Jump to content
Genders

DHCP and VLAN'ing

Recommended Posts

Hello All,

 

TLDR - Server serving DHCP on one VLAN. Want to connect a second NIC to another VLAN. How do make sure DHCP doesn't cross over into the second VLAN?

 

-----

 

I have a Cisco 2960 series SI POE-8 switch. I've created two VLANs on the switch, VLAN 10 has an ADSL modem router for internet gateway only and a server providing DHCP to clients. VLAN 20 is management. VLAN 10 and VLAN 20 have different IP ranges, same subnet mask of 24 and different gateways.

 

The DHCP server on VLAN 10 has a MAC address bind in it's DHCP service to it's on-board NIC. Clients connecting to VLAN 10 get severed IP's from the DHCP server and can browse the web via the ADSL modem router.

 

I'd like to install another NIC onto the DHCP server and connect that to VLAN 20 so I can manage it. At the moment to get to my DHCP server I have to RDP through the ADSL modem router. I've got a port forward set up for RDP 3389.

 

If I connect another NIC and connect that onto VLAN 20, would or could I have issues with DHCP leases crossing over into VLAN 20? I'm not sure, my thoughts are the NIC which the DHCP service is listening is bound to specific MAC and that's on an interface / interfaces which only have "switchport access vlan 10". The other interface has "switchport access vlan 20". So the binding and VLAN'ing should stop any cross over?

 

I've also looking at DHCP snooping, the commands switchport block broadcast, or uni cast or multi cast. I think the command "switchport block broadcast" may work, a colleague said it might block VLAN 20 working on the interface and cut off the access I want. The two NIC's will have different IP ranges and gateways as well.

 

I basically want to turn off the port forwarding through my ADSL modem router and manage the DHCP server from an internal LAN, not through a WAN.

 

I haven't got a CCNA, I'm learning a lot just by playing around. Any advice would be appreciated.

Share this post


Link to post
Share on other sites

VLAN 10 is 192.65.1.0 and VLAN 20 is 192.168.96.0. The DHCP server has a bind to provide leases to clients on VLAN 10 192.65.1.0.

 

I'll be putting the DHCP server on both VLANs, but only wanting leases server to VLAN 10. VLAN 20 shouldn't get leases.

 

I'll try it ans see what happens.

Share this post


Link to post
Share on other sites

Well assuming your subnet is /24 (or 255.255.255.0 for the layman); your IP addresses are indeed on seperate lans and each DHCP server shouldnt try to assign to each other...... They shouldnt be able to SEE each other.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×