DHCP through GRE

[gurner]

To shorten the following, I need to transport DHCP broadcasts through a GRE tunnel. The set up is as follows;

I have 2 sites, running 2 physically separate LANs

I have set up at one site a flat bridged network on one range, with all layer 2 switching (the old LAN), and a new VLAN one, on another range, with 9x48 port switches, trunked to a 12 port Gbic core switch, this switch is attached to a 7200 router across a 155mb STM1 to another 7200 and is sharing the ATM circuit between the 2 systems.

these 12 port vlan core switches are directly connected to another over a bridge through the stm1, using 'no switchport' and a /30 address

to highlight, these 2 7200s are set to Bridge, and do fine, for the benefit of the flat old LAN.

on GB0/0 on both 7200s, the flat LAN runs on the range 10.5.0.0/16, at both ends, that absolutely fine, DNS, DHCP, etc all at one end, clients operate fine at the other.

But am having to migrate in stages to the new system that is going to be using the VLANs, on the range 10.50.0.0/16

The new 2x12 port core switches are plugged into GB0/1s on both 7200s. They route to one another fine, over 'directly connected' through the bridge running between the routers.

To keep them separate from the flat LAN, the 2 ports set to 'no switchport' across the /30 are set up with GRE tunnels, and poke IP traffic fine to one another too.

a client with a static IP on the new LAN can tracert/ping to the DHCP server etc through the VLAN accessports (transparent) through the trunk, hops at the 'no switchport' you can see it go through the GRE tunnel, and hit the other end.

Nothing is detected or affected on the old LAN, as it is all piped through ok and doesn't leak over.

However, despite being able to ping etc, DHCP broadcasts don't seem to make it over, they appear to stop at the Core switch at the client end.

DHCP works on the old flat LAN as it appears to the old clients to be one big LAN, I just want DHCP originating from the new LAN to be piped through the GRE tunnel to the other side, along with the IP traffic that shoots through the bridged routers over GRE for the new LAN, undetected by the old LAN

Any ios config suggestions or advice would be greatly received, thanks

Gurner

 

[baddos]

If you are using a cisco router on the remote side, you could use the "ip helper-address x.x.x.x" command on your interface.

I.E

interface ethernet0/0
ip helper-address x.x.x.x

 

[gurner]

Thanks, I had already tried adding the Helper Address, but it hasn't helped.

I feel it might be more to do with the broadcast domain, my initial instinct was to end the vlans at the edge switch at the client end, and route over layer 3 through the atm circuit, and GRE all traffic through it to the other end, and it kinda works, everything 'except' broadcasts are passing through.

I have even tried 'ip directed broadcast 101'

ip access-list 101 permit ip 10.50.0.0 0.0.255.255 any

all over the place, even the Tunnel.

I thought about extending the vlan broadcast domain over the generally working well system (barr no broadcasts) and wondered if it could be done using the current routed/GRE system?

I thought about dumping the client edge/dist switch config and after the client trunks arrive, then trying to further trunk it through the atm to the other one on to layer 3 at the core end (for OSPF reasons), but I feel there could be issues with it not being a dedicated point-to-point, but a contended/shared atm circuit

In an effort to try Layer 2 over the current system I tried 'Channel-Group 10 mode on' on the Gigabit port and

int PortChannel10
switchport mode trunk
switchport trunk encapsulation dot1q
etc etc

But errors saying 'either port at L3 or such and such at L2, or visa versa'

I have included a very rough knock up of the current setup, and need to know how to extend the broadcast domain from the asterix'd switch on the left, across to the right hand side?

Thanks for any help

Gurner