Solved

DHCP Server using a Relay Server

Posted on 2004-04-20
8
1,057 Views
Last Modified: 2013-11-30
What would be the best way to setup a Windows Server running DHCP using a Relay Server (REDBACK). I have it set up now and it assign a Set-top box an IP address but the problem we are having is if you hook a switch to the box and hook like 5 computers up they all get assign a Public IP address. We are looking to give it one Public IP address and from there you can hook a router up to the set-top box and have more PCs.

The main problem is the dhcp server assigning public address to every machine hooked to the Set-top box.

Need help. Any Info would be appreciated.
0
Comment
Question by:Ckesey
  • 4
  • 3
8 Comments
 
LVL 2

Expert Comment

by:klingonhero
Comment Utility
Don't quite understand what your trying to do. You have a switch with both an external router and internal PCs on it. You are running DHCP across the switch using a windows server that is also connected to the switch. Is this topology correct? If you have different requirements for DHCP addressing using only a switch and everything else connected to it, you'll need to use DHCP reservations (especially for "public" addressing) at a minimum. You should also segment the switch using VLANs. If this is your topology you should consider adding another switch and creating a DMZ. I'm probably all over the place on this answer because I don't quite understand the topology here.
0
 

Author Comment

by:Ckesey
Comment Utility
We are an ISP which is now offering Video. With this video the customer gets a Set-top box like you would get from a satelite company. On this set-top box you have and ethernet port from this port you plug it into a computer and obtain an IP address from our DHCP server. The problem that we are having is when you hook a personal switch to the ethernet port in the back of the set-top box  and hook computers to the switch the Dhcp server will assign a public IP address to each and every computer.  The way we want it set up is only one IP is sent to each set-top box. In other words, one IP address per customer.

I hope I explained it better. If you have any more questions please ask.
0
 
LVL 2

Expert Comment

by:klingonhero
Comment Utility
Is using DHCP reservations out of the question? In other words, the customer gives you the MAC address of the PC on the other side of the set-top box. If they use a cable/dsl router then they give you the mac of that.
0
 

Author Comment

by:Ckesey
Comment Utility
Yes, I am afraid we don't want to mess with the idea of using the MAC address. We are trying to cut down on the trouble for both us as the ISP and the Customers. Any other Ideas?
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 2

Accepted Solution

by:
klingonhero earned 500 total points
Comment Utility
I don't think this is possible within W2K's DHCP implementation alone. You will need some higher lever (possibly application layer) processing to make this happen. Is there a way to tell which set-top box the DHCP request comes through? Is the box IPable or SNMPable? Can the box relay dhcp or is it just a layer 1 & layer 2 device that provides the transport for any network device plugged into it's ethernet port?

If it can relay and allows options, you could add DHCP option 82 to see where the packet came from. "It encodes a agent-local identifier of the circuit from which a DHCP discover/request packet was received.  It is intended for use by agents in relaying DHCP responses back to the proper circuit." But this will only work if the agent (set-top box) can be configured this way. - http://www.iana.org/assignments/bootp-dhcp-extensions/bootp-dhcp-option-82

Option 83 may also work for you. http://www.iana.org/assignments/bootp-dhcp-extensions/bootp-dhcp-option-83.

Again, you may need some higher level processing and logic at the set-top box layer, since you don't want to touch the clients. There may also be a LINUX DHCP alternative that provides this type of auditing and control of DHCP requests and offers based on the relay agent it comes through (option 82 or 83 above).

Of course most of this is moot if you can't talk the the set-top box via IP or SNMP or if there is no way for the box to acknowledge it relayed or detected specific DHCP traffic.
0
 
LVL 2

Expert Comment

by:klingonhero
Comment Utility
Another though, are your users trackable per/port at your central hub? In other words, user x at location x has a port at your hub, or is user x part of an aggregate? Perhaps (using options) you can specify on a per port basis instead of the set-top box.
0
 
LVL 1

Expert Comment

by:CNix
Comment Utility
I don't know about other switches, but if you have a cisco switch at the ISP end, it can possibly be done.
0
 

Author Comment

by:Ckesey
Comment Utility
I don't think the set tops are smart enough to act as more than just
layer1/2 transport. They just basically bridge what ever we send across the
PVC to whatever is attached to their ethernet port.

The option 82 or 83 angle could work if we can figure out how to get the
redback router to send the ID and then how to make the server recognize that ID
and only give out one address based on that ID.

All the MACs show on the 2003 server so with some work you could find out
who is beating you on IP addresses but I would really rather have a way to
control what they get.
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now