Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4100
Views
0
Helpful
12
Replies

RV320: DHCP Option 82 + DHCP relay at Ethernet switch

csbuser51
Level 1
Level 1

‎02-17-2014 11:37 PM

  • We purchased a RV320 router and want to use the DHCP Option 82 IP Assignment in combination with a ZyXEL GS1910-24 Smart Managed Switch.
  • The switch is able to insert Option 82 Circuit-IDs into DHCP requests, if they are relayed to a specific DHCP server. So there must be configured exactly one IP address of the DHCP server in the switch configuration (eg 192.168.1.1). The problem is, that the RV320 creates different IP subnets for different Circuit-IDs. So the RV320-router has multiple IPs, one unique IP per subnet (192.168.1.1, 192.168.2.1, 192.168.3.1, ...).

How can I use the Option 82 IP assignment with this configuration?

Is a routing/firewall rule at the RV320 a solution (to forward DHCP requests from subnet specific IP - eg 192.168.3.1 - to exactly one IP, eg 192.168.1.1)?


Labels:
0 Helpful
12 Replies 12

Kremena Ivanova
Cisco Employee
Cisco Employee

‎02-18-2014 09:10 AM

Hello,

RV320, configured as a DHCP server with IP 192.168.1.1, can provide IP addresses only in this subnet range 192.168.1.0/24. The same is for the configuration of Option 82

If you are thinking to configure VLANs on the switch and all VLANs to have the same DHCP server 192.168.1.1, this means that all users will receive an IP from that subnet - 192.168.1.0/24.

If you want to use different subnet ranges (192.168.2.0/24; 192.168.3.0/24) for the different VLANs you should be able to configure different DHCP servers IPs on the switch.

Regards,

Kremena

0 Helpful

csbuser51
Level 1
Level 1
In response to Kremena Ivanova

‎02-18-2014 09:40 AM

I want to ensure, that each client on each switch port gets a specific IP address. That is what DHCP Option 82 was invented for: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_13_ea1/configuration/guide/3550scg/swdhcp82.html#wp1058138

Two steps should be necessary:

  • The switch (as DHCP relay) inserts DHCP Option 82 to the request and forwards it to a given DHCP server (the RV320)
  • The RV320 should now assign an IP address based on circuit-id of option 82.

How can I achieve that? This should be the "standard" case of option 82.

0 Helpful

mpyhala
Level 7
Level 7
In response to csbuser51

‎02-18-2014 10:17 AM

csbuser51,

Do you have a trunk port or access port configured between the switch and router? A trunk port should carry traffic for all VLANs so DHCP Relay is not necessary.

- Marty

0 Helpful

csbuser51
Level 1
Level 1
In response to mpyhala

‎02-18-2014 10:35 AM

mpyhala,

both is possible in switch configuration. Should the uplink port from switch to router be "trunk" or "no trunk" to achieve the needed configuration? If I understand you right, I should bring the uplink port of the switch into "no trunk" mode, so that DHCP relay functionality and therefore DHCP option 82 is working. Am I right?

0 Helpful

mpyhala
Level 7
Level 7
In response to csbuser51

‎02-18-2014 11:07 AM

csbuser51,

The port that connects the switch to the router should be a trunk. Include VLAN 1 Untagged, all other VLANs Tagged.

Create the exact same VLANs on the RV320 and got to Port Management-> VLAN Membership. In the table, change it to match the above settings. Now when a device connected to VLAN 2 on the switch sends a DHCP request, it will pass through the trunk to the RV320 and the RV320 will respond with a VLAN 2 IP address. This eliminates the need for DHCP Relay.

- Marty

0 Helpful

csbuser51
Level 1
Level 1
In response to mpyhala

‎02-18-2014 12:02 PM

mpyhala,

seems not to work as the RV320 is restricted to 6 custom VLANs (+ 1 Management VLAN with ID 1).

Maybe I should describe the whole scenario, which should be implemented:

  • The configuration is like for a small hotel: each room should be logically seperated from each other (no inter-room traffic for security) and each rooms bandwidth should be managed.
  • Bandwidth management at the RV320 relies on IP addresses. So I need to achieve somehow, that a room (= port number on switch) is always assigned a specific IP address.
  • 14 rooms should be covered in that way.

The problem is currently the link IP<->Switch Port. I thought DHCP option 82 is the way to go, but VLANs (one VLAN for each room) may be also a solution. Unfortunately none of the two ways work.

What can be a solution? Was the RV320 the wrong decision (not enough flexibility)?

Thanks.

0 Helpful

mpyhala
Level 7
Level 7
In response to csbuser51

‎02-18-2014 01:39 PM

csbuser51,

The RV320 is restricted to 6 subnets as well, so it is not possible to serve DHCP for more than 6 networks. Usually when we are talking about DHCP Relay it is relaying to a Windows Server which provides DHCP for multiple scopes.

The RV220W supports up to 16 VLANs but I have never seen anyone use more than 5 VLANs on any of our routers. That might be worth a shot if you can live without Dual-WAN.

- Marty

0 Helpful

csbuser51
Level 1
Level 1
In response to mpyhala

‎02-18-2014 10:20 PM

(I need dual WAN, because traffic is spread over two uplink connections.)

But then I wonder for what use cases the RV320 was designed:

  • For what is the Option 82 good for, if its not possible to assign fixed IP via DHCP to certain Switch ports (= Machines)?
  • For what is the Bandwidth Management good for, when I can not ensure, that certain machines get certain IPs? One can easily bypass bandwidth restrictions.
0 Helpful

mpyhala
Level 7
Level 7
In response to csbuser51

‎02-19-2014 08:58 AM

csbuser51,

Browse to DHCP-> IP & MAC Binding and click on Help in the upper right. This describes how to ensure that devices use the correct IP based on the MAC address.

- Marty

0 Helpful

csbuser51
Level 1
Level 1
In response to mpyhala

‎02-19-2014 09:21 AM

As we are in the hotel scenario room clients change regularly and then I need to find out the MAC address for each new guest client. I think thats not achievable.

By the way, MAC addresses could be easily forged and then bandwidth regulations bypassed.

I wanted to bind an IP(-Range) to a switch port, that is what DHCP option 82 was designed for. I will try to analyse the network traffic. Maybe I find the problem. Or I'll setup an additional DHCP server on a 20 Dollar OpenWRT-Device, which has obviously more flexbility.

0 Helpful

csbuser51
Level 1
Level 1
In response to mpyhala

‎02-25-2014 05:35 AM

Now I've analyzed the DHCP traffic between a client and the RV320 (DHCP server) via port mirroring. The switch (as DHCP relay) correctly inserts DHCP option 82 into the request and forwards it to the RV320. I've configured the circuit-id in the RV320 under option 82 and associated an IP-Range with it. The DHCP client still gets only IPs from the first pool (VLAN ID 1), not from the IP pool associated with the option 82 circuit-id.

Please can you tell me how to use option 82 on RV320?

Otherwise I've to return the router as a case of warranty/guarantee as it is not capable of Option 82 handling (which is explicitly listed in the product specifications).

0 Helpful

csbuser51
Level 1
Level 1
In response to csbuser51

‎02-25-2014 09:55 AM

Now I've configured a Linux machine instead of the RV320 as a DHCP server (with dnsmasq). I need just two lines and can do what I want (see below). Why is the RV320 failing? (according to the process list, it's also running dnsmasq)

dnsmasq.conf

dhcp-circuitid=set:room7,00:07:00:07 #

dhcp-range=net:room7,10.0.1.227,10.0.1.227,255.255.255.0

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents