none
DHCP Server2003 with Multiple VLANS

    Question

  • First my network is setup like this, I have windows server 2003 (10.81.81.XXX) i have Voip Phones (Aastra 57i), Netgear GS716t Switch, and i have an Edgemarc 4500 router, and Multiple PC's. What i am trying to do is setup two VLANS, VLAN 10.81.81.0 (DATA) and 10.81.82.0 (Voice) When i plug in a phone to the network i want it to pull a 10.81.82.X Address, and out of the back of the phone i'm going to plug in my computer and i want it to pull a 10.81.81.X Address.  I had it setup correctly when i used the Router to do the DHCP Requests. But when i plugged in the Server which has DHCP setup on it the two DHCP Sserver conflict. Is there a way i can use multiple scopes in server 2003 and have the router use DHCP Relay. Any suggestions would be good...

    Thursday, July 21, 2011 6:51 PM

Answers

  • As Bill mentioned, the DHCP server itself can only issues IPs form a scope when it knows where the packet came from.  The DHCP relay agent's job is to modify the DHCP broadcast packet into a unicast packet with the portion of the GIADDR field with the subnet information.  When the DHCP server receives the packet, it takes the information in the GIADDR field and picks the correct scope.  If the GIADDR is not populated, the DHCP server can only issue IPs from the scope that matches the same subnet the DHCP server is connected to.

    So, in your case, if it was working on the router, the router was already aware of the VLANs so it was able to issue IPs from the correct scope.  There is no other explanation.  That is how DHCP works.

    So, which Network are you plugging the DHCP server into?  If you are putting it on the 10.81.81.0 network, that is fine.  Then for the phone network, the router that services 10.81.82.0 will need to have the DHCP relay agnet configured to send the packets to the IP address of the DHCP server, say 10.81.81.1 as an example. 

    You will then create two scopes on your DHCP server.

    Now, for your scope configuration, each subnet has options.  The router option will be specific to each vlan.  That's not a DHCP question...its a networking quetion.  If you are using a /24 subnet mask for both vlans, then the scope for 10.81.81.0 will have a 10.81.81.x address and the scope for 10.81.82.0 will have a 10.81.82.x address for the gateway.

     

    Resources --> The DHCP Process: Negotiating a Lease
     


    • Marked as answer by Tiger Li Monday, July 25, 2011 8:07 AM
    • Edited by [JorgeM] Wednesday, July 24, 2013 6:39 PM updated broken links.
    Friday, July 22, 2011 6:38 PM
  •   Yes DHCP relay will do that for you IF the computer network and the phone network are separate. There is no way you can plug a phone or a computer in to the same plug and have DHCP know which scope it should use.

      DHCP works using LAN broadcasts. DHCP relay can handle receiving a request on one segment and getting that request to a DHCP server in the other segment. It cannot handle two scopes on one LAN segment. As you have found, you cannot have two DHCP servers in the same segment/switch.

       In your case you do not need two DHCP servers. All you need it one DHCP server (with two scopes) and a DHCP relay capable router between the segments.


    Bill
    • Marked as answer by Tiger Li Monday, July 25, 2011 8:07 AM
    Friday, July 22, 2011 5:45 AM

All replies

  •   Yes DHCP relay will do that for you IF the computer network and the phone network are separate. There is no way you can plug a phone or a computer in to the same plug and have DHCP know which scope it should use.

      DHCP works using LAN broadcasts. DHCP relay can handle receiving a request on one segment and getting that request to a DHCP server in the other segment. It cannot handle two scopes on one LAN segment. As you have found, you cannot have two DHCP servers in the same segment/switch.

       In your case you do not need two DHCP servers. All you need it one DHCP server (with two scopes) and a DHCP relay capable router between the segments.


    Bill
    • Marked as answer by Tiger Li Monday, July 25, 2011 8:07 AM
    Friday, July 22, 2011 5:45 AM
  • Hey Bill thanks for your reply. You said "There is no way you can plug a phone or a computer in to the same plug and have DHCP know which scope it should use" is this a server constraint because i had it setup on my router and it worked great. I could plug a computer in and it would pull a 10.81.81.X Address. When i plugged a Phone in it would pull a 10.81.82.X Address. And when i plugged a computer into the back of the phone it still pulled a 10.81.81.X address. So i know it can be done with the DHCP Server built into my router, but i was wondering if the DHCP on windows server 2003 can't handle this. Also in the Phone there is a setting that i set that tells the phone what VLAN id to look for.

    How should my scope be set up in server 2003. On the 10.81.81.X scope which was setup on the server already has an Address Pool, and for it's scope options it has a Router 10.81.81.25X, A DNS server which is the same address as the server, and a WINS Server which is also the same as the server.

