• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 688
  • Last Modified:

3 Vlan's fail over 3 DHCP Servers - Redundant DHCP

The ideea is to have e vlan 's it doesn't matter the name that fail over 3 DHCP Servers

setup to be donw on a Cisco 2950 Switch and maybe a C 1841 >???

1105080925.jpg
0
NewGuyOnCisco
Asked:
NewGuyOnCisco
  • 8
  • 3
1 Solution
 
lrmooreCommented:
The 2950 is a L2 only switch, so you can't set it up for anything to do with DHCP. All it will do is merely pass the dhcp broadcast packets out every port.
Assuming that the 1841 router is the WAN in your drawing, what are the other two boxes at the top?
Why do you want redundant DHCP? By simply increasing the scope lease time, you can increase resiliency of the network. If your lease time is 7 days, then the dhcp server can be down for 7 days before it affects anything.
Do you really want the same IP subnet on the network across the WAN, or is this just another DHCP server for the local clients?
If the WAN box is the 1841, just make sure you enable ip helper-address on the local LAN interface with the IP address of the remote dhcp server.

0
 
NewGuyOnCiscoAuthor Commented:
I really do not know ....What equipment do you recommend for this setup ?

Also can you please put me a complete Cisco configuration for something like this ..

From what i heard this was for in case one of the DHCP server goes down so the other one will take controll etc ...

Thank you in advance
0
 
lrmooreCommented:
Do you have Windows server to use as one DHCP server?
If yes, then setup a scope using the lower half of the IP addresses.
Then setup the 1841 router as dhcp server using the upper half of the IP addresses so they don't overlap.
Each VLAN is a different IP subnet.
This is what the 1841 config might look like, connected to the 2950 switch:

ip dhcp excluded-address 192.168.1.1 192.168.1.128
ip dhcp excluded-address 192.168.2.1 192.168.2.128
ip dhcp excluded-address 192.168.3.1 192.168.3.128

ip dhcp pool VLAN1
    network 192.168.1.0 255.255.255.0
      default-router 192.168.1.1
      lease 7   <== 7-day lease time
      dns-server 192.168.1.10  <== local DNS server or public DNS server
!
ip dhcp pool VLAN2
    network 192.168.2.0 255.255.255.0
      default-router 192.168.2.1
      lease 7
      dns-server 192.168.1.10  
!
ip dhcp pool VLAN3
    network 192.168.3.0 255.255.255.0
      default-router 192.168.3.1
      lease 7
      dns-server 192.168.1.10
!
interface Fast 0/0
  description TRUNK port to switch
  ip address 192.168.1.1 255.255.255.0
!
interface fast 0/0.2
  encap dot1q 2
  ip address 192.168.2.1 255.255.255.0
!
interface fast 0/0.3
  encap dot1q 3
  ip address 192.168.3.1 255.255.255.0
!
ip route 192.168.1.254  <=== local firewall, or whatever is default route to Internet
<other WAN route statements>

SWITCH configuration example:
vlan 2
vlan 3
interface fast 0/1
 description trunk port to router
 switch mode trunk
 switch trunk encap dot1q
!
interface range fast 0/10 - 16
 switch access vlan 2
interface range fast 0/17 - 24
 switch access vlan 3

Switch ports 10 - 16 are assigned to vlan 2
Switch ports 17 - 24 are assigned to vlan 3
All other ports are in default vlan 1
Anything connected to vlan 1 will get IP address 192.168.1.129+
Anything connected to vlan 2 will get IP address 192.168.2.129+
Anything connected to vlan 3 will get IP address 192.168.3.129+
You can put another DHCP server on each vlan with scope set for the lower range 192.168.x.2-128 so that it does not overlap with the scopes on the router.


0
Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

 
NewGuyOnCiscoAuthor Commented:
Thank you and god bless ...i will try that and let you know .


0
 
NewGuyOnCiscoAuthor Commented:
over 3 dhcp Servers


I hope i answer right to what you asked me for
0
 
NewGuyOnCiscoAuthor Commented:

 Password:
1841dhcp#sh run
Building configuration...

