<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_06_17_2036232</id>
	<title>DHCP Management Across a Diversified Network?</title>
	<author>timothy</author>
	<datestamp>1245231960000</datestamp>
	<htmltext>ET Admin writes <i>"I work for a small Wireless ISP, where we are deploying new network hardware to allow for growth and contain broadcast traffic.  All routing/switching equipment is Cisco.  We use Linux stand-alone boxes and VMs (running on Win 2003 boxes).  We have decided on a hybrid VLAN layout where we have certain VLANs limited by location, and other VLANs that are global across the network.  And I want DHCP served across it all. Does anyone have experience with IPAM software that handles multiple DHCP servers?  Our network is small so spending a couple grand is overkill at this point.  Any recomendations to help me decide between serving DHCP from the Nix boxes, or from the Cisco gear?  Knowing that a single DHCP server will handle from 100-500 hosts."</i></htmltext>
<tokenext>ET Admin writes " I work for a small Wireless ISP , where we are deploying new network hardware to allow for growth and contain broadcast traffic .
All routing/switching equipment is Cisco .
We use Linux stand-alone boxes and VMs ( running on Win 2003 boxes ) .
We have decided on a hybrid VLAN layout where we have certain VLANs limited by location , and other VLANs that are global across the network .
And I want DHCP served across it all .
Does anyone have experience with IPAM software that handles multiple DHCP servers ?
Our network is small so spending a couple grand is overkill at this point .
Any recomendations to help me decide between serving DHCP from the Nix boxes , or from the Cisco gear ?
Knowing that a single DHCP server will handle from 100-500 hosts .
"</tokentext>
<sentencetext>ET Admin writes "I work for a small Wireless ISP, where we are deploying new network hardware to allow for growth and contain broadcast traffic.
All routing/switching equipment is Cisco.
We use Linux stand-alone boxes and VMs (running on Win 2003 boxes).
We have decided on a hybrid VLAN layout where we have certain VLANs limited by location, and other VLANs that are global across the network.
And I want DHCP served across it all.
Does anyone have experience with IPAM software that handles multiple DHCP servers?
Our network is small so spending a couple grand is overkill at this point.
Any recomendations to help me decide between serving DHCP from the Nix boxes, or from the Cisco gear?
Knowing that a single DHCP server will handle from 100-500 hosts.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28380489</id>
	<title>Use the Unix/Linux boxes Luke....</title>
	<author>fm6</author>
	<datestamp>1245318900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Fixed your title for you.</p></htmltext>
<tokenext>Fixed your title for you .</tokentext>
<sentencetext>Fixed your title for you.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366915</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367345</id>
	<title>I'll echo everybody else....</title>
	<author>sysgeek01</author>
	<datestamp>1245238800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Don't use your cisco gear to manage dhcp. It's better utilized doing it's primary function of routing and switching. Set up a Linux box to do dhcp. Setup multiple subnets and use the "ip helper-address" command on the interfaces of your Cisco router's to forward the dhcp requests to your Linux dhcp server. It's simple to do. Once upon a time I setup a 5000k node network doing that very same thing.</htmltext>
<tokenext>Do n't use your cisco gear to manage dhcp .
It 's better utilized doing it 's primary function of routing and switching .
Set up a Linux box to do dhcp .
Setup multiple subnets and use the " ip helper-address " command on the interfaces of your Cisco router 's to forward the dhcp requests to your Linux dhcp server .
It 's simple to do .
Once upon a time I setup a 5000k node network doing that very same thing .</tokentext>
<sentencetext>Don't use your cisco gear to manage dhcp.
It's better utilized doing it's primary function of routing and switching.
Set up a Linux box to do dhcp.
Setup multiple subnets and use the "ip helper-address" command on the interfaces of your Cisco router's to forward the dhcp requests to your Linux dhcp server.
It's simple to do.
Once upon a time I setup a 5000k node network doing that very same thing.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368879</id>
	<title>Re:Some VLAN's globally???</title>
	<author>donkeyoverlord</author>
	<datestamp>1245252240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>A VLAN is a layer 2 technology and can span across multiple switches.  In Cisco IOS you can create a layer 3 interface to a VLAN.</htmltext>
<tokenext>A VLAN is a layer 2 technology and can span across multiple switches .
In Cisco IOS you can create a layer 3 interface to a VLAN .</tokentext>
<sentencetext>A VLAN is a layer 2 technology and can span across multiple switches.
In Cisco IOS you can create a layer 3 interface to a VLAN.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368155</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28371163</id>
	<title>Weird-Solutions.</title>
	<author>Chrisje</author>
	<datestamp>1245319380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I would have a look at <a href="http://www.weird-solutions.com/" title="weird-solutions.com">http://www.weird-solutions.com/</a> [weird-solutions.com]</p><p>They produce some cutting edge DHCP and provisioning software for amongst others the ISP market. Furthermore their staff are incredibly knowledgeable.</p></htmltext>
<tokenext>I would have a look at http : //www.weird-solutions.com/ [ weird-solutions.com ] They produce some cutting edge DHCP and provisioning software for amongst others the ISP market .
Furthermore their staff are incredibly knowledgeable .</tokentext>
<sentencetext>I would have a look at http://www.weird-solutions.com/ [weird-solutions.com]They produce some cutting edge DHCP and provisioning software for amongst others the ISP market.
Furthermore their staff are incredibly knowledgeable.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366963</id>
	<title>dhcp on different vlans</title>
	<author>Anonymous</author>
	<datestamp>1245236460000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>If its cisco equipment- yes, you should be able to maintain different vlans and serve dhcp independently inside each vlan.</p></htmltext>
<tokenext>If its cisco equipment- yes , you should be able to maintain different vlans and serve dhcp independently inside each vlan .</tokentext>
<sentencetext>If its cisco equipment- yes, you should be able to maintain different vlans and serve dhcp independently inside each vlan.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367357</id>
	<title>Re:Nice answer Slashdotters.</title>
	<author>Anonymous</author>
	<datestamp>1245238920000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p>I'm sorry but some people are idiots and they shouldn't be working the job they have. If you can't find someone to hire who knows how to setup DHCP you are a cheap bastard.  Hire a competent person and stop asking other people to tell you how to do your own job.  I see a lot of this in the US right now and I'm non too happy to have to do other peoples jobs for them when I'm getting paid for it let alone when I'm not.</p></htmltext>
<tokenext>I 'm sorry but some people are idiots and they should n't be working the job they have .
If you ca n't find someone to hire who knows how to setup DHCP you are a cheap bastard .
Hire a competent person and stop asking other people to tell you how to do your own job .
I see a lot of this in the US right now and I 'm non too happy to have to do other peoples jobs for them when I 'm getting paid for it let alone when I 'm not .</tokentext>
<sentencetext>I'm sorry but some people are idiots and they shouldn't be working the job they have.
If you can't find someone to hire who knows how to setup DHCP you are a cheap bastard.
Hire a competent person and stop asking other people to tell you how to do your own job.
I see a lot of this in the US right now and I'm non too happy to have to do other peoples jobs for them when I'm getting paid for it let alone when I'm not.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367091</id>
	<title>Re:Go IPV6 and leave DHCP in the dust</title>
	<author>Imagix</author>
	<datestamp>1245237060000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext>Ahem... never heard of RFC 3315?  DHCPv6 still has a place in an IPv6 network.</htmltext>
<tokenext>Ahem... never heard of RFC 3315 ?
DHCPv6 still has a place in an IPv6 network .</tokentext>
<sentencetext>Ahem... never heard of RFC 3315?
DHCPv6 still has a place in an IPv6 network.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28370633</id>
	<title>Re:Nice answer Slashdotters.</title>
	<author>fluffy99</author>
	<datestamp>1245357720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>
I've got no problem with the guy trying to get up to speed.  I have respect for someone who admits a shortcoming and works at fixing it. Slashdot is hardly a great place to do it though.  He should go to his boss and admit that he's in over his head and needs to either get some training/credentials or get a decent consult with an expert.  The money or resources spent on the education or quality advice wil pay off down the road when they avoid a major security incident.</htmltext>
<tokenext>I 've got no problem with the guy trying to get up to speed .
I have respect for someone who admits a shortcoming and works at fixing it .
Slashdot is hardly a great place to do it though .
He should go to his boss and admit that he 's in over his head and needs to either get some training/credentials or get a decent consult with an expert .
The money or resources spent on the education or quality advice wil pay off down the road when they avoid a major security incident .</tokentext>
<sentencetext>
I've got no problem with the guy trying to get up to speed.
