How to get DHCP relay working with Foundry and DELL Powerconnect

Posted on 2009-02-23
Last Modified: 2012-05-06
So my issue is subnetting my network and DHCP

I have 3 DELL Powerconnect 3448 switches, 1 5324 Power connect and 2 Foundry FGS624P switches that are on order

I had 1 large /16 network which I have changed to a /24 network with the plan to subnet the floors with vlans and do the same for our VoIP phones and Video. I have managed to get VLAN's up and running and am using our Watchguard Firewall to route between the subnets. If I assign clients, servers and cameras different addresses with static IP's comms are all good. But the DHCP relay is not available on any of the DELL switches so I cannot get DHCP assigned addresses on the other vlans apart from vlan 1. Which is a major issue especially for the VoIP phones.

I am trying to figure out whether using the Foundry switches (which do support DHCP relay) as my routing device will fix this issue? i.e will the DELL floor switches pass on the packets with the DHCP discover tag on to the Foundry router or will it just drop it?

I have a feeling the answer is I need new switches to achieve this but hoping I can work around this. I obviously want to be able to assign DHCP addresses on all vlans.
Question by:tec_expert
    LVL 7

    Expert Comment

    If you WG FB is the router then that is where the broadcast is not getting forwarded from:

    To configure the Firebox as a DHCP relay agent for the optional interface:

    Use your browser to connect to the System Status page. From the navigation bar, select Network > Optional.
    The Optional Network Configuration page appears.
    Select the Enable DHCP Relay on Optional Network check box.
    Type the IP address of the DHCP server in the related field.
    Click Submit. You must restart the Edge for the change to take effect.
    LVL 7

    Expert Comment

    This is ofcourse if you are using the optional interface as the target for you DHCP server.  Otherwise, you could also forward any  UDP port 68 from the client to your DHCP server (the server replies on port 67).

    Author Comment

    ok I was wondering if it was the Firebox that would drop it and not the switches. But I have a firebox X series which doesnt seem to have a DHCP relay option just a DHCP option? the Trusted  Interface is where my LAN is

    Author Comment

    sorry it's the Core Series. I  have an Edge series too  and can see the config you suggest am just tying to locate the same thing on the main firewall
    LVL 7

    Accepted Solution

    Well, switches are layer two which pass braodcasts such as DHCP REQ or ARP.  Routers do not.  Your subnet is called a broadcast domain because all machines will hear the request.  To answer your question, Yes, this is where the request is being blocked.   You should see this within the Real-Time Monitor.   Also, you need to ensure that you have now setup the correct subnets and sites with Active Directory if you are using it.

    You can create a custom service for UDP 67 and 68 and choose ignore for the client port.  Try to add this service from your internal networks and forward them to your dhcp server.  If this does not work, then you could always place a DHCP relay agent on each subnet with a pool of addresses.  It will then contact the Master DHCP and update the scopes.  This way you should only have to worry about a one-to-one transport.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
    Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    8 Experts available now in Live!

    Get 1:1 Help Now