DHCP Server servicing Different VLANs

[Guest]

Hi,

Our network is based on Windows 2000 Domain Active Directory, and both
Domain Controllers are also our DHCP Servers.
Currently, all our Windows 2000 Workstations and Servers are in 1 flat
network; meaning, there is only 1 vlan.

We are planning to create 10 different VLANs in our switches, and to still
use the current DHCP Servers to provide IP addresses to Windows 2000
Workstations in those different VLANs.

Could someone please direct us on how we should setup the DCHP Servers to
accommodate that?

Thank you.
IK

 

[bigstone]

you can join this DC to all Vlans,It will be ok!

 

[Richard G. Harper]

DHCP itself won't need any special configuration to do this - just set up an
address range for each VLAN. What you WILL need to worry about is routing -
if the VLANs can't see each other then they can't see the DHCP server
either.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Phillip Windell]

We are planning to create 10 different VLANs in our switches, and to still
use the current DHCP Servers to provide IP addresses to Windows 2000
Workstations in those different VLANs.

I agree with Richard.

But why 10 segments? Going from 1 to 10 is quite drastic. Why?
There are only a few certain reasons for doing so. I'm afraid much of the
time this is done needlessly due to misconceptions about the benefits or the
need for it.

Apart from the security aspect of it (like ACLs on the LAN Router), Layer3
segments only help isolate Broadcasts nothing more. If you aren't having
problems with Broadcasts, then there isn't much point in doing this in the
first place,...the Switches at Layer2 are already isolating traffic
perfectly fine as it is. Broadcast problems are typically from having too
many hosts on a segment,...you are usually good up to about 300 (actual
measurable results vary).

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp
-----------------------------------------------------

 

[Guest]

Hi Richard,

What we can do if the VLANs can't see each other & can't see the DHCP server?

Thank you

DHCP itself won't need any special configuration to do this - just set up an
address range for each VLAN. What you WILL need to worry about is routing -
if the VLANs can't see each other then they can't see the DHCP server
either.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Hi,

Our network is based on Windows 2000 Domain Active Directory, and both
Domain Controllers are also our DHCP Servers.
Currently, all our Windows 2000 Workstations and Servers are in 1 flat
network; meaning, there is only 1 vlan.

We are planning to create 10 different VLANs in our switches, and to still
use the current DHCP Servers to provide IP addresses to Windows 2000
Workstations in those different VLANs.

Could someone please direct us on how we should setup the DCHP Servers to
accommodate that?

Thank you.
IK

 

[Richard G. Harper]

Install routers. Assuming for whatever reason that this is the way you want
to keep things you'll need a router on each VLAN to direct traffic to the
network containing the DHCP server.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Hi Richard,

What we can do if the VLANs can't see each other & can't see the DHCP
server?

Thank you

DHCP itself won't need any special configuration to do this - just set up
an
address range for each VLAN. What you WILL need to worry about is
routing -
if the VLANs can't see each other then they can't see the DHCP server
either.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Hi,

Our network is based on Windows 2000 Domain Active Directory, and both
Domain Controllers are also our DHCP Servers.
Currently, all our Windows 2000 Workstations and Servers are in 1 flat
network; meaning, there is only 1 vlan.

We are planning to create 10 different VLANs in our switches, and to
still
use the current DHCP Servers to provide IP addresses to Windows 2000
Workstations in those different VLANs.

Could someone please direct us on how we should setup the DCHP Servers
to
accommodate that?

Thank you.
IK

 

[Guest]

Thank you very much bigstone.
You all have provided me with very helpful information.....

 

[Guest]

Thank you very much Richard.
You all have provided me with very helpful information.....

DHCP itself won't need any special configuration to do this - just set up an
address range for each VLAN. What you WILL need to worry about is routing -
if the VLANs can't see each other then they can't see the DHCP server
either.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* PLEASE post all messages and replies in the newsgroups
* for the benefit of all. Private mail is usually not replied to.
* My website, such as it is ... http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

Hi,

Our network is based on Windows 2000 Domain Active Directory, and both
Domain Controllers are also our DHCP Servers.
Currently, all our Windows 2000 Workstations and Servers are in 1 flat
network; meaning, there is only 1 vlan.

We are planning to create 10 different VLANs in our switches, and to still
use the current DHCP Servers to provide IP addresses to Windows 2000
Workstations in those different VLANs.

Could someone please direct us on how we should setup the DCHP Servers to
accommodate that?

Thank you.
IK

 

[Guest]

Thank you very much Phillip.
You all have provided me with very helpful information.....

We are planning to create 10 different VLANs in our switches, and to still
use the current DHCP Servers to provide IP addresses to Windows 2000
Workstations in those different VLANs.

I agree with Richard.

But why 10 segments? Going from 1 to 10 is quite drastic. Why?
There are only a few certain reasons for doing so. I'm afraid much of the
time this is done needlessly due to misconceptions about the benefits or the
need for it.

Apart from the security aspect of it (like ACLs on the LAN Router), Layer3
segments only help isolate Broadcasts nothing more. If you aren't having
problems with Broadcasts, then there isn't much point in doing this in the
first place,...the Switches at Layer2 are already isolating traffic
perfectly fine as it is. Broadcast problems are typically from having too
many hosts on a segment,...you are usually good up to about 300 (actual
measurable results vary).

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/techinfo/Guidance/2004.asp
http://www.microsoft.com/isaserver/techinfo/Guidance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp