-1

I have to research the possibility of having 2 DHCP servers on the same network (e.g. the network of our university), each sending their messages to their own nodes without interference of the other one. I'm not talking about 2 DHCP servers where one is a back-up for the other one; just two servers, who have their own set of nodes to which they have to send their messages to. We have relatively little knowledge of this matter and we were told this is not easily done.

Does someone know how this could be made possible of can someone guide us to the right direction to look for?

EDIT (the collegue):

What we try to achieve is the following: We want to use OMF (http://omf.mytestbed.net/) to test some nodes in a netwerk. OMF setups the nodes (clients) via DHCP and PXE. The normal network layout for OMF is to have a separate testbed net that are attached to one router that serves as DHCP server.

We are interested in deploying some testbed nodes within the normal network topology. So say that now 15 computers in a row are attached to one router and get an address in the X.Y.Z.1-X.Y.Z-200 range. What we want to do is add 5 computers on the same router that get their address (and PXE information) from another DHCP server.

Hardcoding the MAC addresses from the large (existing) network is not a solution, it is not feasible in our case.

atobi
  • 49
  • 1
  • 5
  • 5
    why, give us a valid reason to implement this? – tony roth Dec 03 '11 at 17:33
  • 2
    why indeed. academia o_O – Sirex Dec 03 '11 at 17:38
  • 1
    Define what "sending their messages to their own nodes without interference of the other one" means? – joeqwerty Dec 03 '11 at 19:53
  • 2
    I have a strong suspicion that the answer to this question is "Your instructor is an idiot", but I suspect we need to hear clarification of the point joeqwerty asks in order to be sure, or for that matter, to give you a good answer. – Rob Moir Dec 03 '11 at 22:23
  • We gave an extra explanation, I hope this will make it more clear. – atobi Dec 04 '11 at 11:29
  • 2
    You either use VLANs or [Split-Scope DHCP](http://technet.microsoft.com/en-us/library/ee405264(WS.10).aspx). The other options lead to madness. –  Dec 04 '11 at 11:53
  • If you don't want to use MAC addresses to differentiate between computers, how do you intend to differentiate computers that are part of your "project" from computers that are not? – Per von Zweigbergk Dec 04 '11 at 17:40
  • @Per von Zweigbergk: We can use the MAC addresses of the "project"-nodes, but not those of the large network (because it is so large). – atobi Dec 05 '11 at 11:54
  • I don't think serverfault is here to have other people do your homework. Quote http://serverfault.com/about: "Server Fault is for Information Technology Professionals needing expert answers related to managing computer systems in a professional capacity." – Roman Feb 20 '13 at 12:25

5 Answers5

4

It's possible to have 2 DHCP servers with different ranges operating on the same subnet. In this case the first one to respond (or rather have its response reach the client) is the one that is used for that client, and no address collisions occur (due to the servers) as neither server will offer an address that the other one will.

However, at least in the case of ISC's dhcp daemon (this the one most commonly used by Linux) it would be better to look into DHCP failover. Here both servers operate with the same ranges and coordinate address allocation between themselves. This allows a larger range can be available if one of the servers go down, and means the lease information is not lost, reducing collisions when the failed server is brought back in operation.

If you need different machines to receive different information, please look at pool in conjunction with host and/or group for ISC or the equivalents for whichever dhcp server you are using.

You should not have two groups (different from groups) trying to manage DHCP on the same subnet.

Without knowing what you're trying to accomplish and what you can and/or are trying to use, this is as clear as I can be.

short answer: Yes, but it's only an optimal solution to any problem.

84104
  • 12,698
  • 6
  • 43
  • 75
  • +1: "DHCP servers with different ranges operating on the same subnet." , for the only sane way to do this. –  Dec 04 '11 at 11:49
2

Define "same network". Based on your question description, you mean "same physical hardware (i.e. switches), but not the same subnets". It also seems from your question that the 2 subnets should not be able to communicate with each other.

If that's the case, then you'd do it with VLANs, so the traffic does not overlap. You would need a VLAN capable switch (or switches), and just associate "Network A" with VLAN X and "Network B" with VLAN Y.

Driftpeasant
  • 3,207
  • 2
  • 20
  • 28
1

Yes, this is possible.

I would use the HCP mode for both servers - fixed MAC-addresses to IP pairs (for "their" clients).

Both servers should not send NACKs for unkown client - the other one could know about that one.

Use these two directives in each server:

not authoritative; ignore unknown-clients;

Nils
  • 7,657
  • 3
  • 31
  • 71
  • It is not feasible in our case to bind each MAC address (we are talking about the network of our university, so rather a large set of nodes :)) – atobi Dec 04 '11 at 11:40
  • So you need a way to differentiate - what will be your criterion? You could try "nearest ist the first to answer" - but that may not work in some cases. – Nils Dec 04 '11 at 20:35
0

Your further explanation helps clarify what you're doing, but I believe the answer is now "yeah, that ain't going to work".

DHCP servers don't send "messages" to "their nodes", they are essentially a very simple process that tries to reply as fast as possible to a broadcast request for an IP address. If you don't/can't exclude some clients from some of the DHCP servers then there's not a lot you can do. If they're on the same physical and logical network then clients will take an IP address from whichever DHCP server replies to their request first.

Your best option is to isolate your test machines and server from the main LAN, either physically with a separate switch or logically with VLANs.

Rob Moir
  • 31,664
  • 6
  • 58
  • 86
0

I do this and it is very helpful for a spread out network where you want to create simple rules that apply to different ranges of IP (because I know where they are located).

Route ports 67/68 to the local network node and map the port so those port requests don't head over to the network node you want to isolate. Basically, keep port 67/68 requests limited to your node and the DHCP in that node will be the one to answer.

I've found this nice to do when I want to create a bandwidth control over a certain area of users and not apply the same rule to others.

Greg
  • 1