VLAN 10 - 192.168.10.0/24 is configured in both core switches and both are in same HSRP cluster and the virtual IP is 192.168.10.1 which is the gateway for PCs.
Interface IPs of VLAN 10 for CORE1 & CORE2 are 192.168.10.2 & 192.168.10.3 respectively.
DHCP is to be configured on both switches for VLAN 10.
In a situation like this, you must split the DHCP pool in to 2 portions and you must exclude the 1st portion from the 2nd and the 2nd portion from the 1st.
Let's see why.. In order to see what will happen if not, let's configure and find out..
You can see my DHCP configuration from the following captures.
Let's power on the PC1 and see what happens.
Let's see who released the IP..
As you can see, CORE2 is the one who has released the IP..
Let's see who is the active switch in HSRP cluster..
As you can see from the output of CORE2, CORE1 is the active switch. CORE2 is the standby switch but CORE2 was the one who released the IP to PC1.
If the next PC got DHCP offers by the CORE1, IP conflict can happen because CORE1 does not know which IPs were released by CORE2. That's why we have to split the dhcp pool in to 2 portions..
Let's power down CORE2 and power up PC2, so that PC2 can only acquire IPs from CORE1..
Now you can see a DHCP address conflict error appeared. CORE1 is offering the 192.168.1.4 IP which is the 1st IP to release without knowing it is used by another PC..
But it will release the next IP available in the pool to the PC2 without much trouble..
You can see the conflicts from show ip dhcp conflict command..
PC1 has acquired an IP which is 192.168.10.4
Let's see who released the IP..
Let's see who is the active switch in HSRP cluster..
As you can see from the output of CORE2, CORE1 is the active switch. CORE2 is the standby switch but CORE2 was the one who released the IP to PC1.
This means there is no connection of HSRP and DHCP. 1st DHCP server which responded to the DHCP discover packets will be the DHCP server to the client PCs.
If the next PC got DHCP offers by the CORE1, IP conflict can happen because CORE1 does not know which IPs were released by CORE2. That's why we have to split the dhcp pool in to 2 portions..
Let's power down CORE2 and power up PC2, so that PC2 can only acquire IPs from CORE1..
Now you can see a DHCP address conflict error appeared. CORE1 is offering the 192.168.1.4 IP which is the 1st IP to release without knowing it is used by another PC..
But it will release the next IP available in the pool to the PC2 without much trouble..
You can see the conflicts from show ip dhcp conflict command..
Conclusion:-
Correct DHCP configuration will be like the following for both switches..
Even though this will stop the conflicts for a while, when these switches reboot, they will not know the leased IPs and starts conflicts again though the gateway functions well by HSRP.. So still the best option is to use a dedicated DHCP server cluster..
When someone writes an article he/she keeps the
ReplyDeletethought of a user in his/her brain that how
a user can be aware of it. So that's why this article
is great. Thanks!