Announcement

Collapse
No announcement yet.

Another Superscope issue

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Another Superscope issue

    Hello all,

    Long time reader new time poster. I am running into a bit of an issue and to be honest its been forever since I looked at DHCP. I knew how to expand a DHCP but now our company is looking to completely change the way we handle our leases.

    We are going from the 192.168.1.x network to something bigger 10.0.0.0 and using a superscope to split off different networks/LANs. I think my biggest question is how the workstation/servers will figure out which to use. I get DHCP is first come first serve but how can I block workstations from talking to the 'administration LAN' and only receive from the 'workstation LAN'?

    Example:

    10.0.0.1-254 - Administration
    10.0.1.1-254 - Workstations

    Or should I be looking directly at VLAN's with attached DHCP pools and scrapping DHCP pools on my Windows servers?

    Any help would be greatly appreciated Hopefully not the noobiest question.

  • #2
    Re: Another Superscope issue

    you'd have to be using vlans...
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Another Superscope issue

      I assumed there would have been a little more information than that. Using CIDR I thought we could split different ranges up and have a global gateway for the devices? Am I correct on this?

      Segmented ranges with Sites and Services? Doesn't anybody else use Windows to monitor their ranges within a LAN?

      Comment


      • #4
        Re: Another Superscope issue

        Although you might think the response from tehcamel is a bit short, he is correct. Did you already read into it?

        Segmenting is done with VLANs. DHCP simply respond to a broadcast address. Superscopes has nothing to do with it. In fact, I've actually never seen any use for it Well, except for administrative purposes, still I hate it.

        CIDR is just creating multiple subnets from a larger subnet. Like 10.0.0.0/24 en 10.0.1.0/24 etc. It's basically the /x annotation to create multiple smaller subnets from one big block. Instead of using a 10.0.0.0/8 subnet which can create enormous broadcast domains, you most likely want to divide it in smaller blocks.

        However, dividing it in the DHCP server doesn't mean it will then automatically work. You gonna need to create VLANs which will forward the broadcast packet with it's source address. Then you are gonna receive (once the IP helper addresses are setup) an IP address from the correct DHCP scope.

        Basically where you're looking for is creating VLAN's. That's the way to do it.
        Marcel
        Technical Consultant
        Netherlands
        http://www.phetios.com
        http://blog.nessus.nl

        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
        "No matter how secure, there is always the human factor."

        "Enjoy life today, tomorrow may never come."
        "If you're going through hell, keep going. ~Winston Churchill"

        Comment


        • #5
          Re: Another Superscope issue

          I have. I can use VLAN's but it means hauling over our network here which is time I haven't been able to find quite yet. Hoping for a 'reasonably' simple solution or part of a process to move forward. I just wanted to see if somebody else had experience avoiding the use of VLANs to incorporate a simple monitoring solution for DHCP services.

          Thanks to both I do appreciate the help.

          Comment


          • #6
            Re: Another Superscope issue

            Well what if you extend your current network to /23 (512 addresses -2 for broadcast and network address) and just create a pool of addresses to lease out for your regular clients and create some static reservations for the Administration for example.

            But still, VLANs in far for complex, hell I'm just in the process to buy some small (10Ports) L3 Cisco switches for my home network just because I can use VLANs

            Besides this there is no other way. It all has to do how DHCP works. If you've some doubts about how DHCP works just check out the DHCP RFC 2131.
            http://tools.ietf.org/html/rfc2131
            Last edited by Dumber; 9th November 2011, 21:02.
            Marcel
            Technical Consultant
            Netherlands
            http://www.phetios.com
            http://blog.nessus.nl

            MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
            "No matter how secure, there is always the human factor."

            "Enjoy life today, tomorrow may never come."
            "If you're going through hell, keep going. ~Winston Churchill"

            Comment


            • #7
              Re: Another Superscope issue

              I would stay away from superscopes. They had their purpose, especially in the past, way in the past. I can't think of a good fit for superscopes on a modern network.
              JM @ IT Training & Consulting
              http://www.itgeared.com

              Comment

              Working...
              X