Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

ESXi Vmware DHCP Domain(s) issue

Posted on 2009-05-05
10
Medium Priority
?
1,579 Views
Last Modified: 2012-05-06
I have two servers set up with ESXi, on an internal WAN only.

Physical host server #1 is 10.1.0.51
On server #1 is a domain called DomainA with subnet of 191.168.0.0/16.

Physical host server #2 is 10.1.0.55
On server #2 is a domain called DomainB with subnet of 190.168.0.0/16

All machines, host and clients are on the same infrastructure (10.1.0.0/23).  We require the infrastructure to be this way to reduce the number of fiber that is utilized.  
Both virtual servers are running DHCP and DNS.  The problem is that when DHCP is turned on it is not consistent of which ip subnet is assigned.  For example, if DomainA and DomainB DHCP are turned on, the workstation even though in DomainB will be assigned an IP address from DomainA.  If one DHCP service is turned off then of course the remaining server assigns the IP addresses, disregarding which Domain the workstation is in.

I have checked the DNS and DHCP for any references to the others domain.  I have looked in Active Directory for trusts.  I have looked at the ESXi installation but do not know enough about it to know if there is an issue.  Did not fill in any of the info requested for DNS on the ESXi server as they are on the 10. 1. 0 infrastructure IP range.

Does anyone have any ideas what I can do or should have done?  Thanks.

Marie


0
Comment
Question by:rmarie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
  • 2
10 Comments
 
LVL 22

Expert Comment

by:65td
ID: 24310193
Probably only want DHCP server for network, multiple DHCP will cause the issue currently experiencing.
Use one DHCP server.

MS DHCP doc:
http://download.microsoft.com/download/1/6/a/16a11c96-daa4-44a6-98ae-9f9ddb203b46/DHCP2003.doc
0
 

Author Comment

by:rmarie
ID: 24310812
Normally I would agree, but the infrastructure is on 10.1.0.0/23 and there are two different domains with a DHCP server on each domain, not two for one domain.  Also, the networks are in two different subnets, 191.168.0.0/16 and 190.168.0.0/16.  

I do not know how they are crossing over to each other and think it may be something in the ESXi setup.  Have vswitch0 setup on each ESXi server.

marie
0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24311392
Are both the DHCP Servers Windows based ?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 22

Expert Comment

by:65td
ID: 24312328
Sorry about that didn't see the 2 networks.

Are routers involved on the networks, if so are the IP helper addresses configured correctly for the networks?
0
 

Author Comment

by:rmarie
ID: 24315409
arunraju:  Yes both DHCP servers are Windows 2003 sitting on ESXi.

65td:  Routers and switches are involved but the backbone of the network is the 10.1.0.0/23 so the config of the routers/switches should not come into play.

As I said before, if I shut down one or the other DHCP server than addresses are handed out fine.

0
 
LVL 19

Expert Comment

by:vmwarun - Arun
ID: 24316785
Since both DHCP Servers are Windows, I suggest that you configure one DHCP Server with Multiple IP Scopes and configure another Server as a DHCP Relay Agent.

This would make the DHCP Server a single server that could lease IPs in both Subnets.

For more info about DHCP Relay Agent - http://technet.microsoft.com/en-us/library/cc783103.aspx
0
 

Author Comment

by:rmarie
ID: 24317728
arunraju:  Thanks for that, but we have the subnets in different domains and don't really want them to be able to talk or see each other, it would be a breach of security.  

What I want is when a laptop from domain DomainA logs on they receive their IP address from the DomainA DHCP Scope.  Right now what may happen is that the laptop is in Domain A but receives an IP address from Domain B.  It even registers it in the DNS with the foreign domain.

We do not want this.  If we were not on VMWare ESXi I can't help thinking this would not be happening.  Is there something in VMWare ESXi that I am missing?
0
 

Author Comment

by:rmarie
ID: 24320312
I have found something interesting in VMWare Infrastructure Client Configuration.  

The Network Adapter on both ESXi copies is showing the Observed IP Ranges of 190.0.0.1-191.255.255.254

Also, the Network on both copies of VMWare Infrastructure Client show as VMNet.

I think this is what is giving me issues with the DHCP servers and the domains.  We noticed that we can see both domains on any given workstation, which we did not give access to through AD.  

If there is a VMWARE ESXi expert out there I think this is the way to look.  

Thanks.
0
 
LVL 19

Accepted Solution

by:
vmwarun - Arun earned 1500 total points
ID: 24323814
Is one of the physical NICs connected to a trunk port on the Physical switch ?
0
 

Author Comment

by:rmarie
ID: 24330232
After researching the issue and some consultation from techs smarter than me, it is decided that I will set up the DomainA as Vlan10 10.1.0.0/23 and DomainB as Vlan 11 10.2.0.0/23 on the Cisco switch.  Because as arunraju asked, both of the physical nics are connected to a physical switch so this is the way to go.

I was trying to figure out how to use ESXi to separate the domains and perhaps it can be done but I think it is beyond my means of understanding.  Also this way is simpler.

Thanks everyone.  There was still some very good information that I have kept on file.

marie
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we’ll look at how to deploy ProxySQL.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question