cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1133
Views
0
Helpful
1
Replies

DHCP Crossing VLANS!?!?

gregorymwatson
Level 1
Level 1

Problem: We have a lab router (2620) on the outside of our local LAN. The router is set up do give public IP's. It is connected to the local LAN by a VLAN (island). A few days ago we had a hand full of user on a completely separate internal VLAN pull IP's from this "external" router. We shut down the port while we looked in to it. We found nothing that would elude to this being able to happen. We re-enabled the port and haven't had any more issues. So I was hoping someone could enlighten me on what might have taken place.

1 Reply 1

pwwiddicombe
Level 4
Level 4

Do you have ANY possible physical path from that interface to the vlan where the users are? Could someone have inadvertently cross-connected something unintentionally or other (even as a test)? You can forward IP requests that would cross VLAN boundaries via DHCP helper-address, but it will still only provide IP addresses suitable for the interface (and ANY interface) physically connected to the users' VLAN or physical segment.

I have seen users connect a linksys router onto a network, and the linksys will then provide bogus addresses for the network; but that's perfectly explainable, as it's effectively a DHCP server directly connected.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: