1

I'm currently deploying domain controllers in my company network, and I would love to have my own DHCP server within my network. The problem is that a another company in the building is controlling the router, which is running a DHCP service. All devices connected to our switch gets an IP from the router in the subnet 192.168.200.x. I have been wondering if theres any feature in Windows Server that would let me do something like:

if DC is ON = then get IP from DC

if DC is OFF = then get IP from Router

enter image description here

Improve this question
1
  • Your DC can act like the DNS server if you want, but that would also require you disable the service on the router, when it was turned on. Otherwise you will cause a conflict.
    – Ramhound
    Commented Mar 7, 2017 at 19:14

2 Answers 2

Reset to default
4

Do NOT put a DHCP server on your network in this situation. Your server and their router will start fighting over client leases and probably cause a packet storm, knocking out the network. Especially if your server starts farming out addresses on a different subnet, that is going to cause all sorts of problems for you and them.

With that out of the way; this is a really weird set up. Is there any kind of segregation between your networks? Is the router handing out addresses on two different subnets - one for you and one for them? I would be wary of putting anything company sensitive on this network.

The safest solution is to get your own router and connect the WAN interface to their router. Then connect the rest of your network to your own router. To your router, their router is just a gateway device, they have no visibility of your network, and you are in control of the subnetting and other network services on your network. You can either enable DHCP on your router or on a separate server.

Improve this answer
9
  • Multiple DHCP servers on a network will by no means knock a network out. In fact, multiple DHCP servers are a common feature of resilient networks. Now what can cause problems for clients are multiple DHCP servers handing out IP addresses from the same address pool, and/or with conflicting settings (e.g. differing DNS servers, gateway, etc.)
    – I say Reinstate Monica
    Commented Mar 11, 2017 at 17:02
  • @Twisty, yes, I think that was implied.
    – Darren
    Commented Mar 11, 2017 at 17:04
  • You indicate adding a DHCP server will cause a packet storm, knocking out the network. How exactly would the packet storm occur?
    – I say Reinstate Monica
    Commented Mar 11, 2017 at 17:06
  • @twisty, it's been a while now, but I have seen with my own two eyes someone connect a rogue DHCP server to our network and knock it out. From memory, it seemed to be caused by every client simultaneously trying to renegotiate their lease and a storm of ARP broadcasts as multiple clients were receiving duplicate IP addresses (one from each server) and subsequently trying to renegotiate.
    – Darren
    Commented Mar 11, 2017 at 18:01
  • I have no doubt that a malicious DHCP server could impact a network's operation. But that's quite different than asserting that a competent administrator will experience problems with multiple DHCP servers. Large networks require multiple such servers!
    – I say Reinstate Monica
    Commented Mar 11, 2017 at 18:13
0

The best practice in this scenario would be to achieve proper network segmentation and gateway your corp assets with your own router. Once segmentation has been achieved you can deploy DHCP services via appliance or server(s).

Improve this answer
1
  • 1
    Answers that contain the phrase "As stated above" are not helpful. The order which an answer appears is dynamic. Your answer by itself should answer the question itself. If you are going to reference an answer, quote and cite it through a link, otherwise its best to omit statement like "As stated above"
    – Ramhound
    Commented Mar 7, 2017 at 19:12

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .