Skip to main content

How to Set Up a Cisco Router as a DHCP Server (Step-by-Step Guide)

Lab time! Want to build a DHCP server?  In this lab, I will show you how to build your own DHCP server on a router using Cisco Packet Tracer, as shown above. By the end of this post, you will be able to create your own DHCP server with a Cisco 2911 router, perhaps in a home lab setting, and prepare you to build your own on other hardware. 

Why a Router?

 A DHCP server is a centralized, automated service that assigns important network configuration details to devices on a network, such as IP addresses. Without it, we would have to create manual entries for our entire network, which can be time-consuming and lead to errors. Traditionally, there are dedicated servers to handle these functions. There are many ways to implement a DHCP server in your topology, including a dedicated physical server, a virtual machine, cloud-based gateways, and firewalls. However, there are specific benefits to using a router as your DHCP server:

  • Reduced infrastructure: While having a dedicated server is useful, it adds an extra cost and complexity on your network. Using a router simplifies your setup.
  • Optimizing Performance:  Reduces the need for additional devices, minimizing network hops and potential latency.
  • VLAN Compatibility: This lab will especially show the ease of routing between VLANs and providing DHCP services for each VLAN. Instead of having different servers for different floors or VLANs, the router can handle these services.
  • High Availability and Reliability: Without the router, you cannot exit your local network, meaning the router always has to be operating. If it is always operating, then DHCP can be operating.

Things to Keep in Mind

  • Using a router for a DHCP server can be most effective in small- to medium-sized networks. However, if your business or network begins to expand, that means using more powerful hardware or a dedicated server.
  • A router's main objective is to route your packets. Implementing a DHCP server on a router can increase its workload. 
  • This lab utilizes a small topology, but you will see the commands and how you can implement it in a SOHO environment, whether it is a home lab or your business.

Let's Get Building

This topology uses:

  • 4 VLANS: IT, Executives, HR, Research & Development
  • 3 Cisco 2960 IOS15 Switches
  • 1 Cisco 3650-24PS Multilayer switch
  • 1 Cisco 2911 Router

Step-by-Step Configuration for Each Device

Switch Configuration

Let's start by configuring the switches in the network. Repeat these steps for every switch you are configuring on your network.
  1. Enable the switch
    • To enter privileged exec mode type 
      enable 
      conf t
  2. Create your VLANs
    • There are four VLANs, but in this topology, two of the switches utilize data traffic among three departments: IT, Executives, and HR.
    • On each switch and each VLAN: 
      vlan {number} 
      name {VLAN name}
    • For example, to create the IT VLAN: 
      vlan 10 
      name IT
  3. Assign VLANs to access ports
    • To assign VLANs to ports, you can use the int range command to configure multiple ports at once: 
      int range {interface} 
      switchport mode access 
      switchport access vlan {VLAN_ID}
    • To assign FastEthernet 0/1-0/5 to VLAN 10, use these commands: 
      int range fa0/1-5 
      switchport mode access 
      switchport access vlan 10
  4. Configure trunking to the multilayer switch.
    • Trunking is used to group and send all VLAN traffic over a single link. Without it, specific VLAN traffic or perhaps none at all can be transferred between devices. 
    • Choose the interface that will connect to the multilayer switch. This will serve as your trunk line.
    • Use the command: 
      switchport mode trunk 
      exit
    • If you have certain VLANs you want to add to a trunk, use the command: 
      switchport trunk allowed vlan add {VLAN number}
    • If you want to remove VLANs from a trunk, use the command: 
      switchport trunk allowed vlan remove {VLAN number}

Multilayer Switch Configuration

A multilayer switch is a layer 3 device that combines the functions of a switch and router. Because switches deal with VLANs and routers deal with routing, this allows the device to store VLAN information (Layer 2) and routing between VLANs (Layer 3). Here is how to configure one:
  1. Enable the switch
    • To enter privileged exec mode, type: 
      enable
      conf t
  2. Create your VLANs
    • This will be the same VLANs you put on your switches. After being put into a VLAN, devices on any of the two switches will go through the multilayer switch to reach the router and get an IP address. The multilayer switch also has the VLANs and will forward the information.
    • On each switch and each VLAN: 
      vlan {number}
      name {VLAN name}
  3. Assign ports as trunked ports
    • To assign trunk ports, use the following command: 
      int range {interface}
  4. Configure trunks on the multilayer switch 
    • Choose the interface that will connect to the multilayer switch. These will serve as your trunk lines.
    • Use the following commands: 
      switchport mode trunk
      exit
    • If you have certain VLANs you want to add to a trunk, use the command: 
      switchport trunk allowed vlan add {VLAN number}

Router Configuration

Now for the main event—configuring the router as a DHCP server!
  1. Enable the router
    • To enter privileged exec mode, type: 
      enable
      conf t
  2. Create subinterfaces
    • A subinterface, configured on a router interface, allows you to create mini-doors to reach individual networks or subnets. The trunk line from the multilayer switch to the router is connected to an interface. On that port, you create subinterfaces for each VLAN created. To create subinterfaces, type: 
      int {interface}.{VLAN_ID number}
      For example to create a subinterface for VLAN 10 on GigabitEthernet 0/0, use these commands: 
      int gig0/0.10
  3. Configure encapsulation
    • Encapsulation (802.1q) ensures that VLAN-tagged traffic is properly identified and routed between different VLANs over trunk links.
    • Imagine being at a convention. There are so many people, but your nametag identifies who you are, such as which group you are affiliated with. In this scenario, everyone in that convention center would represent all the data transferred over a trunk line. Your name tag represents the VLAN tag, which ensures data is correctly delivered to the right department (VLAN) without confusion.
    • To configure encapsulation, use these commands: 
      encapsulation dot1q {VLAN_ID number} 
      ip address {IP Address} 
      exit
    • The IP address used for subinterfaces will be used as the default gateway for the VLANs.  
  4. DHCP Configuration
    • To configure DHCP on a router, 
      service dhcp 
      ip dhcp pool {title} 
      network {IP_ADDR} {SUBNET MASK}
    • The ip dhcp pool command allows you to create an IP address range that the router will use to distribute IP addresses to devices on a VLAN.
    • The network identifies the network ID and subnet mask, which identifies the IP address range - the scope of possible IP addresses that can be given to devices on a subnet.
  5. Configure a default router
    • You can configure your default router IP address to the subinterface IP address. To configure the default router,
      • default-router {IP_ADDR}

Conclusion

A properly configured DHCP server is important to automated distribution of IP addresses and other network configuration information.  Using a router to implement a DHCP server is most beneficial for small- to medium-sized networks, maximizing performance and resources. 

The commands used in this virtual lab can be used in a physical topology. To expand on this, I linked my repository containing the full topology, as depicted in the opening picture. I will also create a video going through the process. Using this can allow you to create your own topology, troubleshoot, and apply these steps to extend it further, especially including security features, such as DHCP snooping. What is DHCP snooping, and what are security measures used within DHCP? How can you prepare for DHCP troubleshooting? Stay tuned.

Have you tried setting up a DHCP server using a router? Share your experiences or challenges in the comments!

Helpful Links:



Comments

Post a Comment

Popular posts from this blog

Understanding OSI and TCP/IP Models

Visual breakdown of the OSI Model's 7 layers Whether you are new to IT or a seasoned admin, chances are you have heard of the OSI or the TCP/IP model. These frameworks help us understand how data flows across our networks — from online shopping to high-speed data transfers. However, many job postings require knowledge of TCP/IP but not OSI. Why is that? Is one favored over the other? Let's take a look at both. What is the OSI Model?  Introduced in the 1980s, the Open System Interconnect — OSI — breaks down network communication into seven layers, each with a specific function. Layer Functions 7. Application User and device interaction for network services (web browsing, email, file transfer) 6. Presentation Formats data for applications, ensures readable and secure data 5. Session Establishes, maintains, and ends connections between devices. For example: Online shop...
Post a Comment
Read more

New Series: IP in Practice

I have done a few posts on subnetting and the inner workings of DHCP. I wanted to do a post on IPv6 and a hands-on demo on implementing DHCP on actual networking equipment. However, I missed a few parts that I would like to cover that would particularly help in understanding how IP works and why it is needed. Unlike the previous series, this will be a direct approach to a certain protocol: Internet Protocol (IP). I recently started my first series, covering important ports, protocols, and acronyms used in the networking field. However, I realized not only is it difficult to address the ones to mention, but for some letters it's hard to find. The intended structure was to have several per letter not just one. The idea seemed fun and engaging, however, doing over 20 posts alphabetically on acronyms, ports, and protocols lacks order and deviates from the direct approach I want this blog to have. For that reason, I am putting it on hold indefinitely. It was fun at first, but it was not...
Post a Comment
Read more