Multiple subnets within on large CIDR

Justin Shore justin at justinshore.com
Tue Nov 4 17:27:54 UTC 2008


I'm having trouble trying to figure out how to configure DHCPd to solve 
a certain problem.  We're addressing our new FTTH plant to allow for 
carriers to easily be broken off if future growth demands.  The plan was 
to create one large subnet (a /19) that will encompass all optical 
equipment.  That subnet is assigned to a single pair of matching SVIs on 
the upstream routers.  Each carrier is assigned a /22 within that /19. 
Both the infrastructure devices and the NIDs that make up the carrier 
are addressed as if the subnet was standalone and not overlaid on 
another broadcast domain (ie, /22 masks are used).  This way if that 
carrier has to be spun off into a dedicated ring nothing will have to be 
re-IPed, especially the NIDs on the edge which are DHCP-assigned and 
also have to be hardcoded in our telco soft switch.  On the routers 
gateway IPs for each individual /22 are assigned as secondary addresses 
on the SVI for the common VLAN that all the smaller subnets are overlaid 
onto.  Option 82 info is used to assign any device on a given optical 
switch's port a specific IP.  I have a shared-network statement followed 
by the all-encompassing subnet statement (and all the options under 
that).  After the subnet statement I have my class statements that match 
the Option 82 data.  Under each class is a pool statement that allows 
members of the afore mentioned class with a single range and filename 
defined as well.  That's basically described the layout.  Hopefully 
that's not too confusing.

Scaling back the /19 and /22 a little bit, pretend that I have a /22 and 
4 carriers.  Each carrier is assigned a /24 under that /22 and the 
devices in each carrier uses a /24 mask.

10.0.0.0	/22
10.0.0.0	/24	Carrier 1
10.0.1.0	/24	Carrier 2
10.0.2.0	/24	Carrier 3
10.0.3.0	/24	Carrier 4

The single SVI on each router has 0.1, 1.1, 2.1 and 3.1 configured for 
use (HSRP).  0.1 is the primary and all the rest are secondaries.

The problem as I see it now is that when my routers receive the DISCOVER 
on the SVI with the /19 GW IP and all the /22 secondaries, it will only 
use the primary IP for the IP address of the relaying router.  This 
means that I won't be able to correctly match the subnet statements that 
correspond to the /22s.  I have to have unique subnet statements for 
each /22 because the default route is different for each /22 (unless I 
can define the router option in a pool statement).

We had all this laid out earlier with a single common subnet with 
everyone having the same mask.  My 7600s relayed the DHCP requests and 
all was well.  Unfortunately the FTTH vendor wouldn't support the design 
and asked us to convert it to the one model that they would support. 
The IP addressing scheme was our own design.  While we'll try to build 
the L2 network to meet their screwy specs, we will not paint ourselves 
into a corner (again) by not allowing for carriers to easily be broken 
off of rings future growth.  The IP addressing scheme should make that 
much less painful than reIPing all the VoIP endpoints.

Can anyone think of any fix for this?  Is this something that a properly 
formatted shared-network statement can fix?  I need to be able to 
receive DISCOVERs with a relay router IP that matches the large /19 but 
they relies on the option 82 info (which will be unique) to use the 
right pool info.  It also has to somehow give out the right default 
gateway IP at the same time.  I'm thinking multiple subnet statements 
with their classes and pools under a shared-network statment.  I just 
can't figure out how to put it all together so it works.

Mentally frustrating indeed.  Thoughts?  Thanks
  Justin


More information about the dhcp-users mailing list