DHCP relay agent?

Leehaa · Nov 8, 2007

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Ello,

I'm configuring a new network from scratch. At the moment I don't know the broadband provider details (great!), but have configured the router/firewall best I can (to allow for more time over the next few days to configure their 2003 server, active directory...well, everything except the cabling / patching).

I'm using a Draytek (Vigor 2800 series) and the default address range is totally different to the one that we want to use.

When i've done this before, we've just changed the default to the one we want, but I was wondering if it Is it possible to leave it so that the server (which will act as DHCP and DNS) can connect to the router via the default ip, but I can use a different address range for itself and it's DHCP and DNS??

I didn't think it was possible as they need to work on the same address scheme?...

...But then remembered something about a DHCP relay agent? If this works, how do I enable it on the server - is that via routing and remote access?, and do I need to do anything first to allow for this capability? (haven't got that far in my exams yet!!)

Cheers,

L

Sparky · Nov 8, 2007

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

To keep things easy I would change the IP of the draytek so it is in the correct subnet of your LAN and it will also be your default gateway.

You can put two NICs in the server and route traffic from your LAN to the IP of the draytek and then hop onto the internet but this is an extra layer of complexity.

Lastly you might be able to give the firewall two IP addresses. Ive done this before and it basically meant putting a static entry in the arp cache of the firewall, you can put two IPs for the firewall against its MAC address. Im not sure if the Draytek supports this though.

How do you find the Draytek? I dont rate them to be honest!

grim · Nov 8, 2007

sorry i can't help just wanted to say you seem to have such a cool job. this job was supposed to be something like that but turns out it weren't and i'm bored hence the 101 posts i've made today

grim

Sparky · Nov 8, 2007

Leehaa said: ↑

I'm using a Draytek (Vigor 2800 series) and the default address range is totally different to the one that we want to use.
Click to expand...

Also are you connecting this site to another location, if so you need to use a suitable LAN subnet.

Leehaa · Nov 8, 2007

Sparky said: ↑

To keep things easy I would change the IP of the draytek so it is in the correct subnet of your LAN and it will also be your default gateway.

You can put two NICs in the server and route traffic from your LAN to the IP of the draytek and then hop onto the internet but this is an extra layer of complexity.

Lastly you might be able to give the firewall two IP addresses. Ive done this before and it basically meant putting a static entry in the arp cache of the firewall, you can put two IPs for the firewall against its MAC address. Im not sure if the Draytek supports this though.

How do you find the Draytek? I dont rate them to be honest!
Click to expand...

Hey Sparky!

Thank you - your first suggestion does sound a lot less hassle, and since I want to prove I can do a good job in a limited amount of time, I'm going to do the former!!

(though if anyone can explain dhcp relay, i'd be very grateful for future ref!!)

Have only worked with Drayteks so far, so can't really comment!

Why do you say that, and what do you find is good??

Sparky · Nov 8, 2007

I only deal with Sonicwall, Cisco and Nokia firewalls now. I just thought the draytek lacked security and also the interface is awful. I also could not get the VPN to work on a draytek once so I ended up forwarding the ports on the firewall to the Windows box and running the VPN from there.

As for the relay agent you probably dont need it in this installation. You can use a DHCP relay agent when your DHCP server is behind a router that does not support DHCP forwarding. Basically the router blocks the DHCP request and your clients all get 169 IP addresses, not good.

From what you have said about your install you can put DHCP on your Windows box to control your LAN IP addresses. Remember to configure DNS to point your DC and use forwarders from there.

Tinus1959 · Nov 8, 2007

Leehaa said: ↑

Ello,

I'm configuring a new network from scratch. At the moment I don't know the broadband provider details (great!), but have configured the router/firewall best I can (to allow for more time over the next few days to configure their 2003 server, active directory...well, everything except the cabling / patching).

I'm using a Draytek (Vigor 2800 series) and the default address range is totally different to the one that we want to use.

When i've done this before, we've just changed the default to the one we want, but I was wondering if it Is it possible to leave it so that the server (which will act as DHCP and DNS) can connect to the router via the default ip, but I can use a different address range for itself and it's DHCP and DNS??

I didn't think it was possible as they need to work on the same address scheme?...

...But then remembered something about a DHCP relay agent? If this works, how do I enable it on the server - is that via routing and remote access?, and do I need to do anything first to allow for this capability? (haven't got that far in my exams yet!!)

Cheers,

L
Click to expand...

I do not think a DHCP relay agent and a DHCP server would work well in the same network. After all, the relay agent only kicks in after a few seconds (default = 4) after it finds no responds from the DHCP server. In other words, the relay works if the server does not work.

Modey · Nov 9, 2007

Tinus1959 said: ↑

I do not think a DHCP relay agent and a DHCP server would work well in the same network. After all, the relay agent only kicks in after a few seconds (default = 4) after it finds no responds from the DHCP server. In other words, the relay works if the server does not work.
Click to expand...

Depends what you mean by the same network? If you mean subnet, then no you would never put a relay agent in the same subnet as a DHCP server as it would be pointless and it's not meant as a backup DHCP server which I get the impression you think it may be.

You would only need the relay agent if you wanted to serve DHCP clients on a different subnet.

Tinus1959 · Nov 9, 2007

Modey said: ↑

Depends what you mean by the same network? If you mean subnet, then no you would never put a relay agent in the same subnet as a DHCP server as it would be pointless and it's not meant as a backup DHCP server which I get the impression you think it may be.

You would only need the relay agent if you wanted to serve DHCP clients on a different subnet.
Click to expand...

No quite. You could set up a relay agent as a fail-safe. The 80-20 rule has to ring a bell.

Log in or Sign up

DHCP relay agent?

Leehaa Gigabyte Poster

Sparky Zettabyte Poster Moderator

grim Gigabyte Poster

Sparky Zettabyte Poster Moderator

Leehaa Gigabyte Poster

Sparky Zettabyte Poster Moderator

Tinus1959 Gigabyte Poster

Modey Terabyte Poster

Tinus1959 Gigabyte Poster

Share This Page

Navigation

Popular Forums

Useful Links

Log in or Sign up

DHCP relay agent?

Leehaa Gigabyte Poster

Sparky Zettabyte Poster Moderator

grim Gigabyte Poster

Sparky Zettabyte Poster Moderator

Leehaa Gigabyte Poster

Sparky Zettabyte Poster Moderator

Tinus1959 Gigabyte Poster

Modey Terabyte Poster

Tinus1959 Gigabyte Poster

Share This Page

Useful Searches