Re: DHCP problem
- From: "K.I.W.I" <john_hastie@xxxxxxxxxxxxxxxxx>
- Date: Fri, 9 Dec 2005 23:59:21 -0800
Hi Manny
Thanks for your reply...no offense taken whatsoever.
I agree with all your points but have inherited the network the way it is
and was trying to make it work a little better the way it is. All computers
connect on the same physical network and the idea of having them on seperate
subnets is firstly for security reasons and secondly to split the internet
traffic between 2 different ISPs. This setup is also considered slightly
more secure as in order to connect to the server where the data is a person
with a DHCP assigned address on the 2nd subnet would need to change their
network settings. I understand what you are saying but not many people in a
private club will go and try to hack the server....we're just trying to make
it marginally more difficult should someone.
I've tried giving a NIC 2 IP addresses and then have it give out DHCP
addresses on both subnets but have I've never got it to work.
I think I'll try harder to convince everyone involved that a single subnet
and single DHCP server is the way to go.
Thanks for your comments
KIWI
"Manny Borges" <manny_borges@xxxxxxxxxxx> wrote in message
news:ecBiaCG$FHA.1032@xxxxxxxxxxxxxxxxxxxxxxx
> Answers in line.
>
> --
> Manny Borges
> MCSE NT4-2003 (+ Security)
> MCT, Certified Cheese Master
>
> There are 10 kinds of people in the world. Those who do understand binary
> and those who don't.
>
> "KIWI" <john_hastie@xxxxxxxxxxxxxxxxx> wrote in message
> news:OeQNG$E$FHA.3452@xxxxxxxxxxxxxxxxxxxxxxx
>> Hi Manny
>>
>> We use Statically issigned IPs for ease of remote management. If someone
>> calls for support all we need is their PC ID Code (A sticker on the
>> machine) to know what the IP address is.
> OK. After many years I have determined that that is an ineffectual
> approach. No offense, but it is just too much effort to maintain and has
> no practical purpose.
> With dhcp reservations or with functional name resolution you or with any
> number of tools (such as the builtin and free netmeeting app) you can
> dynamically manage this information.
>
> It is just a matter of how valuable is your time. Would you rather spend
> your time maintaining a static infrastructure and all the documentation
> that goes along with it or leverage some simple tools to do the trick?
> Some people like having a whole bunch of pointless infrastructure to
> maintain.
>
> Don't even get me started on how difficult it is to chage said static
> infrastructure. I could tell you horror stories.
>
>> In order to get around this for Notebook computers we have reservations
>> configured based on the WLAN MAC address.
>>
>> For security reasons I'd like any non-damain member machine to get an IP
>> on a different subnet. This is a club with members who want to use their
>> notebooks from the lounge or in one of the meeting rooms. I'd just
>> prefer they are on a different subnet.
>
> Different physical net as well? Once again I have found that the only time
> is beneficial to use a diffrent subnet is when you have an actual need to
> do that. The old KISS principle. Especially useless when you using easily
> guessed private IP ranges. With any one of a hundred freeware tools I can
> quickly sweep a network over the standard class C private IP range and get
> an acurate footprint.
>
>>
>> What I'm really wanting to acomplish here is to give out addresses on 2
>> different subnets....ideally from a single DHCP server. I want my domain
>> machines to be on the 192.168.0.0/24 subnet and I want every other
>> machine to be given an address on the 192.168.1.0/24 subnet.
>>
>> If I turn off DHCP on the router and turn it on on the DC will I be able
>> to do this? I can setup 2 scopes on the DHCP server but how does the
>> server know what addresses to hand out to which clients?
>
> No problem. Place two NICS in the DHCP server one 192.168.0.0/24 and one
> in the 192.168.1.0/24 net. Make one scope for each. The NIC the request
> comes determines the scope that will be used. Or use one NIC with two IPs.
>
> And you don't need to use the DC. You can use most any server class OS on
> any of the systems. I personally like the MS DHCP system .
>
> These are just my opinions for the most part, so don't take anything I
> write personally.
>
> check out
> http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/7cb7e9f7-2090-4c88-8d14-270c749fddb5.mspx
>
> http://www.microsoft.com/windowsserver2003/proddoc/default.mspx
>
>
>
>>
>> TIA
>> KIWI
>>
>>
>> "Manny Borges" <manny_borges@xxxxxxxxxxx> wrote in message
>> news:%23Ysmp25%23FHA.208@xxxxxxxxxxxxxxxxxxxxxxx
>>>I am hearing you say that you have hardwired systems using DHCP and
>>>getting internet access. I am aslo hearing you have wireless systems that
>>>you have to use staic IP configs to access domain resources.
>>>
>>> You want an easier solution.
>>>
>>> The issue of needing static IPs is because of DNS. Without using the
>>> correct dns server AD breaks.
>>>
>>> Here is the easy solution.
>>>
>>> record the configuration the router DHCP is giving out.
>>>
>>> Turn the routers DHCP off.
>>>
>>> Enable DHCP on the DC and create a scope to replace the router.
>>>
>>> Then use DHCP client lease reservations to give different dns settings
>>> to the laptops. These reservations are based on MAC so they will always
>>> be reserved for these specific systems.
>>> -
>>> Manny Borges
>>> MCSE NT4-2003 (+ Security)
>>> MCT, Certified Cheese Master
>>>
>>> There are 10 kinds of people who understand binary. Those who do and
>>> those who don't.
>>>
>>> "K.I.W.I" <john_hastie@xxxxxxxxxxxxxxxxx> wrote in message
>>> news:OvN78Z0%23FHA.2424@xxxxxxxxxxxxxxxxxxxxxxx
>>>> Hi
>>>>
>>>> I have a problem I'm having trouble resolving.
>>>>
>>>> I look after a small club that has a Single Windows 2003 domain with 1
>>>> DC and 2 or 3 other servers with 60 XP Pro clients. DHCP is currently
>>>> provided by a Linksys Router and if a machine is configured for DHCP
>>>> and it is plugged into the wall somewhere in the club it will get an IP
>>>> address which will allow it to only connect to the internet. With the
>>>> network settings provided by DHCP the machine cannot connect to any of
>>>> the domain resources.
>>>>
>>>> The club also has a number of Notebooks which they'd like to use on the
>>>> domain. If these are set with static addresses all is OK till the
>>>> machines are taken away from the club and plugged into another network.
>>>> I'd like to be able to have the wireless cards configured for DHCP and
>>>> have them work anywhere in the club without them receiving addresses on
>>>> the secondary subnet.
>>>>
>>>> Is there an easy way of achieving this?
>>>>
>>>> TIA
>>>> KIWI
>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>
.
- References:
- DHCP problem
- From: K.I.W.I
- Re: DHCP problem
- From: Manny Borges
- Re: DHCP problem
- From: KIWI
- Re: DHCP problem
- From: Manny Borges
- DHCP problem
- Prev by Date: Re: To get a server with dual CPU's or not. That is the question.
- Next by Date: Re: Trial download for Server 2003 doesn't include a PID
- Previous by thread: Re: DHCP problem
- Next by thread: Performance Alert - Passing command line arguments to email script
- Index(es):
Relevant Pages
|
