I have two trusted zones on my firewall. Firewall rules / policies allow full communication between the trusted zones. both zones are in the same domain and both zones are physically located in the same building (on different floors).
Each zone has its own domain controller (DC), which is also the DNS server, WINS server and DHCP server.
I would like to implement redundancy with DHCP in case one of the DC's fails.
My understanding is that using DHCP relay agent will solve this problem.
What I don't understand is how each zone knows which ip addresses to use.
For instance, zone 1 uses 10.0.0.0 / 255.255.255.0; zone 2 uses 10.0.1.0 / 255.255.255.0
If the Scope of the DC in zone 1 is defined as 10.0.0.100.. .10.0.0.254 / 10.0.1.0..10.0.1.100 and scope of Dc in zone 2 is defined as 10.0.1.100..10.0.1.254 / 10.0.0.0..10.0.0.100, how does the DHCP server know which scope to use in its own zone? What prevents DHCP server from assigning ip addresses from the second zone within its own zone?