Replace dhcp pool and use different subnet on Cisco 2600 router 1

[Shando]

Hi all,
I’m having an initializing tcp/ip messages on our dos/citrix clients while they are getting their IPs from the local Cisco 2600 router on one of our remote sites, this is due to some static IPs that were used in the past by various administrators before my time and were never added to the reservation on the dhcp pool for the router, so I figured the easiest way is to create a different pool with a different subnet (192.168.3.x/24) instead of trying to locate those static IPs.
The existing subnet is 192.168.2.x/24.

Our current network has one main site connecting two remote sites via T1 link using a cisco 2600 router on each location.
Each site has only one subnet (main site 192.168.6.x/24, 2nd site 192.168.2.x/24, 3rd site 192.168.8.x/24), and its own local DC, DNS, and WINS servers.

What I need is:
1- Disable the current dhcp pool. (I know how to do that)
2- Setup the replacement pool (192.168.3.x/24)
3- Keep the existing subnet (192.168.2.x/24)

Can you provide me with a checklist? I don’t want to miss something and then all clients will loose connectivity or will have issues connecting to some resources on the other sites, I know how to configure DHCP on the router, and I know how to manage DNS/WINS on the server and all the other good stuff, I just don’t know what need to be done, for example do I need to change any configuration on the local DC so the clients will be able to authenticate, do I need to add the new subnet to the local WINS, do I need to do anything on the other sites side?

I appreciate all your help in advance...Shando

 

[burtsbees]

router#conf t
router(config)#ip dhcp pool new_pool
router(dhcp-config)#net 192.168.3.0 255.255.255.0
router(dhcp-config)#dns-server x.x.x.x
router(dhcp-config)#exi
router(config)#ip route 192.168.3.0 255.255.255.0 (interface pointing to 3.0 goes here)
router(config)#end
router#wr

Don't forget---you'll have to exclude any static IP addresses you use for printers, servers, etc...

Burt

 

[BPanda]

Burt, I am tracking with the above config you placed but what is the purpose of the static route on the local router?
Here is how I would have configured it in his situation. Let me know what you think.

Router1(config)#ip dhcp pool new_pool
Router1(dhcp-config)#network 192.168.3.0 255.255.255.0
Router1(dhcp-config)#dns-server x.x.x.x
Router1(dhcp-config)#default-router 192.168.3.254
Router1(dhcp-config)#exit
Router1#
Router1#
Router1#
Router1#conf t
Router1(config)#interface F0/1.2
Router1(config-if)#ip address 192.168.3.254 255.255.255.0
Router1(config-if)#no sh
Router1(config-if)#end

Of course this is assuming that he has a FE interface to configure a sub-if on.

 

[burtsbees]

That is another way to do it, yes---I was assuming two fa interfaces. I also forgot the default-router part---thanks.

Burt

 

[BPanda]

Of course with the config I pasted it would require Shando to have a switch, and create the appropriate VLAN on the switch, etc. If there is another available interface though you could just assign the IP to it, but the "cleanest" way would be to create a seperate vlan on the switch.

Also a "show arp" on the router in question will help you see the IP's in the existing subnet that are online, but you will not be able to be certain which one's are static.

You could also issue the "show ip dhcp conflict" command and it may show you any conflicts that may have occured with leased IP's.

 

[burtsbees]

You are right---I was assuming the person had two interfaces and one switch per inteface...don't know why...my kids are 2 1/2 and 3 1/2, boys---is that a good reason?lol

Burt

 

[Shando]

Burt, and BPanda
If I create a VLan on the switch the hosts on the new subnet will be able to talk to the local DNS/WINS/exchange servers and to the resources on the other subnets without any configuration on the servers' side, other routers, and the firewall?

Thank you for all your help..Shando..

 

[burtsbees]

Correct.

Burt

 

[Shando]

Thank you guys, it worked fine, I just didn't create the sub-if, I just used my second FE IF on the router and hooked it straight to the vlan switch, and added another dhcp poold for the 3.x subnet without deleting the original pool.

But the reason that I did all this for which is the "initializing tcp/ip hanging screen that some of the dos clients get didn't go away as it is still happening, I thought it is because we ran out of IPs but apparently this isn't the reason, I still get at least 2 different dos clients with that hanging screen every 2-3 days.
Could it be the dhcp server on the router freezing up sometimes and not releasing ips?
my router is not up to date at all with the latest release of OS, could this be the issue?

I'll post my show run for the router below so you can take a look and let me know what you think….Thank you..

