Re: ip-helper question

From: Brian Lodwick (xpranax@xxxxxxxxxxx)
Date: Tue Oct 09 2001 - 18:14:05 GMT-3

• Next message: Sasa Milic: "Re: Multicast program"
• Previous message: Don: "ATM issue"
• Maybe in reply to: Brian: "ip-helper question"
• Next in thread: Charles Manafa: "Re: ip-helper question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
I don't understand the logic in using 10.1.1.255 as the helper address for
this scenario. I understand the helper-address to be the ip address of the
server you want to forward subnet and regular broadcast packets to.
I just run into an issue very similar to yours, but I was trying to do this
on a Lucent VPN router. The Lucent router will only do DHCP and BootP
forwarding. Well I was replacing a Cisco router with the Lucent router and I
figured if all the clients had to do was Authenticate to the Domain
Controller BootP forwarder should work. Well in short -it didn't. I'm sure
you realize the Cisco command ip helper-address forwards more than just
BootP, it forwards all of these by default:
TFTP- port 69, DNS- port 53, Time service- port 37,
NetBIOS Name Server- port 137, NetBIOS Datagram Server- port 138,
BootP client and server datagrams- port 67, TACACS- port 49

The one in particular that broke the Lucent replacement idea was the NETBIOS
traffic forwarding.
In Windows often the clients will first look for a WINS server then after
that they will authenticate. If they don't find a WINS server they don't go
on to step 2, so nobody was able to authenticate. I ended up creating a
"Forwarding Policy" on the Lucent router to forward subnet broadcasts for
the WINS server and then viola they were able to authenticate and browse.
I believe other work arounds are to manually configure the LMHOST file on
every machine or setup a DHCP machine to give out the WINS server address.

>>>Brian

>From: Brian <signal@shreve.net>
>Reply-To: Brian <signal@shreve.net>
>To: <ccielab@groupstudy.com>
>Subject: ip-helper question
>Date: Tue, 9 Oct 2001 15:39:06 -0500 (CDT)
>
>I have an ethernet setup with a primary and secondary network:
>
>int ethernet0
> ip address 10.1.1.1 255.255.255.0
> ip address 192.168.4.1 255.255.255.0 secondary
>
>The Windows WINS server/PDC is on 10.1.1.1. Users on 192.168.4.1 could
>not browse the 10.1.1.1 network, so I added a helper-address:
>
>int ethernet0
> ip address 10.1.1.1 255.255.255.0
> ip address 192.168.4.1 255.255.255.0 secondary
> ip helper-address 10.1.1.30
>
>
>with the above they can browse, and they can connect to the PDC (the
>10.1.1.30 IP is the PDC), but no other machines. I did try to use
>10.1.1.255 for the helper address, and also 10.1.1.255 AND 10.1.1.30 at
>the same time, neither of those works.......only if I have 10.1.1.30 as
>the helper-address. I don't deal much with window networks, but I figure
>someone on here can shed some light as to why this wouldn't be working.
>
>Thanks
>
>Brian
>
>
>-----------------------------------------------
>Brian Feeny, CCIE #8036 e: signal@shreve.net
>Network Engineer p: 318.222.2638x109
>ShreveNet Inc. f: 318.221.6612

• Next message: Sasa Milic: "Re: Multicast program"
• Previous message: Don: "ATM issue"
• Maybe in reply to: Brian: "ip-helper question"
• Next in thread: Charles Manafa: "Re: ip-helper question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 20 2002 - 22:33:16 GMT-3