[prev in list] [next in list] [prev in thread] [next in thread]
List: dhcp-server
Subject: RE: Same Wire Different Vlans Final! Thanks
From: "Michael Davidson" <michael () bbd ! co ! za>
Date: 2003-01-28 9:57:54
[Download RAW message or body]
*** From dhcp-server -- To unsubscribe, see the end of this message. ***
Nice to see you've come right with your DHCP server.
To answer your question on "shared network" here's an illustration:-
In the olden days, before CDIR and NAT, when we used global addresses on our
LANs, it was often the case that you would use up all of the addresses in
the subnet (say Class C subnet) assigned to a LAN.
One solution to this address shortage was to deploy another subnet over the
same physical infrastructure. So, in essence, you could have 2 bunches of
w/stns using two different IP subnets, all *sharing* the same wire, but
oblivious to each other.
A device (Router, DHCP server) which needs to be common to both subnets has
to be assigned an address from each subnet on the same interface. In Cisco
terms this is the "Secondary" address feature, in Linux it's commonly
referred to as an "alias" address, in WinNt/2k its just another address .
The DHCP service doesn't automatically pick up the fact that there are two
subnets on the one interface, so,in DHCPD.conf you have indicate this by
placing them in a "Shared Network" declaration.
I suggested only one, but there are other reasons to share the network
infrastructure. So, even though you don't have this situation right now, who
knows....
Regards Mike D.
-----Original Message-----
From: dhcp-server-bounce@isc.org [mailto:dhcp-server-bounce@isc.org]On
Behalf Of Sean Murphy
Sent: Tuesday, January 28, 2003 12:16 AM
To: dhcp-server@isc.org
Subject: RE: Same Wire Different Vlans Final! Thanks
*** From dhcp-server -- To unsubscribe, see the end of this message. ***
Solution! isc-dhcp v3 same wire different vlans
situation 31 vlans 802.1q switched witch Cisco switches and one MSFC
1 isc-dhcp server running on FreeBSD 4.7 configured and extracted from isc
dhcp server is to lease address to all vlans defined
1. This is the correct and final config file that has been tested and works
2. No "shared-network" Statement is needed.
3. The physical adapter ip 198.182.157.x stated in the rc.conf must be on
the correct vlan on the switch in this case vlan 14
4. No trunking of the port connecting the server is needed
5. Add the FreeBSD ip 198.182.157.x to the Cisco MSFC configuring each
vlan interface with "ip helper-address 198.182.157.x"
6. Ensure that the first subnet in the dhcpd.conf file is the subnet that
the adapter is on.
7. start dhcpd
8. I would like to thank the list members that helped me through this.
xxxx# cat dhcpd.conf
default-lease-time 86400;
max-lease-time 86400;
option domain-name "calarts.edu";
option domain-name-servers 198.182.157.34, 198.182.157.25;
ddns-update-style none;
#Vlan 14 - 198.182.157.0/Public
subnet 198.182.157.0 netmask 255.255.255.0 {
range 198.182.157.170 198.182.157.172;
option routers 198.182.157.253;
option subnet-mask 255.255.255.0;
}
#Vlan 19 - Administration
subnet 172.19.0.0 netmask 255.255.0.0 {
range 172.19.0.10 172.19.0.254;
option routers 172.19.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 20 - Art School
subnet 172.20.0.0 netmask 255.255.0.0 {
range 172.20.0.10 172.20.0.254;
option routers 172.20.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 21 - Butler Buildings
subnet 172.21.0.0 netmask 255.255.0.0 {
range 172.21.0.10 172.21.0.254;
option routers 172.21.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 22 - Film/Video Labs
subnet 172.22.0.0 netmask 255.255.0.0 {
range 172.22.0.10 172.22.0.254;
option routers 172.22.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 23 - Housing Office
subnet 172.23.0.0 netmask 255.255.0.0 {
range 172.23.0.10 172.23.0.254;
option routers 172.23.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 24 - Library Labs
subnet 172.24.0.0 netmask 255.255.0.0 {
range 172.24.0.10 172.24.0.254;
option routers 172.24.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 25 - Music School
subnet 172.25.0.0 netmask 255.255.0.0 {
range 172.25.0.10 172.25.0.254;
option routers 172.25.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 26 - Other/Misc.
