[RESOLVED !!!] Multi Homed DHCP - VLANs, Hosting Remote Subnets - Working With DHCP Relay Agent

Friesen, Don CITZ:EX Don.Friesen at gov.bc.ca
Tue Mar 19 13:21:22 UTC 2013 

   Let me first confess that I have not upgraded to the most recent version before relating a warning about common attributes.
   I have scanned all the release fixes as they came out, without seeing the following fixed.  And since the servers have been working flawlessly the way they are configured... other pressures drive my time.

   We have hundreds of shared networks with multiple subnets inside each.  I had originally optimized the options by placing the common default options at the highest level I could.  However, we had many cases where we needed to give different options to certain workstations.  We defined those options in the 'group' statement for those workstations.  It would work... for a little while.  At the first INFORM packet, the ACK that went back contained NOT the options from the group statement, but the global options from the subnet statement, breaking the required service.  I have since recoded and my script that builds the configuration files from the Oracle database now place all options at the lowest level, inside the pools... so that the hardware reservations will retain the options they need.

Don Friesen


-----Original Message-----
From: dhcp-users-bounces+don.friesen=gov.bc.ca at lists.isc.org [mailto:dhcp-users-bounces+don.friesen=gov.bc.ca at lists.isc.org] On Behalf Of Glenn Satchell
Sent: Tuesday, March 19, 2013 5:35 AM
To: Users of ISC DHCP
Subject: Re: [RESOLVED !!!] Multi Homed DHCP - VLANs, Hosting Remote Subnets - Working With DHCP Relay Agent

Hi

It's great to see that you have your dhcp working. Now we come to
optimising the configuration :)

I'll just show two subnets here for the example:

> subnet 192.168.11.0 netmask 255.255.255.0 {
>  option routers 192.168.11.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.11.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.11.100 192.168.11.200;
> }
> subnet 192.168.21.0 netmask 255.255.255.0 {
>  option routers 192.168.21.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.21.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.21.100 192.168.21.200;
> }

You can specify common attributes at the global level, and these will be
inherited by the subnet. Also netmask and broadcast will be derived from
the subnet statement so they are typically not used. As an example the
above definitions could be written as:

option domain-name-servers 41.211.0.41;
option domain-name "teledataict.net";
default-lease-time 1800;
max-lease-time 2700;

subnet 192.168.11.0 netmask 255.255.255.0 {
  option routers 192.168.11.1;
  range 192.168.11.100 192.168.11.200;
}
subnet 192.168.21.0 netmask 255.255.255.0 {
  option routers 192.168.21.1;
  range 192.168.21.100 192.168.21.200;
}

This approach can be useful where you have many subnets. Some sites have
hundreds or thousands of subnets. You can also override a setting by
re-defining it inside the subnet if you wish.

regards,
-glenn

On Tue, March 19, 2013 11:15 pm, Prabhpal S. Mavi wrote:
> Hi Dear All,
>
> We were having requirement where "isc-dhcp-server" have to issue ip
> address for multiple remote subnets. Since they are remote subnets, my
> DHCP server it self do not belong (connected) to those subnet either by
> physical or logical interface (sub interface etc..). Saying other way,
> NONE of the interface of my DHCP server has direct connectivity to those
> subnets.
>
> Our server belongs following networks using sub interfaces (LANs){
> 192.168.10.1
> 192.168.20.1
> 192.168.30.1
> 192.168.40.1
> 192.168.50.1
> }
>
> But business requirement was saying i have to issue ip address for remote
> subnets as well such as {
>
> 192.168.11.0
> 192.168.21.0
> 192.168.31.0
> 192.168.41.0
> 192.168.51.0
> }
>
> emphasizing, please note, none of the interface of my server is in these
> networks (11,21,31,41,51), i have to issue these ip address for the remote
> clients, DHCP request come through a Cisco Router acting as "Relay-Agent"
> (DHCP Helper) remotely. Saying other way, some remote client will request
> for the DHCP ip address from my server using Cisco Router configured as
> "dhcp-helper"
>
>
> STEP 1.) Configure your interface for DHCP to listen
>
> INTERFACES="vlan10 vlan20 vlan30 vlan40 vlan50"; - If you are not using
> VLANs, do the following.
> INTERFACES="eth1.10 eth1.20 eth1.30 eth1.40 eth1.50";
>
> ddns-update-style none;
> authoritative;
> log-facility local7;
>
> STEP 2.) Empty Subnet Declaration For Configured Interfaces, EMPTY ONLY,
> if you do not want to issue IP for these networks wehre your DHCP is
> connected, else declare the pool & options. But i do not want any ip from
> this range.
>
> subnet 192.168.10.0 netmask 255.255.255.0 {
> }
> subnet 192.168.20.0 netmask 255.255.255.0 {
> }
> subnet 192.168.30.0 netmask 255.255.255.0 {
> }
> subnet 192.168.40.0 netmask 255.255.255.0 {
> }
> subnet 192.168.50.0 netmask 255.255.255.0 {
> }
> subnet 41.211.31.0 netmask 255.255.255.0 {
> }
> subnet 172.25.1.0 netmask 255.255.255.252 {
> }
>
> STEP 3.)
>
> Subnet Declaration For REMOTE Networks - These clients are far away, my
> server cannot be the part of these networks. i am going to receive DHCP
> request from REMOTE Cisco router configured as DHCP-helper.
>
> subnet 192.168.11.0 netmask 255.255.255.0 {
>  option routers 192.168.11.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.11.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.11.100 192.168.11.200;
> }
> subnet 192.168.21.0 netmask 255.255.255.0 {
>  option routers 192.168.21.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.21.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.21.100 192.168.21.200;
> }
> subnet 192.168.31.0 netmask 255.255.255.0 {
>  option routers 192.168.31.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.31.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.31.100 192.168.31.200;
> }
> subnet 192.168.41.0 netmask 255.255.255.0 {
>  option routers 192.168.41.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.41.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.41.100 192.168.41.200;
> }
> subnet 192.168.51.0 netmask 255.255.255.0 {
>  option routers 192.168.51.1;
>  option subnet-mask 255.255.255.0;
>  option broadcast-address 192.168.51.255;
>  option domain-name-servers 41.211.0.41;
>  option domain-name "teledataict.net";
>  default-lease-time 1800;
>  max-lease-time 2700;
>  range 192.168.51.100 192.168.51.200;
> }
>
>
> STEP 4.) restart dhcp daemon | check logs | Testing
>
> Note: This config is copy & past from working server.
>
> Grate Thanks to Simon Hobson
> Grate Thanks to Christian Kratzer
>
>
> Thanks / Regards
>
>
>
>
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>


_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list