I have respect for someone who admits a shortcoming and works at fixing it.
Slashdot is hardly a great place to do it though.
He should go to his boss and admit that he's in over his head and needs to either get some training/credentials or get a decent consult with an expert.
The money or resources spent on the education or quality advice wil pay off down the road when they avoid a major security incident.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367319</id>
	<title>Re:DHCP Relaying</title>
	<author>Curien</author>
	<datestamp>1245238620000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>This is definitely the way to go. If for some reason you cannot do this (as was once the case for me*), you can set up a PC on the network segment to act as a DHCP relay (the ISC DHCP distribution comes with a relay agent). On a network where we had more control, we set up a tunnel between the routers to forward the DHCP packets.</p><p>* The network involved military encryption devices which could not be configured to forward broadcast packets. I put together a Linux system that booted from a floppy, used arping to figure out the IP address of the router (to determine which network segment it was on), read a config file from the floppy that contained the segment-specific settings, and started the dhcrelay process. Since the system ran entirely from a ramdisk, the security office allowed us to leave it on even when the area was secured.</p></htmltext>
<tokenext>This is definitely the way to go .
If for some reason you can not do this ( as was once the case for me * ) , you can set up a PC on the network segment to act as a DHCP relay ( the ISC DHCP distribution comes with a relay agent ) .
On a network where we had more control , we set up a tunnel between the routers to forward the DHCP packets .
* The network involved military encryption devices which could not be configured to forward broadcast packets .
I put together a Linux system that booted from a floppy , used arping to figure out the IP address of the router ( to determine which network segment it was on ) , read a config file from the floppy that contained the segment-specific settings , and started the dhcrelay process .
Since the system ran entirely from a ramdisk , the security office allowed us to leave it on even when the area was secured .</tokentext>
<sentencetext>This is definitely the way to go.
If for some reason you cannot do this (as was once the case for me*), you can set up a PC on the network segment to act as a DHCP relay (the ISC DHCP distribution comes with a relay agent).
On a network where we had more control, we set up a tunnel between the routers to forward the DHCP packets.
* The network involved military encryption devices which could not be configured to forward broadcast packets.
I put together a Linux system that booted from a floppy, used arping to figure out the IP address of the router (to determine which network segment it was on), read a config file from the floppy that contained the segment-specific settings, and started the dhcrelay process.
Since the system ran entirely from a ramdisk, the security office allowed us to leave it on even when the area was secured.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367519</id>
	<title>Re:Go IPV6 and leave DHCP in the dust</title>
	<author>quazee</author>
	<datestamp>1245239940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Even if you go IPv6, you still need to provide at least a NAT-ed IPv4 address or a transparent HTTP/DNS proxy.<br>
And the 'transparent proxy' solution will break everything except HTTP, most notably, HTTPS.<br>
You can communicate with IPv6 hosts from an IPv4 address (via 6to4 encapsulation).<br>
But you cannot communicate with IPv4-only hosts using an IPv6 address without a proxy.</htmltext>
<tokenext>Even if you go IPv6 , you still need to provide at least a NAT-ed IPv4 address or a transparent HTTP/DNS proxy .
And the 'transparent proxy ' solution will break everything except HTTP , most notably , HTTPS .
You can communicate with IPv6 hosts from an IPv4 address ( via 6to4 encapsulation ) .
But you can not communicate with IPv4-only hosts using an IPv6 address without a proxy .</tokentext>
<sentencetext>Even if you go IPv6, you still need to provide at least a NAT-ed IPv4 address or a transparent HTTP/DNS proxy.
And the 'transparent proxy' solution will break everything except HTTP, most notably, HTTPS.
You can communicate with IPv6 hosts from an IPv4 address (via 6to4 encapsulation).
But you cannot communicate with IPv4-only hosts using an IPv6 address without a proxy.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368377</id>
	<title>Re:Use the Unix/Linux boxes....</title>
	<author>morgan\_greywolf</author>
	<datestamp>1245247080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Agreed.  ISC dhcpd is so trivial to setup, and places hardly any load on the system at all, that I don't use why you wouldn't use it in that case.  I've personally ran dhcpd servers serving 1,000 nodes or more without a lick of trouble running on old PCs that were just lying around.  We had a couple of failover servers on each VLAN and ultimately we never had any DHCP downtime, ever.  Well, actually we did once, but that's because the POS Cisco switch the DHCP servers were plugged into totally failed for reasons we were never able to ascertain, other than the fact the hardware simply didn't work anymore.<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>Agreed .
ISC dhcpd is so trivial to setup , and places hardly any load on the system at all , that I do n't use why you would n't use it in that case .
I 've personally ran dhcpd servers serving 1,000 nodes or more without a lick of trouble running on old PCs that were just lying around .
We had a couple of failover servers on each VLAN and ultimately we never had any DHCP downtime , ever .
Well , actually we did once , but that 's because the POS Cisco switch the DHCP servers were plugged into totally failed for reasons we were never able to ascertain , other than the fact the hardware simply did n't work anymore .
: )</tokentext>
<sentencetext>Agreed.
ISC dhcpd is so trivial to setup, and places hardly any load on the system at all, that I don't use why you wouldn't use it in that case.
I've personally ran dhcpd servers serving 1,000 nodes or more without a lick of trouble running on old PCs that were just lying around.
We had a couple of failover servers on each VLAN and ultimately we never had any DHCP downtime, ever.
Well, actually we did once, but that's because the POS Cisco switch the DHCP servers were plugged into totally failed for reasons we were never able to ascertain, other than the fact the hardware simply didn't work anymore.
:)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366915</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367893</id>
	<title>Re:Nice answer Slashdotters.</title>
	<author>evanism</author>
	<datestamp>1245242880000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>So I guess I wouldn't be hiring you then? As a multi-time CTO I know your type: vapid, vain and egotistical.  Mate, change your attitude, as you'll be the first out the door when the boss needs to draw up "the list".</p></htmltext>
<tokenext>So I guess I would n't be hiring you then ?
As a multi-time CTO I know your type : vapid , vain and egotistical .
Mate , change your attitude , as you 'll be the first out the door when the boss needs to draw up " the list " .</tokentext>
<sentencetext>So I guess I wouldn't be hiring you then?
As a multi-time CTO I know your type: vapid, vain and egotistical.
Mate, change your attitude, as you'll be the first out the door when the boss needs to draw up "the list".</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367357</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28377149</id>
	<title>www.infoblox.com</title>
	<author>Anonymous</author>
	<datestamp>1245352320000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Disclaimer: I'm an Infoblox Systems Engineer.</p><p>Our company specializes in exactly this area. We provide an appliance (also as a VM on Cisco and Riverbed). We have 35 of the fortune 100, and have been in business for 9 years. We have 150 programmers, 150 'other' people (including me). We provide IP address management, NTP, file access (mostly for VoIP phones), RADIUS, DNS &amp; DHCP.</p><p>Check out our website then contact us if you'd like to learn more.</p><p>We have ISP's as accounts in addition to government and business.</p></htmltext>
<tokenext>Disclaimer : I 'm an Infoblox Systems Engineer.Our company specializes in exactly this area .
We provide an appliance ( also as a VM on Cisco and Riverbed ) .
We have 35 of the fortune 100 , and have been in business for 9 years .
We have 150 programmers , 150 'other ' people ( including me ) .
We provide IP address management , NTP , file access ( mostly for VoIP phones ) , RADIUS , DNS &amp; DHCP.Check out our website then contact us if you 'd like to learn more.We have ISP 's as accounts in addition to government and business .</tokentext>
<sentencetext>Disclaimer: I'm an Infoblox Systems Engineer.Our company specializes in exactly this area.
We provide an appliance (also as a VM on Cisco and Riverbed).
We have 35 of the fortune 100, and have been in business for 9 years.
We have 150 programmers, 150 'other' people (including me).
We provide IP address management, NTP, file access (mostly for VoIP phones), RADIUS, DNS &amp; DHCP.Check out our website then contact us if you'd like to learn more.We have ISP's as accounts in addition to government and business.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368503</id>
	<title>CNR</title>
	<author>Anonymous</author>
	<datestamp>1245248460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Cisco make (or at least did make some time ago) a DHCP server (Cisco Network Registrar) based on Windows that does handle option 82. So you do not have to run DHCP on IOS, you can relay back to a central server.

I have even been able to "script" CNR by sending command line commands to administer scopes (yes, thank god it has a command line). But in all honesty, it's far easier to automate the configuration of a standard linux or *BSD dhcpd.</htmltext>
<tokenext>Cisco make ( or at least did make some time ago ) a DHCP server ( Cisco Network Registrar ) based on Windows that does handle option 82 .
So you do not have to run DHCP on IOS , you can relay back to a central server .
I have even been able to " script " CNR by sending command line commands to administer scopes ( yes , thank god it has a command line ) .
But in all honesty , it 's far easier to automate the configuration of a standard linux or * BSD dhcpd .</tokentext>
<sentencetext>Cisco make (or at least did make some time ago) a DHCP server (Cisco Network Registrar) based on Windows that does handle option 82.
So you do not have to run DHCP on IOS, you can relay back to a central server.
I have even been able to "script" CNR by sending command line commands to administer scopes (yes, thank god it has a command line).
But in all honesty, it's far easier to automate the configuration of a standard linux or *BSD dhcpd.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366911</id>
	<title>Re:DHCP Relaying</title>
	<author>oatworm</author>
	<datestamp>1245236220000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>That's what I'm thinking, too.  Also, make sure conflict detection is turned on.  Serving DHCP isn't particularly processor-intensive, so I doubt it'll matter much if you're hosting it from your *NIX boxes or from your Cisco equipment.</htmltext>
<tokenext>That 's what I 'm thinking , too .
Also , make sure conflict detection is turned on .
Serving DHCP is n't particularly processor-intensive , so I doubt it 'll matter much if you 're hosting it from your * NIX boxes or from your Cisco equipment .</tokentext>
<sentencetext>That's what I'm thinking, too.
Also, make sure conflict detection is turned on.
Serving DHCP isn't particularly processor-intensive, so I doubt it'll matter much if you're hosting it from your *NIX boxes or from your Cisco equipment.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28373563</id>
	<title>debian config for vlan dhcp</title>
	<author>Anonymous</author>
	<datestamp>1245337980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Plug a linux box into a trunk port and configure it for vlans as described below.  Works great.</p><p>cat<nobr> <wbr></nobr>/etc/network/interfaces<br># This file describes the network interfaces available on your system<br># and how to activate them. For more information, see interfaces(5).</p><p># The loopback network interface<br>auto lo<br>iface lo inet loopback</p><p># The primary network interface<br>allow-hotplug eth0<br>iface eth0 inet static<br>address 10.91.1.4<br>netmask 255.255.0.0<br>mtu 1496</p><p>auto vlan101<br>iface vlan101 inet static<br>address 10.91.101.4<br>netmask 255.255.255.0<br>mtu 1496<br>vlan\_raw\_device eth0</p><p>auto vlan102<br>iface vlan102 inet static<br>address 10.91.102.4<br>netmask 255.255.255.0<br>mtu 1496<br>vlan\_raw\_device eth0</p><p>auto vlan103<br>iface vlan103 inet static<br>address 10.91.103.4<br>netmask 255.255.255.0<br>mtu 1496<br>vlan\_raw\_device eth0</p><p>cat<nobr> <wbr></nobr>/etc/dhcpd.conf<br># Sample configuration file for ISC dhcpd for Debian#<br># $Id: dhcpd.conf,v 1.4.2.2 2002/07/10 03:50:33 peloy Exp $<br>#</p><p># option definitions common to all supported networks...</p><p>option domain-name "mydomain.com";<br>option domain-name-servers 10.91.1.2, 10.91.1.3;<br>option netbios-name-servers 10.91.1.2, 10.91.1.3;<br>option ntp-servers 10.91.1.5;</p><p>default-lease-time 3600;<br>max-lease-time 7200;<br>authoritative;</p><p>subnet 10.91.101.0 netmask 255.255.255.0 {<br>
&nbsp; &nbsp; range 10.91.101.40 10.91.101.191;<br>
&nbsp; &nbsp; option routers 10.91.101.1;<br>}</p><p>subnet 10.91.102.0 netmask 255.255.255.0 {<br>
&nbsp; &nbsp; range 10.91.102.40 10.91.102.191;<br>
&nbsp; &nbsp; option routers 10.91.102.1;<br>}</p><p>subnet 10.91.103.0 netmask 255.255.255.0 {<br>
&nbsp; &nbsp; range 10.91.103.40 10.91.103.191;<br>
&nbsp; &nbsp; option routers 10.91.103.1;<br>}</p></htmltext>
<tokenext>Plug a linux box into a trunk port and configure it for vlans as described below .
Works great.cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them .
For more information , see interfaces ( 5 ) . # The loopback network interfaceauto loiface lo inet loopback # The primary network interfaceallow-hotplug eth0iface eth0 inet staticaddress 10.91.1.4netmask 255.255.0.0mtu 1496auto vlan101iface vlan101 inet staticaddress 10.91.101.4netmask 255.255.255.0mtu 1496vlan \ _raw \ _device eth0auto vlan102iface vlan102 inet staticaddress 10.91.102.4netmask 255.255.255.0mtu 1496vlan \ _raw \ _device eth0auto vlan103iface vlan103 inet staticaddress 10.91.103.4netmask 255.255.255.0mtu 1496vlan \ _raw \ _device eth0cat /etc/dhcpd.conf # Sample configuration file for ISC dhcpd for Debian # # $ Id : dhcpd.conf,v 1.4.2.2 2002/07/10 03 : 50 : 33 peloy Exp $ # # option definitions common to all supported networks...option domain-name " mydomain.com " ; option domain-name-servers 10.91.1.2 , 10.91.1.3 ; option netbios-name-servers 10.91.1.2 , 10.91.1.3 ; option ntp-servers 10.91.1.5 ; default-lease-time 3600 ; max-lease-time 7200 ; authoritative ; subnet 10.91.101.0 netmask 255.255.255.0 {     range 10.91.101.40 10.91.101.191 ;     option routers 10.91.101.1 ; } subnet 10.91.102.0 netmask 255.255.255.0 {     range 10.91.102.40 10.91.102.191 ;     option routers 10.91.102.1 ; } subnet 10.91.103.0 netmask 255.255.255.0 {     range 10.91.103.40 10.91.103.191 ;     option routers 10.91.103.1 ; }</tokentext>
<sentencetext>Plug a linux box into a trunk port and configure it for vlans as described below.
Works great.cat /etc/network/interfaces# This file describes the network interfaces available on your system# and how to activate them.
For more information, see interfaces(5).# The loopback network interfaceauto loiface lo inet loopback# The primary network interfaceallow-hotplug eth0iface eth0 inet staticaddress 10.91.1.4netmask 255.255.0.0mtu 1496auto vlan101iface vlan101 inet staticaddress 10.91.101.4netmask 255.255.255.0mtu 1496vlan\_raw\_device eth0auto vlan102iface vlan102 inet staticaddress 10.91.102.4netmask 255.255.255.0mtu 1496vlan\_raw\_device eth0auto vlan103iface vlan103 inet staticaddress 10.91.103.4netmask 255.255.255.0mtu 1496vlan\_raw\_device eth0cat /etc/dhcpd.conf# Sample configuration file for ISC dhcpd for Debian## $Id: dhcpd.conf,v 1.4.2.2 2002/07/10 03:50:33 peloy Exp $## option definitions common to all supported networks...option domain-name "mydomain.com";option domain-name-servers 10.91.1.2, 10.91.1.3;option netbios-name-servers 10.91.1.2, 10.91.1.3;option ntp-servers 10.91.1.5;default-lease-time 3600;max-lease-time 7200;authoritative;subnet 10.91.101.0 netmask 255.255.255.0 {
    range 10.91.101.40 10.91.101.191;
    option routers 10.91.101.1;}subnet 10.91.102.0 netmask 255.255.255.0 {
    range 10.91.102.40 10.91.102.191;
    option routers 10.91.102.1;}subnet 10.91.103.0 netmask 255.255.255.0 {
    range 10.91.103.40 10.91.103.191;
    option routers 10.91.103.1;}</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367365</id>
	<title>VMs on win2k3 machines</title>
	<author>Anonymous</author>
	<datestamp>1245238980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>While we are here... I really hope you are not using something like "vmware server" - you know ESXi is free now, right, and will give you a lot more performance for your VMs than vmware server, which isn't really meant for production use...</p></htmltext>
<tokenext>While we are here... I really hope you are not using something like " vmware server " - you know ESXi is free now , right , and will give you a lot more performance for your VMs than vmware server , which is n't really meant for production use.. .</tokentext>
<sentencetext>While we are here... I really hope you are not using something like "vmware server" - you know ESXi is free now, right, and will give you a lot more performance for your VMs than vmware server, which isn't really meant for production use...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366925</id>
	<title>Re:I have the solution you need...</title>
	<author>poptix@work</author>
	<datestamp>1245236280000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>Also, here's a small sample config for serving a particular pool on a particular interface (which would be the vlan "interface" on the Cisco), easily found on Google:</p><p>class "vlan1234"<br>{<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; match if<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; (<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; (binary-to-ascii(16, 8, ".", option agent.remote-id) = "0.15.63.ab.52.16") # This is the MAC of the switch<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; and<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; (binary-to-ascii (10,8, ".", option agent.circuit-id) = "0.0.0.47")    # This is the interface number<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; );<br>}</p><p>pool {<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; range 192.168.100.5 192.168.100.254;<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; max-lease-time 300;</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; option subnet-mask 255.255.255.0;<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; option routers 192.168.100.1;<br>
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; allow members of "vlan1234";<br>}</p></htmltext>
<tokenext>Also , here 's a small sample config for serving a particular pool on a particular interface ( which would be the vlan " interface " on the Cisco ) , easily found on Google : class " vlan1234 " {                 match if                 (                                 ( binary-to-ascii ( 16 , 8 , " .
" , option agent.remote-id ) = " 0.15.63.ab.52.16 " ) # This is the MAC of the switch                                 and                                 ( binary-to-ascii ( 10,8 , " .
" , option agent.circuit-id ) = " 0.0.0.47 " ) # This is the interface number                 ) ; } pool {                 range 192.168.100.5 192.168.100.254 ;                 max-lease-time 300 ;                 option subnet-mask 255.255.255.0 ;                 option routers 192.168.100.1 ;                 allow members of " vlan1234 " ; }</tokentext>
<sentencetext>Also, here's a small sample config for serving a particular pool on a particular interface (which would be the vlan "interface" on the Cisco), easily found on Google:class "vlan1234"{
                match if
                (
                                (binary-to-ascii(16, 8, ".
", option agent.remote-id) = "0.15.63.ab.52.16") # This is the MAC of the switch
                                and
                                (binary-to-ascii (10,8, ".
", option agent.circuit-id) = "0.0.0.47")    # This is the interface number
                );}pool {
                range 192.168.100.5 192.168.100.254;
                max-lease-time 300;
                option subnet-mask 255.255.255.0;
                option routers 192.168.100.1;
                allow members of "vlan1234";}</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368445</id>
	<title>IPAM Software- Open Source</title>
	<author>Anonymous</author>
	<datestamp>1245247920000</datestamp>
	<modclass>Redundant</modclass>
	<modscore>-1</modscore>
	<htmltext>Utah State University has developed an open-source IP address management software. It handles multiple backend DNS and DHCP server/databases.. Front-end is a GUI where you can register hosts and setup DHCP network allocations. Contact their IT Department.</htmltext>
<tokenext>Utah State University has developed an open-source IP address management software .
It handles multiple backend DNS and DHCP server/databases.. Front-end is a GUI where you can register hosts and setup DHCP network allocations .
Contact their IT Department .</tokentext>
<sentencetext>Utah State University has developed an open-source IP address management software.
It handles multiple backend DNS and DHCP server/databases.. Front-end is a GUI where you can register hosts and setup DHCP network allocations.
Contact their IT Department.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367145</id>
	<title>DNSMasq</title>
	<author>TheRealMindChild</author>
	<datestamp>1245237360000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><a href="http://www.thekelleys.org.uk/dnsmasq/doc.html" title="thekelleys.org.uk">DNSMasq</a> [thekelleys.org.uk]. Nuff said.</htmltext>
<tokenext>DNSMasq [ thekelleys.org.uk ] .
Nuff said .</tokentext>
<sentencetext>DNSMasq [thekelleys.org.uk].
Nuff said.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28369199</id>
	<title>pfSense</title>
	<author>Anonymous</author>
	<datestamp>1245255360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I use a pfSense to serve DHCP on my home network, consisting of 6 VLANs (only 2 or 3 of which has DHCP enabled)... pfSense supports failover (not sure if it's using dhcpd3's failover or not).</p><p>Having looked into Windows, do *not* consider it... their "failover" approach requires either shared disks (SAN or iSCSI), or overlapping ranges (server1 gives<nobr> <wbr></nobr>.1-.127, server2 gives<nobr> <wbr></nobr>.128-.254... either will renew for the other so it "works").</p></htmltext>
<tokenext>I use a pfSense to serve DHCP on my home network , consisting of 6 VLANs ( only 2 or 3 of which has DHCP enabled ) ... pfSense supports failover ( not sure if it 's using dhcpd3 's failover or not ) .Having looked into Windows , do * not * consider it... their " failover " approach requires either shared disks ( SAN or iSCSI ) , or overlapping ranges ( server1 gives .1-.127 , server2 gives .128-.254... either will renew for the other so it " works " ) .</tokentext>
<sentencetext>I use a pfSense to serve DHCP on my home network, consisting of 6 VLANs (only 2 or 3 of which has DHCP enabled)... pfSense supports failover (not sure if it's using dhcpd3's failover or not).Having looked into Windows, do *not* consider it... their "failover" approach requires either shared disks (SAN or iSCSI), or overlapping ranges (server1 gives .1-.127, server2 gives .128-.254... either will renew for the other so it "works").</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367485</id>
	<title>Re:You need Cisco gear</title>
	<author>Anonymous</author>
	<datestamp>1245239700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>HP Procurve equipment supports both DHCP helper addresses and DHCP snooping. So yes, you need to do it properly, but you can do it properly (and with a free lifetime warranty) without Cisco.</htmltext>
<tokenext>HP Procurve equipment supports both DHCP helper addresses and DHCP snooping .
So yes , you need to do it properly , but you can do it properly ( and with a free lifetime warranty ) without Cisco .</tokentext>
<sentencetext>HP Procurve equipment supports both DHCP helper addresses and DHCP snooping.
So yes, you need to do it properly, but you can do it properly (and with a free lifetime warranty) without Cisco.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28372629</id>
	<title>Cluster DHCP with OpenBSD... Very easy and free!</title>
	<author>Anonymous</author>
	<datestamp>1245333540000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Save all the wasted money on commercial products and use OpenBSD more. FOSS is your friend.</p><p>See the -y and -Y sections of the dhcpd man page for more information:<br>http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&amp;apropos=0&amp;sektion=0&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=html<br>and also the 'SYNCHRONISATION' section below that.</p><p>We've done similar and works flawlessly, saving lots of money!</p><p>We also use a lot of the other OpenBSD goodies, OpenBGP, OpenNTP, OpenOSPF, OpenSMTP, spamd, CARP, PFSync, PF, Clustered IPSec, etc.</p></htmltext>
<tokenext>Save all the wasted money on commercial products and use OpenBSD more .
FOSS is your friend.See the -y and -Y sections of the dhcpd man page for more information : http : //www.openbsd.org/cgi-bin/man.cgi ? query = dhcpd&amp;apropos = 0&amp;sektion = 0&amp;manpath = OpenBSD + Current&amp;arch = i386&amp;format = htmland also the 'SYNCHRONISATION ' section below that.We 've done similar and works flawlessly , saving lots of money ! We also use a lot of the other OpenBSD goodies , OpenBGP , OpenNTP , OpenOSPF , OpenSMTP , spamd , CARP , PFSync , PF , Clustered IPSec , etc .</tokentext>
<sentencetext>Save all the wasted money on commercial products and use OpenBSD more.
FOSS is your friend.See the -y and -Y sections of the dhcpd man page for more information:http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&amp;apropos=0&amp;sektion=0&amp;manpath=OpenBSD+Current&amp;arch=i386&amp;format=htmland also the 'SYNCHRONISATION' section below that.We've done similar and works flawlessly, saving lots of money!We also use a lot of the other OpenBSD goodies, OpenBGP, OpenNTP, OpenOSPF, OpenSMTP, spamd, CARP, PFSync, PF, Clustered IPSec, etc.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368155</id>
	<title>Some VLAN's globally???</title>
	<author>cdogg4ya</author>
	<datestamp>1245244920000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>1</modscore>
	<htmltext><p>I don't know enough about your environment but hopefully you know that that isn't a possibility across Layer 3 devices (and when I say VLAN's, I assume that you are talking about an IP segment and not just a VLAN number).  That said the "ip dhcp helper" or DHCP relay I think is what you are looking for.  This way you can have 1 DHCP server serving numerous VLAN's or L3 IP segments.  If you have more specific questions feel free to reach out to me.</p><p>Carl Fugate<br>carl@iprouteradmin.com<br>BLOG: www.iprouteradmin.com<br>Router Lab: www.onlinerouterlab.com</p></htmltext>
<tokenext>I do n't know enough about your environment but hopefully you know that that is n't a possibility across Layer 3 devices ( and when I say VLAN 's , I assume that you are talking about an IP segment and not just a VLAN number ) .
