We help IT Professionals succeed at work.

DHCP superscope

matt023
matt023 asked
on
I need someone to clearly explain what exactly a superscope is.  I know that it's a shared-network, however, it seems confusing to implement. I have 2 subnets within the same physical network (ie: 2 floors separated by a router) with the network ID's of 192.168.10.x/255.255.254.0 and 192.168.12.x/255.255.254.0.  The router between the floors is capable of forwarding DHCP packets as unicast (relay agent NOT forwarding DHCP broadcast - Cisco 3600).  I created a superscope with 2 scopes of the networks mentioned.  The result was that clients had problems obtaining IP addresses.  When I removed the superscope and left the 2 scopes separated, clients had no problem obtaining IP addresses.  Is superscope only effective if the router forwards DHCP broadcast?  Should the scopes be separated (not superscope) if the router forwards DHCP unicast packets directly to the DHCP server?  Any help would be appreciated.
   
Comment
Watch Question

BRONZE EXPERT
Commented:
Matt, some make this an extremely technical issue when it really isn't.

In a nutshell:
===============

An administrative feature included within the Microsoft DHCP Manager tool can be used to create a number of distinct scopes, which are grouped together into a single administrative entity called a superscope. Superscopes are useful for solving several different DHCP service issues.

Using more than one DHCP server on the same subnet provides increased fault tolerance for servicing DHCP clients located on it. With two DHCP servers, if one server is unavailable, the other server can take its place and continue to lease new addresses or renew existing clients.

A common practice when balancing a single network and scope range of addresses between two DHCP servers is to have 80 percent of the addresses distributed by one DHCP server and the remaining 20 percent provided by a second. For more information and an example of this concept, see Configuring scopes.

When started, each DHCP client broadcasts a DHCP discover message (DHCPDISCOVER) to its local subnet to attempt to find a DHCP server. Because DHCP clients use broadcasts during their initial startup, you cannot predict which server will respond to a client's DHCP discover request if more than one DHCP server is active on the same subnet.

For example, if two DHCP servers service the same subnet and its clients, clients can be leased at either server. Actual leases distributed to clients can depend on which server responds first to any given client. Later, the server first selected by the client to obtain its lease might be unavailable when the client attempts to renew.

If renewal fails, the client then delays trying to renew its lease until it enters the rebinding state. In this state, the client broadcasts to the subnet to locate a valid IP configuration and continue without interruption on the network. At this point, a different DHCP server might respond to the client request. If this occurs, the responding server might send a DHCP negative acknowledgement message (DHCPNAK) in reply. This can occur even if the original server that first leased the client is available on the network.

To avoid these problems when using more than one DHCP server on the same subnet, use a new superscope configured similarly at all servers. The superscope should include all valid scopes for the subnet as member scopes. For configuring member scopes at each server, addresses must only be made available at one of the DHCP servers used on the subnet. For all other servers in the subnet, use exclusion ranges for the same scope ranges of addresses when configuring the corresponding scopes.

Deactivate scopes only when removing a scope permanently from service. Once you activate a scope, it should not be deactivated until you are ready to retire the scope and its included range of addresses from use on your network.

Once a scope is deactivated, the DHCP server no longer accepts those scope addresses as valid addresses. This is only useful when the intention is to permanently retire a scope from use. Otherwise, deactivating a scope causes undesired DHCP negative acknowledgement messages (DHCPNAKs) to be sent to clients.

If the intent is only to affect temporary deactivation of scope addresses, editing or modifying exclusion ranges in an active scope achieves the intended result without undesired results.

Use server-side conflict detection on DHCP servers only when it is needed. Conflict detection can be used by either DHCP servers or clients to determine whether an IP address is already in use on the network before leasing or using the address.

For DHCP clients running Windows 2000 and earlier versions, client computers that obtain an IP address use a gratuitous ARP request to perform client-based conflict detection before completing configuration and use of a server offered IP address. If the DHCP client detects a conflict, it will send a DHCP decline message (DHCPDECLINE) to the server.

If your network includes legacy DHCP clients, you can use server-side conflict detection provided by the DHCP Server service under specific circumstances. For example, this feature might be useful during disaster recovery when scopes are deleted and recreated.

By default, the DHCP service does not perform any conflict detection. To enable conflict detection, increase the number of ping attempts that the DHCP service performs for each address before leasing that address to a client. Note that for each additional conflict detection attempt that the DHCP service performs, additional seconds are added to the time needed to negotiate leases for DHCP clients.

Typically, if DHCP server-side conflict detection is used, you should set the number of conflict detection attempts made by the server to use one or two pings at most. This provides the intended benefits of this feature without decreasing DHCP server performance.

Dennis

Commented:
By default, the DHCP server will only assign addresses which match the LAN settings on the adapter the request came in. The superscope allows to have the DHCP server hand out also other adresses on a certain network interface.

These may help:
http://support.microsoft.com/support/kb/articles/Q169/1/40.ASP
http://support.microsoft.com/support/kb/articles/Q197/1/97.ASP
http://support.microsoft.com/support/kb/articles/Q255/9/99.ASP
http://support.microsoft.com/support/kb/articles/Q161/5/71.ASP

Author

Commented:
guys, I've read those articles before.  Thank you for your responses.  However, they don't answer my question.  
With my research, I'd found out the answer on my own.
A superscope is basically used to configured a physical network which has more than 1 IP address group (ie: same network with 192.168.10.0/23 and 192.168.12.0/23).  This applies to none routed network - such as, when the same interface on a router is configure with 2 subnets.  A routed network with DHCP relay routers (ie: MS DHCP relay and CISCO 6500 switch) don't need superscope configured.  Thank you for your comments.  
I'll leave this question posted for a few more days in case that information is incorrect (although, with my testings, it seems to be accurate).
BRONZE EXPERT

Commented:
Matt, your question was multifaceted, leading off with this, "I need someone to clearly explain what exactly a superscope is".

Unfortunately though, your actual issue is one of configuration, as you can use superscopes with your configuration, but you must reconfigure the Cisco router. You spoke of the capabilities of the Cisco router, but made no mention that you didn't understand that it needed to be reconfigured. Actually, if you look at the structure of your question, it leads one to presume that you had done this and it wasn't working and you were searching for a better understanding of superscopes.

Author

Commented:
I apologize if I wasn't being clear.  The Cisco router didn't need to be reconfigured.  It relays DHCP packets and that's what we desire (no broadcast between subnets).  I configured the superscope with the relay enabled router and it didn't work.  I just wanted to know under what circumstances should I configure DHCP scopes as superscope and clear explanation of the purpose behind it -- which I now found out.  Those articles were unclear to me and I had read all of them before.

Author

Commented:
thank you all for your comments.
BRONZE EXPERT

Commented:
I still think a deletion is inappropriate.
BRONZE EXPERT

Commented:
Award the question Matt!
BRONZE EXPERT

Commented:
Matt, I've been awaiting the award on this for 4+ months!
BRONZE EXPERT

Commented:
I object to this deletion. I have provided more than sufficient and complete information for proper resolution.

Dennis

Commented:
I also don't think that a deletion is appropriate. The huge comment posted by dew_associates alone is worth being a PAQ, and it does answer the original question asked (even if the asker actually did not ask what he really wanted to know).

Commented:
Hi,

I have emailed the author of this question and not received a response, as such I will now award the
points in his/her absence. I will bow to the technical knowledge of the experts, suggestions?

Ian
CS@EE

Commented:
I think the text posted by dew_associates was on topic and did cover the question asked (even if the asker actually meant something else). My comment may also have been helpful, but it's way less thorough than dew_associates.
BRONZE EXPERT

Commented:
Thanks AW!

Commented:
Ok great, this has been done.

Ian
cs@experts-exchange.com

Explore More ContentExplore courses, solutions, and other research materials related to this topic.