OK, so I tried it. The "ip dhcp-server" command didn't do anything on my
network, which is mostly Ethernet LANs. What good is it? ;-)
I had to use "ip helper-address" on the interface where the client resides.
With that command, the DHCP messages got forwarded, whether I had "ip
dhcp-sever" configured or not. Using just "ip dhcp-server" without the "ip
helper-address" did not work, however. In that case, the DHCP messages did
not get forwarded.
Here's my config. The client is on the 36.1.1.0 network.
I was sitting with my EtherPeek protocol analyzer on the 10.10.0.0 network.
I could see the DHCP Discover come through to 10.10.0.1 whether I used "ip
dhcp-server 10.10.0.1" or not, as long as I did use "ip helper-address
10.10.0.1."
charlotte#s run
Building configuration...
Current configuration:
!
version 11.0
service udp-small-servers
service tcp-small-servers
!
hostname charlotte
!
enable password xxxx
!
ip dhcp-server 10.10.0.1 (also tried it without this)
!
interface Ethernet0
ip address 10.10.0.2 255.255.255.0
!
interface Ethernet1
ip address 36.1.1.1 255.255.255.0
ip helper-address 10.10.0.1 (this is what really did the trick)
!
interface Serial0
ip address 192.168.40.2 255.255.255.0
no fair-queue
!
interface Serial1
no ip address
shutdown
!
interface TokenRing1
no ip address
shutdown
!
interface TokenRing0
no ip address
shutdown
!
router ospf 100
network 192.168.0.0 0.0.255.255 area 2
network 10.10.0.0 0.0.255.255 area 0
network 36.1.1.0 0.0.0.255 area 2
!
line con 0
line aux 0
transport input all
line vty 0 4
password cisco
login
!
end
The DHCP Discover from the client that I captured might be informative for
people learning about how DHCP Relay works. Notice that the packet is a
unicast, rather than a broadcast. Also, notice at the IP layer that the
source address is the router, not the client's 0.0.0.0 address that you
normally see with DHCP. The router also put its address in the DHCP server
under "Gateway IP Address." The DHCP server needs to see this to know which
subnet the client's request came from.
Ethernet Header
Destination: 00:00:0C:05:3E:80
Source: 00:00:0C:00:2E:75
Protocol Type:0x0800 IP
IP Header - Internet Protocol Datagram
Version: 4
Header Length: 5 (20 bytes)
Type of Service: %00000000
Precedence: Routine, Normal Delay, Normal Throughput, Normal
Reliability
Total Length: 328
Identifier: 12800
Fragmentation Flags: %000 May Fragment Last Fragment
Fragment Offset: 0 (0 bytes)
Time To Live: 127
Protocol: 17 UDP
Header Checksum: 0xD998
Source IP Address: 36.1.1.1
Dest. IP Address: 10.10.0.1
No IP Options
UDP - User Datagram Protocol
Source Port: 68 Bootstrap (BOOTP Client)
Destination Port: 67 Bootstrap Protocol Server
Length: 308
Checksum: 0x3159
BootP - Bootstrap Protocol
Operation: 1 Boot Request
Hardware Address Type: 1 Ethernet (10Mb)
Hardware Address Length: 6 bytes
Hops: 0
Transaction ID: 678970121
Seconds Since Boot Start: 0
Flags: 0x0000
IP Address Known By Client: 0.0.0.0 IP Address Not Known By Client
Client IP Addr Given By Srvr: 0.0.0.0
Server IP Address: 0.0.0.0
Gateway IP Address: 36.1.1.1
Client Hardware Address: 00:E0:98:89:52:FA
Unused: 0x00000000000000000000
Server Host Name:
................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Boot File Name:
................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
DHCP - Dynamic Host Configuration Protocol
DHCP Magic Cookie: 0x63825363
Message TypeDHCP Option
Option Code: 53 Message Type
Option Length: 1
Message Type: 1 Discover
Client IdentifierDHCP Option
Option Code: 61 Client Identifier
Option Length: 7
Hardware Type: 1
Hardware Address: 00:E0:98:89:52:FA
Requested IP AddressDHCP Option
Option Code: 50 Requested IP Address
Option Length: 4
Address: 36.1.1.2
Host Name AddressDHCP Option
Option Code: 12 Host Name Address
Option Length: 8
String: MACTEAM.
Vendor Class IdentifierDHCP Option
Option Code: 60 Vendor Class Identifier
Option Length: 7
Option Data:
MSFT 98 4D 53 46 54 20 39 38
Parameter Request ListDHCP Option
Option Code: 55 Parameter Request List
Option Length: 9
Requested Option: 1 Subnet Mask
Requested Option: 15 Domain Name
Requested Option: 3 Routers
Requested Option: 6 Domain Name Servers
Requested Option: 44 NetBIOS (TCP/IP) Name Servers
Requested Option: 46 NetBIOS (TCP/IP) Node Type
Requested Option: 47 NetBIOS (TCP/IP) Scope
Requested Option: 43 Vendor Specific Information
Requested Option: 77 User Class Information
DHCP Option End
Option Code: 255 End
Extra bytes (Padding):
........... 00 00 00 00 00 00 00 00 00 00 00
Frame Check Sequence: 0x00000000
Priscilla
At 05:12 PM 9/26/01, Wayne Wenthin wrote:
>I am currently using this command on many routers ranging in ios from 10.2
>(yeah I know but its a couple a hundred miles away) to 12.2. Without it
>our customers (we are an ISP) cannot reach the DHCP servers. It must work
>outside of the dialup only arena.
>
>
>At 01:09 PM 9/26/2001, khramov wrote:
> >Priscilla,
> > I think that you are right about the ip dhcp-server command. I looked
it
> >up on Cisco's web site. It seems
> >that it can be used only with dial up to tell the client where dhcp server
> >is.
> >
> >Priscilla Oppenheimer wrote:
> >
> > > Yes, I finally found that also, but only in reference to dial-up
networks
> > > where the router is acting as an access sever for SLIP/PPP clients.
Does
>it
> > > work elsewhere? It would be good if it did.
> > >
> > > Priscilla
> > >
> > > At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote:
> > >
> > > >Their must be more than one way to foreword DHCP requests.
> > > >
> > >
> >
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/d
> > ial_r/drdreip.htm#xtocid1564817>
> > > >
> > > >
> > > >Tom got me looking into this earlier.
> > > >
> > > >-Eric
> > > >
> > > >-----Original Message-----
> > > >From: Priscilla Oppenheimer
> > > >[mailto:[EMAIL PROTECTED]]
> > > >Sent: Wednesday, September 26, 2001 2:05 PM
> > > >To: [EMAIL PROTECTED]
> > > >Subject: Re: DHCP [7:21051]
> > > >
> > > >At 01:06 PM 9/26/01, khramov wrote:
> > > > > From my understanding ip dhcp-server command will enable upd
>broadcast
> > > > > on ports 66 and 67. Is that true?
> > > >
> > > >It causes your router to BE a DHCP server and to accept and process
> > > >broadcasts to UDP port 67 and to send responses from port 66. It does
>not
> > > >cause the router to forward UDP broadcasts to port 67.
> > > >
> > > >If you turn your router into a DHCP server, you would also have to
> >identify
> > > >an external File Transport Protocol (FTP), Trivial File Transfer
>Protocol
> > > >(TFTP), or remote copy protocol (rcp) server that you will use to
store
> >the
> > > >DHCP bindings database. The router will access that database. Here's
>more
> > > >info on turning your router into a DHCP server, which is often not a
>good
> > > >idea, in my opinion (because it detracts from the router's real jobs):
> > > >
> > >
> >
>http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/f
> > ipr_c/ipcprt1/1cfdhcp.htm
> > > >
> > > >
> > > >Priscilla
> > > >
> > > > >Alex
> > > > >
> > > > >
> > > > >Priscilla Oppenheimer wrote:
> > > > >>Why do you want to turn your router into a DHCP server? I thought
you
> > > > >>already had a DHCP server. You just need a helper address and
> > > > >>
> > > > >>ip forward-protocol udp 67
> > > > >>no ip forward-protocol 137
> > > > >>no ip forward-protocol 138
> > > > >>
> > > > >>The last two commands are because you said that NetBIOS broadcast
> > > > >>forwarding was causing problems for your NT server. When you have a
> > > helper
> > > > >>address, the router forwards a bunch of UDP packets. You have to
> > > configure
> > > > >>it to be more discerning.
> > > > >>
> > > > >>Priscilla
> > > > >>
> > > > >>At 09:24 AM 9/26/01, khramov wrote:
> > > > >> >Hello,
> > > > >> > ip dhcp-server works, I didn't specify it with a hyphen.
So
> > > > >> would you
> > > > >> >agree
> > > > >> > that the best solution for me would be to disable ip
directed
> > > > >> >broadcast, ip
> > > > >> > helper address and enable ip dhcp-server at the global
>config?
> > > If
> > > >I
> > > > >> >enable ip
> > > > >> > dhcp-server do I need to enable ip forward-protocol udp
>(ports
> > > > >> 66 and
> > > > >> >67)?
