> So you just disabled the DHCP server "pfdhcplistener" service altogether?
Not completely disable, no. If you do not specifically setup DHCP scopes PF will not serve up addresses. Without specific scope declarations PF will just listen to the DHCP traffic and not act, which is exactly what you want. The idea is that if you add PF as an IP-helper (in cisco speak) and dont do anything on the PF side then it all just works. > The reasons I run DHCP on the switch... That makes sense and if your network is not very large then the management is pretty simple. If your network grows however, how does one manage such a setup with 20 switches, or 100 or more? We run dedicated DHCP servers which is a nice single point of management and if you configure it correctly its not a single point of failure. However, this is all just my curiosity. What is the most important is does it make sense to you, since you are the guy in charge of working on it if/when it crashes. If you have it under control, then that is what is really important. Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 ________________________________ From: Boris Epstein [[email protected]] Sent: Wednesday, April 29, 2015 3:06 PM To: [email protected] Subject: Re: [PacketFence-users] PF and independent DHCP Jake, Thank you very much for your input, highly valuable as always. So you just disabled the DHCP server "pfdhcplistener" service altogether? The reasons I run DHCP on the switch is that the switch does it - and why not? The logic here is as follows - if my switch is down then the devices it serves are naturally going down too. However, the PF server is a different device. If it goes down there is no need for it to take down the DHCP capability for devices already plugged into this switch and assigned their proper VLAN. Does that make sense? Respectfully, Boris. On Wed, Apr 29, 2015 at 3:56 PM, Sallee, Jake <[email protected]<mailto:[email protected]>> wrote: You can put the DHCP helper directive in the switch just don't run DHCP on the PF server (this is exaclty what we do). The switch should still serve up your DHCP and the PF server will be happy that it is seeing the DHCP traffic. Also; running DHCP on the actual switch has always struck me as a strange idea. Could you explain why you decided to do it that way? Jake Sallee Godfather of Bandwidth System Engineer University of Mary Hardin-Baylor WWW.UMHB.EDU<http://WWW.UMHB.EDU> 900 College St. Belton, Texas 76513 Fone: 254-295-4658<tel:254-295-4658> Phax: 254-295-4221<tel:254-295-4221> ________________________________ From: Boris Epstein [[email protected]<mailto:[email protected]>] Sent: Wednesday, April 29, 2015 9:38 AM To: [email protected]<mailto:[email protected]> Subject: [PacketFence-users] PF and independent DHCP Hello listmates, I am using PF in a VLAN-based environment. The VLAN's aremanaged by independent switches, So is DHCP assignment on these VLAN's. It all works fine with one exception: the captive portal for machines on my VLAN's generates the following error message when I try to connect to it: "Sorry! Your computer was not found in the PacketFence database. Please reboot to solve this issue." This discussion from a few years back: http://sourceforge.net/p/packetfence/mailman/packetfence-users/thread/[email protected]/ seems to suggest that the DHCP info (MAC, IP address, etc.) needs to be communicated back to the PF server. One suggested approach is using ip-helpers. My concern is that this may make me dependent on my PF server for DHCP as my Cisco switches will be tied to it and unable to perform as independent DHCP servers. Does anybody know if that is the case? In short, I need to have a situation where routine IP infrastructure functions (routing, DHCP IP address assignment, etc.) occur regardless of the status of the PF server - even if it is down. Any advice on how to do that and at the same time have a functional PF server with accessible captive portal will be greatly appreciated. Cheers, Boris. ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ PacketFence-users mailing list [email protected]<mailto:[email protected]> https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
