DHCP design guidance

Jason Lixfeld jason-lists.dhcp at lixfeld.ca
Mon May 21 20:37:26 UTC 2012 

Hi all,

I'm looking for some guidance on DHCP network designs, specifically in an ISP environment, but I suppose ISP design might be synonymous with Enterprise or Academic design.

I have a Cisco switch with a bunch of clients hanging off of it, and my DHCP server lives on the other side of the network, so I use the ip helper-address hook in IOS to relay DHCP requests to the off-subnet DHCP server.

As near as I can tell, on the server side, I need a subnet declaration that matches the subnet of the pool from which I want to assign these clients their addresses.  In order to achieve this, and have the DHCP server start, I need an interface in that same subnet on the DHCP server.

! Cisco side:
!
interface Vlan4000
 description Client facing
 ip vrf forwarding Inetv4
 ip address 10.0.0.1 255.255.255.0
 ip helper-address vrf management 10.219.51.135
!
interface GigabitEthernet 1/1
 description Facing Client 1
 switchport access vlan 4000
!

! DHCPD side:
;
;
subnet 10.219.51.128 netmask 255.255.255.224 {
}

subnet 10.0.0.0 netmask 255.255.255.0 {
 not authoritative;
 range 10.0.0.5 10.0.0.254;
 option routers 10.0.0.1;
}
;
;

[root at dhcp01 ~]# ifconfig | egrep "encap|inet "
eth0      Link encap:Ethernet  HWaddr 00:0C:29:46:FE:E9  
          inet addr:10.219.51.135  Bcast:10.219.51.159  Mask:255.255.255.224
eth0:0    Link encap:Ethernet  HWaddr 00:0C:29:46:FE:E9  
          inet addr:10.0.0.2  Bcast:255.255.255.255  Mask:0.0.0.0
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
[root at dhcp01 ~]# 


When I run the server with -d -f:

DHCPDISCOVER from 00:02:71:17:58:bb via 10.0.0.1
DHCPOFFER on 10.0.0.3 to 00:02:71:17:58:bb via 10.0.0.1
DHCPDISCOVER from 00:02:71:17:58:bb via 10.0.0.1
DHCPOFFER on 10.0.0.3 to 00:02:71:17:58:bb via 10.0.0.1
DHCPDISCOVER from 00:02:71:17:58:bb via 10.0.0.1
DHCPOFFER on 10.0.0.3 to 00:02:71:17:58:bb via 10.0.0.1
…
…
…

And herein, from my likely ignoramus perspective, lies the problem.  The local interface that I'm using to allow dhcpd to start without it complaining about not having an interface within a configured address range is also the interface that is receiving the discover and sending the offer.  The problem is that this interface actually goes nowhere and is actually just an alias acting as an anchor.  Offers directed out this interface will get sent out on the wire which has no knowledge of how to actually reach 10.0.0.0/24.

My impression was that the ip helper-address would write the discovery in such a way where it would send the offer back out the same interface it was received on, but alas..

So I'm left with two conclusions.

1.  I'm ignorant and don't actually understand how this is supposed to work.
2.  This idea is wrong and the only way that it will work is for my DHCP server to have an interface that is bridged back to the same common subnet as VLAN4000, but that would make the ip helper-address command useless, so I must be missing something.

I'm wondering if anyone might be able to offer some insight.  My google-fu seems to be useless in trying to find an answer or at least a direction.

Thanks in advance.

More information about the dhcp-users mailing list