cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
569
Views
5
Helpful
1
Replies

dhcp helper across pubic from private addresses

ppalmerjr
Level 1
Level 1

Public DHCP server

          |

Router (vlan 10 to outside - public ip space

             vlan 20 to inside  - private ip space)

          |

clients on vlan 20 need to reach public DHCP server

____________________________

 

I'm aware you can put in an IP helper on VLAN 10 and then clients on this subnet will have no problems getting address.

 

Lets say you have a scenario where there are clients on VLAN 20 (internal IPs) need to reach the same DHCP server sitting in public space?  If I put a helper on VLAN 20 then the source IP of the DHCP request will be VLANs 20 and the DHCP server will not be able to route back the request.  Is there anyway to change the source address that the IP Helper uses?  Maybe I could trick it and have VLAN 10's IP put in as the source so that DHCP response will make it back to me?

I was thinking there was some sort of trick I could do with a secondary address??

 

Thoughts?

 

Thanks!!!

1 Accepted Solution

Accepted Solutions

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello,

the DHCP relay agent sets an internal field the gia address to give the DHCP server a hook to what DHCP scope to use.

The DHCP server does not use the source address of the DHCP relayed packet to choice the DHCP pool to pick the address for the answer.

This can allow DHCP relay to work over a NAT router if the NAT does not change the internal field.

 

Edit:

It looks like that the DHCP server tries to answer to the internal field address and with NAT in the middle the DHCP answer fails to be routed as you have noted.

see

https://www.tek-tips.com/viewthread.cfm?qid=1475203

 

At this point I would suggest to enable DHCP server on the router itself for the users in internal Vlan 10 as a workaround.

 

Hope to help

Giuseppe

 

View solution in original post

1 Reply 1

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello,

the DHCP relay agent sets an internal field the gia address to give the DHCP server a hook to what DHCP scope to use.

The DHCP server does not use the source address of the DHCP relayed packet to choice the DHCP pool to pick the address for the answer.

This can allow DHCP relay to work over a NAT router if the NAT does not change the internal field.

 

Edit:

It looks like that the DHCP server tries to answer to the internal field address and with NAT in the middle the DHCP answer fails to be routed as you have noted.

see

https://www.tek-tips.com/viewthread.cfm?qid=1475203

 

At this point I would suggest to enable DHCP server on the router itself for the users in internal Vlan 10 as a workaround.

 

Hope to help

Giuseppe

 

Review Cisco Networking for a $25 gift card