1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RVS4000 as DHCP Relay Agent

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Billsey, Dec 7, 2010.

  1. Billsey

    Billsey LI Guru Member

    I need to configure the RVS4000 as a DHCP relay agent and I'm getting a bit confused... I have it's WAN set to 172.20.10.1 with a subnet of 255.255.0.0. I have a DHCP server on the network (Windows Server 2003) at 172.20.77.245 and have the RVS4000 configured as a DHCP Relay Agent. On that DHCP server I have a Scope for 172.20.10.0 with a subnet of 255.255.255.0 and an address pool of 172.20.10.2-172.20.10.254. The RVS4000 LAN address is 192.168.1.1.

    When I connect a PC to a LAN port on the RVS4000, I don't get a lease from the DHCP server. The way I understand things should work is that the DHCP server should assign an address within the 172.20.10.x scope to any client that makes a request behind the RVS4000, since the RVS4000 is within the class C subnet assigned to that scope.

    What am I doing wrong?
     
  2. Toxic

    Toxic Administrator Staff Member

    I'm not that well informed witht he RVS4000, but, anything connected to the LAN ports on the RVS4000 should be on the 192.168.1.1/24 subnet should it not? I would guess you need to change the LAN IP of the RVS4000 for a 172.20.x.x address and make sure DHCP on the RVS4000 is turned off.

    do you have any VLANs setup on the RVS4000?
     
  3. Billsey

    Billsey LI Guru Member

    That seems to work, at least I get a lease. I have no VLANs configured and don't plan to since the router will be serving a single group of clients. I should probably ask the next question in a Windows Server forum, but...

    The SBS 2003 server that is providing DHCP (172.20.77.245) currently has a superscope with three scopes inside it. The three scopes are:

    172.20.9.0/24
    172.20.10.0/24
    172.20.11.0/24

    Eventually I plan on adding more scopes, each of which will be 172.20.x.0/24.

    All with default gateways of 172.20.0.252 (which has the normal subnet mask of 255.255.0.0). Needless to say, this doesn't work because the three scopes are isolated from the default gateway. The client machine just times out trying to open any web page, since it has no way to get to the default gateway, even though the gateway could get back. When I tried to setup the three scopes with /16 subnets, it wasn't allowed because they'd overlap.

    Does anyone know how to correctly configure the DHCP server to assign addresses and gateways that will work in this environment?
     
  4. Toxic

    Toxic Administrator Staff Member

    Are you able to ping the gateway from any of the subnets? if not then there would appear to be a routing issue. have a look at the routing table.
     
  5. Billsey

    Billsey LI Guru Member

    It also seems to be that while you can configure the LAN address to be in the same subnet as the WAN address, you can't make any changes to the WAN side once in that mode, since the two addresses are not allowed in the same subnet. I'd guess that allowing a configuration with the LAN on the same subnet as the WAN in the first place is a bug in the firmware, not a solution to my problem. :-(

    The short term workaround is to reset the LAN address to something innocuous and reboot, make the WAN changes and reboot, then redo your LAN side and reboot. They should be disabling the LAN addressing (since there is no NAT) and building static routes on the LAN side whenever a DHCP lease is granted, I believe...
     
  6. Billsey

    Billsey LI Guru Member

    I added a unity route to the IP address on the WAN side, but I couldn't see anything else that might be wrong with the routing. Here's the table:
    Code:
    Destination LAN IP | Subnet Mask      | Gateway      | Interface 
    172.20.10.1          255.255.255.255   172.20.10.1      WAN 
    172.20.10.0          255.255.255.0     0.0.0.0          LAN 
    172.20.0.0           255.255.0.0       0.0.0.0          WAN 
    0.0.0.0              0.0.0.0           172.20.0.252     WAN
    When I try to ping the default gateway (172.20.0.252) from a machine that has gotten a lease (172.20.10.3) I get timeouts. The route table is parsed top to bottom, right? That means the ping request sent to 172.20.0.252 would be routed out the WAN port because it matches the third line and doesn't match either the first or second line.

    I set a sniffer up connected to a hub on the WAN side of the RVS4000. No ping packets got through on the WAN side. I configured a second machine to get a lease on the LAN side and the two LAN side machines (172.20.10.3 & 4) could ping each other (after I opened up ICMP requests in the firewall). I tried then a ping from the default gateway machine to one of the machines on the LAN side and no response.
     
  7. Billsey

    Billsey LI Guru Member

    Well I was certainly barking up the wrong tree with this... It turns out that the address passed to the DHCP server as part of the DHCP DISCOVER packet is the LAN address, not the WAN address. The configuration I used last (with a 172.20.10.x address with 255.255.128.0 subnet on the WAN side and a 172.20.128.x address with 255.255.255.0 subnet on the LAN side allows the DHCP Relay Agent function to work, ie., the client gets a lease with all info correct. The problem is now that the RVS4000 will not function as a router when in DHCP Relay Agent mode. It leaves us with no way to route packets that are received on the LAN side to anywhere on the WAN side, and vice versa. The suggestion from Cisco tech support was that we look into "an enterprise device" for a solution. The problem is that we would need one for each and every hotspot we install, and there's no way that they'd ever get paid for in my lifetime. :-(

    Does anyone know of an relatively inexpensive router that *can* function as a router and still be a DHCP Relay Agent? We can't use NAT, since we need to know the client's address for billing purposes, and NAT hides that address from us.
     

Share This Page