Multiple subnets within on large CIDR
Justin Shore
justin at justinshore.com
Tue Nov 4 17:27:54 UTC 2008
I'm having trouble trying to figure out how to configure DHCPd to solve
a certain problem. We're addressing our new FTTH plant to allow for
carriers to easily be broken off if future growth demands. The plan was
to create one large subnet (a /19) that will encompass all optical
equipment. That subnet is assigned to a single pair of matching SVIs on
the upstream routers. Each carrier is assigned a /22 within that /19.
Both the infrastructure devices and the NIDs that make up the carrier
are addressed as if the subnet was standalone and not overlaid on
another broadcast domain (ie, /22 masks are used). This way if that
carrier has to be spun off into a dedicated ring nothing will have to be
re-IPed, especially the NIDs on the edge which are DHCP-assigned and
also have to be hardcoded in our telco soft switch. On the routers
gateway IPs for each individual /22 are assigned as secondary addresses
on the SVI for the common VLAN that all the smaller subnets are overlaid
onto. Option 82 info is used to assign any device on a given optical
switch's port a specific IP. I have a shared-network statement followed
by the all-encompassing subnet statement (and all the options under
that). After the subnet statement I have my class statements that match
the Option 82 data. Under each class is a pool statement that allows
members of the afore mentioned class with a single range and filename
defined as well. That's basically described the layout. Hopefully
that's not too confusing.
Scaling back the /19 and /22 a little bit, pretend that I have a /22 and
4 carriers. Each carrier is assigned a /24 under that /22 and the
devices in each carrier uses a /24 mask.
10.0.0.0 /22
10.0.0.0 /24 Carrier 1
10.0.1.0 /24 Carrier 2
10.0.2.0 /24 Carrier 3
10.0.3.0 /24 Carrier 4
The single SVI on each router has 0.1, 1.1, 2.1 and 3.1 configured for
use (HSRP). 0.1 is the primary and all the rest are secondaries.
The problem as I see it now is that when my routers receive the DISCOVER
on the SVI with the /19 GW IP and all the /22 secondaries, it will only
use the primary IP for the IP address of the relaying router. This
means that I won't be able to correctly match the subnet statements that
correspond to the /22s. I have to have unique subnet statements for
each /22 because the default route is different for each /22 (unless I
can define the router option in a pool statement).
We had all this laid out earlier with a single common subnet with
everyone having the same mask. My 7600s relayed the DHCP requests and
all was well. Unfortunately the FTTH vendor wouldn't support the design
and asked us to convert it to the one model that they would support.
The IP addressing scheme was our own design. While we'll try to build
the L2 network to meet their screwy specs, we will not paint ourselves
into a corner (again) by not allowing for carriers to easily be broken
off of rings future growth. The IP addressing scheme should make that
much less painful than reIPing all the VoIP endpoints.
Can anyone think of any fix for this? Is this something that a properly
formatted shared-network statement can fix? I need to be able to
receive DISCOVERs with a relay router IP that matches the large /19 but
they relies on the option 82 info (which will be unique) to use the
right pool info. It also has to somehow give out the right default
gateway IP at the same time. I'm thinking multiple subnet statements
with their classes and pools under a shared-network statment. I just
can't figure out how to put it all together so it works.
Mentally frustrating indeed. Thoughts? Thanks
Justin
More information about the dhcp-users
mailing list