Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
618
Views
7
Helpful
13
Replies

Cisco 1600 11.1/Windows 2000 DHCP issue

Go to solution
e.vorrie
Level 1
Level 1

‎02-25-2003 08:02 AM - edited ‎03-02-2019 05:21 AM

I have 2 1600's 11.1 with 1 ser and 1 eth on each. I'm planning to use these for lab purposes, segmenting our main network to create a new network with just internet access via our main domain/network. The router bordering our network is able to resolve DNS through pinging hostnames. The router bordering the lab network can't. Router's are functional, I'm able to send DHCP requests through them, but no replies from our DHCP server (only 1 in this domain). This is an all Windows 2000 environment, no NT boxes. I've used ip helper, forward-protocol udp, domain-list, domain-name, even a Windows 2000 relay agent. Still nothing. Thanks in advance for any insight on this.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
thisisshanky
Level 11
Level 11
In response to e.vorrie

‎02-25-2003 01:23 PM

Ok got that.

Now picture is pretty clear.

Reason for Border lab router not able to reach the DHCP server can be explanined as follows.

I will call Border Lab router, as BLR and the Border Domain router as BDR. Let your gateway (10.0.0.1) be G and DHCP server DS.

BLR will try to ping DS(src = 192.168.1.2, dst = ip add of DS) . The packet is forwarded to BDR. BDR knows how to reach 10.0.0.0. So it forwards the packet directly to DS. DS wants to reply back. When it sees the destination ip add. is in 192.168.1.0 network. Now that address is in a different network, so it needs to send the packet first to its default gateway. Probably in your case, on the DHCP server, the default gateway is 10.0.0.1. DS sends the packet to gateway G. For G to forward the packet back to BDR, G should have a route to 192.168.1.0 network.

SO solution in your case,

add two static routes on your Gateway G router, as follows

ip route 192.168.1.0 255.255.255.0

ip route 192.168.2.0 255.255.255.0

WIth the above configs, everything should be fine!

PS: I would suggest, not to mess your domain network, with your lab setup. Keep your lab setup separate from your production network. Upgrade your IOS on the 1600, you can run a DHCP server on the router itself. and define scopes required for lab purposes.

Hope the above helps!

regards

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

View solution in original post

0 Helpful
13 Replies 13

Go to solution
thisisshanky
Level 11
Level 11

‎02-25-2003 08:09 AM

To resolve host names on that lab router, have you also specified the DNS server using ip name-server command ?. Also Have you defined a scope on the DHCP server, for the subnets behind the lab router ?

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

Go to solution
e.vorrie
Level 1
Level 1
In response to thisisshanky

‎02-25-2003 08:17 AM

Yes, I have issued the command for 3 servers. I've also defined a superscope for the subnets on the DHCP server.

0 Helpful

Go to solution
thisisshanky
Level 11
Level 11
In response to e.vorrie

‎02-25-2003 08:24 AM

" The router bordering the lab network can't. Router's are functional, I'm able to send DHCP requests through them, but no replies from our DHCP server (only 1 in this domain). "

Are you able to ping from the lab router to the DHCP and DNS server ?

Can you shed some light on how your lab setup is, and how the lab is connected to your main network ... etc..?? ( I assume, your serial interfaces are connected between the 1600s, and ethernet of one of the 1600 is connected to your main lan)

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

Go to solution
e.vorrie
Level 1
Level 1
In response to thisisshanky

‎02-25-2003 08:47 AM

The only thing it can ping is the switch connected to the bordering router as shown below. Can't ping anything beyond that, unless I take a workstation off of the domain and it will ping.

(Our Domain)----->1900 Switch (has 3 workstations including my laptop, joined to domain along with a port going to lab)-----> e0(reservered ip on DHCP sever) ------> s0 DTE------->s0 DCE -------> e0----->switch-----LAB.

0 Helpful

Go to solution
thisisshanky
Level 11
Level 11
In response to e.vorrie

‎02-25-2003 10:08 AM

Hi,

Is the ip address configured on the bordering router, e0 interface, is in the same subnet as the DHCP server ? If not then the router needs to know how to send dhcp requests or how to reach the DHCP server. For this you either need to configure a static route to the DHCP server network, with the next hop pointing to the appropriate router in your main network, or else you can configure a default route on the bordering router. (static route is the best).

Say if your dhcp server is on subnet 10.1.1.0/24 and your ethernet is configured with 10.1.2.1/24 then on the 1600, configure a static route as follows...

1600(config)#ip route 10.1.1.0 255.255.255.0 10.1.1.254

where 10.1.1.254 is just a sample ip address that i chose, and i assume it to be the ip address of the immediate router which routes between subnets, 10.1.1.0 and 10.1.2.0

Hope this helps you now!

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful

Go to solution
e.vorrie
Level 1
Level 1
In response to thisisshanky

‎02-25-2003 11:22 AM

Well, for example I have this setup up on the router bordering our domain

1600(config)#ip route 192.168.2.0 255.255.255.0 192.168.1.2

The router that is bordering the lab is

1600(config)#ip route 10.0.0.0 255.255.255.0 192.168.1.1

serial 0 on bordering domain router has an ip address of 192.168.1.1

serial 0 on bordering lab router has an ip address of 192.168.1.2

Do I have this backwards or is this set in a loop?

