Multi-subnet DHCP

Simon Hobson dhcp1 at thehobsons.co.uk
Sat Aug 23 18:56:42 UTC 2008 

Jeff Anderson wrote:

>I've trimmed the config down (it is rather large and I didn't feel 
>comfortable publishing our mac addresses). I've pasted it below.
>
>Basically we're a CS department. We have a core switch, and we do 
>vlans to separate things out-- linux lab machines have a vlan, 
>windows another, etc... Research labs also get their own vlan and 
>corresponding subnet. The core switch has each vlan configured to do 
>"ip helper" to forward along the DHCP requests to the subnet that 
>our dhcp server lives on. We have multiple subnets defined that have 
>dynamic ranges in them. The DHCP server seems to assign appropriate 
>dynamic addresses for each of these subnets that have the dynamic 
>ranges defined.

OK, as suggested by Jeffrey Hutzelman, you've used shared-network 
when you shouldn't have. It seems to cause a lot of confusion, but 
VLANs on a switch are NOT the same as a shared subnet.

A shared subnet is where you have ONE network (technically it's the 
broadcast domain) with multiple IP subnets on it. With VLANs, each 
VLAN is a separate isolated network - conceptually, think of each 
VLAN as having a separate switch but all rolled up into one box for 
convenience.

When you declare a shared-network, you are telling the DHCP server 
that any device on that network may use any address from any range 
defined in the shared-network. Hence you get clients given wrong 
addresses.



>shared-network example-Department

You need to remove this.


>   subnet 192.168.0.0 netmask 255.255.255.0
>   {
>      option routers 192.168.0.1;
>      authoritative;
>   }
>   subnet 192.168.1.0 netmask 255.255.255.0
>   {
>      option routers 192.168.1.1;
>      authoritative;

It looks like every subnet is authoritative, you could declare this 
globally and save some space/typing.


>#We have separate groups defined to divide hosts logically-- not 
>because they necessarily need different options.
>group
>{
>   use-host-decl-names on;

Isn't this already defined globally ?



>group UML
>{
>   use-host-decl-names on;
>   option routers 192.168.31.1;
>   #snip -- lots of hosts defined by fixed-address and hardware ethernet
>   use-lease-addr-for-default-route on;
>   option subnet-mask 255.255.255.0;

I would personally not define the router here, unless it's 
specifically different for this group of hosts (even then, I much 
prefer to do the routing in the routers myself). You should 
definitely not need to define the netmask since it must be the same 
as the subnet - unless you have a broken IP setup.

More information about the dhcp-users mailing list