General discussion

Locked

two routers on LAN

By ddunkink ·
Ok ...no laughing here. I have a core router (UNIX)on my LAN that is responsible for all routing , DHCP and DNS. This box is getting old and I`m suer it`s going to fail sometime soon. What I would like to do is setup my Novell server to do all the routing and DHCP and DNS ( currently a secondary would convert to primary ). I realize I can`t have two DHCP servers so I wouldn`t turn that on until I removed the UNIX server for service. What potential problems are there going to be with two core routers on the same LAN ?? I

This conversation is currently closed to new comments.

5 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

two routers on LAN

by Barry Hensley In reply to two routers on LAN

You can have 2 boxes providing all of these essential services at the same time. Here is where you need to be careful.

1. Having multiple DNS servers is actually a good thing. Just make sure that the zones are duplicated from one to the other. You will need to make the DNS server on the new box a primary so, you'll have to manually duplicate the zone information.

2. Having multiple routers is not a problem. Just make sure that they use one of the popular routing protocols (RIP2, OSPF, etc) to exchange routing information so that the hosts on your network can find their routes.

3. Having multiple DHCP servers can cause a problem but will work just fine if you split your range of available addresses in half and place half on each server.

Finally, when you decide to remove your original UNIX host from your network, you will probably experience some routing problems unless you configure the DCHP servers (both of them) to provide hosts with only 1 default router and to providethem with the DNS information for the NEW DNS server. Once this is done, the only thing that any host will still access the old UNIX box for is a renewal of its IP address. After removing the UNIX host, any host that requests a renewal of its IP address will eventually send out a broadcast request and will obtain a new IP address from the NEW server.

Lastly, remember that after you remove the UNIX host, you must reconfigure the range of available IP addresses in the NEW DHCP server to include the entire range of addresses.

Collapse -

two routers on LAN

by ddunkink In reply to two routers on LAN

Thanks Barry ... I understand. I will not even start the DHCP service on the novell box until the UNIX DHCP is down...I will need to change the DNS from secondary to primary and setup DDNS on the Novell DHCP server. Right now the Novell server is a secondary to the UNIX box ( primary DNS).I`m fairly sure we are all RIP.
Thanks agin for your help !!!

Collapse -

two routers on LAN

by dlw6 In reply to two routers on LAN

Concur with Barry. One thing I would add, though, is to watch security. By putting more services on one box, you do two things:

1. You make that box more critical to the network.

2. You open more holes for attackers.

Join some good security list servers. ISS' XForce is the most comprehensive I've seen, go to xforce.iss.net and click the Mail Lists link. Of course you'll also want to join any security lists offered by Novell. With such list servers, you'll know of the security holes as they're discovered and be able to do something about them before an attacker has a chance to try.

Good fortune,
Don

Collapse -

two routers on LAN

by ddunkink In reply to two routers on LAN

Thanks Don
I am running an OpenBSD firwall and will put a second OpenBSD firewall on the LAN side of the DMZ once the UNIX box ( core router ) is gone for reconfig. It is also the inner firwall running IPchains. This is all temporary and more of a "just in case the UNIX box dies " kinda deal. I am also a member of Bugtraq and I get the ISS stuff there too...Thanks a million for your help.

Collapse -

two routers on LAN

by ddunkink In reply to two routers on LAN

This question was closed by the author

Back to Networks Forum
5 total posts (Page 1 of 1)  

Related Discussions

Hardware Forums