cisco router set as a dhcp server w/ sub interfaces
Results 1 to 8 of 8

Thread: cisco router set as a dhcp server w/ sub interfaces

  1. #1
    Junior Member
    Join Date
    Oct 2005
    Posts
    16

    cisco router set as a dhcp server w/ sub interfaces

    This is related to my previous post, but I thought I would start a new one since it is a different problem. I have this router set up as a dhcp server. Does anyone know how to set up three different dhcp pools and have each one apply to a different sub interface (vlan)? Or is that even possible? Thanks

  2. #2
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    Be sure it is possible , you can have multiple pools on one server...

    Router(conf)#ip dhcp pool [pool-name]
    Router(dhcp-conf)#network [network number mask|length-prefix]

    there are other options like default router,dns server, lease (default is 24h) in dhcp-conf but you can figure it out with "?".
    Only those who dare to fail greatly can ever achieve greatly.

  3. #3
    Junior Member
    Join Date
    Oct 2005
    Posts
    16
    yeah I see that you can creat multiple pools, but I wanted to make sure that pool "A" only hands out ip addresses to sub interface f0/1.1 and pool "B" only hands out ip addresses to sub interface f0/1.2. I haven't seen any commands that jump out at me to make that happen.

  4. #4
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    No, to the best of my knowledge there is no easy way to do this. The dhcp server software sits at a higher level than the vlan software. My best recommendation would be to carefully assign the pools the dhcp server uses into the appropraie subnets.

    Let's assume you have:
    fa0/0.1 at 10.10.10.0/26
    fa0/0.2 at 10.10.10.64/26
    fa0/0.3 at 10.10.10.128/26

    You would then need dhcp pool assignments like this:
    Code:
    ip dhcp pool A
    network 10.10.10.0/26
    default-router 10.0.0.1
    dns-server 10.0.0.1
    domain-name foo.com
    
    ip dhcp pool B
    network 10.10.10.64/26
    default-router 10.0.0.1
    dns-server 10.0.0.1
    domain-name foo.com
    
    ip dhcp pool C
    network 10.10.10.128/26
    default-router 10.0.0.1
    dns-server 10.0.0.1
    domain-name foo.com
    This would only assign addresses from pool A to the 10.10.10.0/26 network, which is the network attached to fa0/0.1. To further secure the network, you could also add access rules preventing an address other than that which can be dynmaically assigned from the server from leaving the subinterface, with something like this
    Code:
    ROUTER(config)# access-list 100 permit ip 10.10.10.0/26 0.0.0.0/32
    ROUTER(config)# access-list 100 deny ip any any
    
    ...
    
    ROUTER(config)# interface fa0/0.1
    ROUTER(config-if)# ip access-group 100 out
    Which will check all traffic outbound from the fa0/0.1 interface against access list 100. In this case, if the traffic is coming from an address other than the 10.10.10.0/26 network, it will be denied. So clients can still statically assign themselves addresses outside of thier assigned subnet, but will be unable to send anything from those addresses if they do.

    Although what you need can be accomplished with the first method alone, I think a combination of both these methods is what you are looking for.

    Mind you, someone may have an easier way if you feel like waiting some more.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  5. #5
    Junior Member
    Join Date
    Aug 2004
    Posts
    14
    When you configure dhcp pool you configure network and the subinterfaces represent different networks so the router is not that stupid to give out address to host on a network where that address with that subnet mask would be wrong. For example you have 3 networks on subinterfaces fa0.1 fa0.2 fa0.3 each subinterface is a different network with different address and router knows which network is on which subinterface.
    Only those who dare to fail greatly can ever achieve greatly.

  6. #6
    Junior Member
    Join Date
    Oct 2005
    Posts
    3
    The router addresses are not correct. They have to be in the same subnet as the DHCP range.

    ip dhcp pool A
    network 10.10.10.0/26
    default-router 10.0.0.1 -> Has to be: 10.10.10.1 for example...
    dns-server 10.0.0.1
    domain-name foo.com

  7. #7
    Senior Member
    Join Date
    Oct 2002
    Posts
    1,130
    Whoops. I stand corrected

    [insert random excuse for obvious error here]
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  8. #8
    Junior Member Surface's Avatar
    Join Date
    Oct 2005
    Posts
    7
    I have a suggestion of my own :: this one is real simple but i havent tried it before just that this looks logically very correct to me !!

    step 1: What you can do is set the router or just add a computer in one of your networks as a DHCP server .

    Step 2: configure your cisco router as a "dhcp relay agent" for the rest of the networks !!!

    use help commands/ www.cisco.com for the entire configuration !!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •