Yeah I always thought the helper address command was the way to get a whole
bunch of nonroutable junk forwarded.
Bri
----- Original Message -----
From: "Priscilla Oppenheimer"
To:
Sent: Wednesday, September 26, 2001 4:03 PM
Subject: Re: DHCP [7:21051]
> OK, so I tried it. The "ip dhcp-server" command didn't do anything on my
> network, which is mostly Ethernet LANs. What good is it? ;-)
>
> I had to use "ip helper-address" on the interface where the client
resides.
> With that command, the DHCP messages got forwarded, whether I had "ip
> dhcp-sever" configured or not. Using just "ip dhcp-server" without the "ip
> helper-address" did not work, however. In that case, the DHCP messages did
> not get forwarded.
>
> Here's my config. The client is on the 36.1.1.0 network.
>
> I was sitting with my EtherPeek protocol analyzer on the 10.10.0.0
network.
> I could see the DHCP Discover come through to 10.10.0.1 whether I used "ip
> dhcp-server 10.10.0.1" or not, as long as I did use "ip helper-address
> 10.10.0.1."
>
> charlotte#s run
> Building configuration...
>
> Current configuration:
> !
> version 11.0
> service udp-small-servers
> service tcp-small-servers
> !
> hostname charlotte
> !
> enable password xxxx
> !
> ip dhcp-server 10.10.0.1 (also tried it without this)
> !
> interface Ethernet0
> ip address 10.10.0.2 255.255.255.0
> !
> interface Ethernet1
> ip address 36.1.1.1 255.255.255.0
> ip helper-address 10.10.0.1 (this is what really did the trick)
> !
> interface Serial0
> ip address 192.168.40.2 255.255.255.0
> no fair-queue
> !
> interface Serial1
> no ip address
> shutdown
> !
> interface TokenRing1
> no ip address
> shutdown
> !
> interface TokenRing0
> no ip address
> shutdown
> !
> router ospf 100
> network 192.168.0.0 0.0.255.255 area 2
> network 10.10.0.0 0.0.255.255 area 0
> network 36.1.1.0 0.0.0.255 area 2
> !
> line con 0
> line aux 0
> transport input all
> line vty 0 4
> password cisco
> login
> !
> end
>
>
> The DHCP Discover from the client that I captured might be informative for
> people learning about how DHCP Relay works. Notice that the packet is a
> unicast, rather than a broadcast. Also, notice at the IP layer that the
> source address is the router, not the client's 0.0.0.0 address that you
> normally see with DHCP. The router also put its address in the DHCP server
> under "Gateway IP Address." The DHCP server needs to see this to know
which
> subnet the client's request came from.
>
> Ethernet Header
> Destination: 00:00:0C:05:3E:80
> Source: 00:00:0C:00:2E:75
> Protocol Type:0x0800 IP
> IP Header - Internet Protocol Datagram
> Version: 4
> Header Length: 5 (20 bytes)
> Type of Service: %00000000
> Precedence: Routine, Normal Delay, Normal Throughput, Normal
> Reliability
> Total Length: 328
> Identifier: 12800
> Fragmentation Flags: %000 May Fragment Last Fragment
> Fragment Offset: 0 (0 bytes)
> Time To Live: 127
> Protocol: 17 UDP
> Header Checksum: 0xD998
> Source IP Address: 36.1.1.1
> Dest. IP Address: 10.10.0.1
> No IP Options
> UDP - User Datagram Protocol
> Source Port: 68 Bootstrap (BOOTP Client)
> Destination Port: 67 Bootstrap Protocol Server
> Length: 308
> Checksum: 0x3159
> BootP - Bootstrap Protocol
> Operation: 1 Boot Request
> Hardware Address Type: 1 Ethernet (10Mb)
> Hardware Address Length: 6 bytes
> Hops: 0
> Transaction ID: 678970121
> Seconds Since Boot Start: 0
> Flags: 0x0000
> IP Address Known By Client: 0.0.0.0 IP Address Not Known By Client
> Client IP Addr Given By Srvr: 0.0.0.0
> Server IP Address: 0.0.0.0
> Gateway IP Address: 36.1.1.1
> Client Hardware Address: 00:E0:98:89:52:FA
> Unused: 0x00000000000000000000
> Server Host Name:
> ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> Boot File Name:
> ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> DHCP - Dynamic Host Configuration Protocol
> DHCP Magic Cookie: 0x63825363
> Message TypeDHCP Option
> Option Code: 53 Message Type
> Option Length: 1
> Message Type: 1 Discover
> Client IdentifierDHCP Option
> Option Code: 61 Client Identifier
> Option Length: 7
> Hardware Type: 1
> Hardware Address: 00:E0:98:89:52:FA
> Requested IP AddressDHCP Option
> Option Code: 50 Requested IP Address
> Option Length: 4
> Address: 36.1.1.2
> Host Name AddressDHCP Option
> Option Code: 12 Host Name Address
> Option Length: 8
> String: MACTEAM.
