DHCP and client addresses

We have a DHCP server. The clients are configured to receive IP addresses when the boot up. Normally, this would not be a problem. Except that we also have a security device permits/denies a client based on the IP address.

For example, Computer A initially received address of x.x.x.30. The security device has a setting that tells it that x.x.x.30 has full access.

Computer A shuts down for the night to go home.

Now the DHCP server gets rebooted (maintenance work, changing the battery backup, etc).

Next day, when Computer A boots up, I would expect it to get x.x.x.30. Instead it gets x.x.x.40. The security device has a setting that tells it x.x.x.30 has full access, but x.x.x.40 has limited or no access.

So Computer A tries to gain access to the secured site, but is denied because it has obtained a different IP address.

2-Part question:

Why would the DHCP server assign a new address if the all Computer A did was shut down
and the server was rebooted AFTER Computer was down?

Also, aside from assigning reservations on the DHCP server (which I would prefer not to do), is there a method to insure that the client was ALWAYS receive the same IP address EACH AND EVERY SINGLE TIME?

Additional question:

I also have several devices that are assigned static addresses. If my range to give out is x.x.x.15 to x.x.x.100 AND some of these devices fall into that category, do I have to, repeat, have to exclude these addresses on the DHCP server?

Hoping to hear from you.
mperez1216Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
chumpletConnect With a Mentor Commented:
Your DHCP server *should* hold that lease for the allotted period of time (say 7 days), then the client and server will attempt to renew that lease approximately halfway through -- after 3.5 days.  That process *should* continue over and over as long as the client and server are talking to each other.  Reboots on either side, as far as I understand, should not affect this.  Anything else in this config that you can tell us?

As for "keeping" an address for a specific client, you have 3 options: 1) set the DHCP lease to infinite, 2) set an IP address 'reservation' in DHCP, or 3) staticly assign that IP address to that client.

Lastly, if the DHCP server has a range of addresses from .15 - .100 and you have clients staticly assigned at any of those addresses in that range, then you have potential for IP address conflicts.  Either exclude those addresses individually, exclude a range of addresses that includes all of those, or change the range of IPs that DHCP gives out to *not* include those.

Hope that helps out... :)

Chumplet
0
 
Chris DentPowerShell DeveloperCommented:

The Lease time determines how long a client can keep an address for. Try increasing the Lease time, or perhaps setting it to Infinite. That should stop the DHCP giving out addresses to different clients.

You might find it is better to set up an excluded range that you can put all these devices into though?
0
 
mperez1216Author Commented:
What affect does setting the lease to infinite have when the client shuts down for the night? Will it cause an IP conflict when he boots up the next day? In other words, will he cause a conflict with himself? I've seen this happen.

As far as the exclusing range, I have several devices. I try to keep them in a general area, but one area may have 10 spots in the 100-115 range, whereas other devices may have only 2 or 3 spots in the 30-40 range, with a several client stations in the same range.

How would I resolve that?
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
Chris DentPowerShell DeveloperCommented:

What Chumplet said ;)
0
 
mperez1216Author Commented:
A. I do know that the address lease is set to, I believe, 12 Hours.
B. Any static address is assigned to a device that is not a client pc (printers, routers, etc).
0
 
JonShCommented:
I'll agree with Chumplet with one change.... just make the address static and be done with it.

On some DHCP servers, you can reserve specific IP addresses for specific MAC addresses (I think Chumplet might have been referring to this in item #2?)....but why bother? :)

Jon
0
 
mperez1216Author Commented:
Recommended Actions:

1. Change lease period from current to infinite.
2. Add any exclusions, either by specific IP or by range.
3. Because the lease is infinite, I should not need to make any reservation on an IP.

Let me know if #3 is correct.
0
 
Chris DentPowerShell DeveloperCommented:

With a 12 hour lease time if you leave a machine off overnight the lease expires and the address is available for any other device on the network - so the firewall rules will be out of date.

Are the static addresses in an exclusion range on your DHCP Server?
0
 
Chris DentPowerShell DeveloperCommented:

oops... too slow.

3 is correct - but in the case of assiging firewall rules it might be sensible to make it reserved.
0
 
mperez1216Author Commented:
I went to the DHCP server and under the 'Scope' properties, I did not see an 'infinite' option, but I do see an 'unlimited' option. I was incorrect in the time frame, though. The person who configured the box informed me it was 12 hours, but the time frame is actually 8 hours.

If this is the correct setting, I can at least get that portion going.

0
 
mperez1216Author Commented:
Sorry, missed a sentence. Yes, some of the statics ip's are in the exclusion range, where others are not.
0
 
Chris DentPowerShell DeveloperCommented:

Yep Unlimited is the correct option.

If it isn't possible to move the remainder of the static IPs into the Exclusion then it would be a good idea to reserve them individually to avoid potential conflicts.
0
 
mperez1216Author Commented:
Reserve them or enter them as an individual exclusion?
0
 
Chris DentPowerShell DeveloperCommented:

Either will work, but since they are static Exclude would be more accurate.
0
 
chumpletCommented:
Agreed.... 'exclude' is a better option.  

In my opinion (and it's only an opinion), reservations are a royal pain-in-the-rear.  Either allow DHCP to dole out addresses *OR* staticly assign them on the box.
0
 
mperez1216Author Commented:
Exclusion. That's what I thought. Exclusion it is.

On a side note, are there any "pitfalls" regarding unlimited lease that I should be aware of?
0
 
Chris DentPowerShell DeveloperCommented:
I agree, never been found of Reservations, you're either assigning it statically or you're not right?

Of course there are exceptions, generally ISPs, where Dynamically Assigned Static IPs are appropriate.
0
 
Chris DentPowerShell DeveloperCommented:

Only that it never releases address, so if find you've run out that'll be while.

Running out would only really happen though if you have a high turnover of network devices (or just an almost full scope).
0
 
mperez1216Author Commented:
Kudos to all.

Thanks.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.