DHCP Management Across a Diversified Network? 100
ET Admin writes "I work for a small Wireless ISP, where we are deploying new network hardware to allow for growth and contain broadcast traffic. All routing/switching equipment is Cisco. We use Linux stand-alone boxes and VMs (running on Win 2003 boxes). We have decided on a hybrid VLAN layout where we have certain VLANs limited by location, and other VLANs that are global across the network. And I want DHCP served across it all. Does anyone have experience with IPAM software that handles multiple DHCP servers? Our network is small so spending a couple grand is overkill at this point. Any recomendations to help me decide between serving DHCP from the Nix boxes, or from the Cisco gear? Knowing that a single DHCP server will handle from 100-500 hosts."
Re:I have the solution you need... (Score:3, Interesting)
Go IPV6 and leave DHCP in the dust (Score:2, Interesting)
DHCP not used in IPV6 protocol
Use the Unix/Linux boxes.... (Score:5, Interesting)
With using Unix/Linux you can setup failover servers so that if one does not respond, the other will take over the requests and that way you will not lose DHCP across your entire network due to hardware/software issues on a single system. Go read up on dhcpd, it is not too difficult to understand, and is really probably your best low cost solution.
You need Cisco gear (Score:3, Interesting)
You need to use DHCP snooping to block rogue DHCP servers and block packets with forged MAC addresses on untrusted interfaces
You need IP source guard to block forced IP addresses on untrusted interfaces
Otherwise, you are at risk of DOS and/or compromise from malicious users, and at risk of instability and insanity caused by users who plug a rogue DHCP server (even something as simple as the LAN side of a Linksys gateway) into your gear.
Re:You need Cisco gear (Score:1, Interesting)
You can do this with Procurve too... and Enterasys.
Don't be a crony ;)
Re:VMs on win2k3 machines (Score:2, Interesting)
Hey, wait, VMware server's still an option for production servers. Several years ago, it was a commercial product called VMware GSX server.
"Small wireless ISP" doesn't exactly strike me as the type of user, who would be deploying an Oracle RAC cluster with a load of 10k transactions per second, and an Exchange 2007 server with 5000 mailboxes, processing 10 messages per second.
GSX was the version for production servers in a small environment. ESX was the high-end uber-expensive version for running massive numbers of servers on a dedicated host in a large environment.
Server hardware in common use has gotten a lot better, much more powerful, since then. And VMware Server is no worse than GSX.
If your workload is suitable for that type of virtualization, GSX should be okay.
Yeah, ESX is a lot better, can handle many more VMs, and can virtualize many high-end workloads effectively that weren't even VM-suitable under GSX/VMware server.
ESXi is less mature, and probably not as suitable as ESX.
Re:DHCP Relaying (Score:2, Interesting)