DHCP configuration of superscopes

  • Thread starter Thread starter I.is.Who.I.am
  • Start date Start date
I

I.is.Who.I.am

How do you configure a client or server in regards to DHCP for a client to
get an IP Address for the subnet is it supposed to be on.
i.e. I have two domains on one LAN in two building connected by fiber
without a router. Both domains have different IP subnets xxx.xxx.0.xxx and
xxx.xxx.2.xxx. Both domains will have 2 DCs one each running DHCP/WINS/DNS.
I have tried to setup Superscopes, but depending on the server the wrong
server would assign the other domain's IP subnet and I would have to release
and renew it for the correct server to assign the right subnet. How do you
get the server to give the correct subnet to the correct client with
superscopes? I have been unsuccessful in getting details online at Microsoft
Thanks
 
In
I.is.Who.I.am said:
How do you configure a client or server in regards to DHCP for a
client to get an IP Address for the subnet is it supposed to be on.
i.e. I have two domains on one LAN in two building connected by fiber
without a router. Both domains have different IP subnets
xxx.xxx.0.xxx and xxx.xxx.2.xxx. Both domains will have 2 DCs one
each running DHCP/WINS/DNS. I have tried to setup Superscopes, but
depending on the server the wrong server would assign the other
domain's IP subnet and I would have to release and renew it for the
correct server to assign the right subnet. How do you get the server
to give the correct subnet to the correct client with superscopes? I
have been unsuccessful in getting details online at Microsoft Thanks

Maybe superscopes is not what you're looking for or depends on how you set
it up. You may be looking to use supernetting. Probably easier to put a
router between them and have separate DHCP servers on each subnet, or alter
the subnet masks.

Here's more info on supernetting and superscopes:

186341 - Superscoping vs. Supernetting:
http://support.microsoft.com/default.aspx?scid=kb;en-us;186341

161571 - Using DHCP Superscopes to Serve Multiple Logical Subnets:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;161571

Hope that helps.


--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
"Ace Fekay [MVP]"
In

Maybe superscopes is not what you're looking for or depends on how you set
it up. You may be looking to use supernetting. Probably easier to put a
router between them and have separate DHCP servers on each subnet, or alter
the subnet masks.

Here's more info on supernetting and superscopes:

186341 - Superscoping vs. Supernetting:
http://support.microsoft.com/default.aspx?scid=kb;en-us;186341

161571 - Using DHCP Superscopes to Serve Multiple Logical Subnets:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;161571
It looks like I want a Superscope according to the first article(router is
not an option now $$). However I am unclear as to the method. I have done
what was listed in the second article but I need a clarification. Do I have
to assign 2 IPs to the DHCP server; one for each subnet in order to get it
to work? It did not work for me before and I am unclear step 6 in the second
article.

Thanks again for the help
 
In
I.is.Who.I.am said:
"Ace Fekay [MVP]"

It looks like I want a Superscope according to the first
article(router is not an option now $$). However I am unclear as to
the method. I have done what was listed in the second article but I
need a clarification. Do I have to assign 2 IPs to the DHCP server;
one for each subnet in order to get it to work? It did not work for
me before and I am unclear step 6 in the second article.

Thanks again for the help

A Lynksys router set to route between subnets, only costs about $60.00 USD.
You don't need a $1000.00 Cisco router for this...

How is it connected anyway, thru a bridge or something? I'm not exactly
clear on how you have the two offices connected thru your fiber. Are you
using a bridge?

For example, what is the current gateway address that the machines are using
on the
xxx.xxx.0.xxx network?

What is the current gateway address that the machines are using on the
xxx.xxx.2.xxx network?

Anyway, what you seem to need is one DHCP server for both subnets if you
want to supernet. BOth subnets will have the same mask in order to encompass
the whole thing as if it were on one subnet. So if you have:
xxx.xxx.0.xxx
and
xxx.xxx.2.xxx.

Then a mask of 255.255.255.252 will force all the machines in both offices
on the same subnet. If this is the case, you really don't need to superscope
or supernet.



--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
A Lynksys router set to route between subnets, only costs about $60.00
USD.
You don't need a $1000.00 Cisco router for this...

How is it connected anyway, thru a bridge or something? I'm not exactly
clear on how you have the two offices connected thru your fiber. Are you
using a bridge?

For example, what is the current gateway address that the machines are using
on the
xxx.xxx.0.xxx network?

