How to manage DHCP in medium size business

Posted on 2015-02-17
Last Modified: 2015-03-01
we have nearly 700 plus computers in the network and having manual ip addressing . I am in the process of going with the static to  dynamic . but I have few issues  with the current setup .

what is the best way to assign the ip dynamically
firewall level , core switch  or OS dhcp server . I hope separate DHCP is the best option ?
major issue is out of 700 PCs nearly 500 pcs have internet access with the firewall via access . All the access give with the IP address level . we did not have link with the AD and the firewall . so how can I keep the same ip address for my internet client . one idea is reserve option in the DHCP . but I don't know the best option is going to be the reserve all most all the users in the network

please share your thoughts
Question by:cur
  • 2
  • 2
  • 2
  • +1
LVL 11

Assisted Solution

by:Natty Greg
Natty Greg earned 200 total points
ID: 40615869
use nmap to gather ip addresses and mac address from there figure out your ip address scheme, you will definitely need four dhcp scope cause you need that to address growth. a router will be needed if each subnet need to talk to each other.
LVL 37

Assisted Solution

bbao earned 100 total points
ID: 40615896
> firewall level, core switch or OS dhcp server.

for an enterprise environment, better deploy DHCP services on OS servers because this way you may have better control on DHCP options and restrict users in terms of security and scalability.

deploying DHCP services on network devices may work but you need more work once you got needs to integrate OS and the devices. e.g. to to assign IP addresses to authenticated userss only, or applying web proxy settings for given subnets etc.

> I hope separate DHCP is the best option ?

what do you mean by 'separate'?

> we did not have link with the AD and the firewall. so how can I keep the same ip address for my internet client.

do you mean current users already have used IPs which are to be used for DHCP address pool?

> one idea is reserve option in the DHCP . but I don't know the best option is going to be the reserve all most all the users in the network

new addresses can't be changed in a few seconds. you need to work out a plan to deploy the addresses in stage, smoothly.

Author Comment

ID: 40615951
currently we  do not integrated AD firewall . half of the users in the work group . this will rollover very soon . issue is this . we have given the internet access based on the host ip . if I go with the dhcp how am I going to keep the client PC ip static all the time
some time we need to connect work group users connecting to internet . if I go with AD integration . it will make more complex without proper understand
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

LVL 11

Assisted Solution

by:Natty Greg
Natty Greg earned 200 total points
ID: 40615957
DHCP allows static mapping and you can restrict and permit host ips to the internet, never mind if you know the specific time of day when they need to be on the internet you can schedule it via DHCP, its a powerful tool that you'll love.
do some reading on it.
LVL 36

Assisted Solution

Mahesh earned 200 total points
ID: 40616117
Better you could use Windows domain based DHCP server which can assign IPs to both domain clients and workgroup clients as well
After that allow IP range on firewall as allowed internet access
This will avoid creation of 500 reservations in DHCP
I believe DHCP is there to lease out IPs freely without much intervention and in exceptional case few DHCP reservations to be used

Also check how to setup DNS - DHCP advanced integration, scavenging once you setup domain based DHCP server
Check below articles for more information:

Author Comment

ID: 40616161
if the clients PC get change the IP time to time . monthly internet bill will generation will have the impact due to ip change
LVL 36

Accepted Solution

Mahesh earned 200 total points
ID: 40616203
Before setting up DHCP still you are using 500 static addresses for internet access

After you setup, still IP addresses count remains same

I don't see how bill will get impacted

Further more how your firewall is setup?

It should have NATTED internet access so that on internet actually default firewall public IP would be displayed and no matter which machine \ IP combination is connected from intarnet

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

792 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question