Hi,

When running DHCP from a Windows based infrastructure, Your customer needs to have each DHCP scope defined for each VLAN under a superscope, otherwise windows DHCP won't be able to differentiate between the different sources addresses (vlan interfaces) that are requesting an IP address. As a result of this the DHCP server will always allocate an IP address from the same scope.

Rgds

Paddy

Paddy are you irish!? If this is the answer I'll buy you a beer! Anyone possibly have a screenshot of what this looks like.. can't say I have ever seen a superscope setup. I have seen seperate scopes for each vlan scope but never some kind of superscope.

Half Irish!!

Defo check out the superscope bit, this is certainly required when serving IP addresses via DHCP from a Windows DHCP server to networks with multiple source ranges

I'm trying to sound technical but i have infact just got back from the pub!

Goodluck

Paddy

PS checkout the following link, its for windows 2003 but also the same for 2000

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/sag_dhcp_imp_UsingSuperscopes.asp

I'm still kind of puzzeled why this is required. I read the paper but im still puzzled.

In the past I have done this before with routers to a central network data center with a DHCP server in a single network. I did DHCP relay at each remote router to the central network and I had a different scope for each network and it handed out DHCP just fine.

Now instead of seperating everything with routers I am doing it with layer 3 vlans that shouldn't be able to talk to one another until it reaches the core vlan interfaces.. each core interface vlan has the ip helper command and I am running eigrp to router between the vlan interfaces to let the networks talk to one another..

now I thought network rules state that dhcp will not pass one interface to another without a relay (aka the helper command) to help it along.

Well if a dhcp broadcast packet in vlan 10 hits interface vlan10 and the helper says to forward it to x.x.x.x dhcp server why is the dhcp server thinking it is in a different scope range.. the giaddr should be the ip address of the vlan 10 interface and should make the dhcp server respond back with a ip addres from the matching scope.

Thats what is just puzzling the hell out of me.

Hi,

One thing i would also check, when you get the same IP address from the DHCP server, are you seeing this address as leased in the servers DHCP console.

What happens if you delete the lease from within DHCP and try ipconfig /release | renew again?

PD

If we ipconfig /release while on vlan 10 then go to the dhcp server and delete the reservation out of the scope it was in for vlan 10.

Then we go and move the port the pc is on to vlan 11 and then do a ipconfig /renew (it takes a minute) then we get a ip address but its in the vlan 10 range and if we look on the server its being assigned from the vlan 10 scope.

So I am stumped why the dhcp server seems to think im coming from the 10 vlan when I am in the 11 vlan. in fact I know im in the 11 vlan because if I try to ping the 10 gateway I get zero response. One thing I haven't tried is staticly assigning a ip in the 11 vlan to see if I can ping the 11 vlan gateway to double check I am in the 11 vlan. I am pretty sure I would get a response.

It's sounding like I really need to drop a sniffer on between the PC and the edge switch and the core switch and the dhcp server and see if my packets are working correctly.

yeah thats my plan of action to try tomorrow.

I am going to toss up a sniffer between the DHCP server and the core switch port and check that dhcp relay packet out.. I want to know if its coming off the correct relay interface.

if not then I have to go back and figure out why vlan traffic being tagged for 1 vlan is leaking onto another vlan..

Is that even possible?

Problem found.

It was a superscope problem.

Basicly he had superscopes setup and he shouldn't have so all the scopes were responding to the request when it was just one scope that was supposed to.

He removed the superscope and tested it and it worked fine. Problem solved.

Now I am unsure why he was trying to use superscopes. Myself I have done lots of these dhcp relay installations and never once did superscopes. In fact this is the first time I have heard of it so now I will know to look for it.

let me anwer your questions:

1. yes each vlan has ip helper-address X.X.X.X (ip address of w2003 dhcp server

2. I am not sure if there is a default gateway option on each scope. I am pretty sure there is one. I didn't setup the scopes but I did watch as I deleted a address and then watched as it reappeared in the wrong scope.

3. I am sure the core switch is a server (I set this myself) I am unsure if the remote is a client or server or transparent. I know that if I do a show vlan on the edge switch I do see all the vlans listed. I am doing switchport allowed vlans x,x,x,x where the vlans I want to be allowed across the trunked 801q uplink to the core.

Anyhow any suggestions on where to start would be appreciated.

Oh I almost forgot there is a redundant core switch setup with a port channel 4 gig uplink between the two. I'm not sure if that would effect anything but I figured I would share that info incase it might make a difference.