Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


How to get DHCP relay working with Foundry and DELL Powerconnect

Posted on 2009-02-23
Medium Priority
Last Modified: 2012-05-06
So my issue is subnetting my network and DHCP

I have 3 DELL Powerconnect 3448 switches, 1 5324 Power connect and 2 Foundry FGS624P switches that are on order

I had 1 large /16 network which I have changed to a /24 network with the plan to subnet the floors with vlans and do the same for our VoIP phones and Video. I have managed to get VLAN's up and running and am using our Watchguard Firewall to route between the subnets. If I assign clients, servers and cameras different addresses with static IP's comms are all good. But the DHCP relay is not available on any of the DELL switches so I cannot get DHCP assigned addresses on the other vlans apart from vlan 1. Which is a major issue especially for the VoIP phones.

I am trying to figure out whether using the Foundry switches (which do support DHCP relay) as my routing device will fix this issue? i.e will the DELL floor switches pass on the packets with the DHCP discover tag on to the Foundry router or will it just drop it?

I have a feeling the answer is I need new switches to achieve this but hoping I can work around this. I obviously want to be able to assign DHCP addresses on all vlans.
Question by:tec_expert
  • 3
  • 2

Expert Comment

ID: 23717075
If you WG FB is the router then that is where the broadcast is not getting forwarded from:

To configure the Firebox as a DHCP relay agent for the optional interface:

Use your browser to connect to the System Status page. From the navigation bar, select Network > Optional.
The Optional Network Configuration page appears.
Select the Enable DHCP Relay on Optional Network check box.
Type the IP address of the DHCP server in the related field.
Click Submit. You must restart the Edge for the change to take effect.

Expert Comment

ID: 23717131
This is ofcourse if you are using the optional interface as the target for you DHCP server.  Otherwise, you could also forward any  UDP port 68 from the client to your DHCP server (the server replies on port 67).

Author Comment

ID: 23717297
ok I was wondering if it was the Firebox that would drop it and not the switches. But I have a firebox X series which doesnt seem to have a DHCP relay option just a DHCP option? the Trusted  Interface is where my LAN is

Author Comment

ID: 23717311
sorry it's the Core Series. I  have an Edge series too  and can see the config you suggest am just tying to locate the same thing on the main firewall

Accepted Solution

crokeefe28 earned 1500 total points
ID: 23717852
Well, switches are layer two which pass braodcasts such as DHCP REQ or ARP.  Routers do not.  Your subnet is called a broadcast domain because all machines will hear the request.  To answer your question, Yes, this is where the request is being blocked.   You should see this within the Real-Time Monitor.   Also, you need to ensure that you have now setup the correct subnets and sites with Active Directory if you are using it.

You can create a custom service for UDP 67 and 68 and choose ignore for the client port.  Try to add this service from your internal networks and forward them to your dhcp server.  If this does not work, then you could always place a DHCP relay agent on each subnet with a pool of addresses.  It will then contact the Master DHCP and update the scopes.  This way you should only have to worry about a one-to-one transport.

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question