2 DHCP servers, 2 subnets, 1 physical network
I am trying to add an Airport Extreme to our office network, but would like it to distribute IP addresses on a separate subnet from our primary network. Here is the basic network topology (hope it makes sense):
INTERNET
-ROUTER (DHCP Server for 192.168.1.*)
--WIRED CLIENTS (192.168.1.* clients)
--AIRPORT EXTREME (DHCP Server for 192.168.2.*, "Distribute Range of IP Addresses" mode)
---WIRELESS CLIENTS (Need to have 192.168.2.* IPs)
When I connect a wireless client, it always gets a 192.168.1.* address, but I want it to get a 192.168.2.* address. How can I force wireless clients onto that subnet and prevent the router from steal the DHCP requests?
Are there any DHCP debugging tools on OS X?
Much thanks,
/sam
Aha! I actually did do that before, but it gave me a Double NAT message so I tried something else. I didn't realize that it was just a warning, not an error.
Doing it this time around, I was getting errors that the public IP on my AEBS was conflicting with addresses of the private network of my AEBS. So I created yet another subnet and it seems to work great (my test is whether I can video iChat with the outside world and whether I can access my private network)
So here is my new setup:
INTERNET
-ROUTER (3 subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, DHCP serving up 192.168.1.* addresses)
--WIRED CLIENTS (192.168.1.*)
--AIRPORT EXTREME (IP: 192.168.2.1, DHCP serving up 192.168.3.*)
---WIRELESS CLIENTS (192.168.3.*)
Thank you guys so much for your help! Really made my day =)
Similar Messages
-
NetBoot and Multiple DHCP Servers
Hey everyone,
We have a NetBoot machine running here at my school (where I work). It was working like a champ until a couple of weeks ago when our network got upgraded and there are now 2 DHCP servers on our network. That, for some reason, is totally screwing up our NetBooting process.
Here's what I think is happening, and maybe someone can tell me if I right or wrong. NetBoot (or BSDP protocol) is a "broadcast" protocol. (That means it's always just floating around out there on the network. ) NetBoot (BSDP) protocol gets injected into the DHCP stream, and any machine that gets DHCP can get BSDP, and essentially NetBoot.
The problem is with BSDP. BSDP protocol wants to have all of it's "broadcasts" come from the same server. So when we had 1 DHCP server, everything was fine, because client machines would get their whole NetBoot process from one machine... all of the BSDP broadcasts were coming from our 1 DHCP server.
Now, we have 2 DHCP servers. What happens is, a client will get some of it's BSDP broadcasts from one DHCP server, and some from another... which it does not like at all.
I recently read somewhere that it is possible to somehow make one of our DHCP servers the "authoritative" server, to which all of the clients will go to get their NetBooting info.
Does this sound in any way right? Are we on the right track ? Has anyone seen this before? Any help would be greatly appreciated. Thanks a million.
MikeNow, we have 2 DHCP servers. What happens is, a
a client will get some of it's BSDP broadcasts from
one DHCP server, and some from another... which it
does not like at all.
Not unless your new DHCP server is also a NetBoot server and is set to provide NetBoot services. BSDP and DHCP are not the same thing. If what you were saying were true, it wouldn't be possible to have DHCP and NetBoot offered by different servers.
It IS possible, however, that the two DHCP servers are causing problems by both servicing DHCP requests for the same clients. If you've got multiple DHCP servers on the same subnet (or your router's configured to pass DHCP requests between subnets), you should make sure that only one of the DHCP servers answers requests from any given client. In our world, our Novell server is the default DHCP server on our subnet, but I keep a list of excluded MAC addresses on that server so that my Macintosh clients don't get addresses from it. On the Mac OS X server, I'm careful to limit my address ranges only to those machines which have static address maps in NetInfo. That way, our servers coexist, but they don't overlap.
It's not clear from your message whether your previously solitary DHCP server was your Mac OS X server, or whether one of the two DHCP servers is that box. But whatever the servers are, it might be helpful to turn off one of them to see if the same problem occurs (assuming you can, without major network disruptions). If that's not possible, can you talk to your network admins to see if there's some way to isolate your clients and one of the servers--in other words, see if there's some way to keep DHCP servers from responding to the same requests.
There may be any number of other reasons why this problem has cropped up. You may need to dust off a hub and a copy of Ethereal or EtherPeek to sniff what's happening on the network. You might also try NetBooting in verbose mode, to see where the process craps out. IIRC, there'a decent guide for this kind of troubleshooting over at Bombich's site (www.bombich.com).
Good luck.
David Walton -
Can OnPlus detect rogue DHCP servers?
On one of my customer's networks I seem to be getting a lot of duplicate IP addresses being detected. Assuming these messages are valid, I suspect there are additional DHCP server(s) on the network somewhere. It's a physically large building owned by a church with one flat (layer 2) network (wired and wireless) including different types of users (students, retired nuns, office workers, clergy). There are lots of opportunities for someone to connect nearly anything to the network.
I would like to be able to detect these possible rogue DHCP servers. Can the OnPlus that I have installed there help me? It has been nearly impossible to find the devices with dupes based on MAC address so far.
Thanks.Hi Chris,
ON100 supports rogue DHCP server detection by default (search OnPlus documentation for ROGUE DHCP events). The default behavior is that the ON100 learns the available DHCP servers on the network whenever the ON100 (re)boots, and if ever it sees broadcast DHCP server replies from a different source IP than the ones that were available, it will trigger this type of event. Unfortunately, if the rogue DHCP server is already present when the ON100 is booted on the network, the ON100 will consider it as pre-existing and therefore won't consider it as an invalid DHCP server.
You can override this simplistic behavior by adding an explicit DHCP monitor to one or more hosts on the network, this gives the ON100 a definitive list of authorized DHCP servers, and then only if a truly rogue DHCP server appears should you see these events.
The Duplicate IP monitor is a separate monitor altogether than the DHCP monitor (which additionally provides the rogue DHCP server detection) and doesn't necessarily indicate a rogue DHCP server on the network. I understand that misconfigured windows servers with ICS enabled are a common source of rogue DHCP servers on networks.
-mike -
Logical network to physical network mapping (subnets and VLANS) in SCVMM 2012 R2
In much of the blogs, documentation and literature on VMM, there are examples of deploying multiple logical networks onto one physical network i.e. Cluster (logical) + Storage (logical) + Backup (logical) + Live Migration (logical) + Management
(logical) on top of Datacenter (physical).
Does this mean it would be possible to have one (physical) flat VLAN-less network with one subnet and then have all those logical networks (with subnets and VLANs) on top of it? Even with a simple unmanaged L2 switch that doesn't support VLANs itself?
If not, just how do you map multiple logical networks to just one physical network? How does that work in practice? Is a L3 switch needed to route traffic between logical networks for example?Hi. VMM Networking may be overwhelmed for the most, at first. But you really need to understand the modeling here and how things are related to each other. Especially if using NIC teaming in WS 2012 (and R2) together with this mix.
I suggest that you read the following whitepaper where we explain how to setup networking in VMM (also to support network virtualization, but that is absolutely not mandatory): http://gallery.technet.microsoft.com/Hybrid-Cloud-with-NVGRE-aa6e1e9a
-kn
Kristian (Virtualization and some coffee: http://kristiannese.blogspot.com ) -
This is my urgent problem:
I have a physical machine with two physical network interfaces. I have a VMWARE player installed and a virtual machine that must use both cards on two different subnets, one directly public on the router and one intranet inside the company.
How can I just tell one net card to go on that sub and the other on the public sub ? Going crazy. Please help.
Thanks,
P.Using VMware Player Virtual Network Editor, create a additional bridged VMnet and bind each bridged VMnet to a different physical network adapter... on virtual machine, create a virtual network adapter to each subnet, and bind each virtual network adapter to a different bridged VMnet.
For additional help with virtual network editor, check this KB: VMware KB: Using the Virtual Network Editor in VMware Workstation -
Authorized DHCP Servers not showing up in Authorized list.
I have used ADSI edit to validate that the correct servers are under: CN=NetServices,CN=Services,CN=Configuration,DC=Domain,DC=com
Currently we are in 2003 R2 mode for the Domain but all of our DC's are Windows 2008R2.
I did find a value for showInAdvancedViewOnly is set to TRUE.
Thank you,
ScottIf you still have the ticket open with Microsoft Premier Support for the DHCP migration, I would contact the engineer that helped you explaining what you are seeing so they can resolve it. After all, it is part of the ticket.
Please note, that TechNet forum support is not aligned with Microsoft Premier Support. They are two separate entities.
In the meantime, you can try the following, but I would still email/contact the engineer assigned to your ticket for verification, since they are familiar with your infrastructure and servers. (This was quoted from:
http://support.iyogi.com/networking/internet/when-netsh-dhcp-show-server-command-is-executed-and-you-are-getting-invalid-dhcp-server-references.html )
Run the ‘Netsh’ command to verify, if the ‘CN=NetServices’ container contains the references to the invalid DHCP servers.
Check the properties of the DHCPROOT key under CN=Configuration, CN=Services, ‘CN=NetServices’, ‘DC=Domain’, and ‘DC=com’ to verify if there is a ‘DHCPServer’ attribute containing the references for the invalid DHCP servers.
Delete invalid references.
Force replication
After replication is successful, verify by executing the ‘netsh dhcp show server’ command.
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
This post is provided AS-IS with no warranties or guarantees and confers no rights. -
Why connect two dhcp servers with different IP addresses?
so for an assignment at college we had to configure a router connected to two switches which both had a server connected to them.
the computers were connected via dhcp to either server however each side had a different IP. we have now been asked to justify as to why two servers were used with different IP which I cannot quite produce a business orientated answer.
I can understand connecting two dchp servers on same IP to increase fault tolerance but I do not understand using two separate IP addresses.Hi,
Does “using two separate IP addresses“ mean 2 subnets which are connected by router?
If you have separately configured 2 DHCP servers on the 2 subnets, and want 1 of the 2 DHCP servers to provide fault tolerance for the other. You need to use an RFC 1542–compliant router, or DHCP relay agent, in order to forward DHCP broadcast traffic.
If there is any misunderstanding about your question, please correct.
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
I have two LANs and one internet connection. Each LAN has its own DHCP server. I want to be able to have internet access on BOTH LANs but don't
want to have a DHCP conflict between them.
The main LAN is a Time Warner Cable modem and a Cisco router running DHCP going to a 48 port switch that has all the workstations connected.
The second is a stand alone Windows 2012 WDS server which is ONLY use to image computers via WDS. The server is running DHCP as well and is connected to another 48 port switch where I connect systems that need to be imaged.
I want to be able to provide internet access on LAN with the Windows 2012 WDS server so after I image the computers I can download drivers direct from the internet. The Windows WDS server has two NIC cards but I am only using one. Is
it possible to configure this so the internet from the main LAN is shared to the WDS server and its clients without causing problems with the two DHCP servers? Here is a basic network diagram. Thanks!Hi Adam,
To share the internet on secondary VLAN, please follow the steps below:
Connect the secondary switch to Cisco router
Configure the devices on secondary VLAN to use Cisco router as its' gateway
Configure NAT for secondary VLAN on Cisco router
Due to different manufacturer has different ways to configure, for detailed configuration information, please consult the manufacturer of the switch and router.
Best Regards.
Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
WLC Controllers with Multiple DHCP Servers
Hello All,
I have a central office with (2) 4402 WLC's and about 25 Branch offices throughout the country. Currently all AP's are static IP'd with IP's from the local Branch office subnets. However the Clients all pull their IP's from a Central DHCP server here at corporate.
What I would like to do, is have clients get local branch office IP's from the AP located at that site. So rather than using a central DHCP server here at corporate using a single subnet for all wireles clients. Clients would be assigned local IP's by preferably local DHCP servers. I am having trouble finding an answer to this problem within the documentation. Any help or Ideas would be appreciated.were not using any radius type authentication. But I am still a bit hazy on how the hreap thing works, I did read the link and it is very helpful but I was kind of thrown into this one without much wireless background. Right now when I change an Ap to H-reap it somehow disables the a radio. I cant seem to get that back working which im not all that sure is even that big of a deal. The SSID is configured for local switching and central auth.
-
Multiple DHCP servers Not authorized to start in domain.
Hello all,
Suddenly in our network, we started noticing that DHCP servers are getting unauthorized automatically and stop servicing to their clients.
it is happening randomly to all my locations and post restarting the service and authorize the service will solve the issue.
I dont know why this behavior and still some dhcp servers are prompting with this issue.
Upon checking the evenlog, i am able to find that the event id "1046" with the error message loggind in those machines stating that
The DHCP/BINL service on the local machine, belonging to the Windows Administrative domain CORP.DRREDDYS.COM, has determined that it is not authorized to start. It has stopped servicing clients. The following are some possible reasons for this:
This machine cannot reach its directory service enterprise and it has encountered another DHCP service on the network belonging to a directory service enterprise on which the local machine is not authorized.
Please provide your inputs on this behavior.
Regards,
AndrewCould anybody update on this cause.
-
Guest Anchors and external DHCP servers
Hi,
We are using guest anchors (GA) for supporting wireless guest user.