> Vendor Class IdentifierDHCP Option
> Option Code: 60 Vendor Class Identifier
> Option Length: 7
> Option Data:
> MSFT 98 4D 53 46 54 20 39 38
> Parameter Request ListDHCP Option
> Option Code: 55 Parameter Request List
> Option Length: 9
> Requested Option: 1 Subnet Mask
> Requested Option: 15 Domain Name
> Requested Option: 3 Routers
> Requested Option: 6 Domain Name Servers
> Requested Option: 44 NetBIOS (TCP/IP) Name Servers
> Requested Option: 46 NetBIOS (TCP/IP) Node Type
> Requested Option: 47 NetBIOS (TCP/IP) Scope
> Requested Option: 43 Vendor Specific Information
> Requested Option: 77 User Class Information
> DHCP Option End
> Option Code: 255 End
> Extra bytes (Padding):
> ........... 00 00 00 00 00 00 00 00 00 00 00
> Frame Check Sequence: 0x00000000
>
>
> Priscilla
>
> At 05:12 PM 9/26/01, Wayne Wenthin wrote:
> >I am currently using this command on many routers ranging in ios from
10.2
> >(yeah I know but its a couple a hundred miles away) to 12.2. Without it
> >our customers (we are an ISP) cannot reach the DHCP servers. It must
work
> >outside of the dialup only arena.
> >
> >
> >At 01:09 PM 9/26/2001, khramov wrote:
> > >Priscilla,
> > > I think that you are right about the ip dhcp-server command. I
looked
> it
> > >up on Cisco's web site. It seems
> > >that it can be used only with dial up to tell the client where dhcp
server
> > >is.
> > >
> > >Priscilla Oppenheimer wrote:
> > >
> > > > Yes, I finally found that also, but only in reference to dial-up
> networks
> > > > where the router is acting as an access sever for SLIP/PPP clients.
> Does
> >it
> > > > work elsewhere? It would be good if it did.
> > > >
> > > > Priscilla
> > > >
> > > > At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote:
> > > >
> > > > >Their must be more than one way to foreword DHCP requests.
> > > > >
> > > >
> > >
> >http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/d
> > > ial_r/drdreip.htm#xtocid1564817>
> > > > >
> > > > >
> > > > >Tom got me looking into this earlier.
> > > > >
> > > > >-Eric
> > > > >
> > > > >-----Original Message-----
> > > > >From: Priscilla Oppenheimer
> > > > >[mailto:[EMAIL PROTECTED]]
> > > > >Sent: Wednesday, September 26, 2001 2:05 PM
> > > > >To: [EMAIL PROTECTED]
> > > > >Subject: Re: DHCP [7:21051]
> > > > >
> > > > >At 01:06 PM 9/26/01, khramov wrote:
> > > > > > From my understanding ip dhcp-server command will enable upd
> >broadcast
> > > > > > on ports 66 and 67. Is that true?