    When i create a second scope with Address pool 10.81.82.X What scope options should i use. Should i put the router address in 10.81.81.1, or should it be in the same subnet 10.81.81.2?

    Thank you

    Friday, July 22, 2011 3:36 PM
  • As Bill mentioned, the DHCP server itself can only issues IPs form a scope when it knows where the packet came from.  The DHCP relay agent's job is to modify the DHCP broadcast packet into a unicast packet with the portion of the GIADDR field with the subnet information.  When the DHCP server receives the packet, it takes the information in the GIADDR field and picks the correct scope.  If the GIADDR is not populated, the DHCP server can only issue IPs from the scope that matches the same subnet the DHCP server is connected to.

    So, in your case, if it was working on the router, the router was already aware of the VLANs so it was able to issue IPs from the correct scope.  There is no other explanation.  That is how DHCP works.

    So, which Network are you plugging the DHCP server into?  If you are putting it on the 10.81.81.0 network, that is fine.  Then for the phone network, the router that services 10.81.82.0 will need to have the DHCP relay agnet configured to send the packets to the IP address of the DHCP server, say 10.81.81.1 as an example. 

    You will then create two scopes on your DHCP server.

    Now, for your scope configuration, each subnet has options.  The router option will be specific to each vlan.  That's not a DHCP question...its a networking quetion.  If you are using a /24 subnet mask for both vlans, then the scope for 10.81.81.0 will have a 10.81.81.x address and the scope for 10.81.82.0 will have a 10.81.82.x address for the gateway.

     

    Resources --> The DHCP Process: Negotiating a Lease
     


    • Marked as answer by Tiger Li Monday, July 25, 2011 8:07 AM
    • Edited by [JorgeM] Wednesday, July 24, 2013 6:39 PM updated broken links.
    Friday, July 22, 2011 6:38 PM
  • Ok so in my router i have 3 VLANS, VLAN1 Management (192.168.1.X) VLAN500 Voice (10.81.82.X) and VLAN 600 Data (10.81.81.X). Port 1 of the Router is set to 802.1q and all VLANs are a member. Port 1 plugs into Netgear Switch

    Netgear GS716t Switch 16 port- I have three VLANS setup in there, VLAN1 Management, VLAN500 Voice, VLAN 600 Data.  VLAN1 has all 16 ports Untagged, VLAN500 has all ports Tagged, VLAN600 Has 1-13 Untagged and 14-16 Tagged. Port 16 is connected to router. Port PVID Config- Ports 1-13 have PVID 600 as Default, and 14-16 PVID are 1 for management.

    The DHCP server is on VLAN 600(Data). There is only one router and it controlls both subnets. The router i have(Edgemarc 4500) also has DHCP Relay, but it can only relay one VLAN. When i choose VLAN600 it pulls DHCP addresses but they're all from the VLAN600 no matter if its a phone or computer. When i choose VLAN 500 as the DHCP Relay nothing pulls an ip address.

    On the Server i had two Scopes created. 10.81.81.X, And 10.81.82.X.  The 10.81.81.X scope was already created on the server and for its scope options it had a Router 10.81.81.253, and it also had WINS and DNS with 10.81.81.101. 101 being the Server. It had a pool of 10.81.81.1-50

    On Scope 10.81.82.X i setup a pool of 10.81.82.100-200.  For it scope options i created a router 10.81.82.1, and for WINS and DNS i choosed 10.18.81.101. This is what i was unsure about. I didn't know if i could put a different subnet in the scope.

    Anyways thats how i have things setup. If you have any suggestions let me know. Thank you

    Monday, July 25, 2011 3:31 PM
  • So with regard to the Scopes you created, thats fine.  I wouldnt worry about those details.  If the packet comes in and the DHCP server determines which scope to use, it will send whatever config you have set in the scope options.  your options look fine, but I have no way of verifying if those are the correct IPs for the DNS, WINS, and gateway, so i have to assume they are.

    Now back to the VLAN issue...  You explained the port VLAN config very well, but I am not following it...sorry about that.  I do know for a fact that the DHCP server cannot issue IP leases for remote scopes unless the GIADDR field is correctly configured.  I would focus on the relay agent config on this router.  If the router is on the data vlan and your comptuers are on the same vlan, no relay agent is requried.  If the phones are on a different vlan, that vlan will require the relay agent to be configured.  If the DHCP server was on a different vlan than both of the vlans your computer and phones are connected to, you would need to have a relay agent configured for each vlan.


    • Edited by [JorgeM] Wednesday, July 24, 2013 6:39 PM updated broken links.
    Monday, July 25, 2011 11:41 PM