• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 930
  • Last Modified:

Scopes with DHCP

Hi everyone. I've just installed DHCP service with Win2000 Server. I created two scopes (e.g. Scope A & Scope B). Normally, these two scopes has different range of IPs. I want to configure the DHCP to assign IPs to group of my users from Scope A & to assign another group of users from Scobe B automatically. How can I do this?
0
firas_s
Asked:
firas_s
  • 4
  • 3
  • 2
1 Solution
 
lrmooreCommented:
You cannot do this unless you have the two groups separated into separate networks via VLAN's and/or routers.
DHCP requests are all 1's broadcast packets, and the server will respond with a scope that matches the subnet of the interface on which the request was received. If both groups live on the same network, and all requests are broadcasts, there is no way to separate the two.
0
 
firas_sAuthor Commented:
Thanks for ur good answer. But why the DHCP have the option of creating mutliple scopes if it doesn't support what I'm going to do (BOTH GROUPS RESIDE IN THE SAME NETWORK) ??!!

If it's not possible, I'll buy CISCO switch. Then I'll configure it with two VLANs. So, how can I configure the DHCP to assign VLAN 1 with IPs from Scope A & VLAN 2 with IPs from VLAN 2 ??
0
 
lrmooreCommented:
I have one server with over 50 different scopes serving over 50 separate networks at separate locations. Here's how that works:
DHCP request gets sent out on the local network. The local router is configured to forward those broadcasts across the WAN to the specific IP address of the DHCP server, which replies with an address matching the scope based on the source network of that forwarded request. The router is acting as a DHCP proxy more or less by sending a packet straight to the DHCP server that basically says "I have a client on network a.b.c.0 with MAC address xxyyxyxx that needs and IP address and associated information". The server responds using information from the scope setup for network a.b.c.0.

In your case, putting in a Cisco switch with two VLAN's creates another problem for you. How are you going to route between these VLAN's? You would need to put a router in the mix just for that purpose. You may get by with putting a 2nd NIC on your server with one NIC on each VLAN, or set up two separate servers, one on each VLAN, but you're adding complexity to your network where you need to keep it as simple as possible.

What is your real reason for wanting  different groups to have different IP ranges, other than logically it makes good sense, makes it easy to troubleshoot, etc? Is there a sound business reason that justifies the investment in hardware and the administrative overhead of that hardware?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
squidfishesCommented:
There is actually a way to do this with two different IP ranges on the same physical network without VLAN's or routers.  You can set up a multi-homed server, which is basically a NT/2000 server with multiple network cards in it.  When you put in the additional network card, bind an IP to the second card that's in your new IP range.  Then assign the scope to that card.
0
 
firas_sAuthor Commented:
Thank u Squidfishes 4 ur answer. But how can I assign a scope to a specific network card ?? I didn't found this option when I created the scope.
0
 
lrmooreCommented:
Even if you do setup one NIC for one pool and the other NIC for the other pool, you cannot determine who gets an address from which pool as long as both NIC's are plugged into the same broadcast domain. This makes no sense..
Same concept if you have two separate servers one with one range of addresses in it's scope, the other with a different range. Whichever one is least busy (or just faster) at the instant a DHCP request is broadcast will answer.
You can, however, use DHCP to reserve specific addresses for specific MAC addresses. You can gather the MAC addresses of all your systems, then assign them to separate groups/scopes by pre-defined IP address for specified MAC address.
http://support.microsoft.com/support/kb/articles/Q196/0/66.ASP
http://support.microsoft.com/support/kb/articles/Q170/0/62.ASP

0
 
squidfishesCommented:
Yes, you are correct, lrmoore.  You can't determine who goes in which pool... unless you do the MAC address assignment.

firas, you can also use superscoping to have your DHCP server handle multiple IP subnets.  Most people only use multiple IP subnets in one broadcast domain for a few reasons, however.  One, they've run out of IP addresses and added another range.  Two, they want redundancy in their DHCP servers, so they have at least two separate DHCP servers handling multiple subnets or parts of the same subnet.  Three, they are converting from an old IP range to a new one, and it's only temporary.

Here's the superscope article...

http://support.microsoft.com/support/kb/articles/Q186/3/41.ASP
0
 
squidfishesCommented:
Oh, one other thing.  If you do put multiple NIC's in your 2000 server, you could assign one NIC to one VLAN and the other to the remaining VLAN.  Since you have to allow routing when multihoming anyway, your 2000 server would act as a router, and you wouldn't need to buy a Cisco router.  Of course, this would add additional load to your server, and it's not a particular high-performance router.  But if you don't have a very big network, it would be adequate.

I forgot to answer one of your questions... when you have multiple IP addresses, you'll have the option of assigning the scope to whichever one you like.  It just doesn't show up when you only have one.
0
 
lrmooreCommented:
firas_s,
No comment has been added lately (720 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

RECOMMENDATION: Award points to lrmoore http:#6412049

Please leave any comments here within 7 days.

-- Please DO NOT accept this comment as an answer ! --

Thanks,

lrmoore
EE Cleanup Volunteer
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now