Until now we used internal DHCP server on the GA but now we want to move to external.
For example:
The guest will reside on 192.168.0.x, this is separated by a firewall from the inside network and is not routable on the inside.(this is the guest interface of the GA)
The DHCP server will be somewhere on the internal network only reachable by GA's management interface.
Is it possible for DHCP requests to be forwarded to the DHCP server originating from the management interface?
If this is not how it should happen, than what other options are there for placing the external DHCP servers?
Let me know if you need more information regarding our solution..
Thank you,
LaszloHello Laszlo,
Yes, what you want to do can be done but there are few things that you have to consider.
First is that you are not going to use the WLC as the DHCP server so you should go to the interface configuration and point the DHCP server to the external one.
Now, what you want to do here is to make the wireless LAN controller a DHCP relay agent (or proxy), this way the wireless LAN controller is the one handling all the DHCP requests and it is going to be the one asking for an IP address in behalf of the client using the management interface. This behavior is enabled by default and I believe you have it already configured because it is necessary for the internal DHCP server of the WLC to work; it is configured on the "Controller" tab > Advanced > DHCP. On new versions of software this option is configurable by interface.
There is a catch though, if the DHCP server is an ASA or if the request has to go through an ASA or firewall, this might not work because by design some ASAs will drop every DHCP request comming from a relay agent so just consider this when you do these type of deployments.
If you have any questions let me know.
Best regards,
Marco Gonzalez
Cisco TAC TL -
I have three WinServer 2012 R2 domain controllers that also act as DNS and DHCP servers.
I have a guest wireless network that has its own subnect, 10.121.176.0/20
We have our DHCP scopes split this way across the three domain controllers with a DHCP lease time of 1 day
Domain controller 1, 10.121.176.11 - 10.121.181.255 for a total of 1,525 addresses
Domain controller 2, 10.121.182.0 - 10.121.186.255 for a total of 1,280 addresses
Domain controller 3, 10.121.187.0 - 10.121.191.254 for a total of 1,279 addresses
This gives us a total of 4,084 addresses to hand out on our guest wireless network which is plenty. I just looked at each servers stats and this is what I see
Domain controller 1 - 717 addresses in use, 808 available
Domain controller 2 - 900 addresses in use, 380 available
Domain controller 3 - 1280 address in use, 0 available
On domain controller 3 I am seeing lots of DHCP events
Event ID 1063 - There are no IP addresses available for lease in the scope or superscope "GuestWireless-176
Event ID 20287 - DHCP client request from 28E14CE87EFB was dropped since the applicable IP address ranges in scope/superscope GuestWireless-176 are out of available IP addresses
Two questions:
Once Domain Controller 3 rejects the DHCP request since it is out of addresses, will this request be fulfilled by one of my other two domain controllers?
Is there any way to even out the leases on these DHCP servers? Not sure the mechanism behind a client choosing one DHCP server over another1 yes, the dhcp server who's scope is full will not do a dhcp
'offer'
2 dhcp that answers fastest with a 'offer' will win. A delay is configurable (but changes nothing
about the root scenario were the fastest will win)
Note that if the scopes overlap on the servers, they might not lease out all the addresses in the scope.
I would enlarge the scope as you will want to fence against unavailability of one of the servers (or a network connection for that matter). you currently have more addresses leased out than any set of two of your servers can offer.
MCP/MCSA/MCTS/MCITP -
Using the personal hotspot feature on the iPhone 5, I am able to connect to the internet. We also use Juniper NCP client to access our local system from a remote location. A VPN connection is created, but I am unable to access servers in our network. This same functionality works using my colleagues iPhone 4.
Both phones are running iOS 6.1.3. I tried to reset network settings, but still unable to ping servers in our network. This is a feature that our sales team relies heavily on when out of the office. Hoping someone has some suggestions on what is different between the 2 phones.Hi,
Generally, this issue should be related with something called split tunneling, since you’re using a F5 vpn client, you need to look for something related to split tunneling in the F5 VPN client's documentations.
Here is an example, share it with you as a reference.
http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm_config_10_2_0/apm_config_networkaccess.html
In addition, you can refer to the link below for more solution about this problem.
You Cannot Connect to the Internet After You Connect to a VPN Server
http://support.microsoft.com/kb/317025
NOTE
This
response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you.
Microsoft
does not control these sites and has not tested any software or information found on these sites.
Yolanda Zhu
TechNet Community Support -
How should I add a new physical network interface to the system?