> > > > >
> > > > >It causes your router to BE a DHCP server and to accept and process
> > > > >broadcasts to UDP port 67 and to send responses from port 66. It
does
> >not
> > > > >cause the router to forward UDP broadcasts to port 67.
> > > > >
> > > > >If you turn your router into a DHCP server, you would also have to
> > >identify
> > > > >an external File Transport Protocol (FTP), Trivial File Transfer
> >Protocol
> > > > >(TFTP), or remote copy protocol (rcp) server that you will use to
> store
> > >the
> > > > >DHCP bindings database. The router will access that database.
Here's
> >more
> > > > >info on turning your router into a DHCP server, which is often not
a
> >good
> > > > >idea, in my opinion (because it detracts from the router's real
jobs):
> > > > >
> > > >
> > >
> >http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/f
> > > ipr_c/ipcprt1/1cfdhcp.htm
> > > > >
> > > > >
> > > > >Priscilla
> > > > >
> > > > > >Alex
> > > > > >
> > > > > >
> > > > > >Priscilla Oppenheimer wrote:
> > > > > >>Why do you want to turn your router into a DHCP server? I
thought
> you
> > > > > >>already had a DHCP server. You just need a helper address and
> > > > > >>
> > > > > >>ip forward-protocol udp 67
> > > > > >>no ip forward-protocol 137
> > > > > >>no ip forward-protocol 138
> > > > > >>
> > > > > >>The last two commands are because you said that NetBIOS
broadcast
> > > > > >>forwarding was causing problems for your NT server. When you
have a
> > > > helper
> > > > > >>address, the router forwards a bunch of UDP packets. You have to
> > > > configure
> > > > > >>it to be more discerning.
> > > > > >>
> > > > > >>Priscilla
> > > > > >>
> > > > > >>At 09:24 AM 9/26/01, khramov wrote:
> > > > > >> >Hello,
> > > > > >> > ip dhcp-server works, I didn't specify it with a
hyphen.
> So
> > > > > >> would you
> > > > > >> >agree
> > > > > >> > that the best solution for me would be to disable ip
> directed
> > > > > >> >broadcast, ip
> > > > > >> > helper address and enable ip dhcp-server at the global
> >config?
> > > > If
> > > > >I
> > > > > >> >enable ip
> > > > > >> > dhcp-server do I need to enable ip forward-protocol udp
> >(ports
> > > > > >> 66 and
> > > > > >> >67)?
> > > > > >> >
> > > > > >> > Thanks a lot,
> > > > > >> > Alex
> > > > > >> >
> > > > > >> >MADMAN wrote:
> > > > > >> >
> > > > > >> > > Hmm.. I haven't done it in a while so I tried it on a 7507
> with
> > > > > >> RSP8's and
> > > > > >> > > an MSFC2,
> > > > > >> > > they both accepted the command just fine but are not in the
> > > > > >> config. So I
> > > > > >> > > figured they
> > > > > >> > > must be enabled by default so I did a no ip forward
protocol
> udp
> > >67
> > > > >and
> > > > > >> > > wallah, there it
> > > > > >> > > is!!!
> > > > > >> > >
> > > > > >> > > C7507MIX#conf t
> > > > > >> > > Enter configuration commands, one per line. End with
CNTL/Z.
> > > > > >> > > C7507MIX(config)#no ip for
> > > > > >> > > C7507MIX(config)#no ip forward-protocol udp 67
> > > > > >> > > C7507MIX(config)#^Z
> > > > > >> > > C7507MIX#wr t
> > > > > >> > > Building configuration...ip kerberos source-interface any
> > > > > >> > > ip classless
> > > > > >> > > no ip forward-protocol udp bootps
> > > > > >> > >
> > > > > >> > > Dave
> > > > > >> > >
> > > > > >> > > khramov wrote:
> > > > > >> > >
> > > > > >> > > > I did that, but when I do sh run it is not showing up in
> >config
> > > > > >> file. I
> > > > > >> > > > mean (ip
> > > > > >> > > > forward-protocol udp 67).
> > > > > >> > > > Is that the way it is suppose to be?
> > > > > >> > > >
> > > > > >> > > > MADMAN wrote:
> > > > > >> > > >
> > > > > >> > > > > Check "ip foward protocol"
> > > > > >> > > > >
> > > > > >> > > > > Dave
> > > > > >> > > > >
> > > > > >> > > > > khramov wrote:
> > > > > >> > > > > >
> > > > > >> > > > > > Hello
> > > > > >> > > > > > How do I enable broadcast for DHCP server? I
know
> >that
> > > > ip
> > > > > >> > > > > > helper enables UDP broadcast, but broadcast of
> >netbios
> > > > > >> > > > > > services causes some problems for win nt server.
> So
> >I
> > > > >guess
> > > > > >> > > > > > to be more specific what can I do to forward udp
> > > > > >> broadcast on
> > > > > >> > > > > > ports 67 and 68 only?
> > > > > >> > > > > >
> > > > > >> > > > > > And another question that I have what exactly ip
> > > > > >> > > > > > directed-broadcast command does? I've searched
> >Cisco's
> > > > > web
> > > > > >> > > > > > site but I never came across a clear defenition?
> > > > > >> > > > > >
> > > > > >> > > > > > Thanks,
> > > > > >> > > > > > Alex
> > > > > >> > > > > >
> > > > > >> > > > > > [GroupStudy.com removed an attachment of type
> text/x-vcard
> > > > > >> which had
> > > > > >> >a
> > > > > >> > > > name
> > > > > >> > > > > > of khramov.vcf]
> > > > > >> > > > > --
> > > > > >> > > > > David Madland
> > > > > >> > > > > Sr. Network Engineer
> > > > > >> > > > > CCIE# 2016
> > > > > >> > > > > Qwest Communications Int. Inc.
> > > > > >> > > > > [EMAIL PROTECTED]
> > > > > >> > > > > 612-664-3367
> > > > > >> > > > >
> > > > > >> > > > > "Emotion should reflect reason not guide it"
> > > > > >> > > >
> > > > > >> > > > [GroupStudy.com removed an attachment of type
text/x-vcard
> >which
> > > > > >> had a
> > > > > >> >name
> > > > > >> > > > of khramov.vcf]
> > > > > >> > > --
> > > > > >> > > David Madland
> > > > > >> > > CCIE# 2016
> > > > > >> > > Senior Network Engineer
> > > > > >> > > Qwest Communications
> > > > > >> > > 612-664-3367
> > > > > >> >
> > > > > >> >[GroupStudy.com removed an attachment of type text/x-vcard
which
> >had
> > >a
> > > > > >> name
> > > > > >> >of khramov.vcf]
> > > > > >> groupstudy.com/form/read.php?f=7&i=21133&t=21051
> > > > > >> >--------------------------------------------------
> > > > > >> >FAQ, list archives, and subscription info:
> > > > > >> >http://www.groupstudy.com/lis
> > > > > >> t/cisco.html
> > > > > >> >Report misconduct and Nondisclosure violations to
> > >[EMAIL PROTECTED]
> > > > > >>
> > > > > >>________________________
> > > > > >>
> > > > > >>Priscilla Oppenheimer
> > > > > >>http://www.priscilla.com
> > > > >
> > > > >________________________
> > > > >
> > > > >Priscilla Oppenheimer
> > > > >http://www.priscilla.com
> > > > ________________________
> > > >
> > > > Priscilla Oppenheimer
> > > > http://www.priscilla.com
> > >
> > >[GroupStudy.com removed an attachment of type text/x-vcard which had a
> name
> > >of khramov.vcf]
> ________________________
>
> Priscilla Oppenheimer
> http://www.priscilla.com
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=21235&t=21051
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
