cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3889
Views
0
Helpful
21
Replies

DHCP request through accesspoint and router

joris_struijk
Level 1
Level 1

This is how our setup is like:

Laptops => Cisco 1100 AP(static IP) => Wired LAN (Subnet 1) => Cisco Router => Wired LAN (Subnet 2) => DHCP server

What i would like is that the DHCP-request from our laptops is forwarded/relayed through the AP and Router to the DHCP-server and back.

We dont want to use the AP's internal DHCP server but centralise this.

At the moment i'v configured the AP through CLI and added the following command: ip dhcp-server xx.xx.xx.xx

Where xx is the IP of the DHCP server

On the Router i'v added the command ip helper-address xx.xx.xx.xx

Where xx is the IP of the DHCP server

Don't know if this is the correct way, but i do know it isn't working.

Some help is realy appreciated.

Grx,

Joris

21 Replies 21

kka
Level 5
Level 5

With your setup you don't need any DHCP configuration on the AP.

The AP works as bridge between the radio IF and the Ethernet IF,

this includes DHCP.

Just as you wrote configure "ip helper-address ..." on the router's

IF connected to Subnet 1. Make sure DHCP is enabled on the router,

("service dhcp" is default, invisible in the config).

So yust remove the "ip dhcp-server" command in the AP and setup the LAN side with a static IP (like i have done already). This should do the trick?

And on the 3600 router i have to use the "ip helper-address" command to forward the request.

But, then what is the AP's "ip dhcp-server" command good for? When should i use it?

If you are using DHCP to assign an IP address to your AP, i.e.

interface BVI 1

ip address dhcp

you can limit the DHCP servers from which the AP accepts

DHCP leases with "ip dhcp-server x.x.x.x".

Ok, i'v fixed that problem by configuring a right scope.

Next major problem that's bothering me the whole day.

The DHCP server has to be placed behind a Windows 2003 server with router functionality. This server will be promoted to an ISA server later in the project. First we have to setup the connection properly.

I'v setup the 3600 router with the approperiate "ip helper-address xx.xx.xx.xx" command. This works.

The DHCP server that's going to serve the IP-addresses is placed behind a Windows 2003 server with DHCP-relay installed.

Interface 1 of the Windows 2003 Router is connected to the Cisco router, interface 2 is connected to the subnet where the DHCP server resides. This Windows 2003 router has to forward the already forwarded DHCP request to the correct DHCP server.

That's the problem, i don't know how to let Windows 2003 correctly forward the Cisco router's DHCP request.

HELP ;)

I'm not familiar with Windows DHCP server, but I guess

it supports standard DHCP including evaluating the

giaddr field from the DHCP relay.

You only need one DHCP relay (your Cisco router).

Between the router and your DHCP server the DHCP traffic

is unicast, so you have to make sure that the routing

between the DHCP server and the router's IP (giaddr)

in your Subnet 1 works.

Are you able to present me with some tips to check that connectivity is correct? We tryied to ping the DHCP server from the router and that seemed to work.

Maby were missing something.

You need at least the following connectivity for DHCP relay to work.

Between the DHCP relay agent and the DHCP server:

- UDP Port 67 <-> UDP Port 67

Between the DHCP server and the DHCP client:

- UDP Port 67 <-> UDP Port 68 (renewing/releasing a lease)

- ICMP echo (Most DHCP servers check if an IP is still free)

On the Cisco router you can use some debugging commands

to check that relaying works.

(This might produce a lot of output, careful on a production system.)

#term mon

#debug ip dhcp server packet

#debug ip dhcp server events

For Subnet 1 with the router's IP 10.0.0.1 and two configured

DHCP servers (192.168.0.1, 192.168.9.1) as "ip helper" a successfull

exchange looks like this:

DHCPD: DHCPREQUEST received from client 0100.aabb.bbcc.cc.

DHCPD: setting giaddr to 10.0.0.1.

DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 192.168.0.1.

DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 192.168.9.1.

DHCPD: forwarding BOOTREPLY to client 00aa.bbbb.cccc.

DHCPD: Forwarding reply on numbered intf

DHCPD: creating ARP entry (10.0.0.49, 00aa.bbbb.cccc).

DHCPD: unicasting BOOTREPLY to client 00aa.bbbb.cccc (10.0.0.49).

#undebug all

I would also try to ping the router's IP in Subnet 1 and a client

with a fixed IP in Subnet 1 from the server. (The DHCP server uses

this to check if a lease is actually free before handing it out)

Otherwise it's time for packet sniffing on the DHCP server

and the client. (snoop, tcpdump, ethereal)

Were debugging right now.

We checked the routes (OK) pinging in both ways, server to client(with static IP at the moment) and back (OK)

Still our client gets no IP when set to auto

Our result is as following:

DHCPD: setting giaddr to 10.6.32.1

DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 10.6.0.2

And this ofcourse with the right MAC (to much typing)

Nothing comes back to the router, but we know the routes are confirured correctly.

Now what? Were stuck here.

Additional question1:

What exactly do you mean with "giaddr"? An how can i check that this is setup and routed correctly?

Additional question2:

Is it possible for routers (non Cisco, Windows) to reroute the request to other subnets (this is what we need)?

giaddr is a field in the DHCP packet. It contains the IP address

of the DHCP relay agent. In your example it's the router's IP

in Subnet 1. The DHCP server uses this to find the right

DHCP-pool and as destination address for its answers.

Not sure what exactly you mean by "reroute the request to other subnets".

But if you mean is it possible to use one DHCP server for several

subnets, the answer is yes. DHCP-pool and reply address can be

evaluated from the "giaddr" field in the DHCP packet. The rest

is simple IP routing between the DHCP server and the DHCP relay agent.

Basically you need routing for every subnet between the DHCP server and the relay.

Thx for the great responce so far.

I am at home right now, so testing is the first thing i'll be doing in the morning.

More to come tomorrow.

Grx,

Joris

Were debugging right now.

We checked the routes (OK) pinging in both ways, server to client(with static IP at the moment) and back (OK)

Still our client gets no IP when set to auto

Our result is as following:

DHCPD: setting giaddr to 10.6.32.1

DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 10.6.0.2

And this ofcourse with the right MAC (to much typing)

Nothing comes back to the router, but we know the routes are confirured correctly.

Now what? Were stuck here.

Were monitoring the DHCP server right now and it recieves DHCPdiscover packets from the Cisco relaying router and nothing else. No offer, nothing. What could be the problem of this?

DHCPOFFER ist the reply from the DHCP server to the client.

The DHCP transfer works like this:

Client --DHCPDISCOVER--> DHCP relay agent --DHCPDISCOVER--> DHCP server

Client <---DHCPOFFER---- DHCP relay agent <---DHCPOFFER---- DHCP server

Client ---DHCPREQUEST--> DHCP relay agent ---DHCPREQUEST--> DHCP server

Client <----DHCPACK----- DHCP relay agent <----DHCPACK----- DHCP server

Looks like your DHCP server isn't answering the forwarded

DHCPDISCOVER from the client.

Does your DHCP server on 10.6.0.2 have a pool for the 10.6.32.0 net?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: