Networking a basic question for the gods of subnets
This one is for the masters of Networking.
Currently we have a network Setup with a router which is also handling DHCP: the network is operating on the 192.168.1 range of I.P
Now I wish to create a isolated lab environment in which I want to setup a Server running WDS and this server running one nic would be connected to a isolated switch.
The server itself would be running it's own DHCP server as machines would obviously have to be able to contact WDS services.
Now the first question for the guild of networkers:
1) Can I give the server any static ip address if it is separate from our main network and would it still function as a DHCP server if it is isolated?
2) If I decided not to keep the server isolated and added it to our main network and ran the DHCP server how can I avoid it conflicting with our current DHCP setup?
I am not to clued up on networking so break it down for me guys explain the magic of subnet masks.
I will take a wild guess and say if I say set the i.p to 192.168.2.1 as opposed to 192.168.1.1 it would work?
Thank you for the patience and guidance my friends as always.
Currently we have a network Setup with a router which is also handling DHCP: the network is operating on the 192.168.1 range of I.P
Now I wish to create a isolated lab environment in which I want to setup a Server running WDS and this server running one nic would be connected to a isolated switch.
The server itself would be running it's own DHCP server as machines would obviously have to be able to contact WDS services.
Now the first question for the guild of networkers:
1) Can I give the server any static ip address if it is separate from our main network and would it still function as a DHCP server if it is isolated?
2) If I decided not to keep the server isolated and added it to our main network and ran the DHCP server how can I avoid it conflicting with our current DHCP setup?
I am not to clued up on networking so break it down for me guys explain the magic of subnet masks.
I will take a wild guess and say if I say set the i.p to 192.168.2.1 as opposed to 192.168.1.1 it would work?
Thank you for the patience and guidance my friends as always.
Microsoft's strategy to conquer the I.T industry
" Embrace, evolve, extinguish "
" Embrace, evolve, extinguish "
0
Comments
Somewhat confused at the question and somewhat outside of my expertise, but let's take a shot here. So, the closest DHCP server is usually used from my understanding. We use Windows for this, and is not something I am involved with. If you configure IP helpers (which I am involved with), it directs DHCP requests towards those configured IPs, which we are doing. If you were to do that and point everything to the correct DHCP server, you should be fine, but what hosts are you planning on having get DHCP from this new server? I have a lab environment that is on the network and does DHCP within my lab, and it does not ever hand out addresses outside of the lab. DHCP requests never reach the lab though, which is a result from my understanding of using IP helper configs.
My opinion is to keep it isolated, and only join it to the production network if you know in advance what it will end up doing. Last thing you want is a rogue DHCP server handing out the wrong addresses to the wrong clients.
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College
The DHCP discover is a broadcast, but when using IP Helpers, is the broadcast still flooded out or is it intercepted by say the layer 3 switch, and then forwarded as a unicast? This is something I've wondered but never really did make an attempt to learn more about, but this is as good a time as any to learn something lol.
I had a specific need for DHCP in my lab, which is really the only time I used DHCP personally aside from learning it a bit for a lab. We use Windows for all DHCP needs otherwise which is another team, so I simply have only known to just use IP Helper and really not much else. I know that DHCP did not cause any grief anywhere, and my phone registers successfully so it is most definitely on the network. The OP says isolated, but with potential to be on the network. I don't really know how to interpret this, because my lab is isolated yet on the network I would say. Naturally our actual DHCP servers are not on the same subnet as any user VLANs, and neither is my lab. I can't comment at all on Windows DHCP, but it must be possible for the OP to have it on the production network but only have specific host use it? I have heard of a rogue DHCP server though cause grief, definitely be careful!
Edit: I guess you really wouldn't say my set up is "isolated". It's on a reserved lab subnet, and it's very controlled to make sure nothing interferes, but is totally accessible.
I know, it's really confusing! When you use an ip helper, the agent sends a unicast to the DHCP server, which is why you can have it travel multiple hops. Then, when the DHCP server responds, it sends a unicast reply back to the helper, and the helper sends it back to the MAC that requested.
The reason why your phone works just fine is because of the VLAN tagging. A PC connected to the switch interface inline of an IP phone is still seen as on another network because of the VLAN tagging. I only have experience with Avaya IP phones, but in their configurations, you tell it to which VLAN it belongs, and the IP address of the DHCP server. That's how it knows which traffic to tag or not. I would assume Cisco IP phones would be configured in a similar manner.
Best way for the whole situation though is to create a virtual lab that has all these elements. Could be done with GNS3 and Virtualbox, with a computer that has enough hardware resources. Added benefit is being able to use Wireshark from within GNS3 to see everything.
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College
Great insight! When using Cisco phones and Cisco switches, you can define the user VLAN and also the voice VLAN, so a trunked port ends up not being configured but essentially I suppose you could say it works in a similar way. The voice VLAN only works if you use Cisco phones I do believe, and that is a result of CDP playing a part of the process in determining the voice VLAN. I believe the Cisco phone will tag phone traffic with the voice VLAN, and the traffic from the computer is un-tagged. The switch sees this and understands the traffic belongs to whatever VLAN the "switchport access vlan [VLAN #]" was configured for.
Sorry we got a bit off topic here OP!