What is the current gateway address that the machines are using on the
xxx.xxx.2.xxx network?

Anyway, what you seem to need is one DHCP server for both subnets if you
want to supernet. BOth subnets will have the same mask in order to encompass
the whole thing as if it were on one subnet. So if you have:
xxx.xxx.0.xxx
and
xxx.xxx.2.xxx.

Then a mask of 255.255.255.252 will force all the machines in both offices
on the same subnet. If this is the case, you really don't need to superscope
or supernet.
Regards,
Ace
Basically it is two hubs connected by fiber because of the distance, it
makes both offices on the same LAN. Here is the basic setup in order to
clarify things.

1.a.local (DC/DHCP/DNS/WINS/AD Primary root server/Win2003) Static IP
xxx.xxx.0.7
2.a.local(DC - Fileserver setup as DC/Win2003) Static IP xxx.xxx.0.2
3.a.local(Stand alone server/Win2003) Static IPs on 1st NIC xxx.xxx.0.1
xxx.xxx.2.1 On second NIC DHCP given by DSL WAN Router connected to ISP's
DSL Modem xxx.xxx.1.1 with ICS enabled.

1.b.local(DC/DHCP/WINS/AD Primary server for b.local Domain/Win200) Static
IP xxx.xxx.2.7
2.b.local(DC - Fileserver setup as DC/Win2000) Static IP xxx.xxx.2.3

Both 1.a.local and 1.b.local have DHCP with superscopes enabled. The scopes
on both machines do not overlap but follow the 80/20 rule.

The problem is when a machine, lets say, 5.a.local boots it gets its IP from
1.a.local it is always a xxx.xxx.0.xxx address. If I do an IPCONFIG /release
/renew on 5.a.local then 1.b.local answers with a xxx.xxx.2.xxx address
always. If I repeat the IPCONFIG /release /renew then 1.a.local will then
answer with a xxx.xxx.0.xxx address. Mind you the domain name is in both
DHCP servers correctly, that is a.local and b.local respectively. The
superscope only gives out the IPs for the domain of the answering server and
never the domain the computer is joined to.

And $60 is still $60 more than I could get approved right away after spend
the $1000+ on the fiber connection. I am tempted to setup both offices under
one domain and subnet, but for security and organizational reasons they want
them split now. A future move is not out of the question for one of the
offices.

So to get the superscope to work properly is it required to have 2 NICs or
just 2 IPs or do I have to configure the clients by class or something else?

Thanks again for your time
 
In
I.is.Who.I.am said:
Basically it is two hubs connected by fiber because of the distance,
it makes both offices on the same LAN. Here is the basic setup in
order to clarify things.

1.a.local (DC/DHCP/DNS/WINS/AD Primary root server/Win2003) Static IP
xxx.xxx.0.7
2.a.local(DC - Fileserver setup as DC/Win2003) Static IP xxx.xxx.0.2
3.a.local(Stand alone server/Win2003) Static IPs on 1st NIC
xxx.xxx.0.1 xxx.xxx.2.1 On second NIC DHCP given by DSL WAN Router
connected to ISP's DSL Modem xxx.xxx.1.1 with ICS enabled.

1.b.local(DC/DHCP/WINS/AD Primary server for b.local Domain/Win200)
Static IP xxx.xxx.2.7
2.b.local(DC - Fileserver setup as DC/Win2000) Static IP xxx.xxx.2.3

Both 1.a.local and 1.b.local have DHCP with superscopes enabled. The
scopes on both machines do not overlap but follow the 80/20 rule.

The problem is when a machine, lets say, 5.a.local boots it gets its
IP from
1.a.local it is always a xxx.xxx.0.xxx address. If I do an IPCONFIG
/release /renew on 5.a.local then 1.b.local answers with a
xxx.xxx.2.xxx address always. If I repeat the IPCONFIG /release
/renew then 1.a.local will then answer with a xxx.xxx.0.xxx address.
Mind you the domain name is in both DHCP servers correctly, that is
a.local and b.local respectively. The superscope only gives out the
IPs for the domain of the answering server and never the domain the
computer is joined to.

And $60 is still $60 more than I could get approved right away after
spend the $1000+ on the fiber connection. I am tempted to setup both
offices under one domain and subnet, but for security and
organizational reasons they want them split now. A future move is not
out of the question for one of the offices.

So to get the superscope to work properly is it required to have 2
NICs or just 2 IPs or do I have to configure the clients by class or
something else?

Thanks again for your time


Interesting arrangement. Honestly I've never seen it done this way.

As for 3.a.local, I wouldn't use ICS. That will definitely throw a wrench
into what you;re doing with DHCP. It creates its own mini DHCP service with
an ip range of 192.168.0.2 -> 192.168.0.254 randomly handed out on the
internal NIC. If DHCP or DNS were to be running on this machine, yhou would
get nathlp errors in the event viewer.

A superscope is used to combine multiple subnets with one NIC. Since your
two "subnets" (misnamed, of course) are connected by a simple hub (or
switch), then we can safely say that these two segments are actually "one"
network or segment, so it really only needs one NIC. Make sense? As for the
IP of the DHCP server, I would set it to an IP on the respective "subnet"
(loosely put) and set the mask to encompass both "subnets" so they "appear"
to be one.

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
Basically it is two hubs connected by fiber because of the distance,
Interesting arrangement. Honestly I've never seen it done this way.

As for 3.a.local, I wouldn't use ICS. That will definitely throw a wrench
into what you;re doing with DHCP. It creates its own mini DHCP service with
an ip range of 192.168.0.2 -> 192.168.0.254 randomly handed out on the
internal NIC. If DHCP or DNS were to be running on this machine, yhou would
get nathlp errors in the event viewer.

A superscope is used to combine multiple subnets with one NIC. Since your
two "subnets" (misnamed, of course) are connected by a simple hub (or
switch), then we can safely say that these two segments are actually "one"
network or segment, so it really only needs one NIC. Make sense? As for the
IP of the DHCP server, I would set it to an IP on the respective "subnet"
(loosely put) and set the mask to encompass both "subnets" so they "appear"
to be one.
Forgive my ignorance but I do not understand the last sentence fully, so let
me
try this example and see if I have it right.
With a subnet mask of 255.255.255.0
1.a.local - DHCP/DNS/WINS/AD - IP of 192.168.3.5 and 192.168.2.2
1.b.local - DHCP/DNS/WINS/AD - IP of 192.168.2.5 and 192.168.3.2
3.a.local - Stand Alone w/ICS - IP of 192.168.3.1 and 192.168.2.1 internal
(one IP for each subnet which is the gateway for each subnet on the client
machines)
and 192.168.1.1 external understanding your recommendation against ICS, this
is
just for quick config until ICS is disabled. Realize I changed the IPs for
a.local from 0.xxx to 2.xxx to avoid conflict with ICS.

If I used each DHCP server as a backup to the other (80/20 rule) and used
superscopes
for this purpose, does each server require one or two IPs?
 
In
Forgive my ignorance but I do not understand the last sentence fully,
so let me
try this example and see if I have it right.
With a subnet mask of 255.255.255.0
1.a.local - DHCP/DNS/WINS/AD - IP of 192.168.3.5 and 192.168.2.2
1.b.local - DHCP/DNS/WINS/AD - IP of 192.168.2.5 and 192.168.3.2
3.a.local - Stand Alone w/ICS - IP of 192.168.3.1 and 192.168.2.1
internal (one IP for each subnet which is the gateway for each subnet
on the client machines)
and 192.168.1.1 external understanding your recommendation against
ICS, this is
just for quick config until ICS is disabled. Realize I changed the
IPs for a.local from 0.xxx to 2.xxx to avoid conflict with ICS.

If I used each DHCP server as a backup to the other (80/20 rule) and
used superscopes
for this purpose, does each server require one or two IPs?

No problem, but maybe I should explain the masks a bit more. Are you
familiar with subnetting? IF not, let's break it down...

If I have an IP on one machine with:
192.168.3.5

and an IP on another machine with:
192.168.2.5

and both machines I will use this mask:
255.255.252.0

Both machines will now be able to communicate with each other without a
router. The mask is telling the machine that both of those IP address are on
the same network.

If you follow what I'm suggesting about the mask, you will not need two NICs
or two IP addresses (which will cause more confusion on setting up a machine
and issues with DNS and AD anyway).

To further explain:
The mask 255.255.252.0 is broken down into its binary bits:
11111111.11111111.11111100.00000000

Then we break down 192.168.3.5 into binary:
11000000.10101000.0000011.00000101

Then we break down 192.168.2.5
11000000.10101000.00000001.00000101

Now let's say 192.168.2.5 is trying to communicate with 192.168.3.5. The
machine with 192.168.2.5 is the "sending host". The sending host will then
takes it's own IP address and "ANDS" it to it's mask. (keep in mind it does
not know the mask of the destination host, it;'s just doing this to
determine whether its on the same network or not. If it is not on the same
network, the sending host will not just dump the packet on the wire to the
destination host, but rather send it to the router. What you're trying to do
is make both IP subnet ranges appear to all the machines that they are on
the same wire or subnet. Make sense?

