DHCP RElay Help
Rhino Lists
isplists at duracom.net
Thu Mar 13 16:06:40 UTC 2008
Simon,
Thanks for the help. I had to put the new subnets into a new shared network
of its own. Now everything works as expected. Just out of curiosity why
would having all the subnets in one shared network try to issue wrong IP's
to the other interface?
K
-----Original Message-----
From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On Behalf
Of Simon Hobson
Sent: Thursday, March 13, 2008 10:15 AM
To: dhcp-users at isc.org
Subject: Re: DHCP RElay Help
Rhino Lists wrote:
>I have an issue. We have a Cisco router with 2 Ethernet Interfaces F0/0
and
>F0/1. My dhcp server sits on F0/1. On F0/0 I have the following:
>
>interface FastEthernet0/0
> ip address xx.xx.xx.177 255.255.255.240
> ip address xx.xx.xx.161 255.255.255.240 secondary
> ip address cc.cc.cc.1 255.255.254.0 secondary
> ip access-group 101 in
> ip access-group 102 out
> ip helper-address xx.xx.xx.146
>
>
>When this was set like this I received unknown segment from the DHCP
server?
>So I then changed it like this:
>
>
>interface FastEthernet0/0
> ip address xx.xx.xx.177 255.255.255.240 secondary
> ip address xx.xx.xx.161 255.255.255.240 secondary
> ip address cc.cc.cc.1 255.255.254.0
> ip access-group 101 in
> ip access-group 102 out
> ip helper-address xx.xx.xx.146
>
>
>Now on the router I set cc.cc.cc.1 as the Primary IP on F0/0 and the
unknown
>segment went away? Why would it matter either way?
Probably you have not properly configured DHCP on the server. You
should have subnet declarations for all through subnets
(xx.xx.xx.177/28, xx.xx.xx.161/28, and cc.cc.cc.1.23) - I suspect you
don't have a subnet declaration for xx.xx.xx.177/28.
Now, this is not enough because these three subnets are a shared
network - so they MUST be declared as such :
shared-network somename {
subnet xx.xx.xx.177 ... {
...
}
subnet xx.xx.xx.161 ... {
...
}
subnet cc.cc.cc.1 ... {
...
}
}
I would guess that you have a subnet declaration for cc.cc.cc.1/23
but not for the others. When xx.xx.xx.177 is the primary address for
the interface, that is what the router will insert into the GIAddr
(Gateway Interface Address) field of the request packet before
sending it on to the server. Because the server hasn't been told
about that subnet, it tells you "unknown segment" for the simple
reason that it knows nothing about it.
When you switched the primary address to cc.cc.cc.1, then the server
does know about the segment and "appears" to work.
Assuming you don't want to give out leases in the other subnets, then
just leave the declarations empty (ie don't define a pool in them).
Lastly, check the archives, because applying "ip helper-address" in a
Cisco router turns on forwarding of about half a dozen other
protocols which you almost certainly don't want forwarding. You need
a pile additional statements (which I can't remember) to turn off the
forwarding of the other broadcast protocols.
More information about the dhcp-users
mailing list