Network Configuration For Connecting Group Of Workstations To Server Via Switch

Hi,

I am pretty new at working with servers.

I am running MS Server 2003 R2 configured as a standard first DC server (AD,
DNS, RRAS).

The internal network for the project uses 192.168.0.1 (internal) and
192.168.1.101 (external - internet). DHCP uses scope set address in the
range 192.168.0.10/254.

I have a web server and one other to be used as my firewall (both not set up
as yet) which can connect to the server with no difficulty. Address leases
192.168.0.10 and 192.168.0.11.

My problem comes when trying to connect a group of workstations running
either XP or vista via a switch.

If I run ipconfig/all on these workstations I am getting an address of
169.254.208.40 and so on which I presume is coming from the individual
workstation internal DHCP.

I would prefer to keep the group of workstations on a separate network, say
192.168.2.0.

Thank you

In news:3785D4FD-D413-43E4-98A9-(E-Mail Removed),
Silom <(E-Mail Removed)> stated, which I commented on below:
> Hi,
>
> I am pretty new at working with servers.
>
> I am running MS Server 2003 R2 configured as a standard first DC
> server (AD, DNS, RRAS).
>
> The internal network for the project uses 192.168.0.1 (internal) and
> 192.168.1.101 (external - internet). DHCP uses scope set address in
> the range 192.168.0.10/254.
>
> I have a web server and one other to be used as my firewall (both not
> set up as yet) which can connect to the server with no difficulty.
> Address leases 192.168.0.10 and 192.168.0.11.
>
> My problem comes when trying to connect a group of workstations
> running either XP or vista via a switch.
>
> If I run ipconfig/all on these workstations I am getting an address of
> 169.254.208.40 and so on which I presume is coming from the individual
> workstation internal DHCP.
>
> I would prefer to keep the group of workstations on a separate
> network, say 192.168.2.0.
>
> Thank you

The 169.254.x.x address is called the APIPA (Automatic Private IP Address)
that a workstation will use to autoconfigure itself with an address between
169.254.0.1 and 169.254.255.254 (65534 possibilities) if it is set to
automatically get an IP configuration from a DHCP server but it cannot
contact a DHCP server. Therefore it reverts to the APIPA.


What is being used as the DHCP server?
Is it the R2 server?
If so:
- Did you enable the DHCP service on the R2 server?
- Is the Scope active?
- Did you authorize the DHCP server in AD?
- Is the R2 server multihomed (more than one NIC)?

Also, I am a little confused with your subnets as stated. Maybe you can
clear that up for me. The /254 I assume you are saying the subnet address is
actually 255.255.255.254, which only allows one bit for the hosts, which
would work out to only allows 2 actual IP addresses, and if you are using
that subnet, then 192.168.0.10 would be a valid host, but 192.168.0.11 would
be the broadcast for that subnet. Maybe you meant a different subnet such as
/24? That would mean a subnet mask of 255.255.255.0.

If you want to use a range of 192.168.2.0 for your workstations, then create
a scope with addresses in that range. Make sure that either the DHCP server
is configured to use that subnet or there is a DHCP relay agent set to
listen from that subnet.

Maybe you can elaborate a bit more on your actualy configuration.


--
Ace
Innovative IT Concepts, Inc (IITCI)
Willow Grove, PA

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
Microsoft MVP - Directory Services
Microsoft Certified Trainer

Having difficulty reading or finding responses to your post?
Instead of the website you're using, I suggest to use OEx (Outlook Express
or any other newsreader), and configure a news account, pointing to
news.microsoft.com. This is a direct link to the Microsoft Public
Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows you
to easily find, track threads, cross-post, sort by date, poster's name,
watched threads or subject.
It's easy:

How to Configure OEx for Internet News
http://support.microsoft.com/?id=171164

Infinite Diversities in Infinite Combinations
Assimilation Imminent. Resistance is Futile
"Very funny Scotty. Now, beam down my clothes."

The only constant in life is change...

Hi,

Sorry for my confusion and ignorance.

To answer your questions:

The DHCP server is on R2.
DHCP service enabled on R2 server.
Scope is active.
DHCP authorized in AD.
There are two NIC's.

The address lease range is 192.168.0.10 to 192.168.0.254.
-----------------------------

Configuration as requested:-

Computer that has windows server 2003 R2 on has 2 NIC's.
Computer that has Web Server on has one NIC.
Computer that has Firewall on has two NIC's.

I have only added the names of the computers and users to AD.

Domain Controller shown as computer name where R2 is installed.

DNS name is computer name (same as for DC)
Interfaces are 192.168.0.1 and 192.168.1.101
Shows two Fwd Look up Zones, msdcs.domain name.local and domain name.local.

The latter shows four (A) names two under the DC name with addresses
192.168.0.1
and 192.1681.101, and two under the same as parent name with addresses
192.168.0.1
and 192.168.1.101.

DHCP name is DC name.domain name.local with address 192.168.1.101
Scope has address pool of 192.168.0.10 to 192.168.0.254
Scope Options are 003 Router with address 192.168.0.1 and 006 DNS Servers
with address 192.168.0.1.
Server Options are 003 Router with address 192.168.0.1 and 006 DNS Servers
with address 192.168.0.1.

RRAS name is DC name (local)

Properties have router ticked and lan only marked.

Network interfaces show Loopback loopback
Lan2 dedicated
Lan dedicated
Internal internal

IP Routing

General Loopback 127.0.0.1
Lan2 192.168.0.1
Lan 192.168.1.101
Internal n.a.

Static =none=

IGMP Lan2 Router V3 Querier `192.168.0.1
Lan Proxy up 0.0.0.0

NAT/Basic FWL Lan2 0 Private
Lan 0 Public
Internal 0 Private
-------------------------------------------------

How do I configure the DHCP Relay Agent and how do I ensure that the DHCP
server
is also set to use the second address range (192.168.2.0).

Many thanks your kind help and assistance.

Kevin


"Ace Fekay [MVP]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> In news:3785D4FD-D413-43E4-98A9-(E-Mail Removed),
> Silom <(E-Mail Removed)> stated, which I commented on below:
>> Hi,
>>
>> I am pretty new at working with servers.
>>
>> I am running MS Server 2003 R2 configured as a standard first DC
>> server (AD, DNS, RRAS).
>>
>> The internal network for the project uses 192.168.0.1 (internal) and
>> 192.168.1.101 (external - internet). DHCP uses scope set address in
>> the range 192.168.0.10/254.
>>
>> I have a web server and one other to be used as my firewall (both not
>> set up as yet) which can connect to the server with no difficulty.
>> Address leases 192.168.0.10 and 192.168.0.11.
>>
>> My problem comes when trying to connect a group of workstations
>> running either XP or vista via a switch.
>>
>> If I run ipconfig/all on these workstations I am getting an address of
>> 169.254.208.40 and so on which I presume is coming from the individual
>> workstation internal DHCP.
>>
>> I would prefer to keep the group of workstations on a separate
>> network, say 192.168.2.0.
>>
>> Thank you
>
> The 169.254.x.x address is called the APIPA (Automatic Private IP Address)
> that a workstation will use to autoconfigure itself with an address
> between 169.254.0.1 and 169.254.255.254 (65534 possibilities) if it is set
> to automatically get an IP configuration from a DHCP server but it cannot
> contact a DHCP server. Therefore it reverts to the APIPA.
>
>
> What is being used as the DHCP server?
> Is it the R2 server?
> If so:
> - Did you enable the DHCP service on the R2 server?
> - Is the Scope active?
> - Did you authorize the DHCP server in AD?
> - Is the R2 server multihomed (more than one NIC)?
>
> Also, I am a little confused with your subnets as stated. Maybe you can
> clear that up for me. The /254 I assume you are saying the subnet address
> is actually 255.255.255.254, which only allows one bit for the hosts,
> which would work out to only allows 2 actual IP addresses, and if you are
> using that subnet, then 192.168.0.10 would be a valid host, but
> 192.168.0.11 would be the broadcast for that subnet. Maybe you meant a
> different subnet such as /24? That would mean a subnet mask of
> 255.255.255.0.
>
> If you want to use a range of 192.168.2.0 for your workstations, then
> create a scope with addresses in that range. Make sure that either the
> DHCP server is configured to use that subnet or there is a DHCP relay
> agent set to listen from that subnet.
>
> Maybe you can elaborate a bit more on your actualy configuration.
>
>
> --
> Ace
> Innovative IT Concepts, Inc (IITCI)
> Willow Grove, PA
>
> This posting is provided "AS-IS" with no warranties or guarantees and
> confers no rights.
>
> Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP
> Microsoft MVP - Directory Services
> Microsoft Certified Trainer
>
> Having difficulty reading or finding responses to your post?
> Instead of the website you're using, I suggest to use OEx (Outlook Express
> or any other newsreader), and configure a news account, pointing to
> news.microsoft.com. This is a direct link to the Microsoft Public
> Newsgroups. It is FREE and requires NO ISP's Usenet account. OEx allows
> you to easily find, track threads, cross-post, sort by date, poster's
> name, watched threads or subject.
> It's easy:
>
> How to Configure OEx for Internet News
> http://support.microsoft.com/?id=171164
>
> Infinite Diversities in Infinite Combinations
> Assimilation Imminent. Resistance is Futile
> "Very funny Scotty. Now, beam down my clothes."
>
> The only constant in life is change...
>
>
>