Anyways maybe I need to explain a bit better
If I setup a server with one network card and have it connected to a switch and configure it with with say a i.p address of 192.168.1.2 would it still function as a DHCP server? Bearing in mind it is isolated and wouldn't have internet or connections to a router.
I guess the bit which is confusing myself is because obviously the server wouldnt be connected to s router. When assigning an i.p address what would I set the gateway address as? Or would it be the localhost?
Basic layout is Server connected directly to switch. I then plug clients in and they are given a i.p address from the server for PXE boot related operations.
^ that is what I am trying to achieve but in isolation from main network.
" Embrace, evolve, extinguish "
Okay, is this a layer 3 switch? If this is, then you are going to create a VLAN, and then a Switched Virtual Interface for that VLAN that will serve as the default gateway (192.168.1.1, guessing you want a mask of 255.255.255.0). Assign the port you plug the server into as the respective VLAN you have now created, and your server is now in business. If you plug a host in, assign it to that new VLAN as well. I believe the DHCP discover from the host will be broadcasted out ports connected to the same VLAN, so this should mean that this new server sees the discover and the DORA process is underway. Assuming this last statement is true (I do believe it is), then you will be okay in this setup. As for the technicalities for WDS and Windows DHCP and all that, I cannot provide any insight.
If I remember back a few years ago when I first started playing with WDS I created a server assigned it a static i,p and it handled the dhcp it was isolated and was purely connected to a switch no vlan or nothing. I will try and replicate it and see what happens.
But as I mentioned before would the gateway adddress be the server i.p? or do I not set a gateway in the above scenario
" Embrace, evolve, extinguish "
Master of Science in Information Security and Assurance - Western Governors University
Bachelor of Science in Network Administration - Western Governors University
Associate of Applied Science x4 - Heald College
If I rephrase my original question
do you need to have internet access / gateway access and DNS for a DHCP server?
If not can I just set a I.P for the server plug it into a switch and let it hand out DHCP to clients that connect to the switch?
If this is the case do I just setup a static I.P address, leave the gateway blank or would the gateway be the servers i.p? this is what is confusing me
" Embrace, evolve, extinguish "
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
" Embrace, evolve, extinguish "
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
I want to plug in a server separately assign it a static I.P and then connect it directly to a 6 port switch. The server doesn't need Web access it is a lab environment and is seperate. This server will be running server 2012 and will need to be setup as a DHCP server as I want anything that is plugged into the switch to get a I.p address from this server.
The question is when setting up I.p credetials for this server what do I specify the gateway as? Am I right in leaving it blank as there isn't a gateway or is the server acting as a gateway? My head hurts
" Embrace, evolve, extinguish "
I think this may help.
In Progress: Linux+/LPIC-1, Python, Bash
Upcoming: eJPT, C|EH, CSA+, CCNA-Sec, PA-ACE
If the server does not need web access, you do not need to give it a gateway address. A gateway separates broadcast domains or, in layman terms, it separates the big bad internet from your private network. So no, you do not need to assign a gateway address. You would need to create your DHCP scope on the server.
So if I am following correctly
a. Home Router - > 6 Port Switch <- ServerDHCP (DOES NOT NEED INTERNET ACCESS)
Or is it
b. 6PortSwitch <--- ServerDHCP
And you will have multiple hosts connected to this switch?
So first configuration, any PC you plug into that 6 port switch will pull an IP address from your home router.
Second configuration, any PC you plug into that 6 port switch will pull an IP address from that server, HOWEVER, will not have internet access.
If you want the PCs to have internet access, you will need to go with the first configuration and disable DHCP on your home router.
Next: CCNP (R&S and Sec)
Follow my OSCP Thread!
Server > switch
No gateway involved the server is connected directly to a switch. I want any client connecting to this switch to be able to make contact with the server. (PXE, WDS)
So regarding your second configuration in the above example.
When I specify the I.P Addy do I just leave the gateway and DNS blank and use a class C subnet mask if the Addy of server is 192.168.1.2 for example
Thank you for your reply you have hit the nail on the head of what I'm trying to achieve.
" Embrace, evolve, extinguish "
All the hosts when communicating to the server will discover the server is on the same subnet and will never need the gateway. The devices and DHCP server will "DORA" on the local subnet and never need to send traffic to the gateway.
Your 6 port switch will take care of the broadcasting for the devices to identify one another.
DNS is irrelevant. Unless you're going outside the network.
The only time a gateway is called is when traffic is destined to another network, which the device sending info will know because it's source IP is not on same network as the destination IP. That's when the device will say "I don't know who the hell this is" and send traffic to the gateway to figure out, and it's up to the gateway to send it to its respected network whether that's out to the internet or to another nearby layer 3 device.
Next: CCNP (R&S and Sec)
Follow my OSCP Thread!
Next: CCNP (R&S and Sec)
Follow my OSCP Thread!
" Embrace, evolve, extinguish "
Firstly if I hooked up server to a switch which is connected to our network setup a static i.p and configured it to hand out a small scope of i.p addys would this conflict with the dhcp server running on the router?
Secondly if I go down the isolation way and strictly connect server to a switch what do I do about DNS? according to technet this is a requirement for running services such as WDs. Can I run WDS without DNS?
Cheers dudes
" Embrace, evolve, extinguish "