cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1198
Views
0
Helpful
11
Replies

DHCP server to add in my environment

N.UddinSheikh
Level 1
Level 1

Hi All, 

Need some guidance please, in my environment i have L3 switches with two different vlan running with 2 SVI's, 

 

So got VLAN 8 and VLAN 9. 

Vlan 8  172.28.132.0/24 ( public) 

Vlan 9 172.28.133.0/24 ( staff) 

I currently have no DHCP server running in my environment, we are about to install 4 new staff devices which must be issued an IPv4 address, subnet mask, gateway, and DNS server address(es) automatically using DHCP they don't work via manually static assigned IP addresses. ( so i need DHCP just for these 4 devices there will be no future need for DHCP) 

 

Also i want to create address reservations for devices to ensure that they always receive the same IP address when their lease expires. This is because i need to assign specific firewall rules for our devices that are tied to a particular IPv4 address. 

 

Please can someone help me out with this ?

Do i need to create a new vlan for these 4 devices?

Do i need to have a new subnet for these devices?

Should i create a dhcp on an l3 switch or should i create a windows DHCP server?

What will be the best solution? 

 

Thanks 

 

 

1 Accepted Solution

Accepted Solutions

Richard Burts
Hall of Fame
Hall of Fame

The original post asks several questions:

Do i need to create a new vlan for these 4 devices?

You do not need to create a new vlan for these. You might decide that you want to have a separate vlan for them, depending on what their security requirements may be. It might be easier to establish your security rules if they were separate. But as far as basic functionality is concerned there is no requirement for a new vlan.

 

Do i need to have a new subnet for these devices?

This question is closely related to the first question. Since there is usually a one to one relationship between vlan and subnet, if you decide to create a new vlan then you would want a new subnet. If there is not a new vlan then there is no need for a new subnet.

 

Should i create a dhcp on an l3 switch or should i create a windows DHCP server

The choice is up to you. But my suggestion is that you need only 4 addresses to be managed using DHCP that setting up a server would be overkill. Doing DHCP on a layer 3 switch is easy and would work fine.

 

HTH

 

Rick

HTH

Rick

View solution in original post

11 Replies 11

Hello,

 

are these 4 new devices part of Vlan 8 or 9 ? If you only have these four devices, I would just create client reservations on the layer 3 switches (basically IP address reservations).

 

A reservation would look like this:

 

ip dhcp pool SERVER1

host 192.168.1.10 255.255.255.0

hardware-address 01f0.def1.9b01.df

Hi George

Yes these 4 devices are part of vlan 9, and all the 4 devices will be plugged into the same ports.

balaji.bandi
Hall of Fame
Hall of Fame

If you looking only for 4 devices -

 

1. you can have any dhcp server running in the network.(if you have resources.)

 

2. you can use same device as a DHCP Server (what is the device you running these SVI VLAN) ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

2. you can use same device as a DHCP Server (what is the device you running these SVI VLAN) ?

 

Its an l3 cisco switch. 

the 4 new devices will have same subnet as vlan 9? 

 

Thanks 

 

Then its easy for your to create a DHCP Pool address and exclude the gateway

and reserve the IP address for 4 device with MAC Address.

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

switch3#conf t

switch3#(config)ip dhcp excluded-address 172.28.133.1 172.28.133.245

switch3#(config)ip dhcp excluded-address 172.28.133.251 172.28.133.255

Switch3#(config)ip dhcp pool MyDHCP

Switch3#(dhcp-config)network 172.28.133.0 255.255.255.0

Switch3#(dhcp-config)dns-server 192.168.1.253

Switch3#(dhcp-config)default-router 172.28.133.1

Switch3(dhcp-config)# lease 7

Switch3(dhcp-config)# lease 0 12

switch3(dhcp-config)#host 172.28.133.246 255.255.255.0

switch3(dhcp-config)#client-identifier 01c2.020f.3800.00

 

Will this be ok? 

also the rest of the port in my environment how do i secure them? as i dont want any one to plug in a outside device and get an ip address?

 

 

 

 

You need to define a separate DHCP pool for each individual client reservation, e.g.:

 

ip dhcp pool CLIENT1

host 172.28.133.246 255.255.255.0

client-identifier 01c2.020f.3800.00

 

The best way to protect your network is to shut down unused ports...

switch3#conf t

switch3#(config)ip dhcp excluded-address 172.28.133.1 172.28.133.245

switch3#(config)ip dhcp excluded-address 172.28.133.251 172.28.133.255

Switch3#(dhcp-config)network 172.28.133.0 255.255.255.0

Switch3#(dhcp-config)dns-server 192.168.1.253

Switch3#(dhcp-config)default-router 172.28.133.1

Switch3(dhcp-config)# lease 7

Switch3(dhcp-config)# lease 0 12

Switch3#(config)ip dhcp pool client 1

switch3(dhcp-config)#host 172.28.133.246 255.255.255.0

switch3(dhcp-config)#client-identifier 01c2.020f.3800.00

Switch3#(config)ip dhcp pool client 2

switch3(dhcp-config)#host 172.28.133.247 255.255.255.0

switch3(dhcp-config)#client-identifier 01c2.020f.3800.00

Switch3#(config)ip dhcp pool client 3

switch3(dhcp-config)#host 172.28.133.248 255.255.255.0

switch3(dhcp-config)#client-identifier 01c2.020f.3800.00

Switch3#(config)ip dhcp pool client 4

switch3(dhcp-config)#host 172.28.133.249 255.255.255.0

switch3(dhcp-config)#client-identifier 01c2.020f.3800.00

 

thanks for your help, please can you confirm if this would work? 

Richard Burts
Hall of Fame
Hall of Fame

The original post asks several questions:

Do i need to create a new vlan for these 4 devices?

You do not need to create a new vlan for these. You might decide that you want to have a separate vlan for them, depending on what their security requirements may be. It might be easier to establish your security rules if they were separate. But as far as basic functionality is concerned there is no requirement for a new vlan.

 

Do i need to have a new subnet for these devices?

This question is closely related to the first question. Since there is usually a one to one relationship between vlan and subnet, if you decide to create a new vlan then you would want a new subnet. If there is not a new vlan then there is no need for a new subnet.

 

Should i create a dhcp on an l3 switch or should i create a windows DHCP server

The choice is up to you. But my suggestion is that you need only 4 addresses to be managed using DHCP that setting up a server would be overkill. Doing DHCP on a layer 3 switch is easy and would work fine.

 

HTH

 

Rick

HTH

Rick

switch3#(config)ip dhcp excluded-address 172.28.133.1 172.28.133.245

switch3#(config)ip dhcp excluded-address 172.28.133.251 172.28.133.255

Switch3#(config)ip dhcp pool MyDHCP

Switch3#(dhcp-config)network 172.28.133.0 255.255.255.0

Switch3#(dhcp-config)dns-server 192.168.1.253

Switch3#(dhcp-config)default-router 172.28.133.1

Switch3(dhcp-config)# lease 7

Switch3(dhcp-config)# lease 0 12

 

do u think this will work, also how do i bind the ip to mac can you please guide?

 

You do not need to, and I believe do not want to, create a DHCP pool with multiple addresses or to configure DHCP excluded addresses. If you want to assign specific IP addresses to 4 PCs then you need to configure 4 DHCP pools where each pool assigns a single IP address. Within that pool you could use hardware address or use client id to bind the mac address to the IP address. Suggestions from Georg have demonstrated both approaches.

 

HTH

 

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: