[Outages-discussion] [outages] DHCP being dropped by Lumen?
Bruce Wainer
bruce at brucewainer.com
Thu Jun 9 12:26:23 EDT 2022
I agree with Grant. Just like we’re run centralized DHCP and DNS for a
decade, we’ve run DMVPN and are now moving to SDWAN. If your organization
isn’t large enough for those types of automatic VPN/tunnel building,
manually creating VPNs back to your central datacenter is probably
something you’re going to do anyway for internal server access, so why not
send the DHCP through that as well?
On Thursday, June 9, 2022, Grant Taylor <gtaylor at tnetconsulting.net> wrote:
> On 6/9/22 7:19 AM, Blake Hudson wrote:
>
>> We've used DHCP relay/helper across WAN connections for over a decade
>> without issue. Sometimes it doesn't make sense to have a DHCP (or DNS or
>> RADIUS) server on-site.
>>
>> As others have stated, unicast DHCP is no different than any other
>> unicast packet.
>>
>
> I understand all the above.
>
> What I'm not yet sure of is why you would not run such site-to-site
> traffic through a VPN.
>
> It seems to me like DHCP, DNS, RADIUS, etc. would benefit from staying
> within the control of a common administrative entity. As such, it seems
> logical to use a VPN between two distant pockets of said administrative
> entity.
>
> I'm just trying to understand what / why others are thinking and learn
> therefrom.
>
>
>
> --
> Grant. . . .
> unix || die
>
>
--
Bruce Wainer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20220609/85dacd56/attachment.htm>
More information about the Outages-discussion
mailing list