Current configuration : 1756 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 1841dhcp
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$YC7p$5LCA4ui.B9o9laBhO.LPA.
enable password mucles007
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip routing
no ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.128
ip dhcp excluded-address 192.168.2.1 192.168.2.128
ip dhcp excluded-address 192.168.3.1 192.168.3.128
!
ip dhcp pool VLAN1
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 192.168.1.10
!
ip dhcp pool VLAN2
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1
   dns-server 192.168.1.10
!
ip dhcp pool VLAN3
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1
   dns-server 192.168.1.10
!
!
!
!
!
!
!
!
controller T1 0/0/0
 framing esf
 linecode b8zs
!
controller T1 0/0/1
 framing esf
 linecode b8zs
!
!
!
!
interface FastEthernet0/0
 description TRUNK port to switch
 ip address 192.168.1.1 255.255.255.0
 no ip route-cache
 speed auto
 half-duplex
 no mop enabled
!
interface FastEthernet0/0.2
 encapsulation dot1Q 2
 ip address 192.168.2.1 255.255.255.0
 no ip route-cache
 no snmp trap link-status
!
interface FastEthernet0/0.3
 encapsulation dot1Q 3
 ip address 192.168.3.1 255.255.255.0
 no ip route-cache
 no snmp trap link-status
!
interface FastEthernet0/1
 no ip address
 no ip route-cache
 shutdown
 duplex auto
 speed auto
!
ip classless
!
ip http server
no ip http secure-server
!
disable-eadi
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password mucles
 login
!
end

1841dhcp#
0
 
NewGuyOnCiscoAuthor Commented:
2950DHCP#
2950DHCP#sh run
Building configuration...

Current configuration : 1654 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 2950DHCP
!
enable secret 5 $1$1erB$XJsuwRPJ9AFIXdlx4ViQB1
enable password mucles007
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
 description trunk port to router
 switchport mode trunk
!
interface FastEthernet0/2
!
interface FastEthernet0/3
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
 switchport access vlan 2
!
interface FastEthernet0/11
 switchport access vlan 2
!
interface FastEthernet0/12
 switchport access vlan 2
!
interface FastEthernet0/13
 switchport access vlan 2
!
interface FastEthernet0/14
 switchport access vlan 2
!
interface FastEthernet0/15
 switchport access vlan 2
!
interface FastEthernet0/16
 switchport access vlan 2
!
interface FastEthernet0/17
 switchport access vlan 3
!
interface FastEthernet0/18
 switchport access vlan 3
!
interface FastEthernet0/19
 switchport access vlan 3
!
interface FastEthernet0/20
 switchport access vlan 3
!
interface FastEthernet0/21
 switchport access vlan 3
!
interface FastEthernet0/22
 switchport access vlan 3
!
interface FastEthernet0/23
 switchport access vlan 3
!
interface FastEthernet0/24
 switchport access vlan 3
!
interface Vlan1
 no ip address
 no ip route-cache
 shutdown
!
ip http server
!
line con 0
line vty 0 4
 password mucles
 login
line vty 5 15
 password mucles
 login
!
!
end

2950DHCP#
0
 
NewGuyOnCiscoAuthor Commented:
Can you please send me the complete configs for boith Cisco 1841 and Cisco 2950 ....

I was not able to enter everything you asked me to .....

Thank you so much in advance

Please post me both correct configs per your expertise


0
 
lrmooreCommented:
It looks like both of your devices have taken the exact configuration that I posted as example.
Connect Fast 0/0 on the router to Fast 0/1 on the switch.
Then post result of "show ip int brief" from the router

>dns-server 192.168.1.10
Just make sure that this is an actual DNS server

You also need a default route configured on the router.

ip route 0.0.0.0 0.0.0.0 192.168.1.254
Where the gateway is your local firewall or Internet router..

0
 
NewGuyOnCiscoAuthor Commented:
Thank you
0
 
NewGuyOnCiscoAuthor Commented:
You are the best
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

  • 8
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now