1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DHCP relay agent?

Discussion in 'Networks' started by Leehaa, Nov 8, 2007.

  1. Leehaa

    Leehaa Gigabyte Poster

    1,648
    21
    91
    Ello,

    I'm configuring a new network from scratch. At the moment I don't know the broadband provider details (great!), but have configured the router/firewall best I can (to allow for more time over the next few days to configure their 2003 server, active directory...well, everything except the cabling / patching).


    I'm using a Draytek (Vigor 2800 series) and the default address range is totally different to the one that we want to use.


    When i've done this before, we've just changed the default to the one we want, but I was wondering if it Is it possible to leave it so that the server (which will act as DHCP and DNS) can connect to the router via the default ip, but I can use a different address range for itself and it's DHCP and DNS??

    I didn't think it was possible as they need to work on the same address scheme?...

    ...But then remembered something about a DHCP relay agent? If this works, how do I enable it on the server - is that via routing and remote access?, and do I need to do anything first to allow for this capability? :blink :oops: (haven't got that far in my exams yet!!) :oops:


    Cheers,

    L
     
    Certifications: MCP, MCDST, ITIL v3, MBCS, others...
    WIP: BSc IT & Computing, RHCE
  2. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    To keep things easy I would change the IP of the draytek so it is in the correct subnet of your LAN and it will also be your default gateway.

    You can put two NICs in the server and route traffic from your LAN to the IP of the draytek and then hop onto the internet but this is an extra layer of complexity.

    Lastly you might be able to give the firewall two IP addresses. I’ve done this before and it basically meant putting a static entry in the arp cache of the firewall, you can put two IPs for the firewall against its MAC address. I’m not sure if the Draytek supports this though.

    How do you find the Draytek? I dont rate them to be honest! :biggrin
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  3. grim

    grim Gigabyte Poster

    1,345
    12
    89
    sorry i can't help just wanted to say you seem to have such a cool job. this job was supposed to be something like that but turns out it weren't and i'm bored hence the 101 posts i've made today :(

    grim
     
    Certifications: Bsc, 70-270, 70-290, 70-291, 70-293, 70-294, 70-298, 70-299, 70-620, 70-649, 70-680
    WIP: 70-646, 70-640
  4. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    Also are you connecting this site to another location, if so you need to use a suitable LAN subnet.
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  5. Leehaa

    Leehaa Gigabyte Poster

    1,648
    21
    91
    Hey Sparky!

    Thank you - your first suggestion does sound a lot less hassle, and since I want to prove I can do a good job in a limited amount of time, I'm going to do the former!!

    (though if anyone can explain dhcp relay, i'd be very grateful for future ref!!)

    Have only worked with Drayteks so far, so can't really comment!

    Why do you say that, and what do you find is good??
     
    Certifications: MCP, MCDST, ITIL v3, MBCS, others...
    WIP: BSc IT & Computing, RHCE
  6. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,189
    296
    319
    I only deal with Sonicwall, Cisco and Nokia firewalls now. I just thought the draytek lacked security and also the interface is awful. I also could not get the VPN to work on a draytek once so I ended up forwarding the ports on the firewall to the Windows box and running the VPN from there.

    As for the relay agent you probably don’t need it in this installation. You can use a DHCP relay agent when your DHCP server is behind a router that does not support DHCP forwarding. Basically the router blocks the DHCP request and your clients all get 169 IP addresses, not good.

    From what you have said about your install you can put DHCP on your Windows box to control your LAN IP addresses. Remember to configure DNS to point your DC and use forwarders from there. 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  7. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    I do not think a DHCP relay agent and a DHCP server would work well in the same network. After all, the relay agent only kicks in after a few seconds (default = 4) after it finds no responds from the DHCP server. In other words, the relay works if the server does not work.
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP
  8. Modey

    Modey Terabyte Poster

    2,397
    99
    154
    Depends what you mean by the same network? If you mean subnet, then no you would never put a relay agent in the same subnet as a DHCP server as it would be pointless and it's not meant as a backup DHCP server which I get the impression you think it may be.

    You would only need the relay agent if you wanted to serve DHCP clients on a different subnet.
     
    Certifications: A+, N+, MCP, MCDST, MCSA 2K3, MCTS, MOS, MTA, MCT, MCITP:EDST7, MCSA W7, Citrix CCA, ITIL Foundation
    WIP: Nada
  9. Tinus1959

    Tinus1959 Gigabyte Poster

    1,539
    42
    106
    No quite. You could set up a relay agent as a fail-safe. The 80-20 rule has to ring a bell.
     
    Certifications: See my signature
    WIP: MCSD, MCAD, CCNA, CCNP

Share This Page

Loading...