one of our NT guys just brought something to my attention.
out DHCP/DNS server has an interface on the production network, as well as a backup interface (backup network)
the backup network is a parallel network (physically seperated network hardware) and is not routed/connected to the production network. it is completely isolated for backups only.
i always make sure they do not put a gateway address on the backup network (there is no router, it's a flat network), so that no traffic accidentally goes out that interface
when they did a capture/trace on the backup NIC, they were seeing packets (DHCP ACKs/replies) from the production interface.
so say the routed / production IP of the DHCP server is 10.0.0.5
when you look at the trace on the backup interface, you are seeing the DHCP ACKs/replies from source: 10.0.0.5, destination 255.255.255.255
so it looks like the server is packaging the IP header / DHCP ACK as a layer3 broadcast, and thus sending it out every physical interface.
does anyone know why the server would be doing this, and not just sending out the DHCP ACK on the interface it received the request on?
out DHCP/DNS server has an interface on the production network, as well as a backup interface (backup network)
the backup network is a parallel network (physically seperated network hardware) and is not routed/connected to the production network. it is completely isolated for backups only.
i always make sure they do not put a gateway address on the backup network (there is no router, it's a flat network), so that no traffic accidentally goes out that interface
when they did a capture/trace on the backup NIC, they were seeing packets (DHCP ACKs/replies) from the production interface.
so say the routed / production IP of the DHCP server is 10.0.0.5
when you look at the trace on the backup interface, you are seeing the DHCP ACKs/replies from source: 10.0.0.5, destination 255.255.255.255
so it looks like the server is packaging the IP header / DHCP ACK as a layer3 broadcast, and thus sending it out every physical interface.
does anyone know why the server would be doing this, and not just sending out the DHCP ACK on the interface it received the request on?