VLans and multiple DCHP servers

Drich290195

macrumors 6502
Original poster
Apr 2, 2011
455
1
wondering if you can help. Run a Mac mini as my server. What I'm wanting is to keep my main network away from a test network I use for older machines.

I have configured a dchp server for my main 192 network with no issue. However I'm trying to create a vlan as the guest network on 172.

I create the vlan and then create a dchp server to allocAte a ip range to it no issue.

My question is how do I connect to that vlan and dchp server. Everytime I plug a machine in it automatically connects to the 192 range. How would I get it to issue a ip range from the second dchp server.

Finding it difficult to understand with the vlans being on the same nic. Is this even possible.

Many thanks
 

belvdr

macrumors 603
Aug 15, 2005
5,660
1,001
No longer logging into MR
The simplest option is to configure a router to connect the two VLANs.

On the 172 VLAN, you need to create a DHCP helper (relay) on the router to point to the 192 subnet's DHCP server, assuming you are only using one DHCP server for both subnets. This will forward the DHCP broadcasts to the 192 subnet for allocation.

If you're connecting a machine to a port and it's pulling a 192 address, then you are plugging into the 192 VLAN.

For your last statement, I am confused. What VLANs are on the same NIC and what is this device?

EDIT: Another option would be to trunk the port going to the Mac Mini (i.e. allow multiple VLANs to travel over the one cable). On the Mini, you would need to create two virtual interfaces with an IP on each subnet and tag those interfaces with the correct VLAN with 802.1Q or similar. Then you would configure the DHCP server with the two DHCP scopes. I don't even know if this is possible with macOS.

Frankly, I think the top option is a lot simpler to do, but everyone has their preferences.
 
Last edited:
  • Like
Reactions: DennisBlah

iMouse

macrumors 6502
Jul 23, 2002
252
17
Boardman, Ohio
wondering if you can help. Run a Mac mini as my server. What I'm wanting is to keep my main network away from a test network I use for older machines.

I have configured a dchp server for my main 192 network with no issue. However I'm trying to create a vlan as the guest network on 172.

I create the vlan and then create a dchp server to allocAte a ip range to it no issue.

My question is how do I connect to that vlan and dchp server. Everytime I plug a machine in it automatically connects to the 192 range. How would I get it to issue a ip range from the second dchp server.

Finding it difficult to understand with the vlans being on the same nic. Is this even possible.

Many thanks
You could also add a second NIC through a Thunderbolt to Ethernet adapter and tell your DHCP server to provide a different range across the second interface for the same effect. If you do multiple VLANs across a single NIC, the switch you use needs to be able to understand 802.1Q trunking. You'd have to shell out a bit of cash for a managed switch with this capability rather than just buying a second Ethernet adapter and running an unmanaged switch off of each interface.
 

DoFoT9

macrumors P6
Jun 11, 2007
17,505
27
Singapore
As the above posts allude, you need to have them physically segregated (or, virtually if you can justify the cost) else new devices will not be able to tell which network to join, and instead will grab the default gateway information/IP etc.

You could have 2 wireless network devices that might be able to make this simpler.
 

DJLC

macrumors 6502a
Jul 17, 2005
757
140
North Carolina
Two options —

1) If your router supports DHCP relay, enable that on the 172 VLAN and point it to the DHCP server's IP address. You may need to allow this traffic thru the firewall.

2) Configure a VLAN interface in System Preferences -> Network on the macOS Server. Enable the 172 DHCP scope on that new interface.
 
  • Like
Reactions: DennisBlah