IP-Helper and default gateway address on switch

StefanoFereri · ‎10-25-2021

Hi,

on an 2960XR at one of our branches there are three vlans: 5 (management), 10 (data), 20 (voice). Switch is uplinked to a MPLS carrier CE, which is gateway for all three networks. Switches management IP address is 192.168.5.2, default gateway is 192.168.5.1 (carrier CE). All voice devices get their IP addresses via IP Helper, which is configured on carrier CE. We need to change the DHCP server for voice clients, preferably without asking the carrier to adjust IP helper (expensive and time consuming).

Our goal is to setup an IP helper on the switch within the voice subnet (192.168.20.0/24), which intercepts all requests and directs them to the new DHCP server (10.1.1.10), which is placed in our HQ.

What I already did: Create an SVI for vlan 20 with IP address 192.168.20.2 and setup the IP helper for 10.1.1.10. But this does not work. I guess because of missing gateway address, which points to carrier CE (192.168.20.1) and allows for passing over these requests to HQ.

Of course I can't replace the switches default gateway address from management net to the one from voice net - I would lose connection. I'm stuck - never did real routing on a switch beside enabling management via network. Is there a simple way to achieve this?

Thanks and regards

Stefano

Reza Sharifi · ‎10-25-2021

Hi,

We need to change the DHCP server for voice clients, preferably without asking the carrier to adjust IP helper (expensive and time consuming).

The gateway is at the service provider's router and that is where it needs to be changed. If you are paying a monthly service to this provider, it should not cost anything or not much to make this change. It should be a matter of a ticket with them and a day or 2 max.

HTH

tim.graf · ‎10-25-2021

Hi Reza,

in fact we have about 20 branches and we have to do this in all of them. Our service provider needs at least two weeks lead time and charges 300 Euros for each ~~switch~~ router.

Thanks and regards,

Stefano

paul driver · ‎10-25-2021

Hello

@StefanoFereri wrote:

All voice devices get their IP addresses via IP Helper, which is configured on carrier CE

Can you clarify -

The ISP provides the routing for a subnet you want to now locally setup a dhcp server for or does the current dhcp server reside locally with the ISP providing the relay for your dhcp server?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

tim.graf · ‎10-25-2021

Hi Paul,

it's a very simple setup: Every branch has its own subnet and ISP routers at the branches are configured as gateways and as IP helper. DHCP servers - old and new one - reside at our HQ. Any branch traffic outside its own network gets routed to HQ, DHCP broadcast also gets unicasted to HQ, because of IP helper. The question finally is how we can provide our clients in the branch networks with a new DHCP server, without the need of the ISP?

Our idea was to implement an IP helper on each branch switch. This IP helper obviously would be the first one to be contacted by the voice clients, it would "overrule" the IP helper on the ISPs routers.

How do I get the switch to convert DHCP broadcasts in the voice vlan into IP helper unicasts and forward them to the ISP router? Up to now I can't see any DHCP requests arriving at HQ.

I hope this makes my request understandable.

Thanks and regards,
Stefano

paul driver · ‎10-25-2021

Hello

@tim.graf wrote

Every branch has its own subnet and ISP routers at the branches are configured as gateways and as IP helper. DHCP servers - old and new one - reside at our HQ. Any branch traffic outside its own network gets routed to HQ

TBH I cannot visualise the topology, I understand the branch and local isp setup but as for the dhcp server HQ I cannot - Maybe a simple diagram for just one branch would help ?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

tim.graf · ‎10-25-2021

tim.graf · ‎10-25-2021

Hi Paul,

tried to visualise it. Hope it helps!

Thanks and regards

Stefano

paul driver · ‎10-25-2021

Hello

Thanks for the topology -

Now if the HQ is a cisco device providing the dhcp server service you can use a feature called dhcp smart relay which will try the primary dhcp server ip ( 192.168.20.99) anddhcp scope and if that isnt available (which it wont be) then the secondary addressing and dhcp scope on the L3 interface ( which will be the the new secondary subnet addressing) wilbe used.

example HQ server

int x/x
ip address 192.168.20.99 255.255.255.0
ip address 192.168.10.99 255.255.255.0 secondary
exit

ip dhcp smart-relay

ip dhcp pool lan
network 192.168.20.0 255.255.255.0
network 192.168.10.0 255.255.255.0 secondary
override default-router 192.168.10.99
default-router 192.168.20.99
lease 0 8

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

tim.graf · ‎10-26-2021

Hi Paul,

thanks a lot for your efforts. Finally we found a way:

interface Vlan20
ip address 192.168.20.2 255.255.255.0 !192.168.20.2 is host address of switch in branch
ip helper-address 192.168.10.99 !192.168.10.99 is new dhcp server
end
ip route 192.168.10.99 255.255.255.255 192.168.20.1 !creates a route to new dhcp server via ISP
ip route 0.0.0.0 0.0.0.0 192.168.5.1 !sets default route for management via ISP router (addr. is missing in my drawing)
ip routing !activate L3 routing

Additionally we blocked dhcp requests to old dhcp server on the firewall, until old dhcp server is finally removed.

Thanks again and regards,

Stefano