10.0.0.0 is our network address

192.168.1.0 is the network between the two routers

192.168.2.0 is the Lab network

Thanks again for your help!!

0 Helpful

Go to solution
thisisshanky
Level 11
Level 11
In response to e.vorrie

‎02-25-2003 12:00 PM

Yeah, the above configs do look fine, and will help in communicating between the lab routers. ( both the 1600s). I was talking about adding a static route on the bordering domain router, telling it how to reach the DHCP server ( if you DHCP server is not in the same subnet as the ethernet of bordering domain router.)

Assume this scenario.

DHCP server (10.1.1.1)

|

|

Domain router (10.1.1.254 ON E0 AND 10.1.2.254 ON E1)

|

|

Bordering Domain Router (10.1.2.1 on e0)

|

s0(192.168.1.1)

|

|

|

s0(192.168.1.2)

|

Bordering lab router ( 192.168.2.0 - lab network on e0)

Now both the lab routers will communicate good, with the static routes you have given. The only thing that is needed now is, Bordering Domain Router should know how to reach the DHCP server. Since you were not able to ping the DHCP server from the Bordering Domain Router, before, I assume, there is no route on the Bordering Domain Router, telling, how to reach the DHCP server subnet. Also the Domain Router ( the router adjacent to DHCP network) should also have a static route saying, how to reach network 192.168.2.0 network.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

Go to solution
e.vorrie
Level 1
Level 1
In response to thisisshanky

‎02-25-2003 12:20 PM

Sorry, my scenarios need to be explained just a little bit more. I'm tearing my hair out on this one. Bordering Domain Router can ping anything in the domain network (its also in the same subnet), even the workstation behind the bordering lab router. Bordering Domain Router can has always been able to ping hostnames and resolve with an IP, so it does look that its working just fine. Border lab router doesn't. Before this experiment took place, there was a total of one router in the entire network, which is our gateway. e0 is 10.0.0.1 and e1 is configured with the IP given from the ISP. The domain router that you mentioned does not appear in the network unless you meant that to be our gateway router. Thanks again. Your help is much appreciated.

0 Helpful

Go to solution
e.vorrie
Level 1
Level 1
In response to e.vorrie

‎02-25-2003 12:24 PM

Border Domain Router can ping DHCP. DHCP is on subnet 10.0.0.0. So is e0 on Border Domain Router. We only have one subnet in this entire network, 10.0.0.0.

0 Helpful

Go to solution
thisisshanky
Level 11
Level 11
In response to e.vorrie

‎02-25-2003 01:23 PM

Ok got that.

Now picture is pretty clear.

Reason for Border lab router not able to reach the DHCP server can be explanined as follows.

I will call Border Lab router, as BLR and the Border Domain router as BDR. Let your gateway (10.0.0.1) be G and DHCP server DS.

BLR will try to ping DS(src = 192.168.1.2, dst = ip add of DS) . The packet is forwarded to BDR. BDR knows how to reach 10.0.0.0. So it forwards the packet directly to DS. DS wants to reply back. When it sees the destination ip add. is in 192.168.1.0 network. Now that address is in a different network, so it needs to send the packet first to its default gateway. Probably in your case, on the DHCP server, the default gateway is 10.0.0.1. DS sends the packet to gateway G. For G to forward the packet back to BDR, G should have a route to 192.168.1.0 network.

SO solution in your case,

add two static routes on your Gateway G router, as follows

ip route 192.168.1.0 255.255.255.0

ip route 192.168.2.0 255.255.255.0

WIth the above configs, everything should be fine!

PS: I would suggest, not to mess your domain network, with your lab setup. Keep your lab setup separate from your production network. Upgrade your IOS on the 1600, you can run a DHCP server on the router itself. and define scopes required for lab purposes.

Hope the above helps!

regards

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful

Go to solution
e.vorrie
Level 1
Level 1
In response to thisisshanky

‎02-25-2003 01:45 PM

It all comes together! Running NAT or DHCP on my side is the only way to go. We unfortunately outsource our gateway router. Configuration on it is a no no. But it all definitely makes sense. Thanks for the help!

0 Helpful

Go to solution
thisisshanky
Level 11
Level 11
In response to e.vorrie

‎02-25-2003 02:13 PM

A loophole for your problem...

add a static route on the DHCP server. (Go to command prompt and give following commands)

route add 192.168.1.0 mask 255.255.255.0 1

route add 192.168.2.0 mask 255.255.255.0 2

( 1 and 2 are the respective hops in which the network can be reached via BDR)

This will help the DHCP server to know how to reach those two networks specifically.

Hope this works.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful

Go to solution
e.vorrie
Level 1
Level 1
In response to thisisshanky

‎02-25-2003 02:31 PM

Thanks, will give it a shot tomorrow. Again, thanks for the help.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents