[NTLUG:Discuss] DHCP

[Leroy Tennison]

David I S Mandala wrote:

> Terry,
>
> That is an accurate statement no matter what type of computers/devices 
> are attached to the network. Things will get very confused and not 
> work, especially if you have network switches (which most people have) 
> vs hubs.
>
> That said, there is no reason to ever issue "static" static IP's to 
> any device on the network, with the exception of the DHCP server 
> itself. Use the DHCP server to hand out IP addresses that remain 
> static to a machine based upon the machines MAC address. Yes if you 
> switch a machines Ethernet card you will need to update the DHCP 
> config file but if all addresses are handed out via DHCP it's easy to 
> expand or switch your network by configuring a single machine (the 
> DHCP server).
>
> This is also very handy since Windows PC default to DHCP out of the 
> box. All you need to grab is the MAC address and you can configure the 
> DHCP server. Then once the PC is plugged into the network it will get 
> a "static" IP via DHCP. You don't need to make any changes on the 
> Windows PC.
>
> You can cheat if you like, have a small pool of IP address's available 
> and you can look in the log and when you plug in a new machine it will 
> get an address from the pool, you can then see it's MAC address and 
> assign that MAC a permanent IP address and the next time on the 
> network it will get that address from then on.
>
> There are other tricks you can do like put a log parser on the DHCP 
> log and have it notify you via email anytime a new device pops onto 
> the network. That way if someone has attached a device to the network 
> you will know about it.
>
> Cheers,
>
> David
>
> Terry wrote:
>
>> Is this an accurate statement (pertaining to a Linux DHCP server
>> presiding over [mostly] MS PCs)?
>>  
>> "Having a system with a static IP assignment that is inside the range
>> of IPaddress' used by a DHC P server is not acceptable.  Reason being:
>>  If a new computer comes on-line, it may be issued that particular
>> IPaddress, and if so, there will be a problem.  This may never happen
>> on a small network. If there are only a handful of computers on the
>> network (half a dozen or so), you may never run into this sort of
>> problem.  BUT, if and when the network grows and gets to be fifty or a
>>  hundred strong, sooner or later, this problem will rear it's ugly
>> head.  A computer will come on-line and be issued an IP address that
>> has been set as a static address to another computer, .. . and then,
>> later on, that other computer with the static IP address will come
>> on-line, and at that point they will both compete for access that only
>> one can have. During the competition neither of them will get any
>> access and only when one gives up will the other gain any bandwidth or
>> access to any outside networks. Fixed IPs should _only_ be assigned to
>> IP address that are outside the range used by the DHCP server."
>>
>> _______________________________________________
>> https://ntlug.org/mailman/listinfo/discuss
>
>
All of the agreement/warnings are good.  If the source of this comment 
implies it is a uniquely Linux problem then I'm going to suspect that 
the source of the information is M$.  The issue here is the architecture 
of the technology, not anyone's implementation of it.  That's not to say 
that there may not be poor implementations but that's not the issue 
here.  Programming at the datalink and network layer needs to be fast 
and efficient for performance reasons.  Adding a lot of sophisticated 
intelligence there is a luxary because of the overhead it would bring. 
 Having two devices with the same IP address is going to produce 
confusion at the network layer with possibly unpredictable but 
definitely undesirable results (think about this one which actually 
happened at a company where I worked - a temporary employee came in and 
configured their machine's IP address to be the same as that of the 
gateway).  Not only do you want to avoid dynamic and static addresses in 
the same range, there are other good practices to follow.  You really 
want only one dynamic range in a subnet.  The reason is that 
fragmentation (more that one range per subnet) adds to the amount of 
configuration which must be done as well as the amount managed by the 
server.  This adds overhead and is important on heavily loaded servewrs. 
 The second is that you really should have a good reason for a static 
address.  Typically these should only go to well known resources 
(servers or services) where the address should be persistent by it's 
very nature.  You also want network-wide standards to increase 
predictability (don't have the subnet gateway at different addresses on 
different networks).  Don't 'reserve' a static range for a specific 
purpose in the middle of a subnet (have seen this less-than-astute 
decision made in commercial environments).  Always, ALWAYS use the 
card-type/MAC address as the unique identifying field for DHCP (read the 
RFC).  I worked at a fairly large company where a 'brilliant' (obviously 
MS-influenced) soul decided that the unique identifying field for any 
device would be it's NetBIOS name because that was a much more 
'friendly' name than the MAC address!  Those who have worked with any 
locally-administered, name-based network scheme are shuddering because 
they know what happened.