Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1434
Views
0
Helpful
11
Replies

Does the "ip dhcp-server" cmd replace the "ip helper-address" cmd?

cchughes
Level 1
Level 1

‎08-31-2002 11:03 AM - edited ‎03-02-2019 01:02 AM

I noticed the "ip dhcp-server" command on my 3524 switches while troubleshooting dhcp. Currently I use "ip helper-address" for dhcp forwarding. While this works fine, I worry about the Cisco explanation that it forwards UDP packets to an address.

Years ago I thought I read a different explanation that said when you use the "ip helper-address" command on an interface, all IP broadcasts seen by that interface will be converted to unicast and forwarded to the helper-address.

Which explanation is closer to the truth, and does this mean ALL UDP packets (in the case of the first explanation), or ALL IP broadcasts (in the case of the second explanation), are forwarded??

I would think it would be easy enough to limit forwarding based on the destination port number (67?) to identify a dhcp request. When I saw the "ip dhcp-server" command I was left hoping this ability has been provided...

Labels:
0 Helpful
11 Replies 11

bsivasub
Level 4
Level 4

‎08-31-2002 12:41 PM

3524 is a layer 2 switch. not sure how ip helper is working which can't used as a dhcp server which is what ip dhcp-server is for. I am surprised the ip helper-address is even working but anyway, check this URL for further info.

http://www.cisco.com/warp/public/473/100.html#18

0 Helpful

cchughes
Level 1
Level 1
In response to bsivasub

‎08-31-2002 04:29 PM

I use the ip-helper on the router subinterfaces that the 3524 (really a gigastack of 3524's) is trunked to.

0 Helpful

cchughes
Level 1
Level 1
In response to bsivasub

‎08-31-2002 04:56 PM

Great link but it still begs the question. It states that:

"The IP helper-address can be configured to forward any UDP broadcast based on UDP port number. By default, the IP helper-address will forward the following UDP broadcasts: "

tftp, dns, netbios nameserver, netbios datagram server, dhcp/bootp, ien-116 name service, tacacs.

By stating that "by default" it can be configured to forward all these broadcasts, it implies that there is a set of options to limit which types of UDP broadcasts are forwarded. However, when I type the command I see no other such options.

I'm right back where I started here...

0 Helpful

Prashanth Krishnappa
Cisco Employee
Cisco Employee

‎08-31-2002 12:43 PM

XL being a layer 2 only switch, I dont think these commands apply to an XL switch. The interface VLAN is only for management purpose and you cannot have multiple VLAN interfaces up. You might see the command in the parser since it run IOS. The 3550's which is a layer 3 switch will support this

0 Helpful

cchughes
Level 1
Level 1
In response to Prashanth Krishnappa

‎08-31-2002 04:34 PM

I totally understand this. Please excuse the lacking description of my setup. I was really more interested in two things:

-Does the "ip dhcp-server" command on the 3524's relace the "ip helper-address" command on the router interface connected to the switch.

-How does the "ip helper-address" really work.

now let go me check that url... :)

0 Helpful

bsivasub
Level 4
Level 4
In response to cchughes

‎08-31-2002 06:37 PM

both of the commands are not designed to work on this switch. You may have the command but it won't work.

anway,

ip helper on a router turns on DHCP relay agent feature

Ip dhcp server makes the router a DHCP server.

Reading that URL is a good idea :)

0 Helpful

cchughes
Level 1
Level 1
In response to bsivasub

‎09-01-2002 08:23 AM

(sigh) I understand and regularly configure ip helper-address's. I know where to configure them, and they work in my customers network like they are supposed to. I have them configured on 4908GL3 fiber sub-interfaces that act as an ISL trunk to a group of 3524's configured as gigastack. This stuff is pretty basic, I've been doing cisco since '90.

The "ip dhcp-helper" command I am asking about is listed as a global command on the 3524XL switches. One of my questions was if this command on the switch can replace or negate the need for the ip helper-address on the router.

The url is a good one although it taught me nothing new. The "ip dhcp-server" command is not even mentioned in it.

I know how to troubleshoot dhcp, and thoroughly understand how it works. I only mentioned that I was troubleshooting dhcp when I noticed the "ip dhcp-server" command on the switches.

Just so you understand, I am not having a problem with dhcp. the problem I was having was due to SMS pushing the MSfirewall client to my customers dhcp server, causing pc's without the MSfirewall client installed to fail dhcp requests.

I am just trying to find out:

-Does the "ip dhcp-server" command on the 3524's replace the "ip helper-address" command on the router interface connected to the switch.

-How does the "ip helper-address" really work.

0 Helpful

cchughes
Level 1
Level 1
In response to cchughes

‎09-01-2002 08:25 AM

oops, typo..

[The "ip dhcp-helper" command I am asking about is listed as a global command on the 3524XL switches. One of my questions was if this command on the switch can replace or negate the need for the ip helper-address on the router. ]

should read:

[The "ip dhcp-server" command I am asking about is listed as a global command on the 3524XL switches. One of my questions was if this command on the switch can replace or negate the need for the ip helper-address on the router. ]

0 Helpful

wabernathy
Level 1
Level 1

‎08-31-2002 06:04 PM

Are you sure that this is not setting up the ios as a dhcp server where it would hand out IP addresses, mask and default gateway from a pool of addresses that you define in the configuration?

0 Helpful

edelman
Level 1
Level 1

‎09-01-2002 09:21 AM

I figured I would bypass all of the posts about the 3524 being a Layer 2 device and on which devices the commands are present on... and directly answer your ORIGINAL question:

ip dhcp-server is used to configure the ip address of a network DHCP server (like a Win2000 server-based DHCP server) for dynamically handing out IP address to remote clients; ie on a network access server.

ip helper-address converts udp broadcasts of a selected range into a unicast/directed bradcast for a particular destination IP address/IP network. By default, a router does not forward ANY broadcasts + effectively ends a broadcast domain at a device port/interface... which is one of the many reasons we use routers.

Using ip helper-address + ip directed broadcasts together enables that broadcast to unicast translation from one port/interface's network to another. By default, the ip helper-address forwards these main UDP port types/services:

TFTP port 69

DNS port 53

Time port 37

NetBIOS name service port 137

NetBIOS datagram server port 138

BOOTP server port 67

BOOTP client port 68

TACACS port 49

To limit the default "group" of UDP port forwarding/translation from broadcast to unicast addresses, use:

ip forward-protocol {udp [port]}, which is the global config command that specifies which type of broadcast packets are forwarded.

Or, if you love creating ACLs, use:

ip directed-broadcast [access-list-number] to specify an extended ACL that can control which broadcasts are forwarded... only IP packets permitted by your configured ACL are able to be translated.

So there are your 2 commands you were interested in...

0 Helpful

cchughes
Level 1
Level 1
In response to edelman

‎09-01-2002 09:58 AM

Thanks for the helpful response.

0 Helpful
Customers Also Viewed These Support Documents