01-20-2004 05:54 PM - edited 03-02-2019 01:02 PM
Hi,
I've got kind of an interesting technical challenge.
I run a small network with unmanaged switches. In this environment there is some development going on that does ugly things to us, like for example, virtual PC's come up running DHCP and start handing out addresses and DNS server pointers that go no where...
So I've set up a 2611XM with two NICS and have physically segmented off the dev servers that are doing this.
The developers still want DHCP on the new subnet, which I can set up for them no problem, either on a Windows 2003 server on that segment or on the router itself. But I don't want to relay DHCP from the main subnet to the new 'devnet'.
With basically a default RIP2 setup and a couple of static routes I have the new network working fine and things like DNS and LDAP and other things Windows networking needs is all happy. The developers can browse the windows network and still get out to the internet...and there is no real need to get all strict with security on the router since it is on the inside of our firewall...
But before I setup DHCP on the new subnet, is there an easy way to ensure that DHCP traffic will not traverse the router from one physical segment to the other? (from one onboard NIC to another onboard NIC and vice versa)
Thanks in advance for any help or pointers to resources...
01-20-2004 11:27 PM
By default, router will not pass dhcp related traffic(for that matter any broadcast traffic), so you need not worry. But to ensure ,you can use 'no ip forward-protocol udp 67' which will block bootp/dhcp related UDP traffic from traversing.
I hope you have not enabled 'ip helper-address' on the router.
Regards
Suhas
01-21-2004 12:46 PM
that answers my question, thanks much!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: