DHCP server and multiple VLAN's

mdornfeld · ‎06-20-2016

We have multiple VLAN's routed on a core Nexus switch. We want to change one of the VLAN's (172.20.50.0) to DHCP from static IP addressing and would like to put the DHCP server on our "infrastructure" VLAN (172.20.60.0) which is not the VLAN being switched to DHCP.

We know we have to use IP Helper to allow the DHCP broadcasts to reach the DHCP server and are confident we can do that. But if we install a server or PC on the infrastructure network and it is looking for a DHCP address during installation will it acquire an address from the DHCP server which would give it an incorrect address?

Hope this is clear.

Thanks for any and all help in advance?

Mark

Mark Malone · ‎06-20-2016

Hi

servers/printers and anything that doesn't move about generally should have static ips as best practice , could you not just give the server a static ip in 172.20.60.x network and then under the vlan 172.20.50 interface set the ip helper to 172.20.60.x for the server address

The devices in the 172.20.50 dhcp network don't care where the server resides or what ip it has as long as its reachable and has a pool of addresses for the devices in the .50 network to be able to grab one from

example of ip helper on nexus

interface Vlan50
no ip redirects
ip address 172.x.x.x/24
no ipv6 redirects
ip router eigrp 1
ip passive-interface eigrp 1
hsrp 50
    authentication text secret
    preempt
    priority 150 forwarding-threshold lower 1 upper 150
    ip 172.x.x.x
ip dhcp relay address 172.x.x.x
ip dhcp relay address 172.x.x.x

mdornfeld · ‎06-20-2016

Thank you Mark.

I think that is what we want for the end state of this project, but say we install a new server on the infrastructure network and it doesn't give you a choice to choose DHCP or a static IP address during the installation (e.g. ESXi installs with DHCP as the default method) will the new device acquire an address from the DHCP server? If so, it will be an incorrect address, right?

Mark

Addition: Is it practical to try to restrict DHCP broadcasts from all ports on the infrastructure VLAN, but yet allow the broadcasts to enter the subnet from the DHCP relay agent?

Mark Malone · ‎06-20-2016

Well it depends what the port is set for in terms of vlan that you plug it into , if its set for say vlan .50 then it will get an addrs from that but if the port is set for vlan .60 it will get one from that but yes if dhcp is on and it can reach a dhcp server it will pull an address, if you install it on vlan 60 you will get an ip from vlan 60

You can force a mac address to only learn a certain ip address even by dhcp addressing through client id mac feature, that's another way to assure even by dhcp it gets the correct address and its like static as only that mac can get that ip address , basically host static dhcp to mac if you cant use static maybe useful

some examples

https://learningnetwork.cisco.com/thread/25168

https://twigleaf.wordpress.com/2008/12/06/cisco-ios-dhcp-manual-bindings-for-dummies/

mdornfeld · ‎06-20-2016

I think that pretty much clinches it, but we will test shortly to see what settings we have access to.

I will keep this thread open for a while -- at least until we have our testing done.

Thanks again.

paul driver · ‎06-20-2016

Hello

Following on from marks post below is an example that you can put a temporary dhcp server in the L3 router /switch for a specific host

Ip dhcp excluded-address 172.20.60.1

IP dhcp excluded-address 172.20.60.3 172.20.60.254

IP dhcp pool host

host address 172.20.60.2

Client-identifier 01xx:xxxx:xxxx:xx < server Mac-address

ip dhcp pool vlan60

network 172.20.60.0/24

lease 0 2

Default -router 172.20.60.1

dns server x.x.x.x

Res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul