Overclock.net › Forums › Software, Programming and Coding › Networking & Security › DMZ and DHCP functions
New Posts  All Forums:Forum Nav:

DMZ and DHCP functions

post #1 of 5
Thread Starter 
I was wondering this as it seems to be a good answer to what I want to do.My base question is, if I have DHCP enabled on my router (Zytel PK5000Z,standard issue from Qwest)do or does the DHCP functions follow over into the DMZ? I was hoping the answer was no and Qwest says no.

What I want to do is not so odd.I want to run my regular 5 host Win 7 homegroup off the router with the hosts getting their IP's via the DHCP function from the router.Then I want to put a Server 20008R2 machine that has be upgraded to a DC in the DMZ and I wanted to activate the DHCP role on the Server 2008 machine.I did not want a conflict with the router pulling DHCP duties and the Server 2008 rig also trying to hand out IP's(from a group that I construct) Of course I know that communication between the DMZ and the homegroup is not going to happen (at least I dont know how to make it happen).

Using this DMZ option is sure cheaper that two seperate internet connections, to avoid a DHCP conflict(I had two connections for some time).I want to do this as a twist on my labs.In my Server 2008 labs all the hosts are set up in VM's I wanted to actually setup real machines,not simply virtuial machines.I am open to comments
WC Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-930@4.05GHz ASUS P6X58D-Preminum XFX GeForce 275 896mb 6GB Corsair TR3X6G1600C8D 
Hard DriveOptical DriveOSMonitor
WD 150gb Raptor LightScan Win 7 64-bit Acer 22" 
KeyboardPowerCaseMouse
G15 Corsair HX620W Antec 1200 several various 
Mouse Pad
none 
  hide details  
Reply
WC Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-930@4.05GHz ASUS P6X58D-Preminum XFX GeForce 275 896mb 6GB Corsair TR3X6G1600C8D 
Hard DriveOptical DriveOSMonitor
WD 150gb Raptor LightScan Win 7 64-bit Acer 22" 
KeyboardPowerCaseMouse
G15 Corsair HX620W Antec 1200 several various 
Mouse Pad
none 
  hide details  
Reply
post #2 of 5
Most consumer routers have a DMZ that differs from the traditional standard. They will forward any traffic that isn't explicitly mapped to another port to a single IP address of your choosing. You will still remain on the singular/contiguous LAN. Therefore, any DHCP traffic will conflict if it is within the same broadcast domain.
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #3 of 5
Thread Starter 
Just got back from my Active Directory class and the instructor gave a thumbs up to the idea.The situation is Qwest says it will work and the instructor says it will work,on Thursday I will see the top dog on campus and get his take.Thanks for your time.
WC Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-930@4.05GHz ASUS P6X58D-Preminum XFX GeForce 275 896mb 6GB Corsair TR3X6G1600C8D 
Hard DriveOptical DriveOSMonitor
WD 150gb Raptor LightScan Win 7 64-bit Acer 22" 
KeyboardPowerCaseMouse
G15 Corsair HX620W Antec 1200 several various 
Mouse Pad
none 
  hide details  
Reply
WC Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-930@4.05GHz ASUS P6X58D-Preminum XFX GeForce 275 896mb 6GB Corsair TR3X6G1600C8D 
Hard DriveOptical DriveOSMonitor
WD 150gb Raptor LightScan Win 7 64-bit Acer 22" 
KeyboardPowerCaseMouse
G15 Corsair HX620W Antec 1200 several various 
Mouse Pad
none 
  hide details  
Reply
post #4 of 5
Thread Starter 
I came up with a second idea (and it is a pretty obvious one) I take my quietest machine (because it will be on all the time) load it with Server 2008 also and make two subnets,one for my Win 7 homegroup and the second for the domain.The 2008 machine that will always be on will handle DHCP and DNS duties for both subnets.I will put the router in bridge mode.I really wanted to stay away from leaving one machine running 24/7 but if the DMZ trick is not going to work I cant see how else to provide a homegroup and a domain access to the internet off the same connection. I guess I could fold on the machine that is always on (then it will be a watercooled machine, not the quietest one.Folding on your domain controller,DHCP,DNS server probably is not in the "best practices" section.
WC Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-930@4.05GHz ASUS P6X58D-Preminum XFX GeForce 275 896mb 6GB Corsair TR3X6G1600C8D 
Hard DriveOptical DriveOSMonitor
WD 150gb Raptor LightScan Win 7 64-bit Acer 22" 
KeyboardPowerCaseMouse
G15 Corsair HX620W Antec 1200 several various 
Mouse Pad
none 
  hide details  
Reply
WC Rig
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-930@4.05GHz ASUS P6X58D-Preminum XFX GeForce 275 896mb 6GB Corsair TR3X6G1600C8D 
Hard DriveOptical DriveOSMonitor
WD 150gb Raptor LightScan Win 7 64-bit Acer 22" 
KeyboardPowerCaseMouse
G15 Corsair HX620W Antec 1200 several various 
Mouse Pad
none 
  hide details  
Reply
post #5 of 5
Quote:
Originally Posted by PCCstudent View Post
I came up with a second idea (and it is a pretty obvious one) I take my quietest machine (because it will be on all the time) load it with Server 2008 also and make two subnets,one for my Win 7 homegroup and the second for the domain.The 2008 machine that will always be on will handle DHCP and DNS duties for both subnets.I will put the router in bridge mode.I really wanted to stay away from leaving one machine running 24/7 but if the DMZ trick is not going to work I cant see how else to provide a homegroup and a domain access to the internet off the same connection. I guess I could fold on the machine that is always on (then it will be a watercooled machine, not the quietest one.Folding on your domain controller,DHCP,DNS server probably is not in the "best practices" section.
If you have client machines that will be on the domain and using DHCP, you need to be sure that they are contacting a Microsoft DHCP server that is authorized in your Active Directory, otherwise your client workstations won't be able to register against your local DNS.

Why are you looking to run your AD-DC in the DMZ? That's the most critical server and you want to expose it to the internet with no firewall?

Not exactly sure what you're trying to do, but I think setting up a perimeter network for your Homegroup and an internal network for your domain would be the way to go. We might have had this discussion several months ago .
ESXi Host 1
(15 items)
 
  
CPUMotherboardGraphicsRAM
(2x) Intel Xeon E5520 Dell OnBoard Matrox G200 24GB DDR3 12x2GB UDIMMS (18 slots total) 
Hard DriveHard DriveHard DriveHard Drive
PERC6-RAID50 Intel 730 480GB Intel 320 300GB Synology DS414 iSCSI SAN 
OSMonitorKeyboardPower
VMWare vSphere5 Enterprise Plus Dell iDRAC6 Remote Management [KVM-Over-IP] Dell iDRAC6 KVM Dell Hot-Swap Redundant 1100W 
CaseMouse
Dell PowerEdge T710 Stock Dell iDRAC6 KVM 
  hide details  
Reply
ESXi Host 1
(15 items)
 
  
CPUMotherboardGraphicsRAM
(2x) Intel Xeon E5520 Dell OnBoard Matrox G200 24GB DDR3 12x2GB UDIMMS (18 slots total) 
Hard DriveHard DriveHard DriveHard Drive
PERC6-RAID50 Intel 730 480GB Intel 320 300GB Synology DS414 iSCSI SAN 
OSMonitorKeyboardPower
VMWare vSphere5 Enterprise Plus Dell iDRAC6 Remote Management [KVM-Over-IP] Dell iDRAC6 KVM Dell Hot-Swap Redundant 1100W 
CaseMouse
Dell PowerEdge T710 Stock Dell iDRAC6 KVM 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › DMZ and DHCP functions