Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

DHCP broadcasting through WAN port

Dimi95
 Share

So I have network (Scheme below). It all works great except for one thing. Router is broadcasting DHCP through WAN port somehow (I assume it shouldn't?) and all clients from CLIENT GROUP 1 are getting IPs from it instead of Gateway. I'm required to 'somehow' split those networks and they are, as long as all clients from first group get IP before turning on Router. I'd like for Router only to act as DHCP for Client group 2 and Gateway to be DHCP for Client Group 1.

 

I hope I'm clear enough. Thanks in advance.

 

5XlGg.jpg

Link to comment
Share on other sites

Link to post
Share on other sites

What hardware / software is the router? You’re right, it shouldn’t be sending out DHCP on the WAN port, but in order to help we’llneed to know

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites

Link to post
Share on other sites

It's simple TP-Link router TL-WR740N.

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Dimi95 said:

It's simple TP-Link router TL-WR740N.

If you factory default it, does this issue persist? If it does, check for a firmware update from TP-Link, or flash it with OpenWRT.

Looking to buy GTX690, other multi-GPU cards, or single-slot graphics cards: 

 

Link to comment
Share on other sites

Link to post
Share on other sites

If you see a setting for router mode try switching it from gateway to router/client.

A water-cooled mid-tier gaming PC.

Link to comment
Share on other sites

Link to post
Share on other sites

If you're splitting the networks for security reasons then don't bother with this setup, it doesn't do anything.

 

Doing subnets this way is janky AF.

 

The craptastic router that runs a DHCP server on the WAN side is just the icing on the cake.

Link to comment
Share on other sites

Link to post
Share on other sites

The way DHCP works makes this setup pretty unworkable. Have you confirmed that the router is actually running as a DHCP server and not as a downstream DHCP Relay?

 

One DHCP server on a network through an unmanaged switch can respond to the ENTIRE network. There's no way to force the computers of Client Group 2 to only request certain IP addresses, since the whole point of DHCP is to broadcast the request and it gets responded to by any DHCP server - it doesn't even know what subnet it's on until the response comes through.

 

If you had a managed switch you could create separate vlan segments for each subnet. Remember that DHCP servers don't "broadcast", the clients do. So the problem you're experiencing here is that the machines on Client Group 2 are sending their requests through the router. Check that the router is in client mode as suggested earlier, since that "should" cause it to respond directly to DHCP requests (assuming server, not relay as before) in that mode. As @Just.Oblivious said, this is a really janky setup. Not that it *can't* work, but managing it is going to be a pain in the ass.

 

I just re-read your original post, and I'm sorry, I read it wrong. So the router is responding to DHCP requests on the WAN side and providing DHCP responses to computers in Client Group 1? That's really, really odd. Even ignoring all the other issues with this setup, I'm pretty sure it shouldn't be doing that if it's configured correctly. As above, make sure the router is in client/router mode instead of acting as a gateway, since it's the only thing I can think of that would result in this behaviour. 

Edited by Tabs
I read the OP wrong.
Link to comment
Share on other sites

Link to post
Share on other sites

It not so much for security as much as it is that Client group 1 doesn't see PCs from Client group 2. I'm relying on Subnet mask for Client group 1 not to scan 192.168.2.*. Also switch is unmanaged so VLANs are kinda not possible.

 

Also as you say DHCP doesn't broadcast, but, as I see it, it shouldn't respond to requests coming from WAN port, only to requests coming from LAN/WiFi.

Link to comment
Share on other sites

Link to post
Share on other sites

OP is a little hard to understand, so just to clarify, client 1 is getting 192.168.2.x address correct?

Link to comment
Share on other sites

Link to post
Share on other sites

Are you sure that the cable coming from the switch is connected to the WAN port of the TP-Link? Is the TL-WR740N on the latest firmware revision?

 

Personally I would just get something like an EdgeRouter X or MikroTik hEX Gr3 (both around $50) and set it up like this:

  

 

5a00b54adc602_UntitledDiagram.png.df615ff80e364c7f815881879e45a85e.png

 

That way you don't have to invest in a new (VLAN capable) switch, just use the TP-Link as a four port switch (with built-in wireless access point).

Link to comment
Share on other sites

Link to post
Share on other sites

Yes, it's on WAN port and on the latest revision. It's no problem, I was thinking I can do something with existing equipment but I still don't understand why is router doing that.

Link to comment
Share on other sites

Link to post
Share on other sites

It definitely shouldn't be giving out IP addresses on the WAN side, that's for sure.

 

  • Is there anything plugged into the LAN side of the TP-Link that might cause a network loop?
  • Is the wireless of the TP-Link being used by anyone (in client group 1 and/or 2)?
  • Is the TP-Link somehow configured in bridge/access point mode? Try factory resetting it.

 

Link to comment
Share on other sites

Link to post
Share on other sites

1) One PC with cable from LAN2.

2) Client group 1 has own 3 APs and they are being used but also get IP from TP Link. Client group 2 has own WiFi SSID and it works good.

3) I started from factory configuration, it's not in bridge mode. But I will try it again. Thanks

Link to comment
Share on other sites

Link to post
Share on other sites

Factory reset it one last time. If that doesn't fix it: ditch the thing and get a proper router.

 

Investing $50-100 in a new router shouldn't really be an issue for a client with three access points in place.

Link to comment
Share on other sites

Link to post
Share on other sites

On ‎11‎/‎6‎/‎2017 at 9:33 AM, Dimi95 said:

So I have network (Scheme below). It all works great except for one thing. Router is broadcasting DHCP through WAN port somehow (I assume it shouldn't?) and all clients from CLIENT GROUP 1 are getting IPs from it instead of Gateway. I'm required to 'somehow' split those networks and they are, as long as all clients from first group get IP before turning on Router. I'd like for Router only to act as DHCP for Client group 2 and Gateway to be DHCP for Client Group 1.

 

I hope I'm clear enough. Thanks in advance.

 

5XlGg.jpg

first device gets 255 255 255 128(gives 2 subnets) with a dhcp pool of 24 addresses to distribute

the 2nd wan device get a static ip gateway from this pool list and its subnet will be 255 255 255 252 with pool list of 64 addresses (now weve used 99 of 126 addresses set by the 128 subnet)

you can use 255 255 255 0 on rest of the clients

with 255 255 255 0 you immediately tell the network theres only 1 network in system

note everything will be under same 192 168 1 # address tree

group one should pull dhcp from main gateway and will use that gateway as its gateway

group 2 grabs from 2nd wan but its gateway is that devices ipaddress as this devices gateway is main gateway

Link to comment
Share on other sites

Link to post
Share on other sites

58 minutes ago, bcguru9384 said:

first device gets 255 255 255 128(gives 2 subnets) with a dhcp pool of 24 addresses to distribute

the 2nd wan device get a static ip gateway from this pool list and its subnet will be 255 255 255 252 with pool list of 64 addresses (now weve used 99 of 126 addresses set by the 128 subnet)

you can use 255 255 255 0 on rest of the clients

with 255 255 255 0 you immediately tell the network theres only 1 network in system

note everything will be under same 192 168 1 # address tree

group one should pull dhcp from main gateway and will use that gateway as its gateway

group 2 grabs from 2nd wan but its gateway is that devices ipaddress as this devices gateway is main gateway

You still asume classfull subnets while this isn't neccesary anymore.
Besides some of your numbers seem to be a bit off and it asumes there is a managed switch while the OP says there isn't
Also read the post again. the problem is something different.
The problem is that the devices listed as "router" in the drawing is also sending dhcp packages out of it's wan port.

Link to comment
Share on other sites

Link to post
Share on other sites

9 hours ago, Levisallanon said:

You still asume classfull subnets while this isn't neccesary anymore.
Besides some of your numbers seem to be a bit off and it asumes there is a managed switch while the OP says there isn't
Also read the post again. the problem is something different.
The problem is that the devices listed as "router" in the drawing is also sending dhcp packages out of it's wan port.

