auto provisioning

G

goodcooper

[H]F Junkie
Joined
Nov 4, 2005
Messages
9,771
as of late i've really been on an autoprovisioning kick...

right now at each main location i have a phone server w/ a TFTP server on it and i'm using DHCP option 66 to autoprovision my voip phones

got it all set up fantastically....

now, i'm working on getting an FOG server set up to start allowing easier PC image deployment in my office... it's working so well i want to start putting storage out at some of the other locations and have them all start PXE booting to FOG first (that's how you set it up) to check for any image jobs (can remotely schedule remote image deploy or upload for deploying or backing up PCs)

problem is, it also uses DHCP option 66...

so i need 2 DHCP option 66s to 2 different IP addresses...


any ideas on how i should handle this?

my first obvious solution is to combine the servers somehow, but it just isn't in the works, both TFTP servers are being fed provisioning files from 2 very separate web interfaces..... if i really had to i may be able to make it work, but i'd prefer not to...
 
Last edited:
Are your phones and workstations on 2 separate vlans?
If so, you can setup the DHCP options per vlan.
 
Are you phones not on their own VLAN? You should always but VoIP phones on their own VLAN

EDIT

Already been asked!
 
Jay_oasis said:
You should always but VoIP phones on their own VLAN
Click to expand...

Not strictly true; depends on traffic and bandwidth available. A Small Office with 10 VoIP phones would probably see no measurable benefit from a separate separate broadcast domain.
Another consideration is some desktop tools/applications will not work properly when Desktops and phones are on different networks.

The Vendor class linked above is a great idea; an alternative would be Microsoft Server DHCP with Reserved addresses for the equipment- separate DHCP options can be supplied for each unique MAC address if needed.
 
If I had 10 VoIP phone I would VLAN then out. I don't think the size of the network makes a difference, stick to the tried and tested methods. Always VLAN out your VoIP phones.
 
Jay_oasis said:
If I had 10 VoIP phone I would VLAN then out. I don't think the size of the network makes a difference, stick to the tried and tested methods. Always VLAN out your VoIP phones.
Click to expand...
Sometimes the administrative overhead isn't justified.

Ask yourself "Why"? Why do you put your phones on their own vlan? What technical reasons do you have? QoS? Security?

Neither of which is really relevant to small networks. Balance that against the expensive switch and additional administrative work that goes in to maintaining two vlans at a small site, and it often times won't make sense.
 
What administrative overhead? It's a fully routed VLAN. Troubleshooting is easy, they have their own DHCP scope and when they suddenly want to add more phones or they get a branch office that want to use the VoIP system its all really simple for them. Set it up correctly from the start, I see no reason not to.

All that is needed is a managed L2 switch and a basic router like an 1841.

Does the question in this exact thread not show just 1 reason why 2 VLANS would be a benefit?
 
XOR != OR said:
Sometimes the administrative overhead isn't justified.

Ask yourself "Why"? Why do you put your phones on their own vlan? What technical reasons do you have? QoS? Security?

Neither of which is really relevant to small networks. Balance that against the expensive switch and additional administrative work that goes in to maintaining two vlans at a small site, and it often times won't make sense.
Click to expand...

Security isn't relevant to small networks?
 
You would run a VLAN for 1 Voip phone? I guess you would go to all the hassle of setting up DHCP range, provisioning server, DNS, etc for the 1 phone?
VLANS are used to separate broadcast domains, they aren't inherently more or less secure. All of the reasons to use AND not use VLANS here are perfectly valid.
I wouldn't bother setting up provisioning or VLAN for much less than 10, but I accept others have a different threshold- more power to you.
 
Jay_oasis said:
What administrative overhead? It's a fully routed VLAN. Troubleshooting is easy, they have their own DHCP scope and when they suddenly want to add more phones or they get a branch office that want to use the VoIP system its all really simple for them. Set it up correctly from the start, I see no reason not to.

All that is needed is a managed L2 switch and a basic router like an 1841.

Does the question in this exact thread not show just 1 reason why 2 VLANS would be a benefit?
Click to expand...
1 possible reason sure. One option, however, is easier ( DHCP options assigned to lease reservations ) and neither of the other two potentially require additional hardware.

As far as the concerns you raise; for small businesses those just aren't that big of a deal. More phones? For a small business, how many phones do you suppose they'll want to add, where they'll run into number limitations on a subnet? And there is no inherent need to put phones on their own vlan to add a second ( or third, or fourth ) site via vpn. I contract with a company that does exactly that. They don't experience any VoIP quality issues.
 
Huh?

Security is important everywhere. Also, security between L3 hops isn't what we're talking about, nor is it the main concern with voice traffic. Separating voice and data/user VLANs is very important.
 
Vito_Corleone said:
Huh?

Security is important everywhere. Also, security between L3 hops isn't what we're talking about, nor is it the main concern with voice traffic. Separating voice and data/user VLANs is very important.
Click to expand...
Why? Why is it very important?

Don't misunderstand me; I understand why seperating traffic types is important, but I also work with a lot of smaller clients who's conditions are radically different then your standard larger networks.

Different network types require flexibility and understanding of the requirements so you can best meet the needs of your customer.
 
What if you set option 4 = FOG server, option 66 = TFTP server for phones?

Failing that you could throw pxelinux (small pxe bootloader) on the phone server and have it chain the FOG boot. I did it with Windows WDS with this:

Code: 
LABEL wds
MENU LABEL Install Windows
COM32 pxechn.c32
APPEND 172.41.200.99::boot\x86\wdsnbp.com -W
 
To solve the OP question VLANs is an appropriate answer. VLAN1 - VoIP, VLAN2 - DATA, VLAN3 - Management, etc.

Even for a small office this could be the way to go if you have multiple services that need the same DHCP options.
 
cyr0n_k0r said:
Are your phones and workstations on 2 separate vlans?
If so, you can setup the DHCP options per vlan.
Click to expand...

excellent suggestion, i had actually thought of this, but...

XOR != OR said:
Sometimes the administrative overhead isn't justified.

Ask yourself "Why"? Why do you put your phones on their own vlan? What technical reasons do you have? QoS? Security?

Neither of which is really relevant to small networks. Balance that against the expensive switch and additional administrative work that goes in to maintaining two vlans at a small site, and it often times won't make sense.
Click to expand...

this is my current situation... just not enough to make a difference at this point, if nothing else than just because of the management overhead... and the equipment really isn't fully in place to do that
 
XOR != OR said:
You may be able to use something like this as well ( assuming MS dhcpd server ): http://support.microsoft.com/?id=240247
Click to expand...

athlon1.2 said:
What if you set option 4 = FOG server, option 66 = TFTP server for phones?

Failing that you could throw pxelinux (small pxe bootloader) on the phone server and have it chain the FOG boot. I did it with Windows WDS with this:

Code: 
LABEL wds
MENU LABEL Install Windows
COM32 pxechn.c32
APPEND 172.41.200.99::boot\x86\wdsnbp.com -W
Click to expand...


these are the responses i was looking for.... fantastic!

i'll definitely look into these... thanks guys!
 
You must log in or register to reply here.
Back
Top