cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable

DHCP pool for secondary IP subnet

Jump to solution

Hello,

Is there a way to have DHCP assign addresses from a secondary subnet on an interface? I have the interface and DHCP config below, however when I connect a device configured for DHCP the DHCP-SERVER debug shows an error message that there are no pools available in 67.128.42.136 255.255.255.248. I know I could swap the primary and secondary blocks and then addresses from 192.168.6.0 would then be assigned. Just trying to find out if I am missing something in the config that would allow DHCP from the secondary block in case I needed DHCP for both subnets.

924e#show run int eth 0/1

Building configuration...

!

!

interface eth 0/1

  description MPLS

  ip address  67.128.42.137  255.255.255.248

  ip address  192.168.6.1  255.255.255.0  secondary

  no shutdown

!

end

924e#show run | beg dhcp

ip dhcp-server excluded-address 192.168.6.1 192.168.6.40

!

ip dhcp-server pool "DATA"

  network 192.168.6.0 255.255.255.0

  dns-server 205.171.3.65 205.171.2.65

  default-router 192.168.6.1

!

0 Kudos
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor

Re: DHCP pool for secondary IP subnet

Jump to solution

You'll probably need to make the DHCP subnet primary, or use 802.1q and assign two VLANs, one for each subnet. This may be more scalable and flexible in the long run. 

Think about it. Because no IP has been assigned yet, the DHCP frames have no subnet information. A DHCP request comes in on the interface but the primary IP has no addresses to hand out.

You would have the same situation if you had multiple secondary subnets each with DHCP.  Which pool should be used for a MAC that doesn't yet know its subnet?  Because of this ambiguity, DHCP to a secondary subnet will be problematic.

View solution in original post

0 Kudos
3 Replies
jayh
Honored Contributor
Honored Contributor

Re: DHCP pool for secondary IP subnet

Jump to solution

You'll probably need to make the DHCP subnet primary, or use 802.1q and assign two VLANs, one for each subnet. This may be more scalable and flexible in the long run. 

Think about it. Because no IP has been assigned yet, the DHCP frames have no subnet information. A DHCP request comes in on the interface but the primary IP has no addresses to hand out.

You would have the same situation if you had multiple secondary subnets each with DHCP.  Which pool should be used for a MAC that doesn't yet know its subnet?  Because of this ambiguity, DHCP to a secondary subnet will be problematic.

0 Kudos
Anonymous
Not applicable

Re: DHCP pool for secondary IP subnet

Jump to solution

txcomer,

   I would expand what jayh said but expand it some.  Based on the config you are showing it looks like you are trying to run both internal and external network on the same interface, this is bad for many  reasons and can lead to various network bottle necks, security, hairpins, and looping issues just to name a few.  I would recommend that you use one port for your WAN facing port and the other port for you LAN facing port.  If for some reason you can only have one port then you definitely need to go down the VLAN path, but if you have the equipment needed to run VLANs on your switches you should have the equipment needed to physically separate the ports.  In your example you show your IP address of the WAN interface as being 67.128.42.137 since it is the first usable IP address in your block I am assuming your default gateway would be the last usable IP of the block in the ip route statement so adjust as need if needed.  The below configs are estimated based on the provided simple diagram if your diagram is different please provide the diagram along with what you are trying to accomplish and I will try to assist you in a more specific manner. Hope it gives you some insights.

A simple diagram should be something like the following:

ISP Router--->924E Eth1 --- 924E Eth0--->LAN Switch

interface eth 0/1

  description MPLS

  ip address  67.128.42.137  255.255.255.248

  ip access-policy Public

  no shutdown

interface eth 0/0

  description LAN

  ip address  192.168.6.1  255.255.255.0

  ip access-policy Private

  no shutdown

ip policy-class Private

  allow list self self

  allow list InterVLAN stateless

  nat source list NAT interface eth 0/1 overload

ip policy-class Public

  allow list Admin self

ip route 0.0.0.0 0.0.0.0 67.128.42.142

John Wable

Anonymous
Not applicable

Re: DHCP pool for secondary IP subnet

Jump to solution

Hello,


I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

Thanks,

Geoff