Router - 69.1 DNS - 69.5 Time Server - 69.5 WWW - 69.6 And then for 96.x (the remote network) Router - 96.1 DNS - 69.5 Time Server - 69.5 WWW - 69.6 I hope that's helpful, for further advice how are the two sites connected? What sort of DHCP server are you running (win2003?) How many workstations on each site? If you don't have very many computers on one end, you could keep your dhcp running using classid or mac address reservations. Good luck! -Brian Quote Link to comment Share on other sites More sharing options...
digip Posted August 21, 2009 Share Posted August 21, 2009 Thats a great question. I know it can be done, but not sure how to do it on the server side. Any SA's that can answer this would be nice, because I am curious now as to how you do it from one server as well. I know you can have multiple dhcp pools on a router and set up trunking with multiple subinterfaces pointing to multiple vlans for giving out addresses in each pool, but I'm not sure how you do multiple pools on a server from one interface, and have it know what subnet to give to each lan into. Quote Link to comment Share on other sites More sharing options...
decepticon_eazy_e Posted August 22, 2009 Share Posted August 22, 2009 Thats a great question. I know it can be done, but not sure how to do it on the server side. Any SA's that can answer this would be nice, because I am curious now as to how you do it from one server as well. I know you can have multiple dhcp pools on a router and set up trunking with multiple subinterfaces pointing to multiple vlans for giving out addresses in each pool, but I'm not sure how you do multiple pools on a server from one interface, and have it know what subnet to give to each lan into. You create a new scope or sub-scope for the VLAN/network that the DHCP server does NOT reside in. You give the ip-helper command to point to the dhcp server for the other vlan. Then in the DHCP configuration you use the network ID (or something like that) and give the number that corresponds to the VLAN, i.e. Vlan 200. Pretty simple on a MS server. Quote Link to comment Share on other sites More sharing options...
digip Posted August 22, 2009 Share Posted August 22, 2009 Im googling this now, because its still fuzzy to me. From what I have read the setup is like this: On the router, ip-helper command is entered on interface(s) multiple times depending on how many subnets you have/dhcp pools needed to be created. The ip addresses used in the ip-helper commands are the ip addresses of each DHCP server, being you only have one, then you enter the command once on the interface(s) connected to the requesting vlans. Since you will have multiple vlans, my assumption is you must have sub interfaces set for the phyisical interface(on the router) attached to the switch containing the two vlans with dot1q encapsulation on each sub interface. Here is what I have come up with based on what I know so far. The part I don't know is what to do on the server end to rectify each vlan/separate subnet, because I am only testing this in Packet Tracer and have no physical install of Server 2003 at the moment and no way to test it in a real world lab. 20.0.0.2 is just a generic address I used for the DHCP server in my test setup. Because I am not running a live Server, and its only done in Packet Tracer, I can't physically enter Scopes on the virtual hardware in the program, but the following is what I have come up with so far for the router and switch configuations. Server is connected to routers f0/0 interface and set as its default gateway(Routers f0/0 interface, ip 20.0.0.1). Switch is set to routers loopback as default gateway. Router: hostname rt-a ! ! ! ! ! ip ssh version 1 ! ! interface Loopback0 ip address 192.168.100.1 255.255.255.0 ! interface FastEthernet0/0 ip address 20.0.0.1 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 no ip address duplex auto speed auto ! interface FastEthernet0/1.100 encapsulation dot1Q 100 ip address 10.240.240.1 255.255.255.0 ip helper-address 20.0.0.2 ! interface FastEthernet0/1.200 encapsulation dot1Q 200 ip address 10.216.114.1 255.255.255.0 ip helper-address 20.0.0.2 ! interface Vlan1 no ip address shutdown ! ip classless ! ! ! ! ! line con 0 line vty 0 4 login ! ! end Switch: "switchport mode trunk" for f0/1 which is in vlan 1, connected to f0/1 on router hostname sw-a ! ! ! interface FastEthernet0/1 switchport mode trunk ! interface FastEthernet0/2 switchport access vlan 100 switchport mode access ! interface FastEthernet0/3 switchport access vlan 200 switchport mode access ! ! ! interface Vlan1 no ip address ! interface Vlan100 ip address 10.240.240.2 255.255.255.0 ! interface Vlan200 ip address 10.216.114.2 255.255.255.0 ! ip default-gateway 192.168.100.1 ! line con 0 ! line vty 0 4 login line vty 5 15 login ! ! end Not sure if that will work 100% in a real world scenario, and I don't know how to set the scope on the server side but maybe this will help in your setup. Something else I just read that may also help cut down traffic/collisions on your nentwork with the ip-helper setup: The ip helper-address command implicitly enables forwarding several different kinds of UDP broadcasts. You can prevent the router from forwarding the unwanted types of broadcasts with the no ip forward-protocol udp configuration command examples: Router1(config)#no ip forward-protocol udp tftp Router1(config)#no ip forward-protocol udp nameserver Router1(config)#no ip forward-protocol udp domain Router1(config)#no ip forward-protocol udp time Router1(config)#no ip forward-protocol udp netbios-ns Router1(config)#no ip forward-protocol udp netbios-dgm Router1(config)#no ip forward-protocol udp tacacs Quote Link to comment Share on other sites More sharing options...
Eisen Posted August 24, 2009 Share Posted August 24, 2009 Hi, I'm the only admin here and I need some advice please! I have two sites on our WAN and both sites currently have a DHCP server issuing clients addresses at their respective sites. DHCP and DNS are running on Windows Server 2003. I need to decommission the Windows Server at one site and then configure the router using ip-helper to route DHCP requests over the WAN to the other DHCP server. I understand the concept but I have a question regarding the DHCP scope of the server now issuing addresses for both sites..... So at the moment it only has one scope for it's local clients.... But do I need to define an additional scope on this server with the same network addresses as the local ones or must they be in the original scope of the other LAN? So.... LAN 1 DHCP scope : 10.240.240.0/24 LAN2 DHCP scope: 10.216.114.0/23 becomes... LAN 1 DHCP scope : 10.240.240.0/24 DHCP scope: 10.216.114.0/23 LAN2 ip-helper or LAN 1 DHCP scope : 10.240.240.0/24 LAN2 ip-helper Does this makes sense? I hope I'm explaining this right. Please help!!! Carbo Well yeah you could do this aye. But it certainly wouldn't be best practice. I wouldn't want my dhcp going across my wide area network. Case example: When happens if your service provider has some outage on your WAN link? So unless the machines at site B have been left on overnight and still have there dhcp lease assigned to them they are not going to get an ip and whatever other configuration information from dhcp.. i.e. That sites now unable to work at all. In an ideal situation you want one dhcp server at each LAN on your internetwork. In your case you'll want a dhcp forwarder set up. Type that into the great techno god that is google and you shall have your answer. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.