Hello:
I am about to test my own NIC driver.
I have used add_drv to add my driver.
I have assigned an IP address to the sytem in the /etc/hosts file and corresponding network mask in the /etc/netmasks file, too.
But when I tried to ping this IP address, it reported an error message saying"ICMP Host Unreachable from gateway localhost .....".
I wonder if the system knows this physical network address.
Does this have something to do with the /etc/hostname.* file?
If this is the case, what should I name the "*" part of this file?
Any advice will be appreciated.
StevenHello Shridhar:
Thanks for your kindly reply.
I just noticed that the system would try to plumb the interface during the booting process but failed with a error saying "ifconfig:plumb:XXXX:Bad file number", where XXXX is the * part of /etc/hostname.*
Does not mean I have assigned a illegal interface name to this interface?
It seems that man page doesn't contain any information about error messages.
I use the form XXX0, where XXX is the name of the NIC driver.
Any advice will be appreciated.
Steven
You should plumb the interface and bring it up with
the ifconfig command. Do a man on ifconfig for more
details. What was the add_drv command used ? Based on
your driver's name, you can setup the hostname.*
file's name to automatically setup and initialize the
NIC inetrface everytime the system boots up.
HTH
shridhar -
Automatic migration of servers in a networked application
Does anybody have any ideas about how to automatically migrate servers in a networked
application? The tmadmin utility has commands to suspend/resume and migrate servers,
which you can invoke manually when a node fails. But how can we automate this
process?Peter
We expect to be using a cluster, so I guess I will use the cluster infrastructure
to fire off scripts.
Thanks
Tom
Peter Holditch <[email protected]> wrote:
Tom,
You can write code with the MIB to migate servers. This code could also
poll
the MIB to detect failures.
Beware, however, that a temporary network failure could look like a machine
failure, in which case automatic migration could cause more problems
than it
solves. That's why Tuxedo doesn't attempt automatic migration.
For very HA solutions, a hardware HA system such as HP's MCServiceGuard,
Veritas, etc. would fire scripts to migrate the Tux servers when a failure
was
(reliably) detected.
Regards,
Peter.
Got a Question? Ask BEA at http://askbea.bea.com
The views expressed in this posting are solely those of the author, and
BEA
Systems, Inc. does not endorse any of these views.
BEA Systems, Inc. is not responsible for the accuracy or completeness
of the
information provided
and assumes no duty to correct, expand upon, delete or update any of
the
information contained in this posting.
Tom Hogan wrote:
Does anybody have any ideas about how to automatically migrate serversin a networked
application? The tmadmin utility has commands to suspend/resume andmigrate servers,
which you can invoke manually when a node fails. But how can we automatethis
process? -
How many physical Network Adapter required for to implement NVGRE Gateway ?
Hello Guys,
Would like to know how many physical Network Adapter required to implement network virtualization including the technologies such as Windows Azure Pack| system center 2012 R2 & Hyper-V 2012 R2.
Thanks
NM-BGA quick search of TechNet will turn up all sorts of step-by-step and overviews and blogs with lots of information about how to configure and setup. Minimum of two. Actual configurations may vary according to business needs and requirements.
. : | : . : | : . tim
Maybe you are looking for
-
Arrays or Spreadshee​ts? Help with School Excercise
Hello there, my Control Systems Engineering professor will make us a LabView test in a couple of weeks, although he won't actually teach us the software, but rather we need to get our hands dirty. Anyways, I'm trying to resolve this excercise: Proble
-
I accidently uninstalled Bonjour and need to re install it. If I do what is suggested and uninstall i tunes and reinstall it, will I lose all my songs etc that I already have on i tunes?
-
Hello i have ipod touch since two years. A few days ago i have to restore my ipod, and now i'm trying to download skaype agin but i can't.. It tells me the skype requiers only iOS 4.3. I'm not sure what i can do it never happends me before. Thank you
-
Rejection of a purchase order or purchase requisition.
Hello, I know this is a question that was asked many times before, but nobody was able to give a clear answer to it. The objects purchase order(BUS2012) and purchase requisition(BUS2105) do not have between their methods, the rejection. But they cont
-
Disable or uninstal HP ProtectTools security manager
My fingerprint scanner has gone down. I assume it is a hardware issue as have gone through all HP recomendations to get it working at: http://h10025.www1.hp.com/ewfrf/wc/document?cc=us&dlc=en&docname=c02519007&lc=en&jumpid=reg_r1002_us... but nothing