Working on subnet different from DHCP server subnet

Simon Hobson dhcp at thehobsons.co.uk
Sun Apr 23 07:55:14 UTC 2006 

Jacques VUVANT wrote:

>  I've tried to configure my dhcp server as explain on many howto, 
>but it still not work. Here are configurations:
>
>  - dhcp server IP address: 202.87.129.66/27
>  - pool I want to allow : 202.87.145.2 to 202.87.145.5
>
>  dhcpd.conf
>  =========
>  option domain-name "test.com";
>  option domain-name-servers 202.87.129.35, 202.87.129.34;
>  option routers 202.87.129.65;
>  ddns-update-style none;
>  default-lease-time 14400;
>  subnet 202.87.145.0 netmask 255.255.255.224 {
>    range 202.87.145.2 202.87.145.5;
>    default-lease-time 14400;
>    max-lease-time 172800;
>  }
>  subnet 202.87.129.64 netmask 255.255.255.224 {
>  }
>
>  With this configuration, I have following message on debug
>
>  admin:~ # dhcpd -d -f
>  Internet Systems Consortium DHCP Server V3.0.4rc1
>  Copyright 2004-2005 Internet Systems Consortium.
>  All rights reserved.
>  For info, please visit http://www.isc.org/sw/dhcp/
>  Wrote 0 leases to leases file.
>  Listening on LPF/eth0/00:11:d8:e6:01:52/202.87.129.64/27
>  Sending on   LPF/eth0/00:11:d8:e6:01:52/202.87.129.64/27
>  Sending on   Socket/fallback/fallback-net
>  DHCPDISCOVER from 00:0d:5e:dc:3b:2c via eth0: network 
>202.87.129.64/27: no free leases
>  DHCPDISCOVER from 00:0d:5e:dc:3b:2c via eth0: network 
>202.87.129.64/27: no free leases
>  DHCPDISCOVER from 00:0d:5e:dc:3b:2c via eth0: network 
>202.87.129.64/27: no free leases
>
>This configuration should be work. So someone can help me ?


Can you clarify your network topology :

Are both subnets on the same ethernet segment (ie same hub/switch), 
or different segments connected with a router ? If the latter, how is 
the router configured to allow the dhcp client broadcasts to get to 
the server ?

Anticipating either answer ...

If both subnets are on the same ethernet segment
------------------------------------------------
... then you have what is called a shared network. You would need a 
configuration file like this :

shared-network "mynet" {
  subnet 202.87.145.0 netmask 255.255.255.224 {
    range 202.87.145.2 202.87.145.5;
  }
  subnet 202.87.129.64 netmask 255.255.255.224 {
  }
}

This tells the server that the two subnets are equivalent - it can 
give any client on that network segment an address in either subnet. 
As it doesn't have a range in one of the subnets, then it will only 
give out addresses in the other.


If the subnets are on different networks
----------------------------------------
... then you do not have a shared network and must not use the above 
structure. What you must do if configure the remote network to have a 
DHCP Relay (aka Bootp Helper). It is normal to put this function in 
the router but it doesn't have to be, it can be in any device 
attached to the remote network.

DO NOT just set up the router to forward the packet - it will NOT work.

The relay receives the broadcast packets from the clients. It then 
inserts it's own IP address into a field (GIAddr) of the packet and 
forwards it to the configured server. The presence of a value in the 
GIAddr field tells the server that this packet came via a helper, and 
it will then use that address to work out what network the client is 
attached to.

If you simply forward the broadcast packets then the server will 
think that they originated on the local network and things will not 
work.

Configuring the DHCP Relay Agent or Bootp Helper is vendor specific. 
Some cheap routers don't support it, others configure it via the GUI, 
other via command line. In Cisco it's with the "ip helper" command, 
but also note that using this also turns on 'helping' with a stack of 
other stuff that then needs turning off - you'd have to check the 
list archives for 'ip helper' and you should find several messages 
listing the other commands needed as I don't have them to hand.

Simon

More information about the dhcp-users mailing list