DHCP Superscopes

[Paul Treaster]

(If this isn't the correct newsgroup, please help me find where I need to
be - just a newbie when it comes to this)

I am setting up a proxy server with built in web filtering. I also need more
than 200 IP addresses due to more students bringin computers with them. So
in Windows Server 2003 I setup DHCP server with 2 or 3 scopes, then combine
them into one super scope. The problem I am seeing is that computers on the
192.168.1.0 address scope will not see computers on the 192.168.2.0 address
scope. Because of this, they cannot access the proxy server which is on the
192.168.2.0 address. Is there something else I need to do to get the
different scopes working together?
Thank you.

 

[G]

do you have a gateway for each subnet?

 

[Phillip Windell]

1. You can't do that.
2. Forget the Superscopes.
3. Create one scope with enough addresses that is compatible with the
segment they are running on. The DHCP Server does not have to be on the same
segment as long as the router between the segment forwards the DHCP Queries
to the DHCP Server, which is a normal and common job for a LAN router.
4. Scopes should be created with the full address range according to the
Mask used. Exclusions are then used to reduce of increase the addresses
available for lease.
5. For effieciency, segments should be kept below 250-300 hosts.

The Proxy server is whole other issue that is near impossible to answer
without knowing the network design and topology scheme. But if the proxy is
in a different segment, then their must be a LAN router between the
segments,...the proxy would need a Static Route entered into the OS's
Routing Table that tells it to use the LAN Router as the gateway for the
segment that is on the opposite side of the router.

 

[Herb Martin]

(If this isn't the correct newsgroup, please help me find where I need to
be - just a newbie when it comes to this)

I am setting up a proxy server with built in web filtering. I also need more
than 200 IP addresses due to more students bringin computers with them. So
in Windows Server 2003 I setup DHCP server with 2 or 3 scopes, then combine
them into one super scope.

That is correct if these are on the same physical segment/interface
of the DHCP server (that is, they are a MULTINET or in other words
"single broadcast domain.")

The problem I am seeing is that computers on the
192.168.1.0 address scope will not see computers on the 192.168.2.0 address
scope.

This is a routing problem.

You can either give every machine (in that subnet) an additional static
route
or you can arrange for their existing default gateway to deal with this.

If you use the Proxy for the default gateway, it is easiest to just give it
an
address on BOTH subnets.

Traffic BETWEEN the stations on your two/three subnets will be
inefficient but that is simplist.

Because of this, they cannot access the proxy server which is on the
192.168.2.0 address. Is there something else I need to do to get the
different scopes working together?

It isn't not (directly) a scope problem. Give the router two addresses
and give each scope the IP on it's own subnet for the gateway.

 

[Herb Martin]

1. You can't do that.

Sure you can -- see my post this thread.

2. Forget the Superscopes.

No, superscopes are needed when you have a multinet which
is what he describes (and he describes a good reason for
using such a rare item.)

3. Create one scope with enough addresses that is compatible with the
segment they are running on. The DHCP Server does not have to be on the same
segment as long as the router between the segment forwards the DHCP Queries
to the DHCP Server, which is a normal and common job for a LAN router.

Works, but his method is fine.

4. Scopes should be created with the full address range according to the
Mask used. Exclusions are then used to reduce of increase the addresses
available for lease.

Not always possible when they are non-contiguous or
on two different IP subnets.

5. For effieciency, segments should be kept below 250-300 hosts.

True, but he has a "traveling" problem not (I believe) an actual
active host count problem.

He can also radically shorten his lease times but this is a common
problem for a university or school where laptops are supported.

After every class, hundreds of student computers move around.

The Proxy server is whole other issue that is near impossible to answer
without knowing the network design and topology scheme. But if the proxy is
in a different segment, then their must be a LAN router between the
segments,...the proxy would need a Static Route entered into the OS's
Routing Table that tells it to use the LAN Router as the gateway for the
segment that is on the opposite side of the router.

His whole problem (as posed) is a ROUTING problem.

--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]

--

Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

(If this isn't the correct newsgroup, please help me find where I need to
be - just a newbie when it comes to this)

I am setting up a proxy server with built in web filtering. I also need more
than 200 IP addresses due to more students bringin computers with them. So
in Windows Server 2003 I setup DHCP server with 2 or 3 scopes, then combine
them into one super scope. The problem I am seeing is that computers on the
192.168.1.0 address scope will not see computers on the 192.168.2.0 address
scope. Because of this, they cannot access the proxy server which is on the
192.168.2.0 address. Is there something else I need to do to get the
different scopes working together?
Thank you.

 

[Phillip Windell]

Sure you can -- see my post this thread.

Ok, but then....

How do you get address ranges that are different subnets to work together as
a single broadcast domain without a router?
If you change the mask so they are all the same broadcast domain
then
you really don't need a router or the superscope because they
can just be
included in a single scope and you have just one big subnet.

If you included a router to over come it, then you don't really
need the
multi-net and can just run standard subnets to begin with.

Everything I have ever read on supescopes and multi-nets always leaves out a
bunch of critical information that explains how these things are overcome.
I would like to understand how they intend for it to work, although I can
not see myself ever succumbing to using one when they are so many good way
to avoid it that promote a better network design to begin with.

It is too hard to follow your post with what you wrote, what I wrote, and
what he wrote all blended together.

 

[Herb Martin]

Ok, but then....

How do you get address ranges that are different subnets to work together as
a single broadcast domain without a router?

We already spoke on the phone but for anyone following long there
are two ways:

The router must know about (e.g., be on) both subnets

OR

Each machine must have a Static Route for the "other subnet"

The first is easier to setup and the second is more network efficient
if the machine talk to each other a lot.

Everything I have ever read on supescopes and multi-nets always leaves out a
bunch of critical information that explains how these things are overcome.

That is absolutely true for what I have seen also
-- except for in my classes and materials <grin>.

Multinets are when two IP subnets occupy the same physical
segment (same broadcast domain technically since a bridged
set of segments can require this too if more than one subnet is
used.)

A DHCP superscope is ONLY for when a DHCP services
a multinet (i.e., multiple scopes on the same wire.)

Superscopes SHOULD have been called "scope groups" since
it merely groups multiple regular scopes into a single super
scope (group.)

I would like to understand how they intend for it to work, although I can
not see myself ever succumbing to using one when they are so many good way
to avoid it that promote a better network design to begin with.

The issue is the multinet -- once comitted to that an to DHCP
the superscope is unavoidable with a single DHCP server.

As I mentioned, the multinets are not commonly needed but
for places like colleges where large bodies of people leave
and arrive in mass on a regular basis they do serve as a useful
option.