Solved

DHCP Server using a Relay Server

Posted on 2004-04-20
8
1,114 Views
Last Modified: 2013-11-30
What would be the best way to setup a Windows Server running DHCP using a Relay Server (REDBACK). I have it set up now and it assign a Set-top box an IP address but the problem we are having is if you hook a switch to the box and hook like 5 computers up they all get assign a Public IP address. We are looking to give it one Public IP address and from there you can hook a router up to the set-top box and have more PCs.

The main problem is the dhcp server assigning public address to every machine hooked to the Set-top box.

Need help. Any Info would be appreciated.
0
Comment
Question by:Ckesey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 2

Expert Comment

by:klingonhero
ID: 10871852
Don't quite understand what your trying to do. You have a switch with both an external router and internal PCs on it. You are running DHCP across the switch using a windows server that is also connected to the switch. Is this topology correct? If you have different requirements for DHCP addressing using only a switch and everything else connected to it, you'll need to use DHCP reservations (especially for "public" addressing) at a minimum. You should also segment the switch using VLANs. If this is your topology you should consider adding another switch and creating a DMZ. I'm probably all over the place on this answer because I don't quite understand the topology here.
0
 

Author Comment

by:Ckesey
ID: 10871950
We are an ISP which is now offering Video. With this video the customer gets a Set-top box like you would get from a satelite company. On this set-top box you have and ethernet port from this port you plug it into a computer and obtain an IP address from our DHCP server. The problem that we are having is when you hook a personal switch to the ethernet port in the back of the set-top box  and hook computers to the switch the Dhcp server will assign a public IP address to each and every computer.  The way we want it set up is only one IP is sent to each set-top box. In other words, one IP address per customer.

I hope I explained it better. If you have any more questions please ask.
0
 
LVL 2

Expert Comment

by:klingonhero
ID: 10872107
Is using DHCP reservations out of the question? In other words, the customer gives you the MAC address of the PC on the other side of the set-top box. If they use a cable/dsl router then they give you the mac of that.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Ckesey
ID: 10873180
Yes, I am afraid we don't want to mess with the idea of using the MAC address. We are trying to cut down on the trouble for both us as the ISP and the Customers. Any other Ideas?
0
 
LVL 2

Accepted Solution

by:
klingonhero earned 500 total points
ID: 10873466
I don't think this is possible within W2K's DHCP implementation alone. You will need some higher lever (possibly application layer) processing to make this happen. Is there a way to tell which set-top box the DHCP request comes through? Is the box IPable or SNMPable? Can the box relay dhcp or is it just a layer 1 & layer 2 device that provides the transport for any network device plugged into it's ethernet port?

If it can relay and allows options, you could add DHCP option 82 to see where the packet came from. "It encodes a agent-local identifier of the circuit from which a DHCP discover/request packet was received.  It is intended for use by agents in relaying DHCP responses back to the proper circuit." But this will only work if the agent (set-top box) can be configured this way. - http://www.iana.org/assignments/bootp-dhcp-extensions/bootp-dhcp-option-82

Option 83 may also work for you. http://www.iana.org/assignments/bootp-dhcp-extensions/bootp-dhcp-option-83.

Again, you may need some higher level processing and logic at the set-top box layer, since you don't want to touch the clients. There may also be a LINUX DHCP alternative that provides this type of auditing and control of DHCP requests and offers based on the relay agent it comes through (option 82 or 83 above).

Of course most of this is moot if you can't talk the the set-top box via IP or SNMP or if there is no way for the box to acknowledge it relayed or detected specific DHCP traffic.
0
 
LVL 2

Expert Comment

by:klingonhero
ID: 10873598
Another though, are your users trackable per/port at your central hub? In other words, user x at location x has a port at your hub, or is user x part of an aggregate? Perhaps (using options) you can specify on a per port basis instead of the set-top box.
0
 
LVL 1

Expert Comment

by:CNix
ID: 10875149
I don't know about other switches, but if you have a cisco switch at the ISP end, it can possibly be done.
0
 

Author Comment

by:Ckesey
ID: 10881537
I don't think the set tops are smart enough to act as more than just
layer1/2 transport. They just basically bridge what ever we send across the
PVC to whatever is attached to their ethernet port.

The option 82 or 83 angle could work if we can figure out how to get the
redback router to send the ID and then how to make the server recognize that ID
and only give out one address based on that ID.

All the MACs show on the 2003 server so with some work you could find out
who is beating you on IP addresses but I would really rather have a way to
control what they get.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question