RE: ????DHCP Problem???? [7:71667]
It also depends on how your ISP is assigning IP addresses My Cable provider only assigned IP's to registered MAC addresses. In this case you can either register you E1 mac address with them, or you can spoof a registered mac address. Below is a snipet of one of my routers spoofing a MAC address, and configured to received its IP address via DHCP. interface Ethernet0 mac-address 0030.ab14.537a ip address dhcp client-id Ethernet0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71776t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ????DHCP Problem???? [7:71667]
UPDATE!!! I was able to get an IP on my 806 off my linksys, thru DHCP after I removed the ip verify unicast reverse-path command , but still unable to get one from my ISP thru my cable modem, even though I can get one on my linksys and direct to my PC off the same modem, kinda weird, maybe Cisco uses a different port # for DHCP requests and my ISP may not recognize it or be blocking it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71674t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ????DHCP Problem???? [7:71667]
Try interface ethernet 1 ip address negotiated I've seen some configuration like this before and believe it is when the other side is running a DHCP server. Kind regards, Janó Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71732t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: ????DHCP Problem???? [7:71667]
UPDATE!!! I was able to get an IP on my 806 off my linksys, thru DHCP after I removed the ip verify unicast reverse-path command , but still unable to get one from my ISP thru my cable modem, even though I can get one on my linksys and direct to my PC off the same modem, kinda weird, maybe Cisco uses a different port # for DHCP requests and my ISP may not recognize it or be blocking it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=71673t=71667 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp packets not visible in 6509 [7:70898]
Vik, There could be any number of reasons that DHCP isn't working. The client may not be requesting DHCP, the switch may not have portfast enabled, a router not having an IP helper address, DHCP server offline, DHCP server without a scope for the VLAN, and so on. Perform a packet trace from the DHCP client and if necessary on the DHCP server (using SPAN). You will be able to determine the problem by identifying which packets are present in the capture and which are not. For example, you may find that the client sends a DHCP discovery packet but does not receive an offer packet from the DHCP server. If you see the same behavior on the server port (discovery, no offer) then it's possible that: - The DHCP server isn't operational or the service/daemon isn't running - The DHCP server doesn't have a scope defined for that VLAN - The DHCP server has run out of IP addresses for that VLAN On the other hand, if you the capture shows a discovery packet is sent by the client but the packet is never seen by the DHCP server it's much more likely that you have a missing (or incorrect) IP helper address. Once you perform the packet capture(s) you will probably need no further help. If you do, the information obtained from the capture would be enough for the group to point you in the right direction. - Tom Vik Vikky wrote: Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70926t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp packets not visible in 6509 [7:70898]
you need to enable portfast. Read about portfast. Set spantree portfast enable ( I think this is the syntax I don't have a 6509 in front of me now.) Vik Vikky wrote in message news:[EMAIL PROTECTED] Hi *, am fairly new to cisco products/ commands. have a problem got a WS-X6348-RJ-45 module at slot 3 of 6509. In which am unable to get DHCP broadcast /address from the main dhcp server. configured all the ports to respective vlan-x and at the routing module in a core switch (6509 with msfc) I hv given the ip helperaddress for this vlan. rest of the catalyst 4006 switch fetches dhcp frm this scope. Below is the module capabilities: Type 10/100BaseTX Speedauto,10,100 Duplex half,full Trunk encap type 802.1Q,ISL Trunk mode on,off,desirable,auto,nonegotiate Channel yes Broadcast suppressionpercentage(0-100) Flow control receive-(off,on),send-(off) Security yes Dot1xyes Membership static,dynamic Fast start yes QOS scheduling rx-(1q4t),tx-(2q2t) CoS rewrite yes ToS rewrite DSCP UDLD yes Inline power no AuxiliaryVlan1..1000,1025..4094,untagged,dot1p,none SPAN source,destination COPS port group 3/1-48 Link debounce timer yes Module configuration: set vlan 68 3/1-48 set port auxiliaryvlan 3/1-48 none set port qos 3/1-48 trust-ext untrusted set port qos 3/1-48 cos-ext 0 set port enable 3/1-48 set port speed 3/1-48 auto set port trap 3/1-48 enable set port name 3/1-48 set port dot1x 3/1-48 port-control force-autho set port dot1x 3/1-48 multiple-host disable set port dot1x 3/1-48 re-authentication disabl set port security 3/1-48 disable age 0 maximum set port broadcast 3/1-48 100.00% set port membership 3/1-48 static set port protocol 3/1-48 ip on set port protocol 3/1-48 ipx auto set port protocol 3/1-48 group auto set port flowcontrol3/1-48 send off set port flowcontrol3/1-48 receive off set cdp enable 3/1-48 set udld disable 3/1-48 set udld aggressive-mode disable 3/1-48 Cat-OS version: cat6000-sup.6-3-9.bin Can you guide me, anything I am missing out. Thank you _ Get 10mb of inbox space with MSN Hotmail Extra Storage http://join.msn.com/?pgmarket=en-sg Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=70903t=70898 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay [7:63625]
Stuart Pittwood wrote: How do I configure the router (Cisco 1720) at our remote site to forward DHCP requests back to our Windows 2000 DHCP server at the head office? Look at 'ip helper-address'. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=63626t=63625 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
Cog - DHCP relay is not yet supported on the 3002 Cisco VPN product line. Had a customer that wanted to do that instead we had to utilize the the internal pool to provide addresses. Regards, Randy On Tue, 21 Jan 2003 20:09:47 GMT cog writes: I have a 3002 at a remote site in Network Extension Mode. I need to have clients get IP addresses from a centralized DHCP server at Corporate via a broadcast from the client thru the tunnel to the server. Does the 3002 allow me to add a helper? s vermill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... cog wrote: Anyone have a way to get DHCP relay working on Cisco 3002? What's the problem? And what IOS? [EMAIL PROTECTED] Sign Up for Juno Platinum Internet Access Today Only $9.95 per month! Visit www.juno.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61645t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Relay on cisco 3002 [7:61486]
cog wrote: Anyone have a way to get DHCP relay working on Cisco 3002? What's the problem? And what IOS? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61490t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
I have a 3002 at a remote site in Network Extension Mode. I need to have clients get IP addresses from a centralized DHCP server at Corporate via a broadcast from the client thru the tunnel to the server. Does the 3002 allow me to add a helper? s vermill wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... cog wrote: Anyone have a way to get DHCP relay working on Cisco 3002? What's the problem? And what IOS? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61493t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
I have this in the config file, Anyone know what to set these as? The DHCP server? The Private IP of the 3002? Cisco, are you there? [dhcp_server] enable=1 LeaseTimeout=120 Relay=2 RelayAddr=0.0.0.0 RelayMask=0.0.0.0 IntMSHack=1 cog wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Anyone have a way to get DHCP relay working on Cisco 3002? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61491t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Relay on cisco 3002 [7:61486]
cog wrote: I have a 3002 at a remote site in Network Extension Mode. I need to have clients get IP addresses from a centralized DHCP server at Corporate via a broadcast from the client thru the tunnel to the server. Does the 3002 allow me to add a helper? I should have looked at your model number more closely before chiming in. Don't know much about Ciscos VPN line. But a quick search on CCO did bring up something about DHCP Intercept. Unfortunately, nothing about how to set it up. Do you have the product literature? Check for DHCP Intercept in the index if you do. Sorry for not being much help. I was just looking at the 3700 series for a new project and had that on the brain when I read 3002. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=61536t=61486 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP (client) problem on Cisco 2514 [7:56573]
I suppose posting the config would help... YahooBB-Router#sh run Building configuration... Current configuration : 1779 bytes ! ! Last configuration change at 16:42:47 JST Wed Oct 30 2002 ! version 12.2 no service single-slot-reload-enable service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime localtime show-timezone service timestamps log datetime localtime show-timezone service password-encryption service udp-small-servers service tcp-small-servers ! hostname YahooBB-Router ! logging rate-limit console 10 except errors enable secret 5 $1$c9.a$lpUgd8kGiwWmFJ.yTpfAD. ! clock timezone JST 9 ip subnet-zero no ip finger ip name-server x.x.x.x ip dhcp excluded-address 192.168.1.1 192.168.1.15 ! ip dhcp pool PrivateNet network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server x.x.x.x ! ip cef no ip dhcp-client network-discovery ! ! ! ! interface Ethernet0 description toLAN ip address 192.168.1.1 255.255.255.0 ip nat inside no ip mroute-cache load-interval 30 ! interface Ethernet1 description ToYahooBB_Modem ip address dhcp ip nat outside no ip mroute-cache load-interval 30 ! interface Serial0 no ip address no ip mroute-cache shutdown ! interface Serial1 no ip address no ip mroute-cache shutdown ! ip kerberos source-interface any ip nat inside source list 101 interface Ethernet1 overload ip classless ip route 0.0.0.0 0.0.0.0 ethernet 1 no ip http server ! access-list 1 permit x.x.x.x 0.0.0.255 access-list 1 permit x.x.x.x 0.0.0.255 access-list 1 deny any log access-list 101 permit ip 192.168.1.0 0.0.0.255 any ! ! line con 0 exec-timeout 500 0 transport input none line aux 0 transport input all line vty 0 4 access-class 1 in exec-timeout 500 0 password 7 xxx login ! ntp clock-period 17180016 ntp server x.x.x.x ntp server x.x.x.x end YahooBB-Router# Steven wrote in message news:200210310447.EAA24091;groupstudy.com... Got this weird problem with a 2514 I use as a broadband router. I connect the router to a DSL modem, but it doesn't get an IP address assigned. I got the correct IOS, and have ip address dhcp configured on the outside interface. When I connect a PC directly to the DSL modem, it gets an IP address without any problems... Of course I release the IP again before I disconnect the PC. Also tried to statically assign the IP (obtained by DHCP with a PC) to my router, and everything works just fine... But my provider changes the IP every 24hrs. :-( I have other routers (not 2500s), but didn't have the time yet to try with those. Wonder if any of you got similar problems and knows what is wrong? Here is some debug output, FWIW YahooBB-Router# Oct 30 18:56:13 JST: DHCP: DHCP client process started: Oct 30 18:56:17 JST: DHCP: Shutting down from get_netinfo() Oct 30 18:56:17 JST: DHCP: Attempting to shutdown DHCP Client Oct 30 18:56:18 JST: DHCP: allocate request Oct 30 18:56:18 JST: DHCP: new entry. add to queue Oct 30 18:56:18 JST: DHCP: SDiscover attempt # 1 for entry: Oct 30 18:56:18 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:18 JST: DHCP: SDiscover 298 bytes Oct 30 18:56:21 JST: DHCP: SDiscover attempt # 2 for entry: Oct 30 18:56:21 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:21 JST: DHCP: SDiscover 298 bytes Oct 30 18:56:24 JST: DHCP: SDiscover attempt # 3 for entry: Oct 30 18:56:24 JST: DHCP: SDiscover: sending 298 byte length DHCP packet Oct 30 18:56:24 JST: DHCP: SDiscover 298 bytes [OK] YahooBB-Router# YahooBB-Router#%Unknown DHCP problem.. No allocation possible Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=56574t=56573 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp client cisco 2500 [7:52922]
Jason Yates wrote: How would I setup my ethernet interface, on my cisco 2500 running IOS 12.06, to grab it's ip info from a dhcp server, or is this impossible? You want: interface e0 ip address dhcp Works for me! - Marty Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=53164t=52922 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dhcp client cisco 2500 [7:52922]
Yes it is possible.. I think you are talking about autoinstall. You need at least 12.1(5)T for this. hth, Mark -Original Message- From: Jason Yates [mailto:[EMAIL PROTECTED]] Sent: Monday, 9 September 2002 22:27 To: [EMAIL PROTECTED] Subject: dhcp client cisco 2500 [7:52922] How would I setup my ethernet interface, on my cisco 2500 running IOS 12.06, to grab it's ip info from a dhcp server, or is this impossible? -Jason Yates Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52925t=52922 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dhcp client cisco 2500 [7:52922]
I don't know about autoinstall, but version 12.2.x will support DHCP... I'm using it to grab my IP from my Cable Provider. Rob Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=52926t=52922 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP DSL [7:51757]
Ip negeotiated is what you want to use as the command on the Ethernet port. What IOS I think any of the 12 code but you better double check that. -Original Message- From: Gunjan Mathur [mailto:[EMAIL PROTECTED]] Sent: Tuesday, August 20, 2002 1:12 PM To: [EMAIL PROTECTED] Subject: DHCP DSL [7:51757] Hi All, I have a DSL connection which assign IP address through DHCP. Now I want to place a router on the same link, I have 2611 with me. I want to know: 1.What minimum IOS require for support DHCP. 2.What command I need to use to configure the DHCP on my ethernet port. TIA. __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=51797t=51757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Server on Multiple VLANs [7:49403]
did you try the ip helper address command on each of the vlans to point to a DHCP server? Don Pezet wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey guys, I have a Cisco 3620 connected to a 2948G-L3 which in turn provides layer three services to a cluster of 3548XLs. I have 9 operating VLANs and have been trying to work out a scenario for DHCP in my environment. Right now, we assign static IPs in all 9 vlans because we do not want to provide seperate DHCP servers for each. If we could find a way to get one server to provide DHCP to all the VLANs then we could implement it. The trick is, each VLAN is a different subnet. I had heard that if you use the 3620 as a DHCP server, create subinterfaces on a FE port using ISL and assign IP addresses appropriately, and create multiple DHCP pools, then the router would issues IPs from pools that matched the interface it drew the request from. However, when I try this it just issues IPs from the first pool until it is full and then moves to the next. Is there a way to make sure the router assigns correct IPs on the correct sub-interfaces? Is there a 3rd party DHCP server that would do this better? Let me do a sample config to show what I tried. Each network has a network printer at .200 (don't ask) and a router sub-interface at .1 except the 10.10.10.0 network which has reserved IPs through 100, but still a router interface at .1 Here's the Cisco 3620 DHCP portion of the config: ! ip dhcp excluded-address 10.10.10.1 10.10.10.100 ip dhcp excluded-address 192.168.1.1 ip dhcp excluded-address 192.168.1.200 ip dhcp excluded-address 192.168.2.1 ip dhcp excluded-address 192.168.2.200 ip dhcp excluded-address 192.168.3.1 ip dhcp excluded-address 192.168.3.200 ip dhcp excluded-address 192.168.4.1 ip dhcp excluded-address 192.168.4.200 ip dhcp excluded-address 192.168.5.1 ip dhcp excluded-address 192.168.5.200 ip dhcp excluded-address 192.168.6.1 ip dhcp excluded-address 192.168.6.200 ip dhcp excluded-address 192.168.7.1 ip dhcp excluded-address 192.168.7.200 ip dhcp excluded-address 192.168.8.1 ip dhcp excluded-address 192.168.8.200 ! ip dhcp pool Vlan1 network 10.10.10.0 /24 dns-server 4.2.2.1 default-router 10.10.10.1 ! ip dhcp pool Vlan10 network 192.168.1.0 /24 dns-server 4.2.2.1 default-router 192.168.1.1 ! ip dhcp pool Vlan20 network 192.168.2.0 /24 dns-server 4.2.2.1 default-router 192.168.2.1 ! ip dhcp pool Vlan30 network 192.168.3.0 /24 dns-server 4.2.2.1 default-router 192.168.3.1 ! ip dhcp pool Vlan40 network 192.168.4.0 /24 dns-server 4.2.2.1 default-router 192.168.4.1 ! ip dhcp pool Vlan50 network 192.168.5.0 /24 dns-server 4.2.2.1 default-router 192.168.5.1 ! ip dhcp pool Vlan60 network 192.168.6.0 /24 dns-server 4.2.2.1 default-router 192.168.6.1 ! ip dhcp pool Vlan70 network 192.168.7.0 /24 dns-server 4.2.2.1 default-router 192.168.7.1 ! ip dhcp pool Vlan80 network 192.168.8.0 /24 dns-server 4.2.2.1 default-router 192.168.8.1 ! interface FastEthernet1/0 description connected to Private Network no ip address duplex auto speed auto ! interface FastEthernet1/0.1 encapsulation isl 1 ip address 10.10.10.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.10 encapsulation isl 10 ip address 192.168.1.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.20 encapsulation isl 20 ip address 192.168.2.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.30 encapsulation isl 30 ip address 192.168.3.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.40 encapsulation isl 40 ip address 192.168.4.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.50 encapsulation isl 50 ip address 192.168.5.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.60 encapsulation isl 60 ip address 192.168.6.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.70 encapsulation isl 70 ip address 192.168.7.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.80 encapsulation isl 80 ip address 192.168.8.1 255.255.255.0 no ip redirects ! Thanks, Don Pezet [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49463t=49403 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Server on Multiple VLANs [7:49403]
Hello Don, I think you could set up DHCP scopes on a server and use the ip helper address command to direct dhcp discover broadcasts from your clients. The router should place its own sub-interface address in the packet and send it to the DHCP server. The server should then pick from the corresponding scope depending on the router IP address. I know of at least one server which does that but I do not want to mention it here. Winston V. Shaw CCIE(#7991) -Original Message- From: Don Pezet [mailto:[EMAIL PROTECTED]] Sent: Monday, July 22, 2002 1:15 PM To: [EMAIL PROTECTED] Subject: DHCP Server on Multiple VLANs [7:49403] Hey guys, I have a Cisco 3620 connected to a 2948G-L3 which in turn provides layer three services to a cluster of 3548XLs. I have 9 operating VLANs and have been trying to work out a scenario for DHCP in my environment. Right now, we assign static IPs in all 9 vlans because we do not want to provide seperate DHCP servers for each. If we could find a way to get one server to provide DHCP to all the VLANs then we could implement it. The trick is, each VLAN is a different subnet. I had heard that if you use the 3620 as a DHCP server, create subinterfaces on a FE port using ISL and assign IP addresses appropriately, and create multiple DHCP pools, then the router would issues IPs from pools that matched the interface it drew the request from. However, when I try this it just issues IPs from the first pool until it is full and then moves to the next. Is there a way to make sure the router assigns correct IPs on the correct sub-interfaces? Is there a 3rd party DHCP server that would do this better? Let me do a sample config to show what I tried. Each network has a network printer at .200 (don't ask) and a router sub-interface at .1 except the 10.10.10.0 network which has reserved IPs through 100, but still a router interface at .1 Here's the Cisco 3620 DHCP portion of the config: ! ip dhcp excluded-address 10.10.10.1 10.10.10.100 ip dhcp excluded-address 192.168.1.1 ip dhcp excluded-address 192.168.1.200 ip dhcp excluded-address 192.168.2.1 ip dhcp excluded-address 192.168.2.200 ip dhcp excluded-address 192.168.3.1 ip dhcp excluded-address 192.168.3.200 ip dhcp excluded-address 192.168.4.1 ip dhcp excluded-address 192.168.4.200 ip dhcp excluded-address 192.168.5.1 ip dhcp excluded-address 192.168.5.200 ip dhcp excluded-address 192.168.6.1 ip dhcp excluded-address 192.168.6.200 ip dhcp excluded-address 192.168.7.1 ip dhcp excluded-address 192.168.7.200 ip dhcp excluded-address 192.168.8.1 ip dhcp excluded-address 192.168.8.200 ! ip dhcp pool Vlan1 network 10.10.10.0 /24 dns-server 4.2.2.1 default-router 10.10.10.1 ! ip dhcp pool Vlan10 network 192.168.1.0 /24 dns-server 4.2.2.1 default-router 192.168.1.1 ! ip dhcp pool Vlan20 network 192.168.2.0 /24 dns-server 4.2.2.1 default-router 192.168.2.1 ! ip dhcp pool Vlan30 network 192.168.3.0 /24 dns-server 4.2.2.1 default-router 192.168.3.1 ! ip dhcp pool Vlan40 network 192.168.4.0 /24 dns-server 4.2.2.1 default-router 192.168.4.1 ! ip dhcp pool Vlan50 network 192.168.5.0 /24 dns-server 4.2.2.1 default-router 192.168.5.1 ! ip dhcp pool Vlan60 network 192.168.6.0 /24 dns-server 4.2.2.1 default-router 192.168.6.1 ! ip dhcp pool Vlan70 network 192.168.7.0 /24 dns-server 4.2.2.1 default-router 192.168.7.1 ! ip dhcp pool Vlan80 network 192.168.8.0 /24 dns-server 4.2.2.1 default-router 192.168.8.1 ! interface FastEthernet1/0 description connected to Private Network no ip address duplex auto speed auto ! interface FastEthernet1/0.1 encapsulation isl 1 ip address 10.10.10.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.10 encapsulation isl 10 ip address 192.168.1.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.20 encapsulation isl 20 ip address 192.168.2.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.30 encapsulation isl 30 ip address 192.168.3.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.40 encapsulation isl 40 ip address 192.168.4.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.50 encapsulation isl 50 ip address 192.168.5.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.60 encapsulation isl 60 ip address 192.168.6.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.70 encapsulation isl 70 ip address 192.168.7.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.80 encapsulation isl 80 ip address 192.168.8.1 255.255.255.0 no ip redirects ! Thanks, Don Pezet [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49484t=49403 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Server on Multiple VLANs [7:49403]
That's exactly what he should do Winston Shaw wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello Don, I think you could set up DHCP scopes on a server and use the ip helper address command to direct dhcp discover broadcasts from your clients. The router should place its own sub-interface address in the packet and send it to the DHCP server. The server should then pick from the corresponding scope depending on the router IP address. I know of at least one server which does that but I do not want to mention it here. Winston V. Shaw CCIE(#7991) -Original Message- From: Don Pezet [mailto:[EMAIL PROTECTED]] Sent: Monday, July 22, 2002 1:15 PM To: [EMAIL PROTECTED] Subject: DHCP Server on Multiple VLANs [7:49403] Hey guys, I have a Cisco 3620 connected to a 2948G-L3 which in turn provides layer three services to a cluster of 3548XLs. I have 9 operating VLANs and have been trying to work out a scenario for DHCP in my environment. Right now, we assign static IPs in all 9 vlans because we do not want to provide seperate DHCP servers for each. If we could find a way to get one server to provide DHCP to all the VLANs then we could implement it. The trick is, each VLAN is a different subnet. I had heard that if you use the 3620 as a DHCP server, create subinterfaces on a FE port using ISL and assign IP addresses appropriately, and create multiple DHCP pools, then the router would issues IPs from pools that matched the interface it drew the request from. However, when I try this it just issues IPs from the first pool until it is full and then moves to the next. Is there a way to make sure the router assigns correct IPs on the correct sub-interfaces? Is there a 3rd party DHCP server that would do this better? Let me do a sample config to show what I tried. Each network has a network printer at .200 (don't ask) and a router sub-interface at .1 except the 10.10.10.0 network which has reserved IPs through 100, but still a router interface at .1 Here's the Cisco 3620 DHCP portion of the config: ! ip dhcp excluded-address 10.10.10.1 10.10.10.100 ip dhcp excluded-address 192.168.1.1 ip dhcp excluded-address 192.168.1.200 ip dhcp excluded-address 192.168.2.1 ip dhcp excluded-address 192.168.2.200 ip dhcp excluded-address 192.168.3.1 ip dhcp excluded-address 192.168.3.200 ip dhcp excluded-address 192.168.4.1 ip dhcp excluded-address 192.168.4.200 ip dhcp excluded-address 192.168.5.1 ip dhcp excluded-address 192.168.5.200 ip dhcp excluded-address 192.168.6.1 ip dhcp excluded-address 192.168.6.200 ip dhcp excluded-address 192.168.7.1 ip dhcp excluded-address 192.168.7.200 ip dhcp excluded-address 192.168.8.1 ip dhcp excluded-address 192.168.8.200 ! ip dhcp pool Vlan1 network 10.10.10.0 /24 dns-server 4.2.2.1 default-router 10.10.10.1 ! ip dhcp pool Vlan10 network 192.168.1.0 /24 dns-server 4.2.2.1 default-router 192.168.1.1 ! ip dhcp pool Vlan20 network 192.168.2.0 /24 dns-server 4.2.2.1 default-router 192.168.2.1 ! ip dhcp pool Vlan30 network 192.168.3.0 /24 dns-server 4.2.2.1 default-router 192.168.3.1 ! ip dhcp pool Vlan40 network 192.168.4.0 /24 dns-server 4.2.2.1 default-router 192.168.4.1 ! ip dhcp pool Vlan50 network 192.168.5.0 /24 dns-server 4.2.2.1 default-router 192.168.5.1 ! ip dhcp pool Vlan60 network 192.168.6.0 /24 dns-server 4.2.2.1 default-router 192.168.6.1 ! ip dhcp pool Vlan70 network 192.168.7.0 /24 dns-server 4.2.2.1 default-router 192.168.7.1 ! ip dhcp pool Vlan80 network 192.168.8.0 /24 dns-server 4.2.2.1 default-router 192.168.8.1 ! interface FastEthernet1/0 description connected to Private Network no ip address duplex auto speed auto ! interface FastEthernet1/0.1 encapsulation isl 1 ip address 10.10.10.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.10 encapsulation isl 10 ip address 192.168.1.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.20 encapsulation isl 20 ip address 192.168.2.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.30 encapsulation isl 30 ip address 192.168.3.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.40 encapsulation isl 40 ip address 192.168.4.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.50 encapsulation isl 50 ip address 192.168.5.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.60 encapsulation isl 60 ip address 192.168.6.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.70 encapsulation isl 70 ip address 192.168.7.1 255.255.255.0 no ip redirects ! interface FastEthernet1/0.80 encapsulation isl 80 ip address 192.168.8.1 255.255.255.0 no ip redirects ! Thanks, Don Pezet [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49505t=49403
Re: dhcp and subinterfaces [7:49070]
Yep - IP helper address on the sub interface works fine in this situation. It's secondary addresses which cause problems (in fact don't work as far as I know). Gaz GEORGE wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... If I have subinterfaces configured for my vlans' and I wanted a dhcp server for one vlan can I create the dhcp server and assign it to that subinterfaces pertaining the vlan in question. I don't have a server on that vlan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49155t=49070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dhcp and subinterfaces [7:49070]
In a message dated 7/17/2002 7:10:58 PM Central Standard Time, [EMAIL PROTECTED] writes: Subj:dhcp and subinterfaces [7:49070] Date:7/17/2002 7:10:58 PM Central Standard Time From:[EMAIL PROTECTED] To:[EMAIL PROTECTED] Sent from the Internet I think the ip helper-address is what your looking for. Rob H. NP, DP, CVOICE, blah,blah,blah... If I have subinterfaces configured for my vlans' and I wanted a dhcp server for one vlan can I create the dhcp server and assign it to that subinterfaces pertaining the vlan in question. I don't have a server on that vlan Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49210t=49070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: dhcp and subinterfaces [7:49070]
You can. Just need to put the ip helper-address statement on those sub-ints. As long as the router can reach the DHCP server, so will the DHCP requests/replies. Hope this helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=49073t=49070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP on Access-Server - creative solution? [7:47697]
Tell us about the end remote from the access-server. Is it: a) an Internet dial-up account? b) an Internet account with a fixed IP address? c) DSL or cable modem (always on)? What sort of equipment do you have at that site? a) PC? b) router? I assume that the ip assigned to the access-server is Internet routable? Not so quick and definitely dirty: Find out the scope of the addresses assigned by the DHCP server. Ping scan the range. Telnet to each address that replies. Put a banner on your access-server. You'll immediately recognize it. If you have a router at your remote site and it has a fixed ip address - what can you do to maintain connectivity and re-establish connectivity from the access-server end in the event of a router reboot? How about an IPSec tunnel? This config requires a known ip address at one end only. http://www.cisco.com/warp/customer/707/ios_804.html If you're dealing with 2500s try esp-null to minimize cpu cycles. -Original Message- From: Pierre-Alex Guanel [mailto:[EMAIL PROTECTED]] Sent: Friday, June 28, 2002 2:31 PM To: [EMAIL PROTECTED] Subject: DHCP on Access-Server - creative solution? [7:47697] I know this is creazy but I am working on an access-server with an external ip address assigned via DHCP! If the router reboots and get a new IP, I will be faced with the challenge of figuring out what the new IP is!!! So far I have explored/tested the following without success: * SNMP * SYSLOG * Routing Updates via BGP I can't get snmp and syslog to generate messages on reboot! (But it works if I shut down an interface manually...) As for BGP it will simply not work because I won't know the IP address on the remote side for the neighbor statement Another creative ideas I had was to generate http traffic from the router to a Web server I can monitor off site. However after a few hours of browsing CCO I still have not found any commands to do that...There must be a way to have the access-server reveal its IP address. Don't you think? Pierre-Alex P.S. Limitations: 1) The management will NOT give me a fixed IP address 2) I cannot access any servers remotely to sniff the traffic 3) There will be no live assistance to look at the IP for me Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47741t=47697 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP question [7:47477]
I believe the DHCP server reads the giaddr field which contains the relay agents ip address. The server logicaly assumes that the host should be on the same subnet as this address and fulfills the request from a matching scope. Here is a link to the rfc ftp://ftp.isi.edu/in-notes/rfc1541.txt don - Original Message - From: Kevin Banifaz To: Sent: Wednesday, June 26, 2002 1:00 PM Subject: Re: DHCP question [7:47477] Yes it will be. Setup a super scope then the two remote site scopes. From: dj Reply-To: dj To: [EMAIL PROTECTED] Subject: DHCP question [7:47477] Date: Wed, 26 Jun 2002 09:39:31 -0400 Let's assume a Win2k DHCP server is set up correctly with different IP scopes for 2 remote sites. Let's also assume remote-site routers are set-up correctly with the correct IP helper-address. When remote DHCP clients start broadcasting for IP addresses at each remote site, and these broadcasts are then forwarded by the remote-site routers as unicast packets to the DHCP server, how does the DHCP server know from which scope of IP address to full-fill a DHCP client request for a given remote site. Is the information embbeded within the DHCP packet itself? thanks dj _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47554t=47477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP question [7:47477]
Yes. The DHCP packet will be sent out with the source address of the router in the unicast packet. Eric Lange dimitri@ptsci nti.com To: [EMAIL PROTECTED] Sent by: cc: nobody@groupsSubject: DHCP question [7:47477] tudy.com 06/26/2002 08:39 AM Please respond to dimitri Let's assume a Win2k DHCP server is set up correctly with different IP scopes for 2 remote sites. Let's also assume remote-site routers are set-up correctly with the correct IP helper-address. When remote DHCP clients start broadcasting for IP addresses at each remote site, and these broadcasts are then forwarded by the remote-site routers as unicast packets to the DHCP server, how does the DHCP server know from which scope of IP address to full-fill a DHCP client request for a given remote site. Is the information embbeded within the DHCP packet itself? thanks dj Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47478t=47477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP question [7:47477]
Yes it will be. Setup a super scope then the two remote site scopes. From: dj Reply-To: dj To: [EMAIL PROTECTED] Subject: DHCP question [7:47477] Date: Wed, 26 Jun 2002 09:39:31 -0400 Let's assume a Win2k DHCP server is set up correctly with different IP scopes for 2 remote sites. Let's also assume remote-site routers are set-up correctly with the correct IP helper-address. When remote DHCP clients start broadcasting for IP addresses at each remote site, and these broadcasts are then forwarded by the remote-site routers as unicast packets to the DHCP server, how does the DHCP server know from which scope of IP address to full-fill a DHCP client request for a given remote site. Is the information embbeded within the DHCP packet itself? thanks dj _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47487t=47477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP question [7:47477]
At 10:01 AM 6/26/02, [EMAIL PROTECTED] wrote: Yes. The DHCP packet will be sent out with the source address of the router in the unicast packet. A router had many IP addresses, however. To make your statement less ambiguous, it's important to state that the router uses the address associated with the interface that the DHCP request came in on. For example, consider a router that has an Ethernet 0 interface that connects a LAN with DHCP clients on it. Let's say that the LAN is subnet 10.10.10.0/24 and the router's IP address on that LAN (on e0) is 10.10.10.1. There's no DHCP server on the LAN. So on e0, you configure an IP helper address to reach the DHCP server whose address is 172.16.0.2. Let's say network 172.16.0.0/16 is out the router's e1 interface and that the router's IP address on that interface is 172.16.0.1. The router converts the DHCP broadcast coming in on e0 to a unicast and uses 10.10.10.1 as the IP source address. The router sends this unicast out e1. The router also puts the 10.10.10.1 IP address in the GIADDR field in the DHCP request. In fact, that's actually what the DHCP server looks at. I don't think the DHCP RFC requires the server to look at the source IP address. The RFC does say, however, that a BOOTP Relay Agent must put its IP address in the GIADDR field. The relay agent must fill this field with the IP address of the interface on which the request was received. That's how the server knows which scope to use. Priscilla Eric Lange dimitri@ptsci nti.com To: [EMAIL PROTECTED] Sent by: cc: nobody@groupsSubject: DHCP question [7:47477] tudy.com 06/26/2002 08:39 AM Please respond to dimitri Let's assume a Win2k DHCP server is set up correctly with different IP scopes for 2 remote sites. Let's also assume remote-site routers are set-up correctly with the correct IP helper-address. When remote DHCP clients start broadcasting for IP addresses at each remote site, and these broadcasts are then forwarded by the remote-site routers as unicast packets to the DHCP server, how does the DHCP server know from which scope of IP address to full-fill a DHCP client request for a given remote site. Is the information embbeded within the DHCP packet itself? thanks dj Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=47533t=47477 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:45338]
Do you want to use DHCP to assign addresses to the clients behind the 1700 or are you trying to set up a negotiated IP address for the ISDN interface on the 1700? If you need to have your devices behind the 1700 get IPs from a dhcp server on the far end(in this case the 3640) then just add a scope for the network on the back end of the 1700 and assign the 3640's IP to your backend interface as an ip helper-address. for example lets say you have the following: your 1700's ethernet interface configured to use 192.168.1.1 255.255.255.0 your 3640 has loopback 1 configured as 10.1.2.1 255.255.255.255 you would add the following to your 1700's ethernet interface paragraph... conf t service dhcp interface Fastethernet1/0 ip helper-address 10.1.2.1 255.255.255.255 ! and this to the 3640's config conf t service dhcp ip dhcp excluded-address 192.168.1.1 ip dhcp pool 1700_Back_End_LAN network 192.168.1.0 255.255.255.0 default-router 192.168.1.1 dns-server x.x.x.x x.x.x.x x.x.x.x netbios name-server x.x.x.x x.x.x.x ! Of course you will need a route to reach 10.1.2.1 ip route 0.0.0.0 0.0.0.0 dialerx (x=your DDR for your ISDN BRI) ! That about covers it... Once you fill in the x's you would be ready to tele-commute and leave your bosses at work where they belong... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45617t=45338 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:45338]
You need the IP-Helper address on the router interface which is nearest to your DHCP clients, so if I'm understanding your set-up, it would be on the 1720 ethernet and the helper address would be that of your DHCP server. Obviously you will have to have a scope on your DHCP server which corresponds to the ethernet subnet on your 1720. You may want to control which ports are forwarded as an IP helper address sends a lot more than just DHCP, such as TFTP, Bootp, DNS, and a few others IIRC, so use no ip forward-protocol udp [port number] I'm sure others will chip in with pointers for ISDN usage. Gaz Shane Stockman wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I have a Cisco 1720 router with 2 x BRI modules and a cisco switch connected with a couple of PC's.These dial into a Cisco 3640 router.I want to setup DHCP.I have a DHCP server on the 3640 side with an address range.I looked for a sample config on Cisco.com but all I got was how to configure a Router as a DHCP server. Does anyone have a sample config on how to set this up.I know that one has to use ip helper address but where ??? Thanks _ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=45351t=45338 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
is portfast on the end-user ports? Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44826t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
I have had to start and stop DHCP in the Past. I run it on Linux now with no problems. Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44827t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
I am not a guru in that area but start stop dhcp, dhcp use UDP broadcast and port 67 and 68 see anythihg related to that for accesslist or something is slowing down...even if you have some filter list for that can cause timeout. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44831t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
yeah aside from portfast I would suggest linux as well :) check this out... 11:20am up 487 days, 7:53, 1 user, load average: 0.08, 0.02, 0.01 hehe Frank Hafta 05/23/02 10:43AM I have had to start and stop DHCP in the Past. I run it on Linux now with no problems. Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44833t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44840t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
Yes, the DHCP server is. Portfast is not enabled on any of the devices or servers. It's a simple LAN setup. Yes everything should be on VLAN1 since I didn't change anything \on the switch. Also, everything is on the same subnet. The scope is set, the workstations DO get them eventually. But I get a lot of errors in their event logs, and they have problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:02 PM To: Brian Zeitz; '[EMAIL PROTECTED]' Subject: RE: DHCP problems [7:44825] Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44859t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
Brian Zeitz wrote: problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. Yup. That will probably fix it. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44864t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP problems [7:44825]
Without portfast, it can take up to about 40 seconds for the network connection to come up on the workstatsion. This document is the one your looking for: http://www.cisco.com/warp/public/473/100.html Brian Zeitz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Yes, the DHCP server is. Portfast is not enabled on any of the devices or servers. It's a simple LAN setup. Yes everything should be on VLAN1 since I didn't change anything \on the switch. Also, everything is on the same subnet. The scope is set, the workstations DO get them eventually. But I get a lot of errors in their event logs, and they have problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:02 PM To: Brian Zeitz; '[EMAIL PROTECTED]' Subject: RE: DHCP problems [7:44825] Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44870t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP problems [7:44825]
portfast is a must man When a client comes online the port goes active immediately so any requests go out. (you can see this action on the switch...the light will go straight to green instead of flickering orange) While the led is flickering orange, you have no connectivity. so if the client makes it's request then, the server will not ever get the packet. -Patrick Brian Zeitz 05/23/02 02:18PM Yes, the DHCP server is. Portfast is not enabled on any of the devices or servers. It's a simple LAN setup. Yes everything should be on VLAN1 since I didn't change anything \on the switch. Also, everything is on the same subnet. The scope is set, the workstations DO get them eventually. But I get a lot of errors in their event logs, and they have problems logging in sometimes. Something must not be set right. Thanks for your help. Maybe I need to read up on portfast. -Original Message- From: Davis, Scott [ISE/RAC] [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 12:02 PM To: Brian Zeitz; '[EMAIL PROTECTED]' Subject: RE: DHCP problems [7:44825] Is your DHCP server connected to this switch and are the workstations in question and the DHCP server on the same subnet/VLAN. If not you need to use ip helper addresses on the L3 device between them. Are any workstations able to get DHCP addresses from the server? Is the DHCP scope active? -Original Message- From: Brian Zeitz [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 9:20 AM To: [EMAIL PROTECTED] Subject: DHCP problems [7:44825] I am having an issue with a 3550-24 Cisco switch and a windows 2000 Network. DHCP is not working correctly, I get sephamore timeouts on a lot of the workstations. I set the port and the servers to 100M Full. Is there anything else I should be looking for? Could there be something preventing DCHP from working right, maybe it is not allowing a broadcast. Maybe it is something simple, I guess this is a newbie question :-) thanks for your help in advance. Confidentiality Disclaimer This email and any files transmitted with it may contain confidential and /or proprietary information in the possession of WellStar Health System, Inc. (WellStar) and is intended only for the individual or entity to whom addressed. This email may contain information that is held to be privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any unauthorized access, dissemination, distribution or copying of any information from this email is strictly prohibited, and may subject you to criminal and/or civil liability. If you have received this email in error, please notify the sender by reply email and then delete this email and its attachments from your computer. Thank you. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44869t=44825 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP NACK problems [7:44671]
Is it always NACKing for the same IP lease? Normally, the DHCP process works like this: The client sends a DHCPDISCOVER to find a DHCP server, the server responds with a DHCPOFFER, offering the client an IP, the client responds with a DHCPREQUEST to choose the IP address (in case it gets an offer for more than 1), and the server responds with a DHCPACK, sealing the deal. However, MS DHCP servers have a feature that allows them to detect IP address conflicts before responding with an ACK. What I would check is a few things: First, if this is happening due to a conflict detection, you should see under active leases in DHCP a BAD ADDRESS listed by the IP. If you see that, ping the IP in question. If you get a response, track down the PC, and do an ipconfig to find it's DHCP server. Then track down that server and kill it :) Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44699t=44671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP NACK problems [7:44671]
Also, to add to this... if you have a WINS server with a corrupt database, that could be adding to the confusion for Duplicate IPs. I've had this happen to me before, and didn't realize it until I decided to just look at the WINS server to see what it thought was true of the LAN topology. It's just something to keep in mind. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Brian Hill Sent: Wednesday, May 22, 2002 6:01 AM To: [EMAIL PROTECTED] Subject: RE: DHCP NACK problems [7:44671] Is it always NACKing for the same IP lease? Normally, the DHCP process works like this: The client sends a DHCPDISCOVER to find a DHCP server, the server responds with a DHCPOFFER, offering the client an IP, the client responds with a DHCPREQUEST to choose the IP address (in case it gets an offer for more than 1), and the server responds with a DHCPACK, sealing the deal. However, MS DHCP servers have a feature that allows them to detect IP address conflicts before responding with an ACK. What I would check is a few things: First, if this is happening due to a conflict detection, you should see under active leases in DHCP a BAD ADDRESS listed by the IP. If you see that, ping the IP in question. If you get a response, track down the PC, and do an ipconfig to find it's DHCP server. Then track down that server and kill it :) Hope this helps, Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member), MCP+I, MCP(21), Inet+, Net+, A+ Lead Technology Architect, TechTrain Author: Cisco, The Complete Reference http://www.alfageek.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=44717t=44671 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:37757]