In news9EB759A-021A-43B7-85DD-(E-Mail Removed),
Silom <(E-Mail Removed)> stated, which I commented on below:
> Hi,
>
> Sorry for my confusion and ignorance.
>
> To answer your questions:
>
> The DHCP server is on R2.
> DHCP service enabled on R2 server.
> Scope is active.
> DHCP authorized in AD.
> There are two NIC's.
>
> The address lease range is 192.168.0.10 to 192.168.0.254.
> -----------------------------
>
> Configuration as requested:-
>
> Computer that has windows server 2003 R2 on has 2 NIC's.
> Computer that has Web Server on has one NIC.
> Computer that has Firewall on has two NIC's.
>
> I have only added the names of the computers and users to AD.
>
> Domain Controller shown as computer name where R2 is installed.
>
> DNS name is computer name (same as for DC)
> Interfaces are 192.168.0.1 and 192.168.1.101
> Shows two Fwd Look up Zones, msdcs.domain name.local and domain
> name.local.
> The latter shows four (A) names two under the DC name with addresses
> 192.168.0.1
> and 192.1681.101, and two under the same as parent name with addresses
> 192.168.0.1
> and 192.168.1.101.
>
> DHCP name is DC name.domain name.local with address 192.168.1.101
> Scope has address pool of 192.168.0.10 to 192.168.0.254
> Scope Options are 003 Router with address 192.168.0.1 and 006 DNS
> Servers with address 192.168.0.1.
> Server Options are 003 Router with address 192.168.0.1 and 006 DNS
> Servers with address 192.168.0.1.
>
> RRAS name is DC name (local)
>
> Properties have router ticked and lan only marked.
>
> Network interfaces show Loopback loopback
> Lan2 dedicated
> Lan dedicated
> Internal internal
>
> IP Routing
>
> General Loopback 127.0.0.1
> Lan2 192.168.0.1
> Lan 192.168.1.101
> Internal n.a.
>
> Static =none=
>
> IGMP Lan2 Router V3 Querier `192.168.0.1
> Lan Proxy up 0.0.0.0
>
> NAT/Basic FWL Lan2 0 Private
> Lan 0 Public
> Internal 0 Private
> -------------------------------------------------
>
> How do I configure the DHCP Relay Agent and how do I ensure that the
> DHCP server
> is also set to use the second address range (192.168.2.0).
>
> Many thanks your kind help and assistance.
>
> Kevin

Thank you for the additional information.

I would like to start off by saying that I do not recommend (as well as many
other engineers) dual NICs on a domain controller. It can be very
problematic.

By default, a DHCP server will not give out an IP address for a subnet it is
not configured to use. But if a relay agent is from another subnet and it
sends the request to the DHCP server and a scope is configured of taht
subnet, it will then give it one.

For DHCP Relay Agent, that is configured on a Windows 2003 server in the
192.168.2.0 subnet. Hopefully you have one there. On that server, you
configure RRAS and select manual configuration. Then add the DHCP Relay
Agent. It will ask for an IP address. You will supply the DHCP server (your
R2 domain controller's) IP address.

More info on configuring the DHCP relay agent in 2003:
http://www.computerperformance.co.uk...elay_Agent.htm

If you do not have a server at that subnet, you can select to use the router
as a DHCP relay agent, that is if it supports it. Check the router's
documentation.

I honestly hope you consider eliminating (disabling) one of the NICs on the
domain controller. If not sure what I mean, do a Google search for:
multihomed domain controllers

Ace