he is showing 2 networks under 1 network

Link to comment
Share on other sites

Link to post
Share on other sites

11 hours ago, bcguru9384 said:

first device gets 255 255 255 128(gives 2 subnets) with a dhcp pool of 24 addresses to distribute

the 2nd wan device get a static ip gateway from this pool list and its subnet will be 255 255 255 252 with pool list of 64 addresses (now weve used 99 of 126 addresses set by the 128 subnet)

you can use 255 255 255 0 on rest of the clients

with 255 255 255 0 you immediately tell the network theres only 1 network in system

note everything will be under same 192 168 1 # address tree

group one should pull dhcp from main gateway and will use that gateway as its gateway

group 2 grabs from 2nd wan but its gateway is that devices ipaddress as this devices gateway is main gateway

Splitting a network with 255.255.255.252 gives you TWO usable addresses, not 64. For 64 addresses you need a 255.255.255.128 mask because a 255.255.255.192 only has 62 usable addresses, and .128 gives you 126 addresses, not 24.

Telling someone they can subnet half of a network into smaller networks and then use the larger network for the remaining clients is NOT how you subnet. Not on this planet at least.

You either break the network in half using 255.255.255.128 and set one network on the first half and the other network on the second half, or you assign two /24 networks with one per client set, or you put it all under a single network with a common gateway.

 

A /24 in no way shape or form tells you that there is a single network. You can divide a /24 into any number of smaller networks at which point 192.168.1.0/24 or any other mask that encompases all smaller networks becomes the supernet address.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Lurick said:

Splitting a network with 255.255.255.252 gives you TWO usable addresses, not 64. For 64 addresses you need a 255.255.255.128 mask because a 255.255.255.192 only has 62 usable addresses, and .128 gives you 126 addresses, not 24.

Telling someone they can subnet half of a network into smaller networks and then use the larger network for the remaining clients is NOT how you subnet. Not on this planet at least.

You either break the network in half using 255.255.255.128 and set one network on the first half and the other network on the second half, or you assign two /24 networks with one per client set, or you put it all under a single network with a common gateway.

 

A /24 in no way shape or form tells you that there is a single network. You can divide a /24 into any number of smaller networks at which point 192.168.1.0/24 or any other mask that encompases all smaller networks becomes the supernet address.

gives you 2 networks that support 128 hosts

255 255 255 0 gives you 1 network with 254 hosts

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, bcguru9384 said:

gives you 2 networks that support 128 hosts

255 255 255 0 gives you 1 network with 254 hosts

I know how to subnet, not really sure what your response is supposed to mean.

Oh and /25 gives you 126 hosts, not 128.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, Lurick said:

I know how to subnet, not really sure what your response is supposed to mean.

Oh and /25 gives you 126 hosts, not 128.

ya your right as you lose 1 ip to the subnet(#.#.#.0) and 1 to broadcast(#.#.#.255)

but you also lose 1 to gateway

with 255 255 255 0 you have 0 subnet bits, none ,,, effectively disabling subnet from SWITCHING mode and instead place it into a mask mode only

Link to comment
Share on other sites

Link to post
Share on other sites

2 minutes ago, bcguru9384 said:

ya your right as you lose 1 ip to the subnet(#.#.#.0) and 1 to broadcast(#.#.#.255)

but you also lose 1 to gateway

with 255 255 255 0 you have 0 subnet bits, none ,,, effectively disabling subnet from SWITCHING mode and instead place it into a mask mode only

No, that's not how it works, you just go higher into the third, second, or first octet.

There isn't anything called switch or mask mode for subnetting either.

Current Network Layout:

Current Build Log/PC:

Prior Build Log/PC:

Link to comment
Share on other sites

Link to post
Share on other sites

10 hours ago, bcguru9384 said:

 

with 255 255 255 0 you have 0 subnet bits

We are taught that 255.255.255.0 provides no subnet bits but it's misunderstood (this might even confuse someone learning how to subnet first). Of course we have subnet bits.... 255.255.255.128 oh no I just took a host bit and now in theory we can call it a 'subnet bit'

 

255.255.255.0 officially in classful addressing has 0 subnets to play with but that is not relevant in today's networks with classless/cidr subnetting.

I'm going to put a link to my PC specs which actually aren't my PC specs and I cry myself to sleep everyday so I can have these PC specs but I can't afford these PC specs so PC specs PC specs PC specs PC specs PC specs PC specs.

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×