| View previous topic :: View next topic |
| Author |
Message |
r00t440
Tux's lil' helper
Joined: 14 Sep 2005
Posts: 93
|
 Posted: Tue Feb 19, 2008 1:36 am Post subject: Multiple DHCP server problem [UNSOLVABLE] |
 |
|
Hello Networking experts! On our company each department have the freedom to acquire their own internet connection. Most of the time each depart purchases a router, and they have this habit of just plugging everything to the our main network. This makes the main network to have multiple DHCP servers which "confuses" the clients, sometimes these workstations acquire the wrong IP preventing them to access the services from the main network. How do I set my network so that all workstations acquires their IP from the main DHCP server.
Thanks in advance.
Last edited by r00t440 on Tue Feb 19, 2008 12:45 pm; edited 1 time in total |
|
| Back to top |
|
 |
poly_poly-man
Advocate
Joined: 06 Dec 2006
Posts: 2477
Location: RIT, NY, US
|
| Posted: Tue Feb 19, 2008 1:45 am Post subject: |
|
|
You don't, unfortunately.
There have been talks on OTW of network admins almost biting people's heads off after figuring out that a router was plugged in backwards. Lot's of not fun weekends for them.
To solve your problem, assume your network has a main router, with points coming off of it. That has a DHCP server (or there's a DHCP server on that level). Routers beyond that should interface to that network through the "internet" port on the router (might be called other things). That makes the routers act as dhcp clients to the main network, and DHCP servers only to the parts of the network below them.
I'll clarify if you need me to.... just ask 
poly-p man
_________________
iVBORw0KGgoAAAANSUhEUgAAA
avatar: new version of logo - see topic 838248. Potentially still a WiP. |
|
| Back to top |
|
|
think4urs11
Bodhisattva
Joined: 25 Jun 2003
Posts: 6659
Location: above the cloud
|
| Posted: Tue Feb 19, 2008 9:35 am Post subject: Re: Multiple DHCP server problem |
|
|
| r00t440 wrote: | | Hello Networking experts! On our company each department have the freedom to acquire their own internet connection. ... How do I set my network so that all workstations acquires their IP from the main DHCP server. |
 Sounds like a security nightmare - a setup like you describe is nearly impossible to be ever secured in a sane way but thats annother story.
Simply turn it the other way around.
If each department can do whatever they want then seperate them on layer 3 (at least; better full firewalling), e.g. by utilizing one VLan per dep. As long as you don't configure (Cisco-speech) IP-Helpers the dhcp-requests will not leave their VLan nor will their DHCP-Server ever get requests from other dep's clients. If they need to connect to other dep's then they have to add the neccessary routes on their router/dhcp-server.
_________________
Nothing is secure / Security is always a trade-off with usability / Do not assume anything / Trust no-one, nothing / Paranoia is your friend / Think for yourself |
|
| Back to top |
|
|
r00t440
Tux's lil' helper
Joined: 14 Sep 2005
Posts: 93
|
| Posted: Tue Feb 19, 2008 12:44 pm Post subject: |
|
|
| Thanks guys for your inputs... Then I guess I have to isolate each department from others or strictly forbid them from plugging a router(reverse) to the main network. Maybe I should mark this as "UNSOLVABLE". |
|
| Back to top |
|
|
|
Networking & Security
