Example: DHCP and multihoming

This example is much like the first example, Simple DHCP subnet. In this example, the data entry clients are only communicating amongst themselves and the iSeries server. They obtain their IP information dynamically from the iSeries' DHCP server.

However, a new version of their data entry application requires that the network communicates with the Internet, and the company decided to provide Internet access through an Internet router as shown in Figure 4-1. In addition to the router, the administrator also added another interface with an IP address to communicate with the Internet. When multiple IP addresses are assigned to the same adapter, the iSeries server is multihoming.

Figure 1. Using DHCP with multiple IP addresses assigned to the same adapter

The DHCP setup must take into account that the iSeries server is known by two different IP addresses. To understand how to set up DHCP correctly for this scenario, it is helpful to understand what happens when a client sends out a DHCP DISCOVER packet.

When a client sends out a DHCP DISCOVER packet, it is broadcast on the ring. Therefore, iSeries server cannot determine which IP address the packet was intended for. If this packet is marked with the 10.1.1.1 interface IP (the one used for DHCP), your clients receive their IP information as expected. But it is possible that the packet can actually get marked with the 192.168.1.1 address (the one connected to the Internet). If the packet is received on the 192.168.1.1 interface, your data entry client does not receive any IP information.

To set up DHCP in this situation, you need to not only create the data entry DHCP subnet, but also one for the Internet network. The Internet policy consists of a subnet with no available addresses. The easiest way to do this is to define the subnet with at least one IP address (like 192.168.1.1), then exclude that same IP address. With the two subnets defined, you now combine the two (or more) subnets into a subnet group. If the DISCOVER packet gets marked with the 192.168.1.1 interface, the data entry subnet will still issue valid IP information.

To make this scenario work, the policy for the Data Entry subnet must pass its clients their router address for access to the Internet. In this case, the router address is the iSeries interface of 10.1.1.1. You must also set IP Datagram forwarding to 'on' for the two interfaces to route packets to each other. This example uses reserved IP addresses to represent both internal and external IP addresses. If your network matches this scenario, you also need to use NAT for your Data Entry clients to communicate with the Internet.

Using subnet groups to eliminate this marking problem is not only limited to multihoming examples. Any time multiple interfaces connect to the same network, you can encounter the same problem. The following figure illustrates how the iSeries server can have two physical connections to the data entry network. This network configuration requires a similar DHCP group policy as the multihoming setup, because DHCP DISCOVER packets can conceivably be answered by the 192.168.1.1 interface.

Figure 2. Using DHCP with multiple interfaces connected to the same network

Planning the DHCP setup for multihoming

Other setup

• Set IP Datagram forwarding to 'on' for the two interfaces
• Set up NAT for the Data Entry clients