ISC DHCP Users

Did not work as expected

Classic

List

Threaded

6 messages Options

Leandro

Did not work as expected

Hi guys , while trying to get my config working, got this unexpected result.
After setting following connection diagram:

rel

Having following dhcpd.conf subnet config:

shared-network Public {
        subnet 192.168.88.0 netmask 255.255.255.0{
                #pool1
                pool{
                range 192.168.88.2 192.168.88.126;
                option broadcast-address 192.168.88.127;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.1;
                }
                #pool2
                pool{
                range 192.168.88.129 192.168.88.254;
                option broadcast-address 192.168.88.255;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.129;
                }

        }

}

I got following lease asigment:
Jun 29 17:04:42 centos86_64 dhcpd: DHCPDISCOVER from 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPOFFER on 192.168.88.33 to 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPREQUEST for 192.168.88.33 (20.1.1.254) from 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPACK on 192.168.88.33 to 08:00:27:95:d9:62 via 192.168.88.129

What is wrong ?I expeted that request coming from 192.168.88.129 would receive some lease from pool2 since 192.168.88.129 falls there.
Instead I, receibing a lease from pool1 including the router option ... The client connected behind relay2 will never go out.
Any Ideas ?

Thanks in advance,
Leandro.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Lyle Giese

Re: Did not work as expected

You need two subnets, one for 192.168.88.0/25 and one for 192.168.88.128/25.

Lyle

On 06/29/15 15:42, Leandro wrote:

Hi guys , while trying to get my config working, got this unexpected result.
After setting following connection diagram:

Having following dhcpd.conf subnet config:

shared-network Public {
        subnet 192.168.88.0 netmask 255.255.255.0{
                #pool1
                pool{
                range 192.168.88.2 192.168.88.126;
                option broadcast-address 192.168.88.127;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.1;
                }
                #pool2
                pool{
                range 192.168.88.129 192.168.88.254;
                option broadcast-address 192.168.88.255;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.129;
                }

        }

}

I got following lease asigment:
Jun 29 17:04:42 centos86_64 dhcpd: DHCPDISCOVER from 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPOFFER on 192.168.88.33 to 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPREQUEST for 192.168.88.33 (20.1.1.254) from 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPACK on 192.168.88.33 to 08:00:27:95:d9:62 via 192.168.88.129

What is wrong ?I expeted that request coming from 192.168.88.129 would receive some lease from pool2 since 192.168.88.129 falls there.
Instead I, receibing a lease from pool1 including the router option ... The client connected behind relay2 will never go out.
Any Ideas ?

Thanks in advance,
Leandro.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Simon Hobson-2

Re: Did not work as expected

In reply to this post by Leandro

Leandro <[hidden email]> wrote:

> shared-network Public {

> What is wrong ?

What you have drawn is ***NOT*** a shared network.
It seems you did not digest that from the previous discussion regarding your network architecture.

To recap, a shared network is where there are two (or more) subnets ON THE SAME BIT OF WIRE (or more technically, on the same broadcast domain).

So, looking at your diagram, in Cisco speak you have something like :
interface Fastethernet0/1
ip address 192.168.88.1 255.255.255.128

interface Fastethernet0/2
ip address 192.168.88.129 255.255.255.128

Or in Linux speak :
ip addr add 192.168.88.1/25 dev eth1
ip addr add 192.168.88.129/25 dev eth2

Two separate networks, separate broadcast domains, separate IP subnets.

For it to be a shared network, both subnets would need to be defined on the **SAME** interface of your router :

interface Fastethernet0/1
ip address 192.168.88.1 255.255.255.128
ip address 192.168.88.129 255.255.255.128 secondary

Or :
ip addr add 192.168.88.1/25 dev eth1
ip addr add 192.168.88.129/25 dev eth1 <- note same device

I'll reiterate, you REALLY REALLY must get these very basic IP networking concepts sorted - if you don't then you WILL struggle to build a working and reliable network.
Once you have the network and IP topology sorted, then you must accurately describe that to the DHCP server - that means NOT declaring a shared network where you do not have one.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Han Koster

Re: Did not work as expected

In reply to this post by Leandro

Besides the remarks you already got on shared networks, in the configuration of pool#2 you define in option routers the first IP address(129) of the range.

It will not solve your problem, but I suggest you start the range at 130.

Han Koster

From: <[hidden email]> on behalf of Leandro <[hidden email]>
Reply-To: Users of ISC DHCP <[hidden email]>
Date: Monday 29 June 2015 22:42
To: Users of ISC DHCP <[hidden email]>
Subject: Did not work as expected

Hi guys , while trying to get my config working, got this unexpected result.
After setting following connection diagram:

rel

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Leandro

Re: Did not work as expected / Now it is

Gentleman , finally I manage to handle two shared networks from two relays.
Now when my network grows and need more ip allocations I just will add subnets to each shared network declaration.
Te scenario would be:
rel

Te config is:

shared-network Relay1 {
        subnet 192.168.88.0 netmask 255.255.255.128 {
                range 192.168.88.2 192.168.88.126;
                option broadcast-address 192.168.88.127;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.1;

        }
        subnet 192.168.89.0 netmask 255.255.255.128{
                range 192.168.89.2 192.168.89.126;
                option broadcast-address 192.168.89.127;
                option subnet-mask 255.255.255.128;
                option routers 192.168.89.1;
        }
}

shared-network Relay2 {
        subnet 192.168.88.128 netmask 255.255.255.128 {
                range 192.168.88.130 192.168.88.254;
                option broadcast-address 192.168.88.255;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.129;
                }

        subnet 192.168.89.128 netmask 255.255.255.128 {
                range 192.168.89.130 192.168.89.254;
                option broadcast-address 192.168.89.255;
                option subnet-mask 255.255.255.128;
                option routers 192.168.89.129;
                }
}
Next; I will add a failover pair and test it

Btw; I would like to add that my escenario has been simulated using virtualbox with two centos and a pfsense VM.
Also used two very usefull tools : dhcpd-pools to check in real time how the leases are being consumed , and dhcperf to simulate the dhcp requests.
If somebody want to get help about compile / use them or any info related to virtualbox networking setting , please let me know.
I got a lot of help from this list, I would like also to share something back.

Regards.
Leandro.

On 30/06/15 04:16, Han Koster wrote:

Besides the remarks you already got on shared networks, in the configuration of pool#2 you define in option routers the first IP address(129) of the range.

It will not solve your problem, but I suggest you start the range at 130.

Han Koster

From: <[hidden email]> on behalf of Leandro <[hidden email]>
Reply-To: Users of ISC DHCP <[hidden email]>
Date: Monday 29 June 2015 22:42
To: Users of ISC DHCP <[hidden email]>
Subject: Did not work as expected

Hi guys , while trying to get my config working, got this unexpected result.
After setting following connection diagram:

Having following dhcpd.conf subnet config:

shared-network Public {
        subnet 192.168.88.0 netmask 255.255.255.0{
                #pool1
                pool{
                range 192.168.88.2 192.168.88.126;
                option broadcast-address 192.168.88.127;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.1;
                }
                #pool2
                pool{
                range 192.168.88.129 192.168.88.254;
                option broadcast-address 192.168.88.255;
                option subnet-mask 255.255.255.128;
                option routers 192.168.88.129;
                }

        }

}

I got following lease asigment:
Jun 29 17:04:42 centos86_64 dhcpd: DHCPDISCOVER from 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPOFFER on 192.168.88.33 to 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPREQUEST for 192.168.88.33 (20.1.1.254) from 08:00:27:95:d9:62 via 192.168.88.129
Jun 29 17:04:42 centos86_64 dhcpd: DHCPACK on 192.168.88.33 to 08:00:27:95:d9:62 via 192.168.88.129

What is wrong ?I expeted that request coming from 192.168.88.129 would receive some lease from pool2 since 192.168.88.129 falls there.
Instead I, receibing a lease from pool1 including the router option ... The client connected behind relay2 will never go out.
Any Ideas ?

Thanks in advance,
Leandro.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Simon Hobson

Re: Did not work as expected / Now it is

Leandro <[hidden email]> wrote:

> Gentleman , finally I manage to handle two shared networks from two relays.

Yay, got there in the end.
The only thing I'd add is that I'd suggest trying to avoid splitting address ranges quite so much.

OK, there's a large element of sticking a finger in the air and pulling numbers from nowhere, but ... try and think about which services are most likely to grow most and give them some room. SO instead of allocating 192.168.88.0/25 and 192.168.88.128/25 from the outset, try and leave 192.168.88.128/25 (and even 192.168.89.0/24) free initially.
If that network grows then you can expend it by simply changing to 192.168.88.0/24 or even 192.168.88.0/23 - which is a far cleaner situation.

If you do end up with a /25 that's full, rather than just adding another /25 - see if you can add a /24 and migrate existing users before deleting the original /25.

In the long term, it'll give you a cleaner and easier to manage network. Although what you have here will work, it's just going to scale badly in the long term.

Now, if your users have static addresses then migrating is a bit harder - but if they are all dynamic then it's fairly easy to do.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users