subnet 172.26.0.0 netmask 255.255.0.0 {
range 172.26.0.10 172.26.0.254;
option routers 172.26.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 27 - Theater School
subnet 172.27.0.0 netmask 255.255.0.0 {
range 172.27.0.10 172.27.0.254;
option routers 172.27.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 28 - Galleries
subnet 172.28.0.0 netmask 255.255.0.0 {
range 172.28.0.10 172.28.0.254;
option routers 172.28.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 29 - Dorms/Ahmanson
subnet 172.29.0.0 netmask 255.255.0.0 {
range 172.29.0.10 172.29.0.254;
option routers 172.29.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 30 - Dorms/Chouinard
subnet 172.30.0.0 netmask 255.255.0.0 {
range 172.30.0.10 172.30.0.254;
option routers 172.30.255.254;
option subnet-mask 255.255.0.0;
}
#Vlan 31 - Studios
subnet 172.31.0.0 netmask 255.255.0.0 {
range 172.31.32.10 172.31.32.250;
option routers 172.31.255.254;
option subnet-mask 255.255.0.0;
}
At 12:20 PM 1/27/2003 -0800, you wrote:
> *** From dhcp-server -- To unsubscribe, see the end of this message.
***
>
>
>My fault I guess I needed to add a subnet range for the fxp0 ip so i added
>
>subnet 198.182.157.0 255.255.255.0
>
>to the conf file without the shared-network statement
>here is is starting up
>
>xxxx# dhcpd
>Internet Software Consortium DHCP Server V3.0pl2
>Copyright 1995-2003 Internet Software Consortium.
>All rights reserved.
>For info, please visit http://www.isc.org/products/DHCP
>Wrote 23 leases to leases file.
>Listening on BPF/fxp0/00:d0:b7:9d:90:79/198.182.157.0/24
>Sending on BPF/fxp0/00:d0:b7:9d:90:79/198.182.157.0/24
>Sending on Socket/fallback/fallback-net
>
>now to trunk and test
>
>At 11:18 AM 1/27/2003 -0800, you wrote:
> > *** From dhcp-server -- To unsubscribe, see the end of this message.
***
> >
> >
> >Without the shared-network statement the dhcpd will not bind to any of
the
> >subnets since it has an ip on fxp0 of 198.182.X.X 255.255.255.0
> >unless anyone has any ideas here is the error starting up and here is the
> >conf file
> >as of now
> >
> >xxxx# dhcpd -t
> >Internet Software Consortium DHCP Server V3.0pl2
> >Copyright 1995-2003 Internet Software Consortium.
> >All rights reserved.
> >For info, please visit http://www.isc.org/products/DHCP
> >xxxx# dhcpd
> >Internet Software Consortium DHCP Server V3.0pl2
> >Copyright 1995-2003 Internet Software Consortium.
> >All rights reserved.
> >For info, please visit http://www.isc.org/products/DHCP
> >Wrote 23 leases to leases file.
> >
> >No subnet declaration for fxp0 (198.182.157.37).
> >** Ignoring requests on fxp0. If this is not what
> > you want, please write a subnet declaration
> > in your dhcpd.conf file for the network segment
> > to which interface fxp0 is attached. **
> >
> >
> >Not configured to listen on any interfaces!
> >
> >If you did not get this software from ftp.isc.org, please
> >get the latest from ftp.isc.org and install that before
> >requesting help.
> >
> >If you did get this software from ftp.isc.org and have not
> >yet read the README, please read it before requesting help.
> >If you intend to request help from the dhcp-server@isc.org
> >mailing list, please read the section on the README about
> >submitting bug reports and requests for help.
> >
> >Please do not under any circumstances send requests for
> >help directly to the authors of this software - please
> >send them to the appropriate mailing list as described in
> >the README file.
> >
> >exiting.