> > > > >> >
> > > > >> > Thanks a lot,
> > > > >> > Alex
> > > > >> >
> > > > >> >MADMAN wrote:
> > > > >> >
> > > > >> > > Hmm.. I haven't done it in a while so I tried it on a 7507
with
> > > > >> RSP8's and
> > > > >> > > an MSFC2,
> > > > >> > > they both accepted the command just fine but are not in the
> > > > >> config. So I
> > > > >> > > figured they
> > > > >> > > must be enabled by default so I did a no ip forward protocol
udp
> >67
> > > >and
> > > > >> > > wallah, there it
> > > > >> > > is!!!
> > > > >> > >
> > > > >> > > C7507MIX#conf t
> > > > >> > > Enter configuration commands, one per line. End with CNTL/Z.
> > > > >> > > C7507MIX(config)#no ip for
> > > > >> > > C7507MIX(config)#no ip forward-protocol udp 67
> > > > >> > > C7507MIX(config)#^Z
> > > > >> > > C7507MIX#wr t
> > > > >> > > Building configuration...ip kerberos source-interface any
> > > > >> > > ip classless
> > > > >> > > no ip forward-protocol udp bootps
> > > > >> > >
> > > > >> > > Dave
> > > > >> > >
> > > > >> > > khramov wrote:
> > > > >> > >
> > > > >> > > > I did that, but when I do sh run it is not showing up in
>config
> > > > >> file. I
> > > > >> > > > mean (ip
> > > > >> > > > forward-protocol udp 67).
> > > > >> > > > Is that the way it is suppose to be?
> > > > >> > > >
> > > > >> > > > MADMAN wrote:
> > > > >> > > >
> > > > >> > > > > Check "ip foward protocol"
> > > > >> > > > >
> > > > >> > > > > Dave
> > > > >> > > > >
> > > > >> > > > > khramov wrote:
> > > > >> > > > > >
> > > > >> > > > > > Hello
> > > > >> > > > > > How do I enable broadcast for DHCP server? I know
>that
> > > ip
> > > > >> > > > > > helper enables UDP broadcast, but broadcast of
>netbios
> > > > >> > > > > > services causes some problems for win nt server.
So
>I
> > > >guess
> > > > >> > > > > > to be more specific what can I do to forward udp
> > > > >> broadcast on
> > > > >> > > > > > ports 67 and 68 only?
> > > > >> > > > > >
> > > > >> > > > > > And another question that I have what exactly ip
> > > > >> > > > > > directed-broadcast command does? I've searched
>Cisco's
> > > > web
> > > > >> > > > > > site but I never came across a clear defenition?
> > > > >> > > > > >
> > > > >> > > > > > Thanks,
> > > > >> > > > > > Alex
> > > > >> > > > > >
> > > > >> > > > > > [GroupStudy.com removed an attachment of type
text/x-vcard
> > > > >> which had
> > > > >> >a
> > > > >> > > > name
> > > > >> > > > > > of khramov.vcf]
> > > > >> > > > > --
> > > > >> > > > > David Madland
> > > > >> > > > > Sr. Network Engineer
> > > > >> > > > > CCIE# 2016
> > > > >> > > > > Qwest Communications Int. Inc.
> > > > >> > > > > [EMAIL PROTECTED]
> > > > >> > > > > 612-664-3367
> > > > >> > > > >
> > > > >> > > > > "Emotion should reflect reason not guide it"
> > > > >> > > >
> > > > >> > > > [GroupStudy.com removed an attachment of type text/x-vcard
>which
> > > > >> had a
> > > > >> >name
> > > > >> > > > of khramov.vcf]
> > > > >> > > --
> > > > >> > > David Madland
> > > > >> > > CCIE# 2016
> > > > >> > > Senior Network Engineer
> > > > >> > > Qwest Communications
> > > > >> > > 612-664-3367
> > > > >> >
> > > > >> >[GroupStudy.com removed an attachment of type text/x-vcard which
>had
> >a
> > > > >> name
> > > > >> >of khramov.vcf]
> > > > >> groupstudy.com/form/read.php?f=7&i=21133&t=21051
> > > > >> >--------------------------------------------------
> > > > >> >FAQ, list archives, and subscription info:
> > > > >> >http://www.groupstudy.com/lis
> > > > >> t/cisco.html
> > > > >> >Report misconduct and Nondisclosure violations to
> >[EMAIL PROTECTED]
> > > > >>
> > > > >>________________________
> > > > >>
> > > > >>Priscilla Oppenheimer
> > > > >>http://www.priscilla.com
> > > >
> > > >________________________
> > > >
> > > >Priscilla Oppenheimer
> > > >http://www.priscilla.com
> > > ________________________
> > >
> > > Priscilla Oppenheimer
> > > http://www.priscilla.com
> >
> >[GroupStudy.com removed an attachment of type text/x-vcard which had a
name
> >of khramov.vcf]
________________________
Priscilla Oppenheimer
http://www.priscilla.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21230&t=21051
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
