Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1862
Views
0
Helpful
14
Replies

Dhcp pool issues

prashantrecon
Level 1
Level 1

‎09-12-2011 12:15 AM - edited ‎03-07-2019 02:09 AM

Hi

I have router of  2800  series on which four interface are there  ie fa0/0, fa0/1, serial0/2/0,seial0/2/1,

Currently we are using fa0/0, fa0/1,   fa0/1 is have a point to point connection with other end and fa0/0 is connected to 6506 series switch where dhcp

range is created.

Now i want make use of serial0/20 and 0/2/1 interface on which another isp link is terminated.

Note- I want to use ip range which will not be able to communicate to our lan range and also this link will be connected to separate switch not 6506 so

it will be not be able to communicate to our lan ranges .

so now if i create a dhcp pool is that range ip clash  with the dhcp pool created on l3 and inside lan pc may recieve that range ip.

Labels:
0 Helpful
14 Replies 14

andrew.prince
Level 10
Level 10

‎09-12-2011 12:34 AM

This is not a DHCP pool issue - this is a security issue.  If you want to restrict which IP ranges can and cannot talk to which others - then you need to think about Access-Lists and or seperate them via a firewall or NAT.

0 Helpful

prashantrecon
Level 1
Level 1
In response to andrew.prince

‎09-12-2011 01:42 AM

Hi

Please go through the attachement.  I  have created pool.

No the problem is some of the system in lan are geeting that lan range ip . But the pool created on 6506 is diffrent range.

This is the dhcp issue i am facing. Shall i remove the dhcp pool from that and assign static ip for that system.

0 Helpful

andrew.prince
Level 10
Level 10
In response to prashantrecon

‎09-12-2011 01:51 AM

Use your favorite search engine and search for "ip helper"

0 Helpful

ameya_oke
Level 1
Level 1

‎09-12-2011 03:41 AM

Hi Prashant,

Some clarification is required as data provided by you seems to be inconsistent.

1) Attachment is config of 2800 right,please confirm.

2) As per config attached by you f0/1 is connected to 6506 and not f0/0.

    (you have mentioned F0/0 is connected to 6506)..please confirm

3) "Now i want make use of serial0/20 and 0/2/1 interface on which another isp link is terminated.".

     Where have you intended to connect these links..Which is the other switch model?    

4)  Internal Lan that you are referring to is connected to 6506 switch and new LAn would be connected to 2800 right?

Ameya

0 Helpful

prashantrecon
Level 1
Level 1
In response to ameya_oke

‎09-12-2011 04:20 AM

Hi attached the 2800 router config .on that router two interface are availabl e which i have shutdown manually.ie s0/2/0 and

s0/2/1

On that two interface ip are assigned and also i  will create pool as mentioned in airtel document.

fa0/1 has apoint to point connectio and f0/0 is connected to 6506.

s0/2/0 is connected 2950 switch (which is not connected 6506) and s0/2/1 is connected to isp( another 10 mbps link)

New lan is connected 2950 switch ( ie s0/2/0) and internal lan is connected 6506.

Now my main concern already pool is ther on 6506 switch.

So if i make new pool on 2800 . My internal system are geeting ip created on 2800 router not 6506 switch .Which i donot want.

shall i give static ip ? will it work.

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to prashantrecon

‎09-12-2011 04:25 AM

Hi,

As andrew suggested configure all scopes (pools) on the 6500 switch and use ip helper-address to relay DHCP discovers to the server which is in a different subnet.

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

prashantrecon
Level 1
Level 1
In response to cadet alain

‎09-12-2011 04:37 AM

Hi cadet,

I donot  want to create the pool on 6500.

Is there any alternate which i can make on router 2800

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to prashantrecon

‎09-12-2011 04:47 AM

Hi,

Can you post a topology diagram and specify the scope on 6500 and locate the hosts getting dhcp replies from 6500 which shouldn't.

alain.

Don't forget to rate helpful posts.
0 Helpful

ameya_oke
Level 1
Level 1
In response to prashantrecon

‎09-12-2011 09:25 AM

Hi Prashant,

Create a seperate Vlan for this new switch 2950 ,say vlan 100.

Use "encapsulation dot1q  100"on a subinterface s0/2/0.100

ip dhcp pool broadband

   network 192.168.1.0 255.255.255.0

   dns-server 8.8.8.8 8.8.4.4

   default-router 192.168.1.1

   lease 5

Give 192.168.1.1 on this subinterface s0/2/0.100

This ways PC from other "subnet/existing LAN" wont have IP from this new pool.

Ameya

0 Helpful

prashantrecon
Level 1
Level 1
In response to ameya_oke

‎09-15-2011 05:08 AM

Hi Ameya,

Can U clear one thing.

If I have router on which four interface are there  out of them two interface are connected to 6506 switch and on 6506 one pool is created such as 172.16.4... .

And other two interface are connected to dell switch which is not connected to 6506

If i create a pool on router such as 192.168.1.... Is there any changes that the system connected to 6506 can obtain 192.168.1.... ip.

Please clear my above concern

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to prashantrecon

‎09-15-2011 06:13 AM

Hi,

It shouldn't as a router creates broadcast domains and so the DHCP Discovers should not be propagated unless you have configured a DHCP relay agent .

Regards.

Alain.

Don't forget to rate helpful posts.
0 Helpful

prashantrecon
Level 1
Level 1
In response to cadet alain

‎09-15-2011 06:38 AM

Hi

Ya, I need to check DHCP relay agent.

0 Helpful

srikanth ath
Level 4
Level 4
In response to prashantrecon

‎09-16-2011 03:50 AM

Go with the DHCP relay Agent That will work out in  ur Case

0 Helpful

srikanth ath
Level 4
Level 4
In response to srikanth ath

‎09-16-2011 04:24 AM

ANd prashanth Cadet has given u the Most answer. 6506 shouldnt get ips frm router unless it is a relay agent .... if u already have the dhcp scope on that switch . the pcs connected to that switch should get the ips frm the scope itself.............If u had configured DHCP scopes on router the connected switch should me made as an agent to forward the request oof DHCP discover to router and frm there the router ack and sends an IP to request .

so in your case have a look at AMEYA example create VLANS AND encapsulation

router:

#service dhcp

#ip dhcp pool broadband

#network 192.168.1.0 255.255.255.0

#dns-server 8.8.8.8 8.8.4.4

   #default-router 192.168.1.1

   #lease 5

#exit

#ip excluded address 192.168.1.1-192.168.1.5

switch:

itch# configure terminal


Switch(config)# service dhcp
switch(config)# ip dhcp relay information option
Switch(config)# interface vlan 10
Switch(config-if)# ip address 192.168.10.1 255.0.0.0
Switch(config-if)# ip helper-address 192.168.1.1
 Switch(config-if)# exit


Switch(config)# interface range gigabitethernet0/1 - 2
witch(config-if)# switchport mode access
witch(config-if)# switchport access vlan 10
Switch(config-if)# exit


the Above is anb example just create a pool on router and give its network ip as DHCP relay agent.

then the connected pcs with the associated  VLANs with IP -helper add     can recieve IP from the POOL of it

Best regards

Srikanth

0 Helpful
Customers Also Viewed These Support Documents