ScoobyJawa

Righto!

I've got a machine which is sitting on a management LAN acting as a DHCP server for 2 subnets which are in a Superscope.

One adapter has an address on 1 subnet, the other adapter has an address on the other subnet, both are plugged into switch serving the management LAN.

I need the clients on each subnet (all plugged into same switch) to be able to talk to each other.

I've enable IP forwarding on the DHCP server box, and as options in both scopes with the superscope. I've set option 3 in DHCP (router) as the DHCP server address, and all the information gets populated to the boxes, but they still can't talk to each subnet.

What am I doing wrong? Should I just be using 1 NIC?
Ta
Neil

ozzy

what's the default gateway on the PC's. If you do a traceroute do the PC's go to the dhcp box to try to talk to the other subnet??

you need to check box ends to make sure the ping reaches the remote host and the reply has a route back.

Also, you don't have any firewall software on the dhcp box do you that could interfere with your tests?

Stefan

Kieran_Burns

iTrader: (1)

You've got two NICs on the same Server? You can only have one default gateway, so one NIC will have that assigned and the other will need a static route table created. This is probably what is stopping the traffic getting around

Not being a comms guy i can't tell you HOW to configure it, but the switches can forward DHCP traffic through a network that is not on the same sub-net, so you can in theory have just the one card. Do a search on DHCP helper

ozzy

you only need a default gateway to tell a host where to find a network it doesn't know about. On the server itself it will keep its own routing tables update with both NIC subnets.

Where you may have a problem is the default gateway assigned to the PC's on the subnets. That gateway should be the server's NIC on the same subnet.

You only need to worry about additional gateways or static routes if there is another subnet involved outwith the dhcp box.

ScoobyJawa

Right getting somewhere.

I need a static route creating as Kieren said.

If I manually put it in using route add 192.168.112.64 mask 255.255.255.192 192.168.111.96 then it works and I can ping.

However if I add it into the DHCP scope options under option 33, it only allows me to input the network address and route, no option to stick in the mask (only allows pairs of ip's) so it defaults to 255.255.255.255, which obviously doesn't work!

There must be a way in DHCP to add the static route to the routing table with the correct mask...........?

ozzy

Where did you put the static route? PC(s) or Server?

ScoobyJawa

On the DHCP Client mate. It still gets all info from the server, but when added to the clients routing table manually its fine.

When I try and send the static route with the rest of the DHCP information to the client using DHCP option 33, it won't allow you to input a mask and so the route on the client ends up with a default of 255.255.255.255 (and thus doesn't work) instead of the 255.255.255.192 which I want and works! Gah!! LOL!

Kieran_Burns

iTrader: (1)

You don't need routes on the clients... they just go to the point of last resort, which is the default gateway... that's where you need to add the routes

smokebelch

Yep ...what he said!

The clients do not need to know anything but the address of the gateway.
Its then the servers job of routing.

ScoobyJawa

The clients are also on 2 seperate networks. The default gateway for the client is the production lan not the management lan so using that defaut gateway results in a fail, hence needing to add the static route to the client...............

I think! LOL!

smokebelch

From what ive read you have subnets a and b.
Clients on subnet A should use the ip address of the NIC you have in subnet A as their gateways and clients in subnet B should have the ip address of the NIC sitting in subnet B.
Setting up routing on the server will enable clients to see each other

ScoobyJawa

No theres 3!

Theres a management lan with subnets a and b. Half the clients are on a and half on b.
Seperately each of these are also on a production lan which is subnet c. The production lan NIC has the default gateway enabled.

I need the management lan NIC to be able to talk between subnets a and b..........

Kieran_Burns

iTrader: (1)

So you have TWO sub-nets hanging off one port? With a third hanging off a separate one?

If so you can have two IP addresses on one NIC...

ScoobyJawa

This is getting kinda confusing lol!

There is a management lan switch, that all the boxes have a NIC plugged in to.

There is a production LAN which all the boxes have a NIC plugged in to. (Hardcoded IP and Gateway etc).

The management LAN is split between 2 subnets, half the boxes on one and half on the other. Both are served by the same DHCP server (only plugged into the management lan, this server is not on production). The DHCP server has one NIC running an IP on one subnet, and another NIC running an IP from the second subnet - again both plugged into the management lan switch!

On the production side everything is hardcoded and works fine.

On management lan DHCP serves the addresses to 2 different subnets.

All works fine but boxes on one management subnet cannot talk to the machines on the other.

Default gateway on the client is in use for the production lan so all none known networks try to be reached through that, which of course fails.

Therefore I need a route setting up on the client to tell it which NIC to use for the other subnet.

This is where its failing. It works fine if I put in route add etc on the client. But for some reason when you try and serve a static route via DHCP (option 33) there is no way of putting in the netmask, thus the static route fails.

I'm just wondering if its not possible to do via DHCP? If not it means I need to go and hard code it round 60 boxes - doh!

Dunno if thats cleared it up anymore LOL! but I might just go round and hard code it, its almost impossible to find this info out from the net! Can't believe theres an option with DHCP to add a static route, but defaults the netmask to 255.255.255.255 - seems pointless, unless there is a way to change that?

ozzy

Well you only mentioned 2 subnets in your initial question and now there's 3. No wonder we're all confused you Muppet

Put the static routes on the servers as it's much easier to manage than each client.

The clients look at its default gateway (whichever server is on that subnet) and then that has a static route to the remote subnet.

Stefan

P.S. A diagram would've helped

Kieran_Burns

iTrader: (1)

I bleeding said that back on post 8, and he's still managed to not do it!

ozzy

LOL; there's no helping some people

ScoobyJawa

[Stupid mode activated!]

The default gateway is derived from the production lan as I said above.

The default gateways on all the production lan aim to not servers but cisco switches/routers.

So are you saying I need to configure static routes to the (switch/router) default gateway?

If so I think we're getting somewhere! LOL!

[/cretinous muppet mode disengaged]

Oh - and I can't upload a Visio diagram!!!

minted_aye

Use one one network card, you are causing yourselve extra work for no reason, the 2nd card in the machine I would normally connect directly to a router / external connection or vpn etc