-------------------------------------------
-------------------------------------------

Current configuration : 2462 bytes
!
version 12.2
service timestamps debug datetime
service timestamps log datetime
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname XXXX
!
logging buffered 4096 debugging
enable secret 5 $1$Ug3t$kdZgM2d6FFees6pB9JPEt1
enable password 7 0303570A0506245E195D4052
!
ip subnet-zero
no ip source-route
ip cef
!
!
no ip domain-lookup
ip dhcp excluded-address 192.168.2.199
ip dhcp excluded-address 192.168.2.244
ip dhcp excluded-address 192.168.2.184
ip dhcp excluded-address 192.168.2.84
ip dhcp excluded-address 192.168.2.64
ip dhcp excluded-address 192.168.2.231
ip dhcp excluded-address 192.168.2.188
ip dhcp excluded-address 192.168.2.226
ip dhcp excluded-address 192.168.2.1 192.168.2.60
!
ip dhcp pool XX
network 192.168.2.0 255.255.255.0
domain-name XXXXX
dns-server 192.168.6.10 192.168.8.16
netbios-node-type h-node
netbios-name-server 192.168.2.16
default-router 192.168.2.1
lease 3
!
ip dhcp pool XXXXX
network 192.168.3.0 255.255.255.0
dns-server 192.168.6.10 192.168.8.16
netbios-name-server 192.168.2.16
netbios-node-type h-node
default-router 192.168.3.254
lease 10
!
!
!
!
interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
no ip mroute-cache
no keepalive
speed 100
full-duplex
!
interface Serial0/0
description Point-to-Point Ford to Fort Washington

XXXX#sho run
Building configuration...

Current configuration : 2462 bytes
!
version 12.2
service timestamps debug datetime
service timestamps log datetime
service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname XXXXX
!
logging buffered 4096 debugging
enable secret 5 $1$Ug3t$kdZgM2d6FFees6pB9JPEt1
enable password 7 0303570A0506245E195D4052
!
ip subnet-zero
no ip source-route
ip cef
!
!
no ip domain-lookup
ip dhcp excluded-address 192.168.2.199
ip dhcp excluded-address 192.168.2.244
ip dhcp excluded-address 192.168.2.184
ip dhcp excluded-address 192.168.2.84
ip dhcp excluded-address 192.168.2.64
ip dhcp excluded-address 192.168.2.231
ip dhcp excluded-address 192.168.2.188
ip dhcp excluded-address 192.168.2.226
ip dhcp excluded-address 192.168.2.1 192.168.2.60
!
ip dhcp pool XXXX
network 192.168.2.0 255.255.255.0
domain-name XXXXX
dns-server 192.168.6.10 192.168.8.16
netbios-node-type h-node
netbios-name-server 192.168.2.16
default-router 192.168.2.1
lease 3
!
ip dhcp pool XXXX
network 192.168.3.0 255.255.255.0
dns-server 192.168.6.10 192.168.8.16
netbios-name-server 192.168.2.16
netbios-node-type h-node
default-router 192.168.3.254
lease 10
!
!
!
!
interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
no ip mroute-cache
no keepalive
speed 100
full-duplex
!
interface Serial0/0
description Point-to-Point XXXX
bandwidth 1544
ip address 192.168.x.14 255.255.255.x
!
interface FastEthernet0/1
ip address 192.168.3.254 255.255.255.0
no ip mroute-cache
no keepalive
speed 100
full-duplex
!

interface Serial0/1
no ip address
shutdown
!
router eigrp 10
network 192.168.2.0
network 192.168.254.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.254.13
no ip http server
ip pim bidir-enable
!
access-list 199 permit icmp any any echo
access-list 199 permit icmp any any echo-reply
priority-list 1 protocol ip normal tcp 1494
priority-list 1 default high
dialer-list 1 protocol ip permit
route-map naci-worm permit 10
match ip address 199
match length 92 92
set interface Null0
!
!
line con 0
exec-timeout 0 0
password 7 0826404F0A100005455F5552
logging synchronous
login
ip netmask-format decimal
line aux 0
password 7 01140A055802031D7618175F
login
line vty 0 4
password 7 06140034584B1B1E04031718
login
line vty 5 15
password 7 06140034584B1B1E04031718
login
!
no scheduler allocate
end

 

[burtsbees]

I would look at he switchports that the clients are connected to and make sure you have spanning-tree portfast enabled on those ports. Spanning-tree takes 50 seconds to negotiate a new link...

Burt

 

[Shando]

Hi,
Citrix dos machines on the new vlan has no problem logging to citrix, but the stand alones machines get an ip address on the 3.x network, and dns adresses but still unable to see the network on the 2.x network, do I need to add anything on the router?

 

[burtsbees]

I just didn't create the sub-if, I just used my second FE IF on the router and hooked it straight to the vlan switch..."
Do you have VLANs configured on the switch? If so, this won't work---the two fast ethernet interfaces are already separate subnets, and they won't work with a vlan configuration. What do these two interfaces go to? Also, why don't you have keepalives set on the interfaces? And why advertise only two of the three connected networks in EIGRP?

Burt

 

[Alterac]

I know i might be missing the point.. but..

Why not just find out what is on a static ip?
Take your current Lease table, and then compare it to a network scan, and wham, you have the ip's of static devices.
Add those to the exclusions, and you wont get duplicates anymore.

----------------------------------
Bill

 

[Shando]

Hi Guys,
I thank you all for the help, I finally found out that I had a bad procurve switch that was causing the ip confilict , once I removed it and put a new one the problem no longer exist, it has been 2 weeks now. Thank you guys I learned a lot from you... Shando