Diferent dhcp relay

Tue Oct 11 18:05:15 UTC 2011

André wrote:

>  >> [ dhcpd ]--A.x.x.x/24---[ relay1 ]---B.x.x.x/24 --{ client }
>>>              |--A.x.x.x/24---[ relay 2]---C.x.x.x/24 --{ client }
>>>
>>>  does your setup look similar to this ^ ?
>Yes, my setup is like that.
>
>>
>>  My relays are on the networks
>>  10.1
>>  and 10.2
>>
>>  This is a cable network so cm's will be served from 10.1 and 10.2
>>  Due to equipment restrictions I require to use 
>>the dhcp giaddr of 10.1.x.1 and 10.2.x.2 for 
>>all the hosts
>>  requesting a IP address.
>
>
>>>  are these two subnets on the same physical 
>>>broadcast zone ? or are the on separate VLANS ?
>Same physical broadcast zone no vlans.

Hmm, these two answers are inconsistent !

First answer says that the two networks (B.x.x.x 
and C.x.x.x above) are separate networks, then 
you say they are the same network. I'm guessing 
from your problem description that the latter is 
the truthful answer, and if that is the case then 
your config is wrong ...

>shared-network share1
>{
>         subnet x.x.35.0 netmask 255.255.255.0 {
>                 }
>         }
>         subnet 10.1.0.0 netmask 255.255.0.0 {
>         }
>
>         subnet x.x.34.0 netmask 255.255.255.192 {
>         # CORE NETWORK DONT TOUCH      
>         }
>       
>         subnet 192.168.0.0 netmask 255.255.0.0 {
>         # CORE MANAGEMENT DONT TOUCH
>         }
>
>}
>
>shared-network share-c3
>{
>     subnet x.x.48.0 netmask 255.255.255.0 {
>     }
>     subnet 10.2.0.0 netmask 255.255.0.0 {
>     }
>}
>

This will not and can not work because what you 
have told your DHCP server about your network 
topology is different to the actual topology.

Remember that DHCP is a BROADCAST protocol - so 
BOTH relay agents will pick up ALL broadcasts 
from ALL clients because they are on the same 
network. Short of configuring each relay agent 
with a list of MAC addresses (or similar) that it 
will relay for, then you cannot have one set of 
clients using one relay and the other clients 
using a different relay. This is fundamental 
networking and it's disturbing that you didn't 
spot this yourself.

Because the 10.1 and 10.2 networks share the same 
broadcast domain, they are themselves a shared 
network, and so the above should actually be :

shared-network share1
{
     subnet x.x.35.0 netmask 255.255.255.0 {
     }
     subnet 10.1.0.0 netmask 255.255.0.0 {
     }
     subnet x.x.34.0 netmask 255.255.255.192 {
     }
     subnet 192.168.0.0 netmask 255.255.0.0 {
     }
     subnet x.x.48.0 netmask 255.255.255.0 {
     }
     subnet 10.2.0.0 netmask 255.255.0.0 {
     }
}

Now you see that all these subnets are ONE shared 
network. If you require to split clients between 
the 10.1 and 10.2 networks in a specific way, 
then you will need to use classing to do so, eg :

class "classdot1" {
   match on <something>
}
class "classdot2" {
   match on <something else>
}
subnet 10.1.0.0 netmask 255.255.0.0 {
   pool ....
     allow members of "classdot1" ;
}
subnet 10.2.0.0 netmask 255.255.0.0 {
   pool ....
     allow members of "classdot2" ;
}

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.