> >
> >default-lease-time 86400;
> >max-lease-time 86400;
> >option domain-name "calarts.edu";
> >option domain-name-servers 198.182.157.34, 198.182.157.25;
> >ddns-update-style none;
> >
> >#Vlan 19 - Administration
> >subnet 172.19.0.0 netmask 255.255.0.0 {
> > range 172.19.0.10 172.19.0.254;
> > option routers 172.19.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 20 - Art School
> >subnet 172.20.0.0 netmask 255.255.0.0 {
> > range 172.20.0.10 172.20.0.254;
> > option routers 172.20.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 21 - Butler Buildings
> >subnet 172.21.0.0 netmask 255.255.0.0 {
> > range 172.21.0.10 172.21.0.254;
> > option routers 172.21.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 22 - Film/Video Labs
> >subnet 172.22.0.0 netmask 255.255.0.0 {
> > range 172.22.0.10 172.22.0.254;
> > option routers 172.22.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 23 - Housing Office
> >subnet 172.23.0.0 netmask 255.255.0.0 {
> > range 172.23.0.10 172.23.0.254;
> > option routers 172.23.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 24 - Library Labs
> >subnet 172.24.0.0 netmask 255.255.0.0 {
> > range 172.24.0.10 172.24.0.254;
> > option routers 172.24.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 25 - Music School
> >subnet 172.25.0.0 netmask 255.255.0.0 {
> > range 172.25.0.10 172.25.0.254;
> > option routers 172.25.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 26 - Other/Misc.
> >subnet 172.26.0.0 netmask 255.255.0.0 {
> > range 172.26.0.10 172.26.0.254;
> > option routers 172.26.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 27 - Theater School
> >subnet 172.27.0.0 netmask 255.255.0.0 {
> > range 172.27.0.10 172.27.0.254;
> > option routers 172.27.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 28 - Galleries
> >subnet 172.28.0.0 netmask 255.255.0.0 {
> > range 172.28.0.10 172.28.0.254;
> > option routers 172.28.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 29 - Dorms/Ahmanson
> >subnet 172.29.0.0 netmask 255.255.0.0 {
> > range 172.29.0.10 172.29.0.254;
> > option routers 172.29.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 30 - Dorms/Chouinard
> >subnet 172.30.0.0 netmask 255.255.0.0 {
> > range 172.30.0.10 172.30.0.254;
> > option routers 172.30.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >#Vlan 31 - Studios
> >subnet 172.31.0.0 netmask 255.255.0.0 {
> > range 172.31.32.10 172.31.32.250;
> > option routers 172.31.255.254;
> > option subnet-mask 255.255.0.0;
> >}
> >
> >
> >
> >
> >
> >
> >At 09:38 AM 1/27/2003 -0800, you wrote:
> > > *** From dhcp-server -- To unsubscribe, see the end of this
> message. ***
> > >
> > >
> > >
> > >
> > >Just out of curiosity our Microsoft NT 4 server is running ms-dns, is
not
> > >trunked, has the "ip helper-address" added to the msfc vlan interfaces
> just
> > >like the FreeBSD isc-bind box and it responds to all querys on diffrent
> > >vlans. How is this possible?
> > >
> > >We are going to trunk the FreeBSD port like you said so it will hear
> > >everything and just have a straight conf file no
> "shared-network". Can you
> > >explain to me with what shared-network is really used for? I'm
confused I
> > >thought it was for giving addresses out on networks not addressed to
the
> > >physical adapter.
> > >
> > >Thanks
> > >
> > >At 11:15 PM 1/26/2003 +0200, you wrote:
> > > > *** From dhcp-server -- To unsubscribe, see the end of this
> > message. ***
> > > >
> > > >
> > > >The thing is, if you're running proper VLANS, as you seem to be with
a
> > Cisco
> > > >6000 switch + MSFC, then the subnets are *not* all on the same wire.
> > If you
> > > >don't have a ISL or 802.1q trunk connection from your DHCP server to
the
> > > >switch then the server is (most likely) in one subnet. If you where
> > running
> > > >a trunk connection you would have a multitude of logical interfaces
> > for the
> > > >VLANs.
