dhcp in multiple vlan

divyashree · 07-22-2011, 02:11 AM

I have a dhcp server on rhel5 to server IP to multiple VLAN :

172.25.121.0/24
172.25.123.0/24
172.25.124.0/24
172.25.125.0/24
172.25.126.0/24

The dhcp server is in the network 172.25.121.0/24.

Its working fine for that LAN only but unable server the other VLANs .

My dhcp.conf looks like this:

PHP Code:



ddns-update-style interim; 
ignore client-updates; 
authoritative; 
update-static-leases on; 
log-facility local7; 
 
shared-network tmml { 
interface vznet1; 
 
 
subnet 172.25.121.0 netmask 255.255.255.0 { 
 
        option routers                  172.25.121.254; 
        option subnet-mask              255.255.255.0; 
        option broadcast-address        172.25.121.255; 
        option domain-name              "tmml.internal"; 
        option domain-name-servers      172.18.76.51, 172.18.76.52; 
        option ntp-servers              172.25.121.66; 
        default-lease-time 86400; 
        max-lease-time 86400; 
 
#       range 172.25.121.66; 
       # Fixed Machines 
         pool { 
             range 172.25.121.10 172.25.121.250; 
             deny unknown clients; 
         } 
        group{ 
              host santosh { 
                   hardware ethernet 00:E0:4C:54:EC:B8 ; 
                   fixed-address 172.25.121.100 ; 
                          } 
 
              host santanu { 
                   hardware ethernet 70:71:BC:D1:23:21 ; 
                   fixed-address 172.25.121.151 ; 
                         } 
           } 
 
  } 
 
 
 
subnet 172.25.124.0 netmask 255.255.255.0 { 
 
        option routers                  172.25.124.254; 
        option subnet-mask              255.255.255.0; 
        option broadcast-address        172.25.124.255; 
        option domain-name              "tmml.internal"; 
        option domain-name-servers      172.18.76.51, 172.18.76.52; 
        option ntp-servers              172.25.121.66; 
        default-lease-time 86400; 
        max-lease-time 86400; 
 
       # Fixed Machines 
          pool { 
          range 172.25.124.0 172.25.124.50; 
          deny unknown clients; 
         } 
 
       # Unknown machines 
          pool { 
          range 172.25.124.51 172.25.124.240; 
          allow unknown clients; 
         } 
 
 
       # Reserved Machines 
          pool { 
          range 172.25.124.241 172.25.124.251; 
          deny unknown clients; 
         } 
 
} 
subnet 172.25.125.0 netmask 255.255.255.0 { 
 
        option routers                  172.25.125.254; 
        option subnet-mask              255.255.255.0; 
        option broadcast-address        172.25.125.255; 
        option domain-name              "tmml.internal"; 
        option domain-name-servers      172.18.76.51, 172.18.76.52; 
        option ntp-servers              172.25.121.66; 
        default-lease-time 86400; 
        max-lease-time 86400; 
 
       # Fixed Machines 
          pool { 
          range 172.25.125.0 172.25.125.50; 
          deny unknown clients; 
         } 
 
       # Unknown machines 
          pool { 
          range 172.25.125.51 172.25.125.240; 
          allow unknown clients; 
         } 
       # Reserved Machines 
          pool { 
          range 172.25.125.241 172.25.125.251; 
          deny unknown clients; 
         } 
 
 
} 
subnet 172.25.126.0 netmask 255.255.255.0 { 
 
        option routers                  172.25.126.254; 
        option subnet-mask              255.255.255.0; 
        option broadcast-address        172.25.126.255; 
        option domain-name              "tmml.internal"; 
        option domain-name-servers      172.18.76.51, 172.18.76.52; 
        option ntp-servers              172.25.121.66; 
        default-lease-time 86400; 
        max-lease-time 86400; 
 
       # Reserved Machines 
          pool { 
          range 172.25.126.0 172.25.126.50; 
          deny unknown clients; 
         } 
       # Fixed Leased Machines Forever 
          pool { 
          range 172.25.126.51 172.25.126.150; 
          deny unknown clients; 
        } 
       # DHCP Machines 
          pool { 
          range 172.25.126.151 172.25.126.240; 
          allow unknown clients; 
        } 
 
       # Reserved Machines 
          pool { 
          range 172.25.126.241 172.25.126.251; 
          deny unknown clients; 
         } 
 
 
group { 
  host himanshu { 
        hardware ethernet 70:71:BC:D1:1C:29; 
        fixed-address 172.25.126.100; 
     } 
 
} 
 
 
 
} 
######################################################################## 
##      172.25.127.0/24 Subnet Reserved for future purpose           ## 
##      Enable this network while shortage of the above pool         ### 
######################################################################## 
 
#subnet 172.25.127.0 netmask 255.255.255.0 { 
# 
#       option routers                  172.25.127.254; 
#       option subnet-mask              255.255.255.0; 
#       option broadcast-address        172.25.127.255; 
#       option domain-name              "tmml.internal"; 
#       option domain-name-servers      172.18.76.51, 172.18.76.52; 
#       option ntp-servers              172.25.121.66; 
#       default-lease-time 86400; 
#       max-lease-time 86400; 
# 
# 
# 
#       # Fixed Machines 
#          pool { 
#          range 172.25.127.0 172.25.127.50; 
#          deny unknown clients; 
#         } 
# 
#       # Unknown machines 
#          pool { 
#          range 172.25.127.51 172.25.127.240; 
#          allow unknown clients; 
#         } 
#       # Reserved Machines 
#          pool { 
#          range 172.25.127.241 172.25.127.251; 
#          deny unknown clients; 
#         } 
# 
#} 
####################################################################### 
 
}

TB0ne · 07-22-2011, 09:52 AM

Quote:

Originally Posted by divyashree

I have a dhcp server on rhel5 to server IP to multiple VLAN :

172.25.121.0/24
172.25.123.0/24
172.25.124.0/24
172.25.125.0/24
172.25.126.0/24

The dhcp server is in the network 172.25.121.0/24. Its working fine for that LAN only but unable server the other VLANs . My dhcp.conf looks like this:

Based on that, it looks fine. However, you omit alot of details that you need to diagnose this. How are the machines on the other VLANS able to know about this DHCP server? What routes/forwarding have you done on the switches?

divyashree · 07-23-2011, 03:45 AM

Quote:

Originally Posted by TB0ne

Based on that, it looks fine. However, you omit alot of details that you need to diagnose this. How are the machines on the other VLANS able to know about this DHCP server? What routes/forwarding have you done on the switches?

Yes.. I don't know how to deal with multiple VLAN within dhcp.conf. Previously DHCP was running with on magikdhcp s/w on windows and facing problems from that. So I decided to migrate it to Linux based DHCP server.

And I just configure the dhcp according to the entry in the s/w only. And there is nothing mentioned there for routes/forwarding . I dont have any idea what routes/forwarding is used on the switches .

Kindly guide me the details need to diagnose I omited.

Tinkster · 07-23-2011, 05:48 PM

Have a read of this, see if it helps you.

Cheers,
Tink

divyashree · 07-23-2011, 11:17 PM

Quote:

Originally Posted by Tinkster

Have a read of this, see if it helps you.

Cheers,
Tink

There is no clear conclusion on that page. And I have used shared-network in my conf. Now I am confused whether to use that or not.

Tinkster · 07-24-2011, 12:28 AM

So what IS the network set-up in the first place? We can't really
give you answers suitable for your situation if we don't know
the situation; this is where I hoped the thread above might have
helped you in assessing where you're at, and, by example, lead you
to a solution.

How many NICs does the DHCP server have, if it only has one, what
is it connected to (type of device), what is its (the DHCP servers)
routing table, ... ?

Cheers,
Tink

divyashree · 07-24-2011, 12:50 AM

Quote:

Originally Posted by Tinkster

So what IS the network set-up in the first place? We can't really
give you answers suitable for your situation if we don't know
the situation; this is where I hoped the thread above might have
helped you in assessing where you're at, and, by example, lead you
to a solution.

How many NICs does the DHCP server have, if it only has one, what
is it connected to (type of device), what is its (the DHCP servers)
routing table, ... ?

Cheers,
Tink

The DHCP server is a virtual server which has currently only one bridged n/w to connect the intranet.
And the routing table is:

PHP Code:



Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
172.25.121.0    0.0.0.0         255.255.255.0   U         0 0          0 vznet1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 vznet1
0.0.0.0         172.25.121.254  0.0.0.0         UG        0 0          0 vznet1

Thanks
PDK

baldy3105 · 07-24-2011, 06:19 AM

OK, Basic topology questions first.

Do you have a trunk from the switch connected to your server so that it can see all of the vlans?

Code:

 _________                        _________
|         |       trunk          |         |____________| Vlan1
|         |----------------------|         |            |
| Server  |______________________|         |__________________| Vlan2
|         |     vlans1,2 &3      | switch  |                  |
|         |                      |         |
|         |----------------------|         |__________| Vlan3
|_________|                      |_________|          |

If so you need to ensure that the vznet1 has subinterfaces with ip addresses for each vlan.

Or is the switch a L3 switch so you are expecting it to do the routing? -

Code:

 _________                        _________
|         |______________________|_________|____________| Vlan1
|         |                      |  \__    |            |
| Server  |                      |  (L3)   |
|         |                      |   \  \__|__________________| Vlan2
|         |                      |    \    |                  |   
|         |                      |     \___|__________| Vlan3
|_________|                      |_________|          |

If so you need to make sure that the L3 switch is relaying DHCP requests to the Server using a DHCP relay or BOOTP helper or whatever your switch manufacturer calls it.

If you only have a L2 switch and you have connected it like this -

Code:

 _________                        _________
|         |______________________|_________|____________| Vlan1
|         |                      |         |            |
| Server  |                      | L2 sw   |
|         |                      |     ____|__________________| Vlan2
|         |                      |         |                  |   
|         |                      |     ____|__________| Vlan3
|_________|                      |_________|          |

How does the server access the other VLAN's? Remember VLANS are designed to provide Layer2 isolation. No traffic will pass between them unless an external device bridges or routes it. Apart from the L3 switch scenario obviously but then you can think of a L3switch as a normal switch with a router inside it as pictured above.

divyashree · 08-09-2011, 03:27 AM

For me the topology is like this :

Code:

                       _________                                      ________
                      |      ___|____________________________________| Server |_________|Vlan1 
                      |   __/   |                                    |        |         |
                      |  (L3)   |                                    |        |
                      |   \  \__|__________________| Vlan2           |        |
                      |    \    |                  |                 |________|
                      |     \___|__________| Vlan3
                      |_________|          |

And the win machine on which the magic dhcp is running now , is also inside the Vlan1. The Vlan1 is restricted within the data-center .