That said the " ip dhcp helper " or DHCP relay I think is what you are looking for .
This way you can have 1 DHCP server serving numerous VLAN 's or L3 IP segments .
If you have more specific questions feel free to reach out to me.Carl Fugatecarl @ iprouteradmin.comBLOG : www.iprouteradmin.comRouter Lab : www.onlinerouterlab.com</tokentext>
<sentencetext>I don't know enough about your environment but hopefully you know that that isn't a possibility across Layer 3 devices (and when I say VLAN's, I assume that you are talking about an IP segment and not just a VLAN number).
That said the "ip dhcp helper" or DHCP relay I think is what you are looking for.
This way you can have 1 DHCP server serving numerous VLAN's or L3 IP segments.
If you have more specific questions feel free to reach out to me.Carl Fugatecarl@iprouteradmin.comBLOG: www.iprouteradmin.comRouter Lab: www.onlinerouterlab.com</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28369091</id>
	<title>Carnegie Mellon's NetReg</title>
	<author>vitroth</author>
	<datestamp>1245254100000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext>Carnegie Mellon's <a href="http://www.net.cmu.edu/netreg" title="cmu.edu" rel="nofollow">NetReg</a> [cmu.edu] is an open source system that provides a pretty complete IP Address Management toolset, including management of DNS &amp; DHCP configurations for ISC bind/dhcpd. It can manage ISC dhcpd's failover configuration, and multiple server groups, etc.
<br> <br>
Rather then just repeating what I've said before when the subject of IP Address Management came up on slashdot, I'll just <a href="http://slashdot.org/comments.pl?sid=184210&amp;cid=15214180" title="slashdot.org" rel="nofollow">link to it</a> [slashdot.org].
<br> <br>
Note: While the project has been pretty quiet for quite some time now,  thats mostly because its the system is very stable and there hasn't been a lot of major new development in the last couple of years.  I used to be one of the core developers of the system before I moved on to another job, but its still in active use by many sites.</htmltext>
<tokenext>Carnegie Mellon 's NetReg [ cmu.edu ] is an open source system that provides a pretty complete IP Address Management toolset , including management of DNS &amp; DHCP configurations for ISC bind/dhcpd .
It can manage ISC dhcpd 's failover configuration , and multiple server groups , etc .
Rather then just repeating what I 've said before when the subject of IP Address Management came up on slashdot , I 'll just link to it [ slashdot.org ] .
Note : While the project has been pretty quiet for quite some time now , thats mostly because its the system is very stable and there has n't been a lot of major new development in the last couple of years .
I used to be one of the core developers of the system before I moved on to another job , but its still in active use by many sites .</tokentext>
<sentencetext>Carnegie Mellon's NetReg [cmu.edu] is an open source system that provides a pretty complete IP Address Management toolset, including management of DNS &amp; DHCP configurations for ISC bind/dhcpd.
It can manage ISC dhcpd's failover configuration, and multiple server groups, etc.
Rather then just repeating what I've said before when the subject of IP Address Management came up on slashdot, I'll just link to it [slashdot.org].
Note: While the project has been pretty quiet for quite some time now,  thats mostly because its the system is very stable and there hasn't been a lot of major new development in the last couple of years.
I used to be one of the core developers of the system before I moved on to another job, but its still in active use by many sites.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368295</id>
	<title>IPAM Software-Open Source</title>
	<author>Anonymous</author>
	<datestamp>1245246300000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Utah State University has developed an open-source IP address management software that can tie in DNS and DHCP from different servers and databases. Front-end is a GUI interface where it's easy to setup and register hosts or DHCP network allocations. Contact their I.T. Department.</p></htmltext>
<tokenext>Utah State University has developed an open-source IP address management software that can tie in DNS and DHCP from different servers and databases .
Front-end is a GUI interface where it 's easy to setup and register hosts or DHCP network allocations .
Contact their I.T .
Department .</tokentext>
<sentencetext>Utah State University has developed an open-source IP address management software that can tie in DNS and DHCP from different servers and databases.
Front-end is a GUI interface where it's easy to setup and register hosts or DHCP network allocations.
Contact their I.T.
Department.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021</id>
	<title>You need Cisco gear</title>
	<author>Anonymous</author>
	<datestamp>1245236760000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext><p>You need to use DHCP snooping to block rogue DHCP servers and block packets with forged MAC addresses on untrusted interfaces</p><p>You need IP source guard to block forced IP addresses on untrusted interfaces</p><p>Otherwise, you are at risk of DOS and/or compromise from malicious users, and at risk of instability and insanity caused by users who plug a rogue DHCP server (even something as simple as the LAN side of a Linksys gateway) into your gear.</p></htmltext>
<tokenext>You need to use DHCP snooping to block rogue DHCP servers and block packets with forged MAC addresses on untrusted interfacesYou need IP source guard to block forced IP addresses on untrusted interfacesOtherwise , you are at risk of DOS and/or compromise from malicious users , and at risk of instability and insanity caused by users who plug a rogue DHCP server ( even something as simple as the LAN side of a Linksys gateway ) into your gear .</tokentext>
<sentencetext>You need to use DHCP snooping to block rogue DHCP servers and block packets with forged MAC addresses on untrusted interfacesYou need IP source guard to block forced IP addresses on untrusted interfacesOtherwise, you are at risk of DOS and/or compromise from malicious users, and at risk of instability and insanity caused by users who plug a rogue DHCP server (even something as simple as the LAN side of a Linksys gateway) into your gear.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368467</id>
	<title>Just use your existing gear</title>
	<author>acoustix</author>
	<datestamp>1245248160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Using one or two of your Win2003 boxes, create multiple DHCP scopes for your multiple networks/subnets.  Then just use the "ip helper-address" on your cisco gear to allow the DHCP requests to make it to your servers.  Done.  I do this at my company with 50+ VLANs.</p><p>Cost = $0.</p></htmltext>
<tokenext>Using one or two of your Win2003 boxes , create multiple DHCP scopes for your multiple networks/subnets .
Then just use the " ip helper-address " on your cisco gear to allow the DHCP requests to make it to your servers .
Done. I do this at my company with 50 + VLANs.Cost = $ 0 .</tokentext>
<sentencetext>Using one or two of your Win2003 boxes, create multiple DHCP scopes for your multiple networks/subnets.
Then just use the "ip helper-address" on your cisco gear to allow the DHCP requests to make it to your servers.
Done.  I do this at my company with 50+ VLANs.Cost = $0.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843</id>
	<title>I have the solution you need...</title>
	<author>poptix@work</author>
	<datestamp>1245235920000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p><a href="http://lmgtfy.com/?q=cisco+dhcp+relay&amp;l=1" title="lmgtfy.com">http://lmgtfy.com/?q=cisco+dhcp+relay&amp;l=1</a> [lmgtfy.com]</p><p>You can easily run hundreds of thousands of hosts off a single DHCP server. It is not cpu intensive particularly if you have a decent lease duration.</p></htmltext>
<tokenext>http : //lmgtfy.com/ ? q = cisco + dhcp + relay&amp;l = 1 [ lmgtfy.com ] You can easily run hundreds of thousands of hosts off a single DHCP server .
It is not cpu intensive particularly if you have a decent lease duration .</tokentext>
<sentencetext>http://lmgtfy.com/?q=cisco+dhcp+relay&amp;l=1 [lmgtfy.com]You can easily run hundreds of thousands of hosts off a single DHCP server.
It is not cpu intensive particularly if you have a decent lease duration.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368457</id>
	<title>Re:Go IPV6 and leave DHCP in the dust</title>
	<author>miscellaneous</author>
	<datestamp>1245248040000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Yeah, because as a wireless ISP you can totally require your clients to support IPv6. Wait, no, that's not right.</p></htmltext>
<tokenext>Yeah , because as a wireless ISP you can totally require your clients to support IPv6 .
