multiple subnets

Simon Hobson dhcp1 at thehobsons.co.uk
Wed Apr 2 19:45:27 UTC 2008


M U wrote:

>In fact, I need to define below.
>
>172.17.30.0/28 must get the ipaddress 10.30.0.0/16(10.30.0.1 
>-10.30.255.254) from DHCP server.
>172.17.60.0/28 must get the ipaddress 10.60.0.0/16(10.60.0.1 
>-10.60.255.254) from DHCP server.
>
>The following configuration does not meet my requirement,I think.
>
>  subnet 172.17.101.0 netmask 255.255.255.0 {
>  }
>
>  subnet 172.17.30.0 netmask 255.255.255.248 {
>  }
>
>  subnet 172.17.60.0 netmask 255.255.255.248 {
>  }
>
>subnet 10.30.0.0 netmask 255.255.0.0 {
>  range 10.30.0.1 10.30.255.254;
>}
>
>subnet 10.60.0.0 netmask 255.255.0.0 {
>  range 10.60.0.1 10.60.255.254;
>}
>
>Excuse me but, please give me the advice.


OK, but please define the problem you are trying to solve !

I know what I **THINK** you are trying to do, but the way you ask the 
question suggests a possibility of something else.

Is it simply that you have a router of some sort, and you want 
clients on a network attached to that router to get addresses from a 
certain subnet ? If so, then it is simple and automatic.

I have to ask because "proxy" implies something different to a normal 
DHCP "relay" and I want to be sure that you do actually mean relay 
and not some obscure setup using a proxy.


Assuming my guess is correct, then this is what you need :

On the server, define 172.17.30.0/28 and 10.30.0.0/16 as a shared 
subnet like this :

shared-subnet net30 {
   subnet 172.17.30.0 netmask 255.255.255.240 {
   }
   subnet 10.30.0.0 netmask 255.255.0.0 {
     range 10.30.0.10 10.30.255.254 ;
   }
}

This tells the server that 172.17.30.0/28 and 10.30.0.0/16 are on the 
same physical piece of wire - so when it gets a relayed packet from 
172.17.30.0/28 it knows that it can also offer leases for 
10.30.0.0/16. The rest is automatic.

On each network, configure the DHCP Relay (note "relay", not "proxy") 
is configured to relay client requests to the DHCP server.


You will also need to ensure that the 10.30.0.0/16 subnet is properly 
routed - clients on it MUST be able to send packets directly to (and 
receive packets back from) the DHCP server.

Because as a very minimum you MUST have a router, you cannot define 
the range as :
     range 10.30.0.1 10.30.255.254
as this leaves no usable addresses free. I would go further and 
suggest that you leave a block free for potential future use for any 
service you might need to put in that subnet.

Also, I would suggest splitting the range thus :
     range 10.30.0.10 10.30.0.254
     range 10.30.1.1 10.30.1.254
     ....
     range 10.30.254.1 10.30.254.254
     range 10.30.255.1 10.30.255.254

The reason is that whilst rare, there are some broken clients out 
there written by numpties who think the world begins and ends with 
/24 networks - and so there are devices that cannot cope with 
addresses that end in .0 or .255

I know for a fact that some up to date Netgear devices have such 
broken logic in their code (not neccessarily in their DHCP code, but 
I know parts of their code is afflicted by this).


Finally, consider if your REALLY need that many addresses - it's a 
LOT (over 65,000 per network, and over 130,000 for the two networks 
you've told us about). Large address ranges result in slower load 
times, and higher memory consumption, so it's best to avoid having 
ranges that are hugely in excess of what you need. The software will 
handle it, but you would be wasting resources if you don't need more 
than a small fraction of those numbers.


More information about the dhcp-users mailing list