Solved

How to manage DHCP in medium size business

Posted on 2015-02-17
7
200 Views
Last Modified: 2015-03-01
we have nearly 700 plus computers in the network and having manual ip addressing . I am in the process of going with the static to  dynamic . but I have few issues  with the current setup .

what is the best way to assign the ip dynamically
firewall level , core switch  or OS dhcp server . I hope separate DHCP is the best option ?
major issue is out of 700 PCs nearly 500 pcs have internet access with the firewall via access . All the access give with the IP address level . we did not have link with the AD and the firewall . so how can I keep the same ip address for my internet client . one idea is reserve option in the DHCP . but I don't know the best option is going to be the reserve all most all the users in the network

please share your thoughts
0
Comment
Question by:cur
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 9

Assisted Solution

by:nattygreg
nattygreg earned 200 total points
ID: 40615869
use nmap to gather ip addresses and mac address from there figure out your ip address scheme, you will definitely need four dhcp scope cause you need that to address growth. a router will be needed if each subnet need to talk to each other.
0
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 100 total points
ID: 40615896
> firewall level, core switch or OS dhcp server.

for an enterprise environment, better deploy DHCP services on OS servers because this way you may have better control on DHCP options and restrict users in terms of security and scalability.

deploying DHCP services on network devices may work but you need more work once you got needs to integrate OS and the devices. e.g. to to assign IP addresses to authenticated userss only, or applying web proxy settings for given subnets etc.

> I hope separate DHCP is the best option ?

what do you mean by 'separate'?

> we did not have link with the AD and the firewall. so how can I keep the same ip address for my internet client.

do you mean current users already have used IPs which are to be used for DHCP address pool?

> one idea is reserve option in the DHCP . but I don't know the best option is going to be the reserve all most all the users in the network

new addresses can't be changed in a few seconds. you need to work out a plