Solved

how to get DHCP wireless to use the correct scope

Posted on 2014-09-30
12
376 Views
Last Modified: 2014-10-01
I would like all of my wireless users to user a separate scope.. What is the best way to do this?

I have a simple site with one DHCP server and a flat network...

Right now both my wired and wireless devices use the same group of addresses..
0
Comment
Question by:sullend
  • 5
  • 3
  • 2
  • +2
12 Comments
 
LVL 25

Expert Comment

by:Fred Marshall
ID: 40353897
You can reserve IP addresses for all of one or the other that's not in the normal DHCP scope.  By MAC address.

You can get an access point that provides DHCP service and have it pass out addresses in a separate range.

What I can't guarantee is that having two DHCP servers in the latter case won't have them "race" to provide leases and foul up the objective.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 40354407
A simple way is to have another subnet for your wireless nodes:
The wireless AP will be on its own subnet , wireless nodes on the same subnet, and packets will be routed by the Wireless access point to the wired network.

Example:

Wired-192.168.1.x <===> wireless router: WAN:192.168.1.2 - LAN: 192.168.2.1 <==> Wireless Nodes: 192.168.2.x

You can then have a dhcp running on the wired network and another dhcp on the wireless router.
You may also have a single dhcp on the wired network, provided that the wireless router can be configured to dhcp-relay to the wired DHCP server the dhcpdiscover packets it receives on the wireless network.

You usually cannot have 2 dhcp servers on the same subnet (unless they are configured to collaborate)
0
 
LVL 24

Expert Comment

by:lionelmm
ID: 40354426
There is no way I know of the have one DHCP server and have it respond to DHCP request with a different set of IP addresses based on whether the request comes from a wired source and then a different set of IP addresses if from a wireless device. Unless you know the MAC addresses ahead of time (which kinda defeats the purpose of DHCP) you can reserve IP addresses (may as well make them static then). I do have a separate router for my wireess devices but these are on a different sunbnet but that makes it more difficult to share the resources on my main subnet (difficult but not impossible). What is your end goal--maybe knowing that will help us give you some other ideas?
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40354572
I will make vivigatt comment more simple or clear it out:

Basically, a wireless router can server wired and non wired IP request and of course it will provide a flat network.

Now, you have a flat network already but you want to keep them together but apart from each other like having to people in the same room but not next to each other.

How to achieve this?... Simple (Lets put this out of a domain and keep the DHCP on the router.)

Router 1

This will be your regular router and regular settings (Dynamic IP):

IP: Automatic from ISP
Gateway: Automatic from ISP
DNS: Automatic from ISP
DHCP: ON
Device IP:  192.168.1.1
Mask:        255.255.255.0
DHCP Range:    192.168.1.20 - 254
Wireless: OFF (if any)

Note: IPs from 1 to 20 will be left out for devices within this network.  you should leave as many as you need.


Router 2 (Wireless nodes)

This devices should be attached to the network with the cable plugged in the INTERNET plug and have a configuration similar to this (static IP)

IP:        192.168.1.2
Mask:  255.255.255.0
Gateway: 192.168.1.1
DNS:   192.168.1.1
DHCP: ON
Device IP:  192.168.6.1
Mask:        255.255.255.0
DHCP Range:    192.168.6.6 - 254

Note: I left only 4 IPs out of the range so I can add up to 4 more routers using the LAN ports so one can increase wireless/wired access of this node by having routers using IPs 192.168.2.1 -192.168.5.1 as their main IP

This setting is very easy and fast to implement, of course you can implement a solution according to your needs using this concept and as a concept is not a rule.  This will give users regular internet access but your wired devices will be somewhat out of reach as they are in another network.

Oh I forgot to mention!!! you can give separate SSID (name) and password to each wireless node if you need to or you can give the same and password to all of them in case of a large organization.  This give the user the possibility to move around the company and connect to any access point without being worried about getting of the network.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 40354615
The config proposed by hecgomrec should work perfectly.

You can even configure the Wireless gateway as a real router and not as a NAT (network address translator) so that the wireless nodes can be reached from the wired network. You may just have to enter a static route on the wired router so that packets aimed at 192.168.6.x (in your example) will be sent to 192.168.1.2 (the "WAN port" of the Wireless router") that will route them to the wired nodes. This will make it easier to share resources between the wired and wireless nodes (otherwise, there is a NAT in between and it will interfere).
Now if you do not want to have a full connectivity between wired and wireless nodes, a NAT wireless router is a way to somewhat segregate  wired and wireless nodes, yet all the wireless nodes should be able to "reach" any node in the 192.168.1.x subnet...
0
 

Author Comment

by:sullend
ID: 40355189
Some really good ideas but so far the best one is MAC address based DHCP reservations(for my situation).  I want all of my wireless devices to have a separate set of IP addresses for web filtering purposes.. If  not I will have to assign static addresses to my wired devices and only use DHCP for the wireless devices.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 11

Accepted Solution

by:
hecgomrec earned 500 total points
ID: 40355234
I don't know what is your "special" web filtering but if the wireless device IP is included on the filter it should transfer the settings regardless the IP the user gets.

Anyways, you can still change your IP range on each Wireless device, using the guide I gave you earlier, to fit your needs.

Meaning:  Keep using your actual scope 192.168.1.0/23 and leave a range for your wireless devices on the wireless router:

Router 1 (wired)

IP range:192.168.1.21 - 180

Router 2 (wireless group 1)  

Router IP :192.168.1.2
IP range: 192.168.1.181 - 200

Router 3 (wireless group 2)  

Router IP :192.168.1.3
IP range: 192.168.1.201 - 230

Remember you can have as many DHCP servers on LAN as long their scope range doesn't overlap to each other.

If you still want to go your way (MAC address) is fine just think about how often users can change their wireless devices.  Unless these are provided by the company!!!!
0
 
LVL 24

Expert Comment

by:lionelmm
ID: 40355243
Are you saying you want a solution using only one router and only one DHCP?
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 40355376
"Remember you can have as many DHCP servers on LAN as long their scope range doesn't overlap to each other."
That's usually true but you cannot predict which dhcp server will answer a particular client on the subnet.
DHCP clients send DHCPDISCOVER packets to the broadcast address (255.255.255.255/ff:ff:ff:ff:ff:ff).
Each DHCP server on the subnet will receive the dhcpdiscover packets and will answer them.
The dhcp client will then use the dhcp server that first answered... And you just can't predict which one it will be.
Believe me, I have used such configurations a lot of times.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 40355651
Be careful. As I said, you accepted a solution that will NOT allow you to be certain that each dhcp client will get an IP address in a certain scope.
But do your tests by yourself, you'll see...
0
 
LVL 11

Expert Comment

by:hecgomrec
ID: 40355695
If the device is moving within different wireless nodes with the same ip scope (192.168.1.0/23) of course the device will get a new ip once the TTL expired and the closest DHCP will provide it.

My scenario was a general idea how it can work. You don't have to follow my scenario. You can still have a mix an match according to your needs. One router giving IP to wired devices (20-150) and another router serving just wireless devices (151-254) the closest DHCP will be always the same for the wireless devices as their access point is the same. At least in this example.  The only way for the wireless to take an IP range from the wired router will be to attach the cable from router 1 into one of the LAN ports instead of the WAN/internet port.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 40355745
Well, I must that that I disagree
That does not work like this...
If you have a "fast DHCP server", maybe a server-class PC with a server class OS, it will usually answer faster than any embedded DHCP server, especially the ones in the low-end routers.
I have implemented the very configuration you mention, in several sites, and I can tell you that the results are usually that the faster DHCP server answers to 80% of the clients.
But not always. Nothing can be 100% certain...
If the user wants a solution that will work 100% of the time, split-scopes will not work...
From my 15 years of experience with DHCP servers, I would say that the distance between clients and a particular dhcp server is less important than the speed of the various dhcp servers.
Furthermore, your DHCP clients get at least 2 DHCP offers and some implementations are not very happy with that.
Another drawback is with clients that reboot "wildly" or that do not release their DHCP lease when they stop/restart and that then get a DHCP lease from the other server : the previous DHCP lease will still be considered active by the previous dhcp server and the associated address will not be available until the lease expired.

I use split-scopes for only one reason: a very trivial dhcp redundancy. This way, if one dhcp server fails, I am reasonably certain that there still will be an active dhcp server working on the network.  

Once again, if there is a need to be 100% certain that a wireless clients will get their addresses in a certain scope, using several dhcp servers with split-scopes is not a good solution.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video discusses moving either the default database or any database to a new volume.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now