09-20-2005 08:24 AM - edited 03-03-2019 12:06 AM
Hi everybody,
I have a router on a LAN acting as a gateway and DHCP server.
One host (it's a Nortel PABX) on the LAN need not to receive dhcp reply to function properly, and couldn't disable it to send dhcp request .
I tried to filter traffic originated by the router using
ip local policy route-map
the problem is: the router stop the first 2
replies sent with the dest ip set to the
ip it offers to the client, but to the 3rd
request it replies with a broadcast ip dest
addr and I can't stop this packet, so the host
receive it and problems arise...
192.168.0.0/24 is the Clients subnet
192.168.1.0/24 is the Phone subnet
Is there a way to ignore bootp request from the
192.168.1.0 ?
Thanks in advance,
Marco.
Here is the config I used:
ip dhcp excluded-address 192.168.0.241 192.168.0.254
ip dhcp ping packets 3
!
ip dhcp pool dhcpcotone
network 192.168.0.0 255.255.255.0
default-router 192.168.0.254
dns-server ****
lease 0 0 30
!
ip dhcp pool ITG
host 192.168.1.10 255.255.255.0
hardware-address 0050.0449.887d
default-router 192.168.1.254
!
interface FastEthernet0/0
ip address 192.168.1.254 255.255.255.0 secondary
ip address 192.168.0.254 255.255.255.0
no ip redirects
no ip proxy-arp
ip nat inside
no ip route-cache
no ip mroute-cache
ip local policy route-map dhcpfonia
!
access-list 160 permit ip any 192.168.0.0 0.0.0.255
access-list 161 permit udp any any eq bootpc
no cdp run
route-map dhcpfonia permit 10
match ip address 160
!
route-map dhcpfonia permit 20
match ip address 161
set interface Null0
!
route-map nodhcpfonia permit 10
!
Solved! Go to Solution.
09-20-2005 05:38 PM
Marco
There are a few things about your question that I do not understand well. But I will give you some answer and if it does address your problem then perhaps you can clarify the situation a bit.
On the face of it your question is:
Is there a way to ignore bootp request from the 192.168.1.0 ?
But it is not so simple because when the DHCP request arrives the source address is 0.0.0.0. I believe that the router will assign addresses from the pool with lower addresses until it is completely used before it starts to use addresses in the other pool.
I understand the design intent to separate traffic by using two subnets. But implementing it as primary address and secondary address on the same interface defeats the attempt to keep the traffic separate.
If these devices are connected on a switch perhaps it would be possible to configure two VLANs, one for client traffic and one for phone traffic. You could trunk the VLANs to the router. You could then configure the client VLAN on the router with DHCP and configure the phone VLAN without DHCP.
It might also be possible to configure a manual binding in DHCP on the router to assign a specific address if the MAC in the request was the MAC of the Nortel.
The really best answer is to find a way to stop the Nortel from sending the DHCP request. I am pretty puzzled why the Nortel sends the DHCP request and then it is a problem when the Nortel learns an answer. Perhaps you can clarify.
HTH
Rick
09-20-2005 05:38 PM
Marco
There are a few things about your question that I do not understand well. But I will give you some answer and if it does address your problem then perhaps you can clarify the situation a bit.
On the face of it your question is:
Is there a way to ignore bootp request from the 192.168.1.0 ?
But it is not so simple because when the DHCP request arrives the source address is 0.0.0.0. I believe that the router will assign addresses from the pool with lower addresses until it is completely used before it starts to use addresses in the other pool.
I understand the design intent to separate traffic by using two subnets. But implementing it as primary address and secondary address on the same interface defeats the attempt to keep the traffic separate.
If these devices are connected on a switch perhaps it would be possible to configure two VLANs, one for client traffic and one for phone traffic. You could trunk the VLANs to the router. You could then configure the client VLAN on the router with DHCP and configure the phone VLAN without DHCP.
It might also be possible to configure a manual binding in DHCP on the router to assign a specific address if the MAC in the request was the MAC of the Nortel.
The really best answer is to find a way to stop the Nortel from sending the DHCP request. I am pretty puzzled why the Nortel sends the DHCP request and then it is a problem when the Nortel learns an answer. Perhaps you can clarify.
HTH
Rick
09-22-2005 04:27 AM
Hi Rick,
I solved the problem using two different VLAN, as you
suggested. Technical people of Nortel said they couldn't stop the PABX to stop sending DHCP request, and I couldn't stop the router/server dhcp from replying. Dividing the broadcast domains was the fastest way to let the router ignore those request.
Thanks,
Marco.
09-22-2005 08:03 AM
Marco
I am glad that my suggestion helped solve your problem.
I am still curious why the Nortel is requesting an address from DHCP but when it receives an address from DHCP it creates a problem. But if your problem is solved maybe that is no need to dig deeper.
HTH
Rick
09-22-2005 11:05 PM
Rick
The problem is that when the Nortel starts up tries
to look for a configuration on the net even if it
has already a configuration saved.
I don' know why, people who configure it couldn't
tell me why and wasn't able to change this behaviour.
The problem with the DHCP replying is that if Nortel
get a reply it ignore the configuration saved and
take as good the one got from the DHCP server.
So the problem was to make the router ignore the request only from the Nortel. The best solution was
the one you suggested, putting the Nortel in a different broadcast domain (Vlan).
Best regards,
Marco.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: