Monday, June 25, 2012

Remote DHCP

Remote DHCP on Cisco IOS

Use these techniques to reach a DHCP server outside of your subnet. Or don't. I don't care.

Case 1: Single Subnet

Devices

  • Spider Station Router:  10.111.0.1/24
  • Spider Station Switch:  10.111.0.2/24
  • HQ Router:  10.200.0.1/24
  • HQ DHCP Server:  10.200.0.2/24
To enable DHCP at Spider Station without setting-up a new DHCP server...

Spider Router

hostname Spider-RTR
!
interface FastEthernet 0/0
 ip address 10.111.0.1 255.255.255.0
 ip helper-address 10.200.0.2

Ta-da! That's it.

Simply add an IP helper to whatever fancy interface you're using. Port-channel, Ether-channel, Vlan, Multilink, BVI, or some other menacing interface/sub-interface.

Fail Warning: If an interface has sub-interfaces, apply it to the sub-interface. Helpers will not be inherited from the parent interface.

Fail Warning: The above also applies to logical interfaces. Even though Fa0/0 and Fa0/1 may be in Port-Channel 1, the helper must be applied to the port channel, not the physical interfaces.

When a client broadcasts a DHCPDiscover, Spider-RTR relays it using that interface's primary interface. (Putting an IP helper-address on a trunk port will make your router/L3 switch feel silly.)

Case 2: With Redundancy

Using multiple remote DHCP servers.

Devices

  • Spider Spider Station Router:  10.222.0.1/24

ReinforcedSpider Router

hostname SpiderSpider-RTR
!
interface GigabitEthernet 0/3
 ip address 10.222.0.1 255.255.255.0
 ip helper-address 10.200.0.100
 ip helper-address 10.200.0.101

In this case, the DHCPDiscover is sent to both DHCP servers. It's OK though, because the client will only DHCPRequest one offer. Unless it's Eve and she's trying to consume all of my precious IPs...but that's another issue.

Case 3: With Secondary IPs

Sometimes an office's network needs grow and you have to temporarily (ha!) put a second subnet at the branch.

Since the helper only sources the primary interface by default, we'll need an extra command.

ip dhcp smart-relay

If the router doesn't detect a DHCPOffer, it will then relay a DHCPDiscover with a different giaddr in the DHCP packet. Layman's terms: it will try the secondary addresses.

Devices

  • Hungry Caterpillar Router (new subnet):  10.33.1.1/24
  • Hungry Caterpillar Router (old subnet):  10.33.0.1/25

Hungry Caterpillar Router

hostname HungryCaterpillar-RTR
!
ip dhcp smart-relay
!
interface FastEthernet 1/1
 ip address 10.33.0.1 255.255.255.128 secondary
 ip address 10.33.1.1 255.255.255.0
 ip helper-address 10.200.0.100
 ip helper-address 10.200.0.101
Well that's it from me tonight.
Posted by at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)