Wait , no , that 's not right .</tokentext>
<sentencetext>Yeah, because as a wireless ISP you can totally require your clients to support IPv6.
Wait, no, that's not right.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801</id>
	<title>DHCP Relaying</title>
	<author>Anonymous</author>
	<datestamp>1245235740000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>setup DHCP Relaying on the switches to forward/relay all dhcp request across the vlans and subnets to one (or two) dhcp servers</p></htmltext>
<tokenext>setup DHCP Relaying on the switches to forward/relay all dhcp request across the vlans and subnets to one ( or two ) dhcp servers</tokentext>
<sentencetext>setup DHCP Relaying on the switches to forward/relay all dhcp request across the vlans and subnets to one (or two) dhcp servers</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366893</id>
	<title>Re:DHCP Relaying</title>
	<author>Anonymous</author>
	<datestamp>1245236160000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>DHCP Relay Agent in Cisco Routers</p><p>Cisco Routers support DHCP Relay Agents with ip helper-address command. To enable the  ip helper-address on an interface that will receive client BOOTP/DHCP broadcasts.</p><p>From the Global configuration mode,</p><p>Router(config)# interface fa 0/0</p><p>Router(config-if)# ip helper-addres 10.10.10.1</p><p>Router(config-if)# ip helper-addres 10.10.10.2</p></htmltext>
<tokenext>DHCP Relay Agent in Cisco RoutersCisco Routers support DHCP Relay Agents with ip helper-address command .
To enable the ip helper-address on an interface that will receive client BOOTP/DHCP broadcasts.From the Global configuration mode,Router ( config ) # interface fa 0/0Router ( config-if ) # ip helper-addres 10.10.10.1Router ( config-if ) # ip helper-addres 10.10.10.2</tokentext>
<sentencetext>DHCP Relay Agent in Cisco RoutersCisco Routers support DHCP Relay Agents with ip helper-address command.
To enable the  ip helper-address on an interface that will receive client BOOTP/DHCP broadcasts.From the Global configuration mode,Router(config)# interface fa 0/0Router(config-if)# ip helper-addres 10.10.10.1Router(config-if)# ip helper-addres 10.10.10.2</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368579</id>
	<title>Re:I have the solution you need...</title>
	<author>Helmholtz</author>
	<datestamp>1245249180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Even better, run it from a [open]solaris zone.</p></htmltext>
<tokenext>Even better , run it from a [ open ] solaris zone .</tokentext>
<sentencetext>Even better, run it from a [open]solaris zone.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28426389</id>
	<title>OpenNetAdmin</title>
	<author>hornet136</author>
	<datestamp>1245700200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I'll throw out my solution. <br>
 <br>
As many people here have suggested, ISC DHCP server has no trouble with this and can handle many subnets and pool combinations from one or more servers.  Then with the combination of ip helper-address on Cisco platforms you can control which server(s) handle the network.  Throw DHCP-Failover into the mix and make it redundant. <br>
 <br>
To manage all this I'd suggest <a href="http://opennetadmin.com/" title="opennetadmin.com" rel="nofollow">OpenNetAdmin</a> [opennetadmin.com].  It is geared to manage as any IPAM would, your address space.  It can also be instructed to manage multiple DHCP servers in whatever combination you need.  Then those servers simply extract their specific configuration from the database.  It should have no issue scaling to several hundred distributed DHCP servers if needed.  It will all however be managed easily via the centralized WEB/CLI interface.  Opennetadmin will also keep track of your vlan information as well. <br>
 <br>
I would personally avoid running DHCP on the cisco devices, but thats just me.<nobr> <wbr></nobr>:) <br>
 <br>
Hope that helps.  Again, head to <a href="http://opennetadmin.com/" title="opennetadmin.com" rel="nofollow">http://opennetadmin.com/</a> [opennetadmin.com] and see if that works for you! <br>
 <br>
Thanks</htmltext>
<tokenext>I 'll throw out my solution .
As many people here have suggested , ISC DHCP server has no trouble with this and can handle many subnets and pool combinations from one or more servers .
Then with the combination of ip helper-address on Cisco platforms you can control which server ( s ) handle the network .
Throw DHCP-Failover into the mix and make it redundant .
To manage all this I 'd suggest OpenNetAdmin [ opennetadmin.com ] .
It is geared to manage as any IPAM would , your address space .
It can also be instructed to manage multiple DHCP servers in whatever combination you need .
Then those servers simply extract their specific configuration from the database .
It should have no issue scaling to several hundred distributed DHCP servers if needed .
It will all however be managed easily via the centralized WEB/CLI interface .
Opennetadmin will also keep track of your vlan information as well .
I would personally avoid running DHCP on the cisco devices , but thats just me .
: ) Hope that helps .
Again , head to http : //opennetadmin.com/ [ opennetadmin.com ] and see if that works for you !
Thanks</tokentext>
<sentencetext>I'll throw out my solution.
As many people here have suggested, ISC DHCP server has no trouble with this and can handle many subnets and pool combinations from one or more servers.
Then with the combination of ip helper-address on Cisco platforms you can control which server(s) handle the network.
Throw DHCP-Failover into the mix and make it redundant.
To manage all this I'd suggest OpenNetAdmin [opennetadmin.com].
It is geared to manage as any IPAM would, your address space.
It can also be instructed to manage multiple DHCP servers in whatever combination you need.
Then those servers simply extract their specific configuration from the database.
It should have no issue scaling to several hundred distributed DHCP servers if needed.
It will all however be managed easily via the centralized WEB/CLI interface.
Opennetadmin will also keep track of your vlan information as well.
I would personally avoid running DHCP on the cisco devices, but thats just me.
:) 
 
Hope that helps.
Again, head to http://opennetadmin.com/ [opennetadmin.com] and see if that works for you!
Thanks</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368741</id>
	<title>Support?</title>
	<author>Anonymous</author>
	<datestamp>1245251040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I have to ask, who will be monitoring and supporting this architecture?</p></htmltext>
<tokenext>I have to ask , who will be monitoring and supporting this architecture ?</tokentext>
<sentencetext>I have to ask, who will be monitoring and supporting this architecture?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366855</id>
	<title>phpdhcpadmin</title>
	<author>Anonymous</author>
	<datestamp>1245236040000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p>Someone in house here created it, and we use it across multiple vlans from a Gentoo box. It uses the ISC DHCPD server.</p><p>http://phpdhcpadmin.sourceforge.net</p></htmltext>
<tokenext>Someone in house here created it , and we use it across multiple vlans from a Gentoo box .
It uses the ISC DHCPD server.http : //phpdhcpadmin.sourceforge.net</tokentext>
<sentencetext>Someone in house here created it, and we use it across multiple vlans from a Gentoo box.
It uses the ISC DHCPD server.http://phpdhcpadmin.sourceforge.net</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366891</id>
	<title>dhcp relay</title>
	<author>Anonymous</author>
	<datestamp>1245236160000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>If you want a dhcp server on multiple vlans, you can probably utilize dhcp relay to forward the client dhcp request to the server. So, you don't necessarily need a server on each vlan. Also, with dhcp option 82 information, you can serve addressed based on the vlan, switch or even switch port from where the request originates.</p><p>See the following for more information: CISCO option 82</p></htmltext>
<tokenext>If you want a dhcp server on multiple vlans , you can probably utilize dhcp relay to forward the client dhcp request to the server .
So , you do n't necessarily need a server on each vlan .
Also , with dhcp option 82 information , you can serve addressed based on the vlan , switch or even switch port from where the request originates.See the following for more information : CISCO option 82</tokentext>
<sentencetext>If you want a dhcp server on multiple vlans, you can probably utilize dhcp relay to forward the client dhcp request to the server.
So, you don't necessarily need a server on each vlan.
Also, with dhcp option 82 information, you can serve addressed based on the vlan, switch or even switch port from where the request originates.See the following for more information: CISCO option 82</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28374155</id>
	<title>Re:DHCP Relaying</title>
	<author>Moxon</author>
	<datestamp>1245340560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>We're using ip helper forwarding to two ISC dhcp3 servers (on linux) with a load balance / failover setup.  Works just dandy for a few thousand users and 200+ subnets.</p><p>Separate pools and subnets per vlan and all that stuff, of course.  I'm sure there are howtos on the web..</p></htmltext>
<tokenext>We 're using ip helper forwarding to two ISC dhcp3 servers ( on linux ) with a load balance / failover setup .
Works just dandy for a few thousand users and 200 + subnets.Separate pools and subnets per vlan and all that stuff , of course .
I 'm sure there are howtos on the web. .</tokentext>
<sentencetext>We're using ip helper forwarding to two ISC dhcp3 servers (on linux) with a load balance / failover setup.
Works just dandy for a few thousand users and 200+ subnets.Separate pools and subnets per vlan and all that stuff, of course.
I'm sure there are howtos on the web..</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366893</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367189</id>
	<title>Re:I have the solution you need...</title>
	<author>Anonymous</author>
	<datestamp>1245237600000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>It's interesting because lmgtfy is as much about knowing waht to google as to google it. Oftne if I ask a dumb quesiton, all I need are google keywords.</p></htmltext>
<tokenext>It 's interesting because lmgtfy is as much about knowing waht to google as to google it .
Oftne if I ask a dumb quesiton , all I need are google keywords .</tokentext>
<sentencetext>It's interesting because lmgtfy is as much about knowing waht to google as to google it.
Oftne if I ask a dumb quesiton, all I need are google keywords.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367665</id>
	<title>Re:Nice answer Slashdotters.</title>
	<author>Anonymous</author>
	<datestamp>1245240840000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>Shut the fuck up. The question was answered. That's all that's important. Fucking bitch.</htmltext>
<tokenext>Shut the fuck up .
The question was answered .
That 's all that 's important .
Fucking bitch .</tokentext>
<sentencetext>Shut the fuck up.
The question was answered.
That's all that's important.
Fucking bitch.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368749</id>
	<title>Re:You need Cisco gear</title>
	<author>ET Admin</author>
	<datestamp>1245251100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Thanks for the tip.  We require our customers to have their own routers, and so far our wireless devices have protected us from this.  But I did learn the hard way that VMWare Server enables DHCP by default when initially installed.</htmltext>
<tokenext>Thanks for the tip .
We require our customers to have their own routers , and so far our wireless devices have protected us from this .
But I did learn the hard way that VMWare Server enables DHCP by default when initially installed .</tokentext>
<sentencetext>Thanks for the tip.
We require our customers to have their own routers, and so far our wireless devices have protected us from this.
But I did learn the hard way that VMWare Server enables DHCP by default when initially installed.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367455</id>
	<title>Re:Go IPV6 and leave DHCP in the dust</title>
	<author>mysidia</author>
	<datestamp>1245239520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>
There's always DHCPv6.
</p></htmltext>
<tokenext>There 's always DHCPv6 .</tokentext>
<sentencetext>
There's always DHCPv6.
</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367173</id>
	<title>Re:Go IPV6 and leave DHCP in the dust</title>
	<author>Spookticus</author>
	<datestamp>1245237540000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>whys that, IPV6 thinks its too good for DHCP?</htmltext>
<tokenext>whys that , IPV6 thinks its too good for DHCP ?</tokentext>
<sentencetext>whys that, IPV6 thinks its too good for DHCP?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367621</id>
	<title>why against running it on the cisco gear?</title>
	<author>Anonymous</author>
	<datestamp>1245240660000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>why is everyone against letting the cisco gear handle the DHCP?</p></htmltext>
<tokenext>why is everyone against letting the cisco gear handle the DHCP ?</tokentext>
<sentencetext>why is everyone against letting the cisco gear handle the DHCP?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28370235</id>
	<title>Re:</title>
	<author>clint999</author>
	<datestamp>1245267000000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><i>Ahem... never heard of RFC 3315?  DHCPv6 still has a place in an IPv6 network.</i></htmltext>
<tokenext>Ahem... never heard of RFC 3315 ?
DHCPv6 still has a place in an IPv6 network .</tokentext>
<sentencetext>Ahem... never heard of RFC 3315?
DHCPv6 still has a place in an IPv6 network.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28369147</id>
	<title>Re:why against running it on the cisco gear?</title>
	<author>vitroth</author>
	<datestamp>1245254640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Issues I can think of offhand:
<ul>
<li>Lack of redundancy.  With two redundant routers you can't trivially share the same DHCP range across both without problems.   ISC dhcpd has a failover protocol where two redundant servers communicate with each other when they assign a lease.</li><li>Too simplistic.  You don't get as much control over the options and setting you can assign via DHCP with the Cisco router dhcp implementation.  For example I don't know of a way to do vendor space DHCP options.   If you're dealing with a trivial config thats no big deal.</li><li>Logging, control, state.  You can't get much information out of the router easily in terms of what requests its seeing and responding too.  And to make things worse all the DHCP client state is stored entirely in memory, if the router reboots it will forget all the leases it already assigned, and may try to re-assign those same addresses to new clients.</li></ul><p>

There are more, depending on the exact setup you're deploying and the level of complexity.  (DHCP Option 82 for example)</p></htmltext>
<tokenext>Issues I can think of offhand : Lack of redundancy .
With two redundant routers you ca n't trivially share the same DHCP range across both without problems .
ISC dhcpd has a failover protocol where two redundant servers communicate with each other when they assign a lease.Too simplistic .
You do n't get as much control over the options and setting you can assign via DHCP with the Cisco router dhcp implementation .
For example I do n't know of a way to do vendor space DHCP options .
If you 're dealing with a trivial config thats no big deal.Logging , control , state .
You ca n't get much information out of the router easily in terms of what requests its seeing and responding too .
And to make things worse all the DHCP client state is stored entirely in memory , if the router reboots it will forget all the leases it already assigned , and may try to re-assign those same addresses to new clients .
There are more , depending on the exact setup you 're deploying and the level of complexity .
( DHCP Option 82 for example )</tokentext>
<sentencetext>Issues I can think of offhand:

Lack of redundancy.
With two redundant routers you can't trivially share the same DHCP range across both without problems.
ISC dhcpd has a failover protocol where two redundant servers communicate with each other when they assign a lease.Too simplistic.
You don't get as much control over the options and setting you can assign via DHCP with the Cisco router dhcp implementation.
For example I don't know of a way to do vendor space DHCP options.
If you're dealing with a trivial config thats no big deal.Logging, control, state.
You can't get much information out of the router easily in terms of what requests its seeing and responding too.
And to make things worse all the DHCP client state is stored entirely in memory, if the router reboots it will forget all the leases it already assigned, and may try to re-assign those same addresses to new clients.
There are more, depending on the exact setup you're deploying and the level of complexity.
(DHCP Option 82 for example)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367621</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366915</id>
	<title>Use the Unix/Linux boxes....</title>
	<author>Fallen Kell</author>
	<datestamp>1245236220000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext>Seriously, do not use the Cisco gear to handle the DHCP. There are several ways to handle this, either have a system with an interface on all the networks, or setup your Cisco gear to forward the HDCP requests to the one subnet that does have your system.<br> <br>With using Unix/Linux you can setup failover servers so that if one does not respond, the other will take over the requests and that way you will not lose DHCP across your entire network due to hardware/software issues on a single system. Go read up on dhcpd, it is not too difficult to understand, and is really probably your best low cost solution.</htmltext>
<tokenext>Seriously , do not use the Cisco gear to handle the DHCP .
There are several ways to handle this , either have a system with an interface on all the networks , or setup your Cisco gear to forward the HDCP requests to the one subnet that does have your system .
With using Unix/Linux you can setup failover servers so that if one does not respond , the other will take over the requests and that way you will not lose DHCP across your entire network due to hardware/software issues on a single system .
Go read up on dhcpd , it is not too difficult to understand , and is really probably your best low cost solution .</tokentext>
<sentencetext>Seriously, do not use the Cisco gear to handle the DHCP.
There are several ways to handle this, either have a system with an interface on all the networks, or setup your Cisco gear to forward the HDCP requests to the one subnet that does have your system.
With using Unix/Linux you can setup failover servers so that if one does not respond, the other will take over the requests and that way you will not lose DHCP across your entire network due to hardware/software issues on a single system.
Go read up on dhcpd, it is not too difficult to understand, and is really probably your best low cost solution.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368355</id>
	<title>IPAM Software- Open Source</title>
	<author>Anonymous</author>
	<datestamp>1245246900000</datestamp>
	<modclass>Redundant</modclass>
	<modscore>-1</modscore>
	<htmltext><p>Utah State University has developed an open-source IP address management software.  It handles multiple backend DNS and DHCP server/databases..  Front-end is a GUI where you can register hosts and setup DHCP network allocations.  Contact their IT Department.</p></htmltext>
<tokenext>Utah State University has developed an open-source IP address management software .
It handles multiple backend DNS and DHCP server/databases.. Front-end is a GUI where you can register hosts and setup DHCP network allocations .