> > > >
> > > >In the context of the ISC-DHCP server a "shared network" is where two
or
> > > >more subnets are configured on the same interface, logical or
> > physical. They
> > > >are declared "shared" so that the DHCP server knows it can hand out
> leases
> > > >from either subnet to booting hosts connected to that interface.
> VLANs do
> > > >not infer shared networks, so, you shouldn't be declaring your remote
> > > >subnets - beyond the router (MFSC) - as being shared along with the
> subnet
> > > >local to your server, they are, obviously, not on the same interface.
> > > >
> > > >To summarize, get rid of the "shared network" declaration until you
> > know for
> > > >sure you need it.
> > > >
> > > >Regards Mike D.
> > > >
> > > >-----Original Message-----
> > > >From: dhcp-server-bounce@isc.org
[mailto:dhcp-server-bounce@isc.org]On
> > > >Behalf Of Patrick Nixon
> > > >Sent: Saturday, January 25, 2003 1:38 AM
> > > >To: dhcp-server@isc.org
> > > >Subject: Re: Same Wire Different Vlans
> > > >
> > > >
> > > > *** From dhcp-server -- To unsubscribe, see the end of this
> > message. ***
> > > >
> > > >
> > > >Have you configured your 'ip helper-address on the MSFC?
> > > >
> > > >Each interface vlan## needs one pointing to the DHCP Server's IP.
> > > >
> > > >--Pat
> > > >
> > > >On Fri, 2003-01-24 at 14:21, Sean Murphy wrote:
> > > > > *** From dhcp-server -- To unsubscribe, see the end of this
> message.
> > > >***
> > > > >
> > > > >
> > > > > I believe it is operating on the ethernet adapter. here is the
> > start up
> > > >of
> > > > > what it is currently doing it is similar but it is not using the
same
> > > conf
> > > > > file so at least it will give out address to the 31 vlan.
> > > > >
> > > > > I get this same message but it has the shared-network name on it
> > and fxp0
> > > > > is the network card on it.
> > > > >
> > > > > if you need the exact one I will have to change it during lunch
> > > > >
> > > > > thanks for your help
> > > > >
> > > > >
> > > > >
> > > > > thebe# dhcpd
> > > > > Internet Software Consortium DHCP Server V3.0pl2
> > > > > Copyright 1995-2003 Internet Software Consortium.
> > > > > All rights reserved.
> > > > > For info, please visit http://www.isc.org/products/DHCP
> > > > > Wrote 11 leases to leases file.
> > > > > Listening on BPF/fxp0/00:d0:b7:9d:90:79/172.31.0/16
> > > > > Sending on BPF/fxp0/00:d0:b7:9d:90:79/172.31.0/16
> > > > > Sending on Socket/fallback/fallback-net
> > > > >
> > > > >
> > > > > At 06:09 PM 1/24/2003 +0000, you wrote:
> > > > > > *** From dhcp-server -- To unsubscribe, see the end of this
> > message.
> > > >***
> > > > > >
> > > > > >
> > > > > >
> > > > > ><snip>
> > > > > >
> > > > > > > the first subnet it answers on and the server has the ip on
that
> > > >networ=
> > > > > >k.
> > > > > > > =
> > > > > >
> > > > > > > the second it does not answer on.
> > > > > > > =
> > > > > >
> > > > > > > I think I need something in the conf file but I don't know
what.
> > > > > >
> > > > > >I don't think so; I'm fairly sure that the problem is that the
> > > > > >DHCP daemon "thinks" that the interface is *not* an Ethernet
> > > > > >interface; the ordinary interface for the "native" VLAN is
> > > > > >Ethernet but the interfaces for the VLANs that appear on the
> > > > > >wire with VLAN tags are not Ethernets. I suspect the problem
> > > > > >is either FreeBSD or perhaps generic *BSD specific.
> > > > > >
> > > > > >-- =
> > > > > >
> > > > > > David Pick
> > > > > >
> > > > > >
> > > > >
>-------------------------------------------------------------------
> > ----
> > > > > >List Archives : http://www.isc.org/ml-archives/dhcp-server/
> > > > > >Unsubscribe : http://www.isc.org/dhcp-lists.html
> > > > > >-or- :
> mailto:dhcp-server-request@isc.org?Subject=unsubscribe
> > > > >
>-------------------------------------------------------------------
> > ----
> > > > >
> > > > > Sean Murphy
> > > > > Network Technician
> > > > > California Institute of the Arts
> > > > > Voice 661.253.7732
> > > > > Fax 661.254-4561
> > > > > smurphy@calarts.edu
> > > > >
> > > > >
> > > > >
> -----------------------------------------------------------------------
> > > > > List Archives : http://www.isc.org/ml-archives/dhcp-server/
> > > > > Unsubscribe : http://www.isc.org/dhcp-lists.html
> > > > > -or- :
> mailto:dhcp-server-request@isc.org?Subject=unsubscribe
> > > > >
> -----------------------------------------------------------------------
> > > >
> > > >
> > > >
> > > >
> > >
>-----------------------------------------------------------------------
> > > >List Archives : http://www.isc.org/ml-archives/dhcp-server/
> > > >Unsubscribe : http://www.isc.org/dhcp-lists.html
> > > >-or- :
mailto:dhcp-server-request@isc.org?Subject=unsubscribe
> > >
>-----------------------------------------------------------------------
> > > >
> > > >
> > >
>-----------------------------------------------------------------------
> > > >List Archives : http://www.isc.org/ml-archives/dhcp-server/
> > > >Unsubscribe : http://www.isc.org/dhcp-lists.html
> > > >-or- :
mailto:dhcp-server-request@isc.org?Subject=unsubscribe
> > >
>-----------------------------------------------------------------------
> > >
> > >Sean Murphy
> > >Network Technician
> > >California Institute of the Arts
> > >Voice 661.253.7732
> > >Fax 661.254-4561
> > > smurphy@calarts.edu
> > >
> > >
> > >-----------------------------------------------------------------------
> > >List Archives : http://www.isc.org/ml-archives/dhcp-server/
> > >Unsubscribe : http://www.isc.org/dhcp-lists.html
> > >-or- : mailto:dhcp-server-request@isc.org?Subject=unsubscribe
> > >-----------------------------------------------------------------------
> >
> >Sean Murphy
> >Network Technician
> >California Institute of the Arts
> >Voice 661.253.7732
> >Fax 661.254-4561
> > smurphy@calarts.edu
> >
> >
> >-----------------------------------------------------------------------
> >List Archives : http://www.isc.org/ml-archives/dhcp-server/
> >Unsubscribe : http://www.isc.org/dhcp-lists.html
> >-or- : mailto:dhcp-server-request@isc.org?Subject=unsubscribe
> >-----------------------------------------------------------------------
>
>Sean Murphy
>Network Technician
>California Institute of the Arts
>Voice 661.253.7732
>Fax 661.254-4561
> smurphy@calarts.edu
>
>
>-----------------------------------------------------------------------
>List Archives : http://www.isc.org/ml-archives/dhcp-server/
>Unsubscribe : http://www.isc.org/dhcp-lists.html
>-or- : mailto:dhcp-server-request@isc.org?Subject=unsubscribe
>-----------------------------------------------------------------------
Sean Murphy
Network Technician
California Institute of the Arts
Voice 661.253.7732
Fax 661.254-4561
smurphy@calarts.edu
-----------------------------------------------------------------------
List Archives : http://www.isc.org/ml-archives/dhcp-server/
Unsubscribe : http://www.isc.org/dhcp-lists.html
-or- : mailto:dhcp-server-request@isc.org?Subject=unsubscribe
-----------------------------------------------------------------------
-----------------------------------------------------------------------
List Archives : http://www.isc.org/ml-archives/dhcp-server/
Unsubscribe : http://www.isc.org/dhcp-lists.html
-or- : mailto:dhcp-server-request@isc.org?Subject=unsubscribe
-----------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic