Solved

Scopes with DHCP

Posted on 2001-08-18
9
919 Views
Last Modified: 2008-05-02
Hi everyone. I've just installed DHCP service with Win2000 Server. I created two scopes (e.g. Scope A & Scope B). Normally, these two scopes has different range of IPs. I want to configure the DHCP to assign IPs to group of my users from Scope A & to assign another group of users from Scobe B automatically. How can I do this?
0
Comment
Question by:firas_s
  • 4
  • 3
  • 2
9 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 6402467
You cannot do this unless you have the two groups separated into separate networks via VLAN's and/or routers.
DHCP requests are all 1's broadcast packets, and the server will respond with a scope that matches the subnet of the interface on which the request was received. If both groups live on the same network, and all requests are broadcasts, there is no way to separate the two.
0
 

Author Comment

by:firas_s
ID: 6403937
Thanks for ur good answer. But why the DHCP have the option of creating mutliple scopes if it doesn't support what I'm going to do (BOTH GROUPS RESIDE IN THE SAME NETWORK) ??!!

If it's not possible, I'll buy CISCO switch. Then I'll configure it with two VLANs. So, how can I configure the DHCP to assign VLAN 1 with IPs from Scope A & VLAN 2 with IPs from VLAN 2 ??
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 6404033
I have one server with over 50 different scopes serving over 50 separate networks at separate locations. Here's how that works:
DHCP request gets sent out on the local network. The local router is configured to forward those broadcasts across the WAN to the specific IP address of the DHCP server, which replies with an address matching the scope based on the source network of that forwarded request. The router is acting as a DHCP proxy more or less by sending a packet straight to the DHCP server that basically says "I have a client on network a.b.c.0 with MAC address xxyyxyxx that needs and IP address and associated information". The server responds using information from the scope setup for network a.b.c.0.

In your case, putting in a Cisco switch with two VLAN's creates another problem for you. How are you going to route between these VLAN's? You would need to put a router in the mix just for that purpose. You may get by with putting a 2nd NIC on your server with one NIC on each VLAN, or set up two separate servers, one on each VLAN, but you're adding complexity to your network where you need to keep it as simple as possible.

What is your real reason for wanting  different groups to have different IP ranges, other than logically it makes good sense, makes it easy to troubleshoot, etc? Is there a sound business reason that justifies the investment in hardware and the administrative overhead of that hardware?
0
 

Expert Comment

by:squidfishes
ID: 6410532
There is actually a way to do this with two different IP ranges on the same physical network without VLAN's or routers.  You can set up a multi-homed server, which is basically a NT/2000 server with multiple network cards in it.  When you put in the additional network card, bind an IP to the second card that's in your new IP range.  Then assign the scope to that card.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:firas_s
ID: 6411138
Thank u Squidfishes 4 ur answer. But how can I assign a scope to a specific network card ?? I didn't found this option when I created the scope.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 50 total points
ID: 6412049
Even if you do setup one NIC for one pool and the other NIC for the other pool, you cannot determine who gets an address from which pool as long as both NIC's are plugged into the same broadcast domain. This makes no sense..
Same concept if you have two separate servers one with one range of addresses in it's scope, the other with a different range. Whichever one is least busy (or just faster) at the instant a DHCP request is broadcast will answer.
You can, however, use DHCP to reserve specific addresses for specific MAC addresses. You can gather the MAC addresses of all your systems, then assign them to separate groups/scopes by pre-defined IP address for specified MAC address.
http://support.microsoft.com/support/kb/articles/Q196/0/66.ASP
http://support.microsoft.com/support/kb/articles/Q170/0/62.ASP

0
 

Expert Comment

by:squidfishes
ID: 6414045
Yes, you are correct, lrmoore.  You can't determine who goes in which pool... unless you do the MAC address assignment.

firas, you can also use superscoping to have your DHCP server handle multiple IP subnets.  Most people only use multiple IP subnets in one broadcast domain for a few reasons, however.  One, they've run out of IP addresses and added another range.  Two, they want redundancy in their DHCP servers, so they have at least two separate DHCP servers handling multiple subnets or parts of the same subnet.  Three, they are converting from an old IP range to a new one, and it's only temporary.

Here's the superscope article...

http://support.microsoft.com/support/kb/articles/Q186/3/41.ASP
0
 

Expert Comment

by:squidfishes
ID: 6414078
Oh, one other thing.  If you do put multiple NIC's in your 2000 server, you could assign one NIC to one VLAN and the other to the remaining VLAN.  Since you have to allow routing when multihoming anyway, your 2000 server would act as a router, and you wouldn't need to buy a Cisco router.  Of course, this would add additional load to your server, and it's not a particular high-performance router.  But if you don't have a very big network, it would be adequate.

I forgot to answer one of your questions... when you have multiple IP addresses, you'll have the option of assigning the scope to whichever one you like.  It just doesn't show up when you only have one.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 9133902
firas_s,
No comment has been added lately (720 days), so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area for this question:

RECOMMENDATION: Award points to lrmoore http:#6412049

Please leave any comments here within 7 days.

-- Please DO NOT accept this comment as an answer ! --

Thanks,

lrmoore
EE Cleanup Volunteer
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Screen Recorder Recommendations 10 54
Route Summarization 2 31
Cisco iWAN 8 45
RDP Sonicwall 8 23
What’s a web proxy server? A proxy server is a server that goes between clients and web servers, used in corporate to enforce corporate browsing policy and ensure security. Proxy servers are commonly used in three modes. A)    Forward proxy …
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now