Contact their IT Department .</tokentext>
<sentencetext>Utah State University has developed an open-source IP address management software.
It handles multiple backend DNS and DHCP server/databases..  Front-end is a GUI where you can register hosts and setup DHCP network allocations.
Contact their IT Department.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367381</id>
	<title>WISP via radius and Mikrotik routers.</title>
	<author>Anonymous</author>
	<datestamp>1245239040000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>We have deployed an aradial radius server and mikrotik router boxes at each wireless sites.   PPPOE is our authentication method, this allows a single bandwith limiting on/off point at the radius server. DHCP is done at each mikrotik router and hands out local IP's.  no pppoe setup means the customer will get pointed direct to our login page.   This means we run a NAT at each tower.</p><p>For people using VPN we run 1-1 NAT with a static IP at the customer site, thier wireless endpoint in bridge mode.</p><p>seriously, look into mikrotik/aradial Based WISP gear.  I don't know how i lived without it before.  granted we transitioned from having all our wireless endpoints configured via static IP rather than dhcp.</p></htmltext>
<tokenext>We have deployed an aradial radius server and mikrotik router boxes at each wireless sites .
PPPOE is our authentication method , this allows a single bandwith limiting on/off point at the radius server .
DHCP is done at each mikrotik router and hands out local IP 's .
no pppoe setup means the customer will get pointed direct to our login page .
This means we run a NAT at each tower.For people using VPN we run 1-1 NAT with a static IP at the customer site , thier wireless endpoint in bridge mode.seriously , look into mikrotik/aradial Based WISP gear .
I do n't know how i lived without it before .
granted we transitioned from having all our wireless endpoints configured via static IP rather than dhcp .</tokentext>
<sentencetext>We have deployed an aradial radius server and mikrotik router boxes at each wireless sites.
PPPOE is our authentication method, this allows a single bandwith limiting on/off point at the radius server.
DHCP is done at each mikrotik router and hands out local IP's.
no pppoe setup means the customer will get pointed direct to our login page.
This means we run a NAT at each tower.For people using VPN we run 1-1 NAT with a static IP at the customer site, thier wireless endpoint in bridge mode.seriously, look into mikrotik/aradial Based WISP gear.
I don't know how i lived without it before.
granted we transitioned from having all our wireless endpoints configured via static IP rather than dhcp.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171</id>
	<title>Nice answer Slashdotters.</title>
	<author>Anonymous</author>
	<datestamp>1245237540000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext>To everyone who tagged this "domyjobforme", I hope every single one of you gets the same response the next time you ask for help doing you job. At least this guy had the sense to say, "Hey, there's a community of people that contains a multitude of experts in many fields, I bet someone might have some good suggestions." And guess what else? Maybe some readers will find the suggestions helpful too. Ask Slashdot is for questions that the general community might find interesting and helpful, not just one guy. It's not just about the submitter, and it's certainly not about your need to be snide to those who recognize their shortcomings and try to expand their base of knowledge.</htmltext>
<tokenext>To everyone who tagged this " domyjobforme " , I hope every single one of you gets the same response the next time you ask for help doing you job .
At least this guy had the sense to say , " Hey , there 's a community of people that contains a multitude of experts in many fields , I bet someone might have some good suggestions .
" And guess what else ?
Maybe some readers will find the suggestions helpful too .
Ask Slashdot is for questions that the general community might find interesting and helpful , not just one guy .
It 's not just about the submitter , and it 's certainly not about your need to be snide to those who recognize their shortcomings and try to expand their base of knowledge .</tokentext>
<sentencetext>To everyone who tagged this "domyjobforme", I hope every single one of you gets the same response the next time you ask for help doing you job.
At least this guy had the sense to say, "Hey, there's a community of people that contains a multitude of experts in many fields, I bet someone might have some good suggestions.
" And guess what else?
Maybe some readers will find the suggestions helpful too.
Ask Slashdot is for questions that the general community might find interesting and helpful, not just one guy.
It's not just about the submitter, and it's certainly not about your need to be snide to those who recognize their shortcomings and try to expand their base of knowledge.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367371</id>
	<title>Re:Nice answer Slashdotters.</title>
	<author>Anonymous</author>
	<datestamp>1245238980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>First of all - read the previous comments. They have, quite effectively, eloquently and concicely answered the question posed.</p><p>Second and perhaps most pertinently - This is a community of people who have just helped some random stranger set up a system that will generate some random company money. Free advice that works, and the only cost is a little cynicism. Is that pill really so bitter?</p><p>Recognition of your own shortcomings is also a lot different than asking a question that you should be able to answer yourself if you are employed to do so.<nobr> <wbr></nobr>... we all seem to manage it... and by "we", I mean everyone who has a qualification thats worth a damn or even an interest in the subject matter deep enough to be self-educated to the same level.</p></htmltext>
<tokenext>First of all - read the previous comments .
They have , quite effectively , eloquently and concicely answered the question posed.Second and perhaps most pertinently - This is a community of people who have just helped some random stranger set up a system that will generate some random company money .
Free advice that works , and the only cost is a little cynicism .
Is that pill really so bitter ? Recognition of your own shortcomings is also a lot different than asking a question that you should be able to answer yourself if you are employed to do so .
... we all seem to manage it... and by " we " , I mean everyone who has a qualification thats worth a damn or even an interest in the subject matter deep enough to be self-educated to the same level .</tokentext>
<sentencetext>First of all - read the previous comments.
They have, quite effectively, eloquently and concicely answered the question posed.Second and perhaps most pertinently - This is a community of people who have just helped some random stranger set up a system that will generate some random company money.
Free advice that works, and the only cost is a little cynicism.
Is that pill really so bitter?Recognition of your own shortcomings is also a lot different than asking a question that you should be able to answer yourself if you are employed to do so.
... we all seem to manage it... and by "we", I mean everyone who has a qualification thats worth a damn or even an interest in the subject matter deep enough to be self-educated to the same level.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885</id>
	<title>Go IPV6 and leave DHCP in the dust</title>
	<author>goffster</author>
	<datestamp>1245236100000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>1</modscore>
	<htmltext><p>DHCP not used in IPV6 protocol</p></htmltext>
<tokenext>DHCP not used in IPV6 protocol</tokentext>
<sentencetext>DHCP not used in IPV6 protocol</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367507</id>
	<title>Re:You need Cisco gear</title>
	<author>mysidia</author>
	<datestamp>1245239820000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>
That's not an absolute.  You should use VLAN segmentation (and possibly private VLANs) to separate untrusted networks.
</p><p>
That way if there is a rogue DHCP server, its effects are isolated to the untrusted LAN it came from.
</p><p>
The L2 filtering features you are thinking of are actually inadequate to stop a sophisticated attacker,  because those features can be defeated, or don't address all possible Layer 2 spoofing and traffic hijacking tricks.
</p></htmltext>
<tokenext>That 's not an absolute .
You should use VLAN segmentation ( and possibly private VLANs ) to separate untrusted networks .
That way if there is a rogue DHCP server , its effects are isolated to the untrusted LAN it came from .
The L2 filtering features you are thinking of are actually inadequate to stop a sophisticated attacker , because those features can be defeated , or do n't address all possible Layer 2 spoofing and traffic hijacking tricks .</tokentext>
<sentencetext>
That's not an absolute.
You should use VLAN segmentation (and possibly private VLANs) to separate untrusted networks.
That way if there is a rogue DHCP server, its effects are isolated to the untrusted LAN it came from.
The L2 filtering features you are thinking of are actually inadequate to stop a sophisticated attacker,  because those features can be defeated, or don't address all possible Layer 2 spoofing and traffic hijacking tricks.
</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021</parent>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368579
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367173
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367189
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367519
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367455
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367665
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368749
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367091
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28380489
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366915
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366925
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28370633
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367371
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367485
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367319
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367893
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367357
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28374155
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366893
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368879
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368155
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28369147
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367621
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366911
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367507
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368377
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366915
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_06_17_2036232_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368457
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368503
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367021
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368749
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367485
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367507
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368741
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366801
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366911
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367319
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366893
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28374155
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366915
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28380489
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368377
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367621
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28369147
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366855
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367365
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366843
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367189
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368579
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366925
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368155
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368879
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28366885
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367173
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28368457
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367519
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367091
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367455
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_06_17_2036232.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367171
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28370633
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367665
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367357
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367893
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_06_17_2036232.28367371
</commentlist>
</conversation>