The sending host will AND its own IP to the mask, and it will then AND the
destination IP to its own mask, then compares them. If the result is the
same, then it will send the packet directly on the wire. If the result is
different, then it means that the destination host is not on this network,
so therefore it sends it to the router to let the router handle it, since
its obviously somewhere else.

So anyway, "Anding is a process where we add up the bits. If there is a 1
and a 1 in the same column, the result is a 1. Any other combination is a 0.
11000000.10101000.00000001.00000101
11111111.11111111.11111100.00000000
__________________________________
11000000.10101000.00000000.00000000


Ok, now that same machine, 192.168.2.5 will take the destination IP address
and AND that to its own mask:
11000000.10101000.0000011.00000101
11111111.11111111.11111100.00000000
__________________________________
11000000.00000000.00000010.00000000


Then the sending host compares the results. The results above are exactly
the same. So therefore the sending hosts knows that the destingation host is
on the same subnet and will dump the packet directly on the wire. If the
results were different, it would have sent it to the router, but in this
case, which mirrors what your ip scheme is, they are the same using the
255.255.252.0 subnet.

Hence, what I;ve been trying to say. All you need is one NIC with one IP and
use 255.255.252.0 as the mask on both of your offices since you do not havce
a router and they are 'hubbed' together.

To further explain, a subnet of 255.255.252.0 will be able to handle 1024
hosts. It will encompass the whole 192.168.2.0, 3.0,
This will be plenty for your scenario.

All you need to do is create one DHCP scope for:
192.168.3.0 to 192.168.5.0 or whatever you want in between or more, since it
will handle the whole range or more.

You can split this between the two if you like with an 80/20 split for
backup.

Hope that explains it? Post back if not .....









--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
Thanks that was very helpful in understanding what you meant and how the
process works.

One question that comes to mind is the different domains. If a.local Server
has the option set to give the domain name through DHCP to clients and a
b.local client uses the a.local DHCP server it would register the clients
computer name wrongly in DNS - right? would it matter? how would if effect
logons? To clarify my question
4.a.local machine boots and the a.local machine is too busy to acknowledge
the DHCP broadcast request so the b.local DHCP server will give the
4.a.local machine the wrong domain name of 4.b.local.
Will this matter?
 
In
I.is.Who.I.am said:
Thanks that was very helpful in understanding what you meant and how
the process works.

One question that comes to mind is the different domains. If a.local
Server has the option set to give the domain name through DHCP to
clients and a b.local client uses the a.local DHCP server it would
register the clients computer name wrongly in DNS - right? would it
matter? how would if effect logons? To clarify my question
4.a.local machine boots and the a.local machine is too busy to
acknowledge the DHCP broadcast request so the b.local DHCP server
will give the
4.a.local machine the wrong domain name of 4.b.local.
Will this matter?

I'm glad my explanation was helpful.

The domain name given using Option 015 is not a Primary DNS Suffix but a
connection specific suffix. It won't affect logons since the client side
extensions will query the GC and Kerberos service of the domain that the
user is requesting to log in to. Basically it's just specifying the Internet
registered domain name, if you have one, no biggy.

You can opt in this case not to provide Option 015, but it wouldn't matter
anyway and it won't override the client specific settings, such as when its
joined to a domain, the Primary DNS Suffix will be the domain name its
joined to and therefore will become the search suffix and connection suffix
anyway. SInce you have two domains, I would just forget that option.

Here's one of many links out there on DHCP and its options.
http://www.intranetjournal.com/articles/200004/im_dhcpg.html

Just google for DNS Option 015. I saw one out there that has myself and
Kevin Goodnecht (another MVP) discussing it as well:
http://www.webservertalk.com/message104026.html

Hope that helps...

--
Regards,
Ace

Please direct all replies to the newsgroup so all can benefit.
This posting is provided "AS-IS" with no warranties and confers no
rights.

Ace Fekay, MCSE 2000, MCSE+I, MCSA, MCT, MVP
Microsoft Windows MVP - Active Directory

HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a
pig. --
=================================
 
Back
Top