Any reason you can't just use fixed Name Servers on the router? What's the benefit of getting them from ISP? Gaz Jim Bond wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello, I used to use Linksys router connect to cable modem. Linksys router outside interface gets IP addresses, default gateway and DNS from ISP, then it will give DNS information to inside PCs. Will 1605 router do the same thing? My 1605 only gets IP address, not DNS (I turned on debug and noticed this). How do I have 1605 get DNS and pass on to inside PCs? By the way, both Linksys and 1605 were configured to use PAT. Thanks in advance. Jim __ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37772t=37757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:37757]
Try this: http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c /ipcprt1/1cddhcp.htm#xtocid198289 - Original Message - From: Jim Bond To: Sent: Saturday, March 09, 2002 11:41 PM Subject: DHCP [7:37757] Hello, I used to use Linksys router connect to cable modem. Linksys router outside interface gets IP addresses, default gateway and DNS from ISP, then it will give DNS information to inside PCs. Will 1605 router do the same thing? My 1605 only gets IP address, not DNS (I turned on debug and noticed this). How do I have 1605 get DNS and pass on to inside PCs? By the way, both Linksys and 1605 were configured to use PAT. Thanks in advance. Jim __ Do You Yahoo!? Try FREE Yahoo! Mail - the world's greatest free email! http://mail.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37791t=37757 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP across PIX [7:37286]
Im not sure about the new 6.0 code but 5.0 code and below will not allow the PIX to pass broadcasts. kenairs wrote in message news:[EMAIL PROTECTED]; Hi, My pc are located in one of the PIX interface. There is an DHCP server in the other interface. How to let the DHCP packet go through ? Broadcast ? Tks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37327t=37286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP across PIX [7:37286]
You cannot. The PIX does not support forwarding of DHCP requests (or any broadcast for that matter). Your only options are to hard-code your IP address or use the DHCP server built into the PIX. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of kenairs Sent: Tuesday, March 05, 2002 9:08 AM To: [EMAIL PROTECTED] Subject: DHCP across PIX [7:37286] Hi, My pc are located in one of the PIX interface. There is an DHCP server in the other interface. How to let the DHCP packet go through ? Broadcast ? Tks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37329t=37286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP across PIX [7:37286]
my curiousity has been piqued by this conversation. why would you want to do DHCP across a firewall? wouldn't such a thing permit security breaches? Am I correct that this would become a concern in a network where you have a number of internal security zones ( research, sales, accounting departments all within the same company ) and the members of those departments, although firewalled from eachother, would still require DHCP for their addressing? Was this the idea / design of the guy who asked the original question? Chuck Kent Hundley wrote in message news:[EMAIL PROTECTED]; You cannot. The PIX does not support forwarding of DHCP requests (or any broadcast for that matter). Your only options are to hard-code your IP address or use the DHCP server built into the PIX. HTH, Kent -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of kenairs Sent: Tuesday, March 05, 2002 9:08 AM To: [EMAIL PROTECTED] Subject: DHCP across PIX [7:37286] Hi, My pc are located in one of the PIX interface. There is an DHCP server in the other interface. How to let the DHCP packet go through ? Broadcast ? Tks Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=37332t=37286 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP address with Cable on a Cisco router [7:34274]
I assume you are getting your IP from a computer plugged into the cable modem and then using that address to IP your router One thing to rememebr is this.. Most cable modems these days will rememebr the MAC that it was attatched to.. so you will either need to set the MAC on your router so it looks like the computer you where using... .. or just reboot the cable modem after your router is plugged into it.. that will allow it to grab to new MAC address from the router. You may need to do that even if you are using: int e0 ip address dhcp McHugh Randy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Can anyone please tell me if they have been able to make a Cisco 2514 Router hold a DHCP address to an ethernet interface so I can do NAT with overload for me cable internet connection? Once I get my dhcp address from my provider I hard code that on to eth 0 which is pluged into the cable modem. on the router along with static default route with the dns info but still cant ping out to the internet from the router. DSL works fine but cable does not. thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34304t=34274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP address with Cable on a Cisco router [7:34274]
Randy, Why are you hard coding the ip into the ethernet interface? I believe in the 12.2 code the command ip address dhcp should be all you need. I use this currently with the required NAT configurations and everything works fine. Here's a copy of my relevant config.. interface Ethernet0 ip address dhcp ip nat outside ! interface Ethernet1 ip address 192.168.2.1 255.255.255.0 ip nat inside ! ip nat inside source list 101 interface Ethernet0 overload ! access-list 101 permit ip 192.168.2.0 0.0.0.255 any HTH Nigel - Original Message - From: McHugh Randy To: Sent: Sunday, February 03, 2002 4:15 PM Subject: DHCP address with Cable on a Cisco router [7:34274] Can anyone please tell me if they have been able to make a Cisco 2514 Router hold a DHCP address to an ethernet interface so I can do NAT with overload for me cable internet connection? Once I get my dhcp address from my provider I hard code that on to eth 0 which is pluged into the cable modem. on the router along with static default route with the dns info but still cant ping out to the internet from the router. DSL works fine but cable does not. thanks Randy Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34277t=34274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP address with Cable on a Cisco router [7:34274]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 interface Ethernet0 ip address dhcp ip nat outside interface Ethernet1 description Private address space on inside ip address x.x.x.x 255.255.255.0 ip nat inside ! ip nat inside source list 1 interface Ethernet0 overload ip classless ip route 0.0.0.0 0.0.0.0 Ethernet0 ! access-list 1 permit x.x.x.0 0.0.0.255 Works good last long time Bob - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of McHugh Randy Sent: Sunday, February 03, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: DHCP address with Cable on a Cisco router [7:34274] Can anyone please tell me if they have been able to make a Cisco 2514 Router hold a DHCP address to an ethernet interface so I can do NAT with overload for me cable internet connection? Once I get my dhcp address from my provider I hard code that on to eth 0 which is pluged into the cable modem. on the router along with static default route with the dns info but still cant ping out to the internet from the router. DSL works fine but cable does not. thanks Randy [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: PGP 7.1 iQA/AwUBPF2zOlfAwLXxtQgrEQJMpQCg6Xc8pnS96bADHYbXiwfPn85V/MYAoKv7 y41a1mHlQObaPAsnhUDW7ikK =d9i8 -END PGP SIGNATURE- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34278t=34274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP address with Cable on a Cisco router [7:34274]
You may also need to include a hostname and/or change your mac (I use comcast): This is 12.2 code on a 2621. interface FastEthernet0/1 description To-Comcast mac-address 0123.45ab.cdef ip address dhcp hostname x ip access-group SECURE in no ip proxy-arp ip nat outside speed 100 full-duplex Andrew Cook Bob Chandler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 interface Ethernet0 ip address dhcp ip nat outside interface Ethernet1 description Private address space on inside ip address x.x.x.x 255.255.255.0 ip nat inside ! ip nat inside source list 1 interface Ethernet0 overload ip classless ip route 0.0.0.0 0.0.0.0 Ethernet0 ! access-list 1 permit x.x.x.0 0.0.0.255 Works good last long time Bob - -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of McHugh Randy Sent: Sunday, February 03, 2002 4:16 PM To: [EMAIL PROTECTED] Subject: DHCP address with Cable on a Cisco router [7:34274] Can anyone please tell me if they have been able to make a Cisco 2514 Router hold a DHCP address to an ethernet interface so I can do NAT with overload for me cable internet connection? Once I get my dhcp address from my provider I hard code that on to eth 0 which is pluged into the cable modem. on the router along with static default route with the dns info but still cant ping out to the internet from the router. DSL works fine but cable does not. thanks Randy [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: PGP 7.1 iQA/AwUBPF2zOlfAwLXxtQgrEQJMpQCg6Xc8pnS96bADHYbXiwfPn85V/MYAoKv7 y41a1mHlQObaPAsnhUDW7ikK =d9i8 -END PGP SIGNATURE- Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=34283t=34274 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP coonection on Cisco Router [7:31559]
Also make sure you get IOS 12.1+. client side DHCP (i.e. 'ip address dhcp') isn't supported until then. It's only part of Easy IP Phase 2 WAYNE BAETY, MCSE, A1C, USAF Network Systems Trainer -Original Message- From: Jim Bond [mailto:[EMAIL PROTECTED]] Sent: Friday, January 11, 2002 4:20 AM To: [EMAIL PROTECTED] Subject: Re: DHCP coonection on Cisco Router [7:31559] Regarding your secondary IP, if you use NAT, this will not work because you can't put both ip nat inside and ip nat outside under 1 ethernet interface. A cheaper router will be a 1605, I guess. Jim --- Steven A. Ridder wrote: 2514 supports 2 eth ints. or you may be able to get two cheap 2501's and string them together via serial. I've always wanted to try secondary addressing on 1 interface. The main would get it's IP via DHCP, and the secondary address would be the private IP. Always wanted to know if this would work. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31623t=31559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP coonection on Cisco Router [7:31559]
The 2514 has 2 ethernet interfaces! Stefan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of sam sneed Sent: Thursday, January 10, 2002 12:52 PM To: [EMAIL PROTECTED] Subject: DHCP coonection on Cisco Router [7:31559] Hello group, I wanted to use a Cisco router to connect to my ISP via DSL or Cable modem. What would be the least expensive router I could get used on e-bay that could perform this. It obviously needs 2 ethernet interfaces and I'm not sure if there is a model in the 2500 series that supports this. Thanks alot. I'd like to use this setup for studying and internet connectivity. sam sneed Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31568t=31559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP coonection on Cisco Router [7:31559]
2514 supports 2 eth ints. or you may be able to get two cheap 2501's and string them together via serial. I've always wanted to try secondary addressing on 1 interface. The main would get it's IP via DHCP, and the secondary address would be the private IP. Always wanted to know if this would work. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP coonection on Cisco Router [7:31559]
Regarding your secondary IP, if you use NAT, this will not work because you can't put both ip nat inside and ip nat outside under 1 ethernet interface. A cheaper router will be a 1605, I guess. Jim --- Steven A. Ridder wrote: 2514 supports 2 eth ints. or you may be able to get two cheap 2501's and string them together via serial. I've always wanted to try secondary addressing on 1 interface. The main would get it's IP via DHCP, and the secondary address would be the private IP. Always wanted to know if this would work. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] __ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31576t=31559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP coonection on Cisco Router [7:31559]
If you need only 2 ethernet interfaces you can use a 1605R. - Original Message - From: sam sneed To: Sent: Thursday, January 10, 2002 2:51 PM Subject: DHCP coonection on Cisco Router [7:31559] Quer ter seu prsprio enderego na Internet? Garanta ja o seu e ainda ganhe cinco e-mails personalizados. DommniosBOL - http://dominios.bol.com.br Hello group, I wanted to use a Cisco router to connect to my ISP via DSL or Cable modem. What would be the least expensive router I could get used on e-bay that could perform this. It obviously needs 2 ethernet interfaces and I'm not sure if there is a model in the 2500 series that supports this. Thanks alot. I'd like to use this setup for studying and internet connectivity. sam sneed Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31577t=31559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP coonection on Cisco Router [7:31559]
I see its just what I'm looking for. What would you say would be a fair price for a used one. I don't wanna get ripped off. Thanks Steven A. Ridder wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... 2514 supports 2 eth ints. or you may be able to get two cheap 2501's and string them together via serial. I've always wanted to try secondary addressing on 1 interface. The main would get it's IP via DHCP, and the secondary address would be the private IP. Always wanted to know if this would work. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=31578t=31559 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP coonection on Cisco Router [7:31559]
Try under $600 if you are lucky. Most go for a little more though, so in the low $600's isn't unreasonable. More than that is. At that point, you can get two 2501's and a crossover v.35. -- RFC 1149 Compliant. FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP, WK2 and default gateway PROBLEM [7:29732]
Just my $.02 ... secondary addresses cover this quite well!! , and then again as we phased providers out ... Thanks! TJ -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 19, 2001 11:26 PM To: [EMAIL PROTECTED] Subject:Re: DHCP, WK2 and default gateway PROBLEMMM + [7:29732] The default gateway has to be on the same subnet as the clients that use it, as you probably know. What is the default gateway? Is it a Cisco router? You could give it a secondary address on the new 192.168.40.0. network. Then use that address for the clients on the 192.168.40.0 subnet as their default gateway. Another thought: what is the subnet mask? I'm assuming it's 255.255.255.0. You could change it temporarily to 255.255.0.0 while doing the changeover. That way 192.168.50.0 and 192.168.40.0 are on the same subnet. Clients with addresses that start with 192.168.40.0 could still use 192.168.50.7 as their default gateway. Priscilla At 10:43 PM 12/19/01, Juan Blanco wrote: Team, I am working in a project for a company that has almost 600 users with static ip. What I have to do is move everyone to a dynamic ip environment, without affecting the current network functionality. The problem that I am having is when I created my new scope in wk2 I am not able to provide the default gateway to my clients because the DG is not the same network like the one in the scope DHCP server(w2k) which is not able to provide my default My scope = 192.168.40.50 .. 100 New segment ip is 192.168.40 DG for the segment is the DG for the others users in the same segment MY DG = 192.168.50.7 How will I be able to define two IP address to the same interface in which both IP address can be define as the DG Thanks, JB Priscilla Oppenheimer http://www.priscilla.com * The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. * Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=30691t=29732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP, WK2 and default gateway PROBLEMMM + [7:29732]
The default gateway has to be on the same subnet as the clients that use it, as you probably know. What is the default gateway? Is it a Cisco router? You could give it a secondary address on the new 192.168.40.0. network. Then use that address for the clients on the 192.168.40.0 subnet as their default gateway. Another thought: what is the subnet mask? I'm assuming it's 255.255.255.0. You could change it temporarily to 255.255.0.0 while doing the changeover. That way 192.168.50.0 and 192.168.40.0 are on the same subnet. Clients with addresses that start with 192.168.40.0 could still use 192.168.50.7 as their default gateway. Priscilla At 10:43 PM 12/19/01, Juan Blanco wrote: Team, I am working in a project for a company that has almost 600 users with static ip. What I have to do is move everyone to a dynamic ip environment, without affecting the current network functionality. The problem that I am having is when I created my new scope in wk2 I am not able to provide the default gateway to my clients because the DG is not the same network like the one in the scope DHCP server(w2k) which is not able to provide my default My scope = 192.168.40.50 .. 100 New segment ip is 192.168.40 DG for the segment is the DG for the others users in the same segment MY DG = 192.168.50.7 How will I be able to define two IP address to the same interface in which both IP address can be define as the DG Thanks, JB Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=29739t=29732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP, WK2 and default gateway PROBLEMMM + [7:29732]
seems like a good place to use secondary addressing. 600 users and a 192.168.x.x network implies /24 - so it might seem that you have multiple subnets involved here anyway. why not define a couple of entirely new scopes, and use secondary addressing on the router interface and use that secondary address as the default gateway in the scope? or you and a couple of friends could just work all night. I've done it that way too. Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Juan Blanco Sent: Wednesday, December 19, 2001 7:43 PM To: [EMAIL PROTECTED] Subject: DHCP, WK2 and default gateway PROBLEMMM + [7:29732] Team, I am working in a project for a company that has almost 600 users with static ip. What I have to do is move everyone to a dynamic ip environment, without affecting the current network functionality. The problem that I am having is when I created my new scope in wk2 I am not able to provide the default gateway to my clients because the DG is not the same network like the one in the scope DHCP server(w2k) which is not able to provide my default My scope = 192.168.40.50 .. 100 New segment ip is 192.168.40 DG for the segment is the DG for the others users in the same segment MY DG = 192.168.50.7 How will I be able to define two IP address to the same interface in which both IP address can be define as the DG Thanks, JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=29754t=29732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP, WK2 and default gateway PROBLEMMM + [7:29732]
If you do decide to use secondaries with DHCP, be forewarned that some strange behavior can occur with ip helpers. It's been a few years since I've done it, but I seem to remember that a secondary will not forward (help) the broadcast from the client when it's trying to obtain it's IP address. Could be wrong, but it is probably worth looking up. Gregg Juan Blanco wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Team, I am working in a project for a company that has almost 600 users with static ip. What I have to do is move everyone to a dynamic ip environment, without affecting the current network functionality. The problem that I am having is when I created my new scope in wk2 I am not able to provide the default gateway to my clients because the DG is not the same network like the one in the scope DHCP server(w2k) which is not able to provide my default My scope = 192.168.40.50 .. 100 New segment ip is 192.168.40 DG for the segment is the DG for the others users in the same segment MY DG = 192.168.50.7 How will I be able to define two IP address to the same interface in which both IP address can be define as the DG Thanks, JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=29756t=29732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP, WK2 and default gateway PROBLEMMM + [7:29732]
Juan- As a possible alternative, since others have already posted instructions on setting up a secondary address, you might try having the Win2k DHCP server check for ip addresses on the wire before it assigns an address. That way you can temporarily overlay the DCHP scope with the existing subnet. I'm not sure off the top of my head whether 2k requires a setting to do that, or does it automatically, but it is definetely available. Just another option to think about when doing the conversion. Good luck. Andras -Original Message- From: Juan Blanco [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 19, 2001 7:43 PM To: [EMAIL PROTECTED] Subject: DHCP, WK2 and default gateway PROBLEMMM + [7:29732] Team, I am working in a project for a company that has almost 600 users with static ip. What I have to do is move everyone to a dynamic ip environment, without affecting the current network functionality. The problem that I am having is when I created my new scope in wk2 I am not able to provide the default gateway to my clients because the DG is not the same network like the one in the scope DHCP server(w2k) which is not able to provide my default My scope = 192.168.40.50 .. 100 New segment ip is 192.168.40 DG for the segment is the DG for the others users in the same segment MY DG = 192.168.50.7 How will I be able to define two IP address to the same interface in which both IP address can be define as the DG Thanks, JB Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=29757t=29732 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP SERVER ON CISCO ROUTER 2503 [7:28380]
no ip dhcp conflict logging ip dhcp excluded-address low-address [high-address] ip dhcp pool (name) network x.x.x.x /x domain-name (name) dns-server x.x.x.x netbios-name-server x.x.x.x (multiple up to 6) netbios-node-type type default-router x.x.x.x more detail at http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/easyip2.htm Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28382t=28380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:28392]
Sure, I could tell you where on CCO to find out about DHCP, but it's much more fun for you to read about it at www.routergod.com. By the way, one thing I never did find documentation on is DHCP pools. If you have multiple interfaces and want to do multiple pools, how do the interfaces know which pool goes where? They just magically do. I have a 3662 with 7 interfaces, each having it's own network and DCHP pool. Works like a champ. Nat Somewhere in Kansas, USA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28392t=28392 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:28392]
It knows by the gateway address set in the dhcp request which pool the address should come from... -- -=Repy to group only... no personal=- Nat Heidler wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sure, I could tell you where on CCO to find out about DHCP, but it's much more fun for you to read about it at www.routergod.com. By the way, one thing I never did find documentation on is DHCP pools. If you have multiple interfaces and want to do multiple pools, how do the interfaces know which pool goes where? They just magically do. I have a 3662 with 7 interfaces, each having it's own network and DCHP pool. Works like a champ. Nat Somewhere in Kansas, USA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28394t=28392 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:28392]
When any DHCP server receives a request, it hands out an address on the same subnet as the requesting host, or the same subnet as the bootp relay agent, if there is one. hth, Hal -Original Message- From: Nat Heidler [mailto:[EMAIL PROTECTED]] Sent: Friday, December 07, 2001 8:16 AM To: [EMAIL PROTECTED] Subject: RE: DHCP [7:28392] Sure, I could tell you where on CCO to find out about DHCP, but it's much more fun for you to read about it at www.routergod.com. By the way, one thing I never did find documentation on is DHCP pools. If you have multiple interfaces and want to do multiple pools, how do the interfaces know which pool goes where? They just magically do. I have a 3662 with 7 interfaces, each having it's own network and DCHP pool. Works like a champ. Nat Somewhere in Kansas, USA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=28398t=28392 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Question [7:27380]
As mentioned in an earier reply..you must have your DHCP Scopes correctly set up I've found that with NT4/W2k DHCP servers that, If for example your DHCP server is set up to dish out addresses in the range of 192.168.1.1 to 100 mask 255.255.255.0 and it receives a request for an address directed from the helper routers interface which has an address of 10.1.1.1 (which means your DHCP clients will be on the same network) it will ignore that request. The only reason for this I can fathom is because the DHCP request is no longer a broadcast it now has the source address of the router interface that the helper address is setup on and it seems DHCP will take this into account when dishing out addresses. I've found that if a scope in the 10.1.1.0 range is setup on the server my DHCP clients will recieve an IP address in the correct 10. range with no problem. I have two scopes on my DHCP server 172.16.60.1 - 172.16.61.254 Subnet 255.255.254.0 and 10.222.36.1 -10.222.37.254 Subnet 255.255.254.0 my router interface configured to forward DHCP reqests is set up as follows .. ip address 10.222.36.2 255.255.254.0 ip helper-address 155.131.60.40 (MY DHCP SERVER address ) my DHCP clients never get an address from the wrong range if i disable the 10.222.36.0 range my dhcp clients behind the router don't get an address at all ... Hope this make sense and helps and if i'm talking pants please someone put me straight ... Regards Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27440t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Question [7:27380]
Dave said: The only reason for this I can fathom is because the DHCP request is no longer a broadcast it now has the source address of the router interface that the helper address is setup on and it seems DHCP will take this into account when dishing out addresses. That's exactly the assumption I've always made, but I'm not totally convinced. I'd like to sniff the packet and actually see whether it's dependant upon the source address or something contained within the packet. As per usual IF I get chance I'll put a sniffer on. Anybody know for sure? Gaz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... As mentioned in an earier reply..you must have your DHCP Scopes correctly set up I've found that with NT4/W2k DHCP servers that, If for example your DHCP server is set up to dish out addresses in the range of 192.168.1.1 to 100 mask 255.255.255.0 and it receives a request for an address directed from the helper routers interface which has an address of 10.1.1.1 (which means your DHCP clients will be on the same network) it will ignore that request. The only reason for this I can fathom is because the DHCP request is no longer a broadcast it now has the source address of the router interface that the helper address is setup on and it seems DHCP will take this into account when dishing out addresses. I've found that if a scope in the 10.1.1.0 range is setup on the server my DHCP clients will recieve an IP address in the correct 10. range with no problem. I have two scopes on my DHCP server 172.16.60.1 - 172.16.61.254 Subnet 255.255.254.0 and 10.222.36.1 -10.222.37.254 Subnet 255.255.254.0 my router interface configured to forward DHCP reqests is set up as follows .. ip address 10.222.36.2 255.255.254.0 ip helper-address 155.131.60.40 (MY DHCP SERVER address ) my DHCP clients never get an address from the wrong range if i disable the 10.222.36.0 range my dhcp clients behind the router don't get an address at all ... Hope this make sense and helps and if i'm talking pants please someone put me straight ... Regards Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27441t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Question [7:27380]
Directly from CCO... To forward the initial DHCP requests from the host to the appropriate DHCP server, you should apply the ip helper-address command to the interface which is receiving the broadcasts. After the broadcasts are received, the Cisco IOS looks at the configuration of the ip helper-address for that interface and forwards those requests in a unicast packet to the appropriate DHCP server whose IP address is specified in ip helper-address. After the DHCP server replies with the IP address, it sends the response to the interface on the router that originally forwarded the request. This is used as the outbound interface to send the DHCP server response to the host that originally requested the service. The router also automatically installs a host route for this address. http://www.cisco.com/warp/customer/794/routed_bridged_encap.html HTH Dwayne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Gaz Sent: Tuesday, November 27, 2001 5:34 AM To: [EMAIL PROTECTED] Subject: Re: DHCP Question [7:27380] Dave said: The only reason for this I can fathom is because the DHCP request is no longer a broadcast it now has the source address of the router interface that the helper address is setup on and it seems DHCP will take this into account when dishing out addresses. That's exactly the assumption I've always made, but I'm not totally convinced. I'd like to sniff the packet and actually see whether it's dependant upon the source address or something contained within the packet. As per usual IF I get chance I'll put a sniffer on. Anybody know for sure? Gaz wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... As mentioned in an earier reply..you must have your DHCP Scopes correctly set up I've found that with NT4/W2k DHCP servers that, If for example your DHCP server is set up to dish out addresses in the range of 192.168.1.1 to 100 mask 255.255.255.0 and it receives a request for an address directed from the helper routers interface which has an address of 10.1.1.1 (which means your DHCP clients will be on the same network) it will ignore that request. The only reason for this I can fathom is because the DHCP request is no longer a broadcast it now has the source address of the router interface that the helper address is setup on and it seems DHCP will take this into account when dishing out addresses. I've found that if a scope in the 10.1.1.0 range is setup on the server my DHCP clients will recieve an IP address in the correct 10. range with no problem. I have two scopes on my DHCP server 172.16.60.1 - 172.16.61.254 Subnet 255.255.254.0 and 10.222.36.1 -10.222.37.254 Subnet 255.255.254.0 my router interface configured to forward DHCP reqests is set up as follows .. ip address 10.222.36.2 255.255.254.0 ip helper-address 155.131.60.40 (MY DHCP SERVER address ) my DHCP clients never get an address from the wrong range if i disable the 10.222.36.0 range my dhcp clients behind the router don't get an address at all ... Hope this make sense and helps and if i'm talking pants please someone put me straight ... Regards Dave Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27447t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Question (Think I have an answer) [7:27460]
Thank you everyone for your answers. At first I was wondering if some
special config had to be done on the DHCP server itself, but that isn't
the case. Gaz, you're saying that DHCP takes the source of the request
into account when it dishes out addresses, and it looks like you're
right. The DHCP server will respond to a DHCPDISCOVER request from a
bootp relay agent (ie a router with an ip helper address set) with an
address that's on the same subnet as the agent.
This is from RFC 2131, it's a listing of the order of preference when a
DHCP server assigns an address. Note: giaddr is the address of the
bootp relay agent. Check out the 4th bullet:
When a server receives a DHCPDISCOVER message from a client, the
server chooses a network address for the requesting client. If no
address is available, the server may choose to report the problem to
the system administrator. If an address is available, the new address
SHOULD be chosen as follows:
o The client's current address as recorded in the client's current
binding, ELSE
o The client's previous address as recorded in the client's (now
expired or released) binding, if that address is in the server's
pool of available addresses and not already allocated, ELSE
o The address requested in the 'Requested IP Address' option, if
that
address is valid and not already allocated, ELSE
o A new address allocated from the server's pool of available
addresses; the address is selected based on the subnet from
which
the message was received (if 'giaddr' is 0) or on the address of
the relay agent that forwarded the message ('giaddr' when not
0).
Again, thanks for all the help.
Hal Logan
Network Specialist / Adjunct Faculty
Computing and Engineering Technology
Manatee Community College
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On
Behalf Of
Gaz
Sent: Tuesday, November 27, 2001 5:34 AM
To: [EMAIL PROTECTED]
Subject: Re: DHCP Question [7:27380]
Dave said:
The only reason for this I can fathom is because the DHCP
request is no
longer a broadcast it now has the source address of the
router interface
that the helper address is setup on and it seems DHCP will take this
into account when dishing out addresses.
That's exactly the assumption I've always made, but I'm not totally
convinced. I'd like to sniff the packet and actually see whether it's
dependant upon the source address or something contained within the
packet. As per usual IF I get chance I'll put a sniffer on.
Anybody know for sure?
Gaz
wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
As mentioned in an earier reply..you must have your DHCP Scopes
correctly set up
I've found that with NT4/W2k DHCP servers
that, If for example your DHCP server is set up to dish out
addresses
in
the
range of 192.168.1.1 to 100 mask 255.255.255.0 and it receives a
request
for
an address directed from the helper routers interface which has an
address of 10.1.1.1 (which means your DHCP clients will be
on the same
network) it will ignore that request. The only reason for
this I can
fathom is because the DHCP request is no longer a broadcast
it now has
the source address of the router interface that the helper
address is
setup on and it seems DHCP will take this into account when dishing
out addresses.
I've found that if a scope in the 10.1.1.0 range is setup on the
server my DHCP clients will recieve an IP address in the
correct 10.
range with no problem.
I have two scopes on my DHCP server
172.16.60.1 - 172.16.61.254 Subnet 255.255.254.0 and 10.222.36.1
-10.222.37.254 Subnet 255.255.254.0
my router interface configured to forward DHCP reqests is set up as
follows
..
ip address 10.222.36.2 255.255.254.0
ip helper-address 155.131.60.40 (MY DHCP SERVER address )
my DHCP clients never get an address from the wrong range
if i disable
the 10.222.36.0 range my dhcp clients behind the router
don't get an
address at all ...
Hope this make sense and helps and if i'm talking pants
please someone
put me straight ...
Regards Dave
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=27460t=27460
--
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Question [7:27380]
The ip helper-address is the right direction. Are there any filters on the WAN side, either on your router or at the ISP? You need UDP port 67 enabled for your setup to work. As for the ip forward-protocol command, when you enable the ip helper-address, several protocols get forwarded, not just dhcp. That can result in unnecessary traffic going across your WAN cannection, so you can disable other types of traffic using these commands: no ip forward-protocol udp 37 no ip forward-protocol udp 49 no ip forward-protocol udp 53 no ip forward-protocol udp 69 no ip forward-protocol udp 137 no ip forward-protocol udp 138 But it sounds like your biggest obstacle is something blocking your DHCP traffic on the WAN side. Is this going through a cable provider like @home or roadrunner? I've had headaches in the past as a result of them blocking various types of UDP traffic. Hal Logan Network Specialist / Adjunct Faculty Computing and Engineering Technology Manatee Community College -Original Message- From: Rashid Lohiya [mailto:[EMAIL PROTECTED]] Sent: Monday, November 26, 2001 5:14 PM To: [EMAIL PROTECTED] Subject: DHCP Question [7:27380] Hey All, I was trying to help a freind get his DHCP working, but got stuck. He has a DHCP server set up across the WAN. I know that routers drop broadcasts, so I thought I would be able to turn the DHCP/UDP broadcasts into unicasts by providing an ip-helper address, on the local ethernet pointing to the remote DHCP server, so I did, but this did not work. Secondly I tried putting on the ip dhcp-server a.b.c.d command, and thought maybe this would point incoming traffic towards the DHCP server, but again this did not work. I even tried doing the old ip forward-protocol udp statement. Then when I did a show run, I saw a no ip directed-broadcast statement, on the ethernet so I enabled that, but still no difference. Pls. Can someone give me a brief nudge in the direction I should be going next, or point out where I am going wrong. The DHCP server is working OK! I can ping it from the routers and can get addresses from the local network. The PC's are fine, waiting for an IP Address. My brain is tired and any hints would be appreciated. Regards, Rashid Lohiya [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27462t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP Question [7:27380]
Try the IP Helper again. That should work for you. I can't think of any reason why the IP Helper shouldn't work. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27382t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Question [7:27380]
Can't think of much that would stop it either as long as you have a scope set up for the interface which you put the ip helper address on. Gaz Michael Williams wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Try the IP Helper again. That should work for you. I can't think of any reason why the IP Helper shouldn't work. Mike W. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27384t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP Question [7:27380]
At 05:14 PM 11/26/01, Rashid Lohiya wrote: Hey All, I was trying to help a freind get his DHCP working, but got stuck. He has a DHCP server set up across the WAN. What kind of WAN? Frame, ISDN, leased line, etc.? Who is the service provider? Is it a VPN? It should work, but maybe there's something weird about the WAN. For example ISDN with PPP does its own IP address negotiation. I know that routers drop broadcasts, so I thought I would be able to turn the DHCP/UDP broadcasts into unicasts by providing an ip-helper address, on the local ethernet pointing to the remote DHCP server, so I did, but this did not work. This should work. Make sure you have a scope set up on the DHCP server for the local Ethernet subnet. Secondly I tried putting on the ip dhcp-server a.b.c.d command, and thought maybe this would point incoming traffic towards the DHCP server, but again this did not work. This shouldn't be necessary. I even tried doing the old ip forward-protocol udp statement. This shouldn't be necessary. By default, the helper address forwards a bunch of UDP packets, including DHCP. The ip forward-protocol command is used (with no) to get it not to forward ones you don't want. Then when I did a show run, I saw a no ip directed-broadcast statement, on the ethernet so I enabled that, but still no difference. That won't help and does represent a minor security problem. (It lets hackers send directed broadcasts, for example, to ping your entire subnet.) Pls. Can someone give me a brief nudge in the direction I should be going next, or point out where I am going wrong. We can't look into our crystal balls and psychically determine a solution to your problem. ;-) But with more info, we can hazard some guesses. The DHCP server is working OK! I can ping it from the routers and can get addresses from the local network. Make sure you can ping it from the Ethernet subnet. If you use extended ping you can make sure that the source IP address is the router's address on its Ethernet interface. The PC's are fine, waiting for an IP Address. My brain is tired and any hints would be appreciated. Regards, Rashid Lohiya [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=27391t=27380 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dhcp and NAT [7:24804]
Yes DHCP support is a couple of years old. I do DHCP and NAT on my 804 at home, works great. dave The New Guy wrote: Greets all Just looking over IOS 12, it appears Cisco has added dhcp support for their routers now. interface Ethernet2 ip address dhcp My question is whether NAT will work in this case. I'm setting up a simple lab with a Cisco 1605 router to see if I can get it to work, however I wanted to query this group first to see if anyone was able to do it and what you might suggest. Thanks Dyland -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24824t=24804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dhcp and NAT [7:24804]
You can nat to an interface instead of an address... ip nat inside source list 1 int e2 -- -=Repy to group only... no personal=- The New Guy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greets all Just looking over IOS 12, it appears Cisco has added dhcp support for their routers now. interface Ethernet2 ip address dhcp My question is whether NAT will work in this case. I'm setting up a simple lab with a Cisco 1605 router to see if I can get it to work, however I wanted to query this group first to see if anyone was able to do it and what you might suggest. Thanks Dyland Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24828t=24804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Dhcp and NAT [7:24804]
You can nat to an interface instead of an address... ip nat inside source list 1 int e2 -- -=Repy to group only... no personal=- The New Guy wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Greets all Just looking over IOS 12, it appears Cisco has added dhcp support for their routers now. interface Ethernet2 ip address dhcp My question is whether NAT will work in this case. I'm setting up a simple lab with a Cisco 1605 router to see if I can get it to work, however I wanted to query this group first to see if anyone was able to do it and what you might suggest. Thanks Dyland Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24829t=24804 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP communication [7:22272]
You are in luck, sort of. In one of our previous tirades ;-) about DHCP, I sent the following message, which includes a DHCP Discover relayed by a router near the end. I can't send you the trace file, however, because it has some confidential stuff in it. Here's my config. The client is on the 36.1.1.0 network. I was sitting with my EtherPeek protocol analyzer on the 10.10.0.0 network. I could see the DHCP Discover come through to 10.10.0.1 as long as I used ip helper-address 10.10.0.1. charlotte#s run Building configuration... Current configuration: ! version 11.0 service udp-small-servers service tcp-small-servers ! hostname charlotte ! enable password ! interface Ethernet0 ip address 10.10.0.2 255.255.255.0 ! interface Ethernet1 ip address 36.1.1.1 255.255.255.0 ip helper-address 10.10.0.1 ! interface Serial0 ip address 192.168.40.2 255.255.255.0 no fair-queue ! interface Serial1 no ip address shutdown ! interface TokenRing1 no ip address shutdown ! interface TokenRing0 no ip address shutdown ! router ospf 100 network 192.168.0.0 0.0.255.255 area 2 network 10.10.0.0 0.0.255.255 area 0 network 36.1.1.0 0.0.0.255 area 2 ! line con 0 line aux 0 transport input all line vty 0 4 password cisco login ! end The DHCP Discover from the client that I captured might be informative for people learning about how DHCP Relay works. Notice that the packet is a unicast, rather than a broadcast. Also, notice at the IP layer that the source address is the router, not the client's 0.0.0.0 address that you normally see with DHCP. The router also put its address in the DHCP server under Gateway IP Address. The DHCP server needs to see this to know which subnet the client's request came from. Ethernet Header Destination: 00:00:0C:05:3E:80 Source: 00:00:0C:00:2E:75 Protocol Type:0x0800 IP IP Header - Internet Protocol Datagram Version: 4 Header Length:5 (20 bytes) Type of Service: % Precedence: Routine, Normal Delay, Normal Throughput, Normal Reliability Total Length: 328 Identifier: 12800 Fragmentation Flags: %000 May Fragment Last Fragment Fragment Offset: 0 (0 bytes) Time To Live: 127 Protocol: 17 UDP Header Checksum: 0xD998 Source IP Address:36.1.1.1 Dest. IP Address: 10.10.0.1 No IP Options UDP - User Datagram Protocol Source Port: 68 Bootstrap (BOOTP Client) Destination Port: 67 Bootstrap Protocol Server Length: 308 Checksum: 0x3159 BootP - Bootstrap Protocol Operation:1 Boot Request Hardware Address Type:1 Ethernet (10Mb) Hardware Address Length: 6 bytes Hops: 0 Transaction ID: 678970121 Seconds Since Boot Start: 0 Flags:0x IP Address Known By Client: 0.0.0.0 IP Address Not Known By Client Client IP Addr Given By Srvr: 0.0.0.0 Server IP Address:0.0.0.0 Gateway IP Address: 36.1.1.1 Client Hardware Address: 00:E0:98:89:52:FA Unused: 0x Server Host Name: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Boot File Name: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DHCP - Dynamic Host Configuration Protocol DHCP Magic Cookie:0x63825363 Message TypeDHCP Option Option Code:53 Message Type Option Length: 1 Message Type: 1 Discover Client IdentifierDHCP Option Option Code:61 Client Identifier Option Length: 7 Hardware Type: 1 Hardware Address: 00:E0:98:89:52:FA Requested IP AddressDHCP Option Option Code:50 Requested IP Address Option Length: 4 Address:36.1.1.2 Host Name AddressDHCP Option Option Code:12 Host Name Address Option Length: 8 String: MACTEAM. Vendor Class IdentifierDHCP Option Option Code:60 Vendor Class Identifier Option Length: 7 Option Data: MSFT 98 4D 53 46 54 20 39 38 Parameter Request ListDHCP Option Option Code:55 Parameter Request List Option Length: 9 Requested Option: 1 Subnet Mask Requested Option: 15 Domain Name Requested Option: 3 Routers Requested Option: 6 Domain Name Servers Requested Option: 44 NetBIOS (TCP/IP) Name Servers Requested Option: 46 NetBIOS (TCP/IP) Node Type Requested Option: 47 NetBIOS (TCP/IP) Scope Requested Option: 43 Vendor Specific Information Requested Option: 77 User Class Information DHCP Option End Option Code:255 End
RE: DHCP communication [7:22272]
Priscilla, I'm wondering if you caught part of your trace? Specifically this part: Requested IP AddressDHCP Option Option Code:50 Requested IP Address Option Length: 4 Address:36.1.1.2 It's not common knowledge that DHCP has an option to request the IP address during the original IP address request used the last time the end-host was on the network. Microsoft's implementation definitely includes this. Just a bit of trivia... -- Leigh Anne -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Friday, October 05, 2001 5:45 PM To: [EMAIL PROTECTED] Subject: Re: DHCP communication [7:22272] You are in luck, sort of. In one of our previous tirades ;-) about DHCP, I sent the following message, which includes a DHCP Discover relayed by a router near the end. I can't send you the trace file, however, because it has some confidential stuff in it. Here's my config. The client is on the 36.1.1.0 network. I was sitting with my EtherPeek protocol analyzer on the 10.10.0.0 network. I could see the DHCP Discover come through to 10.10.0.1 as long as I used ip helper-address 10.10.0.1. charlotte#s run Building configuration... Current configuration: ! version 11.0 service udp-small-servers service tcp-small-servers ! hostname charlotte ! enable password ! interface Ethernet0 ip address 10.10.0.2 255.255.255.0 ! interface Ethernet1 ip address 36.1.1.1 255.255.255.0 ip helper-address 10.10.0.1 ! interface Serial0 ip address 192.168.40.2 255.255.255.0 no fair-queue ! interface Serial1 no ip address shutdown ! interface TokenRing1 no ip address shutdown ! interface TokenRing0 no ip address shutdown ! router ospf 100 network 192.168.0.0 0.0.255.255 area 2 network 10.10.0.0 0.0.255.255 area 0 network 36.1.1.0 0.0.0.255 area 2 ! line con 0 line aux 0 transport input all line vty 0 4 password cisco login ! end The DHCP Discover from the client that I captured might be informative for people learning about how DHCP Relay works. Notice that the packet is a unicast, rather than a broadcast. Also, notice at the IP layer that the source address is the router, not the client's 0.0.0.0 address that you normally see with DHCP. The router also put its address in the DHCP server under Gateway IP Address. The DHCP server needs to see this to know which subnet the client's request came from. Ethernet Header Destination: 00:00:0C:05:3E:80 Source: 00:00:0C:00:2E:75 Protocol Type:0x0800 IP IP Header - Internet Protocol Datagram Version: 4 Header Length:5 (20 bytes) Type of Service: % Precedence: Routine, Normal Delay, Normal Throughput, Normal Reliability Total Length: 328 Identifier: 12800 Fragmentation Flags: %000 May Fragment Last Fragment Fragment Offset: 0 (0 bytes) Time To Live: 127 Protocol: 17 UDP Header Checksum: 0xD998 Source IP Address:36.1.1.1 Dest. IP Address: 10.10.0.1 No IP Options UDP - User Datagram Protocol Source Port: 68 Bootstrap (BOOTP Client) Destination Port: 67 Bootstrap Protocol Server Length: 308 Checksum: 0x3159 BootP - Bootstrap Protocol Operation:1 Boot Request Hardware Address Type:1 Ethernet (10Mb) Hardware Address Length: 6 bytes Hops: 0 Transaction ID: 678970121 Seconds Since Boot Start: 0 Flags:0x IP Address Known By Client: 0.0.0.0 IP Address Not Known By Client Client IP Addr Given By Srvr: 0.0.0.0 Server IP Address:0.0.0.0 Gateway IP Address: 36.1.1.1 Client Hardware Address: 00:E0:98:89:52:FA Unused: 0x Server Host Name: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Boot File Name: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DHCP - Dynamic Host Configuration Protocol DHCP Magic Cookie:0x63825363 Message TypeDHCP Option Option Code:53 Message Type Option Length: 1 Message Type: 1 Discover Client IdentifierDHCP Option Option Code:61 Client Identifier Option Length: 7 Hardware Type: 1 Hardware Address: 00:E0:98:89:52:FA Requested IP AddressDHCP Option Option Code:50 Requested IP Address Option Length: 4 Address:36.1.1.2 Host Name AddressDHCP Option Option Code:12 Host Name Address Option Length
RE: DHCP communication [7:22272]
Yes, I did notice that. I was a bit surprised to see it request its old IP
address, but I had heard that Windows does that. It was running Windows 98.
By the way, this was a lab network and I really shouldn't have used network
36.0.0.0 which is Stanford's IP address I think. Please ignore it! ;-)
Priscilla
At 08:01 PM 10/5/01, Leigh Anne Chisholm wrote:
Priscilla, I'm wondering if you caught part of your trace? Specifically
this part:
Requested IP AddressDHCP Option
Option Code:50 Requested IP Address
Option Length: 4
Address:36.1.1.2
It's not common knowledge that DHCP has an option to request the IP address
during the original IP address request used the last time the end-host was
on the network. Microsoft's implementation definitely includes this.
Just a bit of trivia...
-- Leigh Anne
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Priscilla Oppenheimer
Sent: Friday, October 05, 2001 5:45 PM
To: [EMAIL PROTECTED]
Subject: Re: DHCP communication [7:22272]
You are in luck, sort of. In one of our previous tirades ;-)
about DHCP, I
sent the following message, which includes a DHCP Discover relayed by a
router near the end. I can't send you the trace file, however, because it
has some confidential stuff in it.
Here's my config. The client is on the 36.1.1.0 network.
I was sitting with my EtherPeek protocol analyzer on the
10.10.0.0 network.
I could see the DHCP Discover come through to 10.10.0.1 as long as I used
ip helper-address 10.10.0.1.
charlotte#s run
Building configuration...
Current configuration:
!
version 11.0
service udp-small-servers
service tcp-small-servers
!
hostname charlotte
!
enable password
!
interface Ethernet0
ip address 10.10.0.2 255.255.255.0
!
interface Ethernet1
ip address 36.1.1.1 255.255.255.0
ip helper-address 10.10.0.1
!
interface Serial0
ip address 192.168.40.2 255.255.255.0
no fair-queue
!
interface Serial1
no ip address
shutdown
!
interface TokenRing1
no ip address
shutdown
!
interface TokenRing0
no ip address
shutdown
!
router ospf 100
network 192.168.0.0 0.0.255.255 area 2
network 10.10.0.0 0.0.255.255 area 0
network 36.1.1.0 0.0.0.255 area 2
!
line con 0
line aux 0
transport input all
line vty 0 4
password cisco
login
!
end
The DHCP Discover from the client that I captured might be informative
for
people learning about how DHCP Relay works. Notice that the packet is a
unicast, rather than a broadcast. Also, notice at the IP layer that the
source address is the router, not the client's 0.0.0.0 address that you
normally see with DHCP. The router also put its address in the DHCP
server
under Gateway IP Address. The DHCP server needs to see this to
know which
subnet the client's request came from.
Ethernet Header
Destination: 00:00:0C:05:3E:80
Source: 00:00:0C:00:2E:75
Protocol Type:0x0800 IP
IP Header - Internet Protocol Datagram
Version: 4
Header Length:5 (20 bytes)
Type of Service: %
Precedence: Routine, Normal Delay, Normal Throughput, Normal
Reliability
Total Length: 328
Identifier: 12800
Fragmentation Flags: %000 May Fragment Last Fragment
Fragment Offset: 0 (0 bytes)
Time To Live: 127
Protocol: 17 UDP
Header Checksum: 0xD998
Source IP Address:36.1.1.1
Dest. IP Address: 10.10.0.1
No IP Options
UDP - User Datagram Protocol
Source Port: 68 Bootstrap (BOOTP Client)
Destination Port: 67 Bootstrap Protocol Server
Length: 308
Checksum: 0x3159
BootP - Bootstrap Protocol
Operation:1 Boot Request
Hardware Address Type:1 Ethernet (10Mb)
Hardware Address Length: 6 bytes
Hops: 0
Transaction ID: 678970121
Seconds Since Boot Start: 0
Flags:0x
IP Address Known By Client: 0.0.0.0 IP Address Not Known By Client
Client IP Addr Given By Srvr: 0.0.0.0
Server IP Address:0.0.0.0
Gateway IP Address: 36.1.1.1
Client Hardware Address: 00:E0:98:89:52:FA
Unused: 0x
Server Host Name:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Boot File Name:
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
DHCP - Dynamic Host Configuration Protocol
DHCP Magic Cookie:0x63825363
Message TypeDHCP Option
Option Code:53 Message Type
Option Length
RE: DHCP [7:21051]
as long as we're on the subject of DHCP, I'm wondering if someone can point me to a reference giving the specifics of the DHCP option numbers ( without pointing me to The DHCP Handbook, which I don't have time to read right now ) I ran a cross a situation where I needed to understand some of the option numbers, and what they meant. The RFC's I checked mentioned options but did not specify the numbers and their associated services. I did find the specific answer I required on CCO ( believe it or not ) but it occurs to me that it would be handy to have a reference. ( RFC 1533 did not list options above 61. RFC 2132 list one of the options I was looking for, but stops at so. none of the other couple - out of 20 - that I browsed looked promising. I checked IANA, but I didn't think I would find anything there, and I was right. ) Chuck -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Wednesday, September 26, 2001 6:24 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 05:14 PM 9/26/01, Brian wrote: Yeah I always thought the helper address command was the way to get a whole bunch of nonroutable junk forwarded. It gets a bunch of UDP broadcasts forwarded. I figured out the ip dhcp-server command. It's not a replacement for ip helper-address. It's for access servers. It's only documented in access server documentation and documentation for the Gateway General Packet Radio Service (GPRS) Support Node (GGSN), whatever that is. The GGSN provides services to wireless devices, that much I know, and it's sort of an access server for the purposes of this discussion. So dial-up users, wireless users, etc. reach the Internet or corporate intranet through the access server. With ip dhcp-server you can make sure the access server gives these users an IP address because it forwards their requests (or asks on its own) to a DHCP server. Note that if the DHCP server is not on the same LAN as the access server, then you need to configure ip helper-address on intermediate routers between the access server and DHCP server. ip helper-address is also used for the more common situations, for example, when clients are on a different LAN than the DHCP server. ip dhcp-server didn't work in this case, per my previous message. I'd love to hear any more uses for ip dhcp-server if they exist. I would think that access server could also mean a DSL or cable modem router, but I don't see any evidence of the ip dhcp-server command being documented for those environments. (The command definitely doesn't turn the router into a DHCP server a I originally said, sorry. I feel sort of justified for that mistake, though since the other ip dhcp commands do that. ;-) Priscilla Bri Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21260t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
I think if you configure the router for 'ip dhcp-server' you are configuring the router as a dhcp server. If you want to do that you need to configure a address pool as well. -Eric -Original Message- From: khramov [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 8:24 AM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21137t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Alex, Ip dhcp-server should be sufficient for your needs. Nothing else should need to be enabled. Try it out. Tim Booth - Original Message - From: khramov To: Sent: Wednesday, September 26, 2001 8:24 AM Subject: Re: DHCP [7:21051] Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21146t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21181t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21185t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
Bravo, This makes the router a DHCP server: ip dhcp pool dave network 10.0.0.0 255.255.255.0 dns-server 172.28.2.217 172.28.2.10 default-router 10.0.0.1 Dave Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21189t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21191t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Right on Dave! And on top of that don't forget your global config: dhcp exclude-address 2.2.2.1 2.2.2.15 (if you need some static addresses). -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 1:47 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] Bravo, This makes the router a DHCP server: ip dhcp pool dave network 10.0.0.0 255.255.255.0 dns-server 172.28.2.217 172.28.2.10 default-router 10.0.0.1 Dave Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21194t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Hey Dave, forgot 1 line: ip dhcp excluded-address 10.0.0.1 Thanks Buddy! ;^) -Eric -Original Message- From: MADMAN [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 1:47 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] Bravo, This makes the router a DHCP server: ip dhcp pool dave network 10.0.0.0 255.255.255.0 dns-server 172.28.2.217 172.28.2.10 default-router 10.0.0.1 Dave Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21197t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: DHCP [7:21051]
OK, I'm starting to see where the confusion is coming from. The ip dhcp-server command can be used on dial-up PPP links. It specifies the IP address of a DHCP server for the PPP client to use. It was almost impossible to find in the documentation. Most of the ip dhcp commands relate to telling your router to be a DHCP server, which is a completely different solution, of course. Are you using PPP, Khramov? The general-purpose way to tell your router the address of your DHCP server is the ip helper-address command. Priscilla At 01:54 PM 9/26/01, Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21199t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Their must be more than one way to foreword DHCP requests. Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr _c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21202t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
Yes, I finally found that also, but only in reference to dial-up networks where the router is acting as an access sever for SLIP/PPP clients. Does it work elsewhere? It would be good if it did. Priscilla At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote: Their must be more than one way to foreword DHCP requests. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial_r/drdreip.htm#xtocid1564817 Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED
Re: DHCP [7:21051]
Priscilla, I think that you are right about the ip dhcp-server command. I looked it up on Cisco's web site. It seems that it can be used only with dial up to tell the client where dhcp server is. Priscilla Oppenheimer wrote: Yes, I finally found that also, but only in reference to dial-up networks where the router is acting as an access sever for SLIP/PPP clients. Does it work elsewhere? It would be good if it did. Priscilla At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote: Their must be more than one way to foreword DHCP requests. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial_r/drdreip.htm#xtocid1564817 Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612
RE: DHCP [7:21051]
Try this again. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/dial _r/drdreip.htm#xtocid1564817 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:40 PM To: [EMAIL PROTECTED] Subject: RE: DHCP [7:21051] Their must be more than one way to foreword DHCP requests. Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr _c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] groupstudy.com/form/read.php?f=7i=21133t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/lis t/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http
Re: DHCP [7:21051]
I am currently using this command on many routers ranging in ios from 10.2 (yeah I know but its a couple a hundred miles away) to 12.2. Without it our customers (we are an ISP) cannot reach the DHCP servers. It must work outside of the dialup only arena. At 01:09 PM 9/26/2001, khramov wrote: Priscilla, I think that you are right about the ip dhcp-server command. I looked it up on Cisco's web site. It seems that it can be used only with dial up to tell the client where dhcp server is. Priscilla Oppenheimer wrote: Yes, I finally found that also, but only in reference to dial-up networks where the router is acting as an access sever for SLIP/PPP clients. Does it work elsewhere? It would be good if it did. Priscilla At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote: Their must be more than one way to foreword DHCP requests. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/d ial_r/drdreip.htm#xtocid1564817 Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/f ipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name
Re: DHCP [7:21051]
NetBIOS (TCP/IP) Node Type Requested Option: 47 NetBIOS (TCP/IP) Scope Requested Option: 43 Vendor Specific Information Requested Option: 77 User Class Information DHCP Option End Option Code:255 End Extra bytes (Padding): ... 00 00 00 00 00 00 00 00 00 00 00 Frame Check Sequence: 0x Priscilla At 05:12 PM 9/26/01, Wayne Wenthin wrote: I am currently using this command on many routers ranging in ios from 10.2 (yeah I know but its a couple a hundred miles away) to 12.2. Without it our customers (we are an ISP) cannot reach the DHCP servers. It must work outside of the dialup only arena. At 01:09 PM 9/26/2001, khramov wrote: Priscilla, I think that you are right about the ip dhcp-server command. I looked it up on Cisco's web site. It seems that it can be used only with dial up to tell the client where dhcp server is. Priscilla Oppenheimer wrote: Yes, I finally found that also, but only in reference to dial-up networks where the router is acting as an access sever for SLIP/PPP clients. Does it work elsewhere? It would be good if it did. Priscilla At 02:24 PM 9/26/01, [EMAIL PROTECTED] wrote: Their must be more than one way to foreword DHCP requests. http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/d ial_r/drdreip.htm#xtocid1564817 Tom got me looking into this earlier. -Eric -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 2:05 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] At 01:06 PM 9/26/01, khramov wrote: From my understanding ip dhcp-server command will enable upd broadcast on ports 66 and 67. Is that true? It causes your router to BE a DHCP server and to accept and process broadcasts to UDP port 67 and to send responses from port 66. It does not cause the router to forward UDP broadcasts to port 67. If you turn your router into a DHCP server, you would also have to identify an external File Transport Protocol (FTP), Trivial File Transfer Protocol (TFTP), or remote copy protocol (rcp) server that you will use to store the DHCP bindings database. The router will access that database. Here's more info on turning your router into a DHCP server, which is often not a good idea, in my opinion (because it detracts from the router's real jobs): http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/f ipr_c/ipcprt1/1cfdhcp.htm Priscilla Alex Priscilla Oppenheimer wrote: Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes
Re: DHCP [7:21051]
Yeah I always thought the helper address command was the way to get a whole bunch of nonroutable junk forwarded. Bri - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 4:03 PM Subject: Re: DHCP [7:21051] OK, so I tried it. The ip dhcp-server command didn't do anything on my network, which is mostly Ethernet LANs. What good is it? ;-) I had to use ip helper-address on the interface where the client resides. With that command, the DHCP messages got forwarded, whether I had ip dhcp-sever configured or not. Using just ip dhcp-server without the ip helper-address did not work, however. In that case, the DHCP messages did not get forwarded. Here's my config. The client is on the 36.1.1.0 network. I was sitting with my EtherPeek protocol analyzer on the 10.10.0.0 network. I could see the DHCP Discover come through to 10.10.0.1 whether I used ip dhcp-server 10.10.0.1 or not, as long as I did use ip helper-address 10.10.0.1. charlotte#s run Building configuration... Current configuration: ! version 11.0 service udp-small-servers service tcp-small-servers ! hostname charlotte ! enable password ! ip dhcp-server 10.10.0.1 (also tried it without this) ! interface Ethernet0 ip address 10.10.0.2 255.255.255.0 ! interface Ethernet1 ip address 36.1.1.1 255.255.255.0 ip helper-address 10.10.0.1 (this is what really did the trick) ! interface Serial0 ip address 192.168.40.2 255.255.255.0 no fair-queue ! interface Serial1 no ip address shutdown ! interface TokenRing1 no ip address shutdown ! interface TokenRing0 no ip address shutdown ! router ospf 100 network 192.168.0.0 0.0.255.255 area 2 network 10.10.0.0 0.0.255.255 area 0 network 36.1.1.0 0.0.0.255 area 2 ! line con 0 line aux 0 transport input all line vty 0 4 password cisco login ! end The DHCP Discover from the client that I captured might be informative for people learning about how DHCP Relay works. Notice that the packet is a unicast, rather than a broadcast. Also, notice at the IP layer that the source address is the router, not the client's 0.0.0.0 address that you normally see with DHCP. The router also put its address in the DHCP server under Gateway IP Address. The DHCP server needs to see this to know which subnet the client's request came from. Ethernet Header Destination: 00:00:0C:05:3E:80 Source: 00:00:0C:00:2E:75 Protocol Type:0x0800 IP IP Header - Internet Protocol Datagram Version: 4 Header Length:5 (20 bytes) Type of Service: % Precedence: Routine, Normal Delay, Normal Throughput, Normal Reliability Total Length: 328 Identifier: 12800 Fragmentation Flags: %000 May Fragment Last Fragment Fragment Offset: 0 (0 bytes) Time To Live: 127 Protocol: 17 UDP Header Checksum: 0xD998 Source IP Address:36.1.1.1 Dest. IP Address: 10.10.0.1 No IP Options UDP - User Datagram Protocol Source Port: 68 Bootstrap (BOOTP Client) Destination Port: 67 Bootstrap Protocol Server Length: 308 Checksum: 0x3159 BootP - Bootstrap Protocol Operation:1 Boot Request Hardware Address Type:1 Ethernet (10Mb) Hardware Address Length: 6 bytes Hops: 0 Transaction ID: 678970121 Seconds Since Boot Start: 0 Flags:0x IP Address Known By Client: 0.0.0.0 IP Address Not Known By Client Client IP Addr Given By Srvr: 0.0.0.0 Server IP Address:0.0.0.0 Gateway IP Address: 36.1.1.1 Client Hardware Address: 00:E0:98:89:52:FA Unused: 0x Server Host Name: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Boot File Name: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DHCP - Dynamic Host Configuration Protocol DHCP Magic Cookie:0x63825363 Message TypeDHCP Option Option Code:53 Message Type Option Length: 1 Message Type: 1 Discover Client IdentifierDHCP Option Option Code:61 Client Identifier Option Length: 7 Hardware Type: 1 Hardware Address: 00:E0:98:89:52:FA Requested IP AddressDHCP Option Option Code:50 Requested IP Address Option Length: 4 Address:36.1.1.2 Host Name AddressDHCP Option Option Code:12 Host Name Address Option Length: 8 String: MACTEAM. Vendor Class IdentifierDHCP Option Option Code:60 Vendor Class Identifier Option Length: 7 Option Data: MSFT 98 4D 53
Re: DHCP [7:21051]
At 05:14 PM 9/26/01, Brian wrote: Yeah I always thought the helper address command was the way to get a whole bunch of nonroutable junk forwarded. It gets a bunch of UDP broadcasts forwarded. I figured out the ip dhcp-server command. It's not a replacement for ip helper-address. It's for access servers. It's only documented in access server documentation and documentation for the Gateway General Packet Radio Service (GPRS) Support Node (GGSN), whatever that is. The GGSN provides services to wireless devices, that much I know, and it's sort of an access server for the purposes of this discussion. So dial-up users, wireless users, etc. reach the Internet or corporate intranet through the access server. With ip dhcp-server you can make sure the access server gives these users an IP address because it forwards their requests (or asks on its own) to a DHCP server. Note that if the DHCP server is not on the same LAN as the access server, then you need to configure ip helper-address on intermediate routers between the access server and DHCP server. ip helper-address is also used for the more common situations, for example, when clients are on a different LAN than the DHCP server. ip dhcp-server didn't work in this case, per my previous message. I'd love to hear any more uses for ip dhcp-server if they exist. I would think that access server could also mean a DSL or cable modem router, but I don't see any evidence of the ip dhcp-server command being documented for those environments. (The command definitely doesn't turn the router into a DHCP server a I originally said, sorry. I feel sort of justified for that mistake, though since the other ip dhcp commands do that. ;-) Priscilla Bri Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21238t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: DHCP [7:21051]
i remember the only command i ut on the cisco router is peer default ip address dhcp and enable the ip helper address -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 26, 2001 11:28 PM To: [EMAIL PROTECTED] Subject: Re: DHCP [7:21051] OK, I'm starting to see where the confusion is coming from. The ip dhcp-server command can be used on dial-up PPP links. It specifies the IP address of a DHCP server for the PPP client to use. It was almost impossible to find in the documentation. Most of the ip dhcp commands relate to telling your router to be a DHCP server, which is a completely different solution, of course. Are you using PPP, Khramov? The general-purpose way to tell your router the address of your DHCP server is the ip helper-address command. Priscilla At 01:54 PM 9/26/01, Tim Booth wrote: Priscilla and others: Ip dhcp-server does not turn your router into a dhcp server. It tells your router where your dhcp server is. Tim Booth - Original Message - From: Priscilla Oppenheimer To: Sent: Wednesday, September 26, 2001 12:12 PM Subject: Re: DHCP [7:21051] Why do you want to turn your router into a DHCP server? I thought you already had a DHCP server. You just need a helper address and ip forward-protocol udp 67 no ip forward-protocol 137 no ip forward-protocol 138 The last two commands are because you said that NetBIOS broadcast forwarding was causing problems for your NT server. When you have a helper address, the router forwards a bunch of UDP packets. You have to configure it to be more discerning. Priscilla At 09:24 AM 9/26/01, khramov wrote: Hello, ip dhcp-server works, I didn't specify it with a hyphen. So would you agree that the best solution for me would be to disable ip directed broadcast, ip helper address and enable ip dhcp-server at the global config? If I enable ip dhcp-server do I need to enable ip forward-protocol udp (ports 66 and 67)? Thanks a lot, Alex MADMAN wrote: Hmm.. I haven't done it in a while so I tried it on a 7507 with RSP8's and an MSFC2, they both accepted the command just fine but are not in the config. So I figured they must be enabled by default so I did a no ip forward protocol udp 67 and wallah, there it is!!! C7507MIX#conf t Enter configuration commands, one per line. End with CNTL/Z. C7507MIX(config)#no ip for C7507MIX(config)#no ip forward-protocol udp 67 C7507MIX(config)#^Z C7507MIX#wr t Building configuration...ip kerberos source-interface any ip classless no ip forward-protocol udp bootps Dave khramov wrote: I did that, but when I do sh run it is not showing up in config file. I mean (ip forward-protocol udp 67). Is that the way it is suppose to be? MADMAN wrote: Check ip foward protocol Dave khramov wrote: Hello How do I enable broadcast for DHCP server? I know that ip helper enables UDP broadcast, but broadcast of netbios services causes some problems for win nt server. So I guess to be more specific what can I do to forward udp broadcast on ports 67 and 68 only? And another question that I have what exactly ip directed-broadcast command does? I've searched Cisco's web site but I never came across a clear defenition? Thanks, Alex [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland Sr. Network Engineer CCIE# 2016 Qwest Communications Int. Inc. [EMAIL PROTECTED] 612-664-3367 Emotion should reflect reason not guide it [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] -- David Madland CCIE# 2016 Senior Network Engineer Qwest Communications 612-664-3367 [GroupStudy.com removed an attachment of type text/x-vcard which had a name of khramov.vcf] Priscilla Oppenheimer http://www.priscilla.com Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=21256t=21051 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
