Dynamic vs static IP allocation w/r known MAC with 2 servers

Emmanuel Halbwachs Emmanuel.Halbwachs at obspm.fr
Thu Apr 26 09:26:19 UTC 2007 

Hello,

Short version:

  Is it possible that two DHCP servers (ISC) live together in the same
  VLAN, where the first always offer an IP address and the second no,
  but is prioritary when it answers?

Background:

  That could be seen as a strange requirement but for various reasons
  we have a kind of uncommon network for the moment:

	- one VLAN
	- no dynamic VLAN allocation for the moment
	- two subnets on this VLAN:
		- 145.238/16 managed with fixed IP
		- 172.16/12 currently managed by an appliance
	- appliance is:
		- used for visitor authentication
		- a Linux box running ISC DHCP but we would like to
		  avoid fiddling with

Goal:

  Enter in the modern world of DHCP ;-) by allocating:
	- fixed address for known MAC addresses
	- dynamic IP in another subnet for unknown MAC addresses
	  (guest/visitor)

Question:

  I tried to put on the same VLAN two DHCP servers:
	- A (for appliance)
	- B
  with B configured as authoritative for 145.238/16. Configurations
  are in appendix below.

  A first test with Windows XP client shadows my hope:

	- client sends DISCOVER
		- A sends OFFER
		- B sends nothing
	- client sends REQUEST to accept A's offer
		- A sends ACK
		- B sends NAK
	- client loops on the whole process and sends DISCOVER
		- etc.

  I feel that Windows DHCP client doesn't like the NAK sent by B. It
  seems Linux (ISC) and MacOS X DHCP clients don't care and behave as
  I want.

  So, to make this thing work for Windows, is there a way to configure
  B to send nothing instead of NAK?

  Do you see another way to reach the goal?

Thanks in advance for some thoughts.


Appendix: DHCP servers configurations

  ---------------------------------------------------------------------------
  A :
  
  default-lease-time 7200;
  max-lease-time 7200;
  option domain-name "obspm.fr";
  ddns-update-style none;
  subnet 172.24.0.0 netmask 255.255.248.0 {
          option domain-name-servers 172.24.0.1;
          range 172.24.1.0 172.24.4.255;
          option routers 172.24.0.1;
          option broadcast-address 172.24.7.255;
  }
  
  ---------------------------------------------------------------------------
  B :

  ddns-update-style none;
  default-lease-time 60;
  max-lease-time 100;
  subnet 145.238.0.0 netmask 255.255.0.0 {
          authoritative;
          option  routers 145.238.65.2;
          option  domain-name "obspm.fr";
          option  domain-name-servers 145.238.2.26;
  }
  subnet 172.24.0.0 netmask 255.255.248.0 {
          not authoritative;
  }
  host rossinante {
    hardware ethernet 00:12:3f:0e:99:6f;
    fixed-address 145.238.2.155;
  }

  ---------------------------------------------------------------------------



-- 
Emmanuel Halbwachs
Resp. Réseau/Sécurité                    Observatoire de Paris-Meudon
tel      : (+33)1 45 07 75 54                   5 Place Jules Janssen
fax      : (+33)1 45 07 76 13                    F 92195 MEUDON CEDEX

More information about the dhcp-users mailing list