Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 100
  • Last Modified:

Need help thinking through a second DHCP with split scope

I need help thinking through this issue.

I have an AD 2003 environment - yeah I know, maybe next year I'll get around to upgrading :)

I have a single DHCP server with a number of scopes, but for the sake of this discussion, I'll say I have two - one goes to my main LAN and one to a separate VLAN on our Juniper switch that hands out a /22 scope for our VDI desktops.

We are woking on a DR solution.  The end product will be a VMware View host sitting at a remote site, normally connected to our network. I am configuring the servers with static IPs on our main LAN. The issue comes with the VDI desktops.  What I have done so far is to create another DC in our domain that lives on that VMware host. It is configured like any other DC. I have also installed DNS on it as well as a second DHCP server. What I was planning on doing was to go to the original DHCP server and change the scope size to cover 172.25.28.x -30.x instead of 31.x like it is now, Then I want to create a scope on the second DHCP server that looks the same, except it starts at 31.1 and goes to 31.254.  I had also thought about creating the same scope on both systems, but creating an exclusion for the 31.x segment on the first one and an exclusion for 28.x-30.x on the second one.

So my first question is - do either of these work and which would be the best way?

Secondarily, no matter what I do, how can I limit the virtual desktops in the production environment to ONLY get IPs from the first DHCP server and vice versa for the DR desktops.  If we were in a DR scenario this wouldn't be a problem because it would only see the one DHCP server.  I suppose that maybe it's not a deal if right now the get from both, but if possible I'd like to limit them.  I've thought about creating a new VLAN on the switch for the VDI DR environment and hooking the NIC connections to that VLAN, but I'm not sure how to specify the IP range in the switch.  If I start with 172.25.31.1 and go to 254 should I just specify the mask that belongs to that range or do the /22?  I am concerned that if I do a /22 it will somehow conflict with what DHCP is attempting to do; although I do limit the range in DHCP and if I do a /24 I have the same fear that it will somehow conflict with the DHCP server.  

So is there a "right" way to configure this and is there a way to make the DR desktops ONLY get IPs from the DR DHCP server?
0
jhyiesla
Asked:
jhyiesla
  • 3
  • 2
1 Solution
 
Don S.Commented:
If your DR is on the same switched vlan as production, then there really isn't a way to force a client to pick one particular DHCP server.  The first one to respond handles the request.  If you can put a router between the two networks, then the router can be set to not pass DHCP requests.
0
 
jhyieslaAuthor Commented:
I've requested that this question be deleted for the following reason:

Didn't have resources to test responder suggestion. Ended up creating two VLAN's and splitting scope.
0
 
Don S.Commented:
He apparently did what I suggested.  Question should not be deleted.
0
 
jhyieslaAuthor Commented:
I did NOT put in a router between the two. I left DHCP running on the original server, but changed the mask to only pick up part of the Supernet.  Then I spun up another DHCP server with only the missing IP segment and assigned it to it's own VLAN and hooked the virtual machines that would be using this to the same VLAN.  In this scenario virtual machines on the one VLAN picked up the DHCP requests from the original DHCP server and the other VLAN from the second.
0
 
Don S.Commented:
The point was that there is not a way to tell a client to chose which DHCP server to get their address from when the DHCP servers are on the same network.  You would need to separate the DHCP server onto separate networks.  If you still wanted accessibility between the networks then you would need to put a router (or enable routing at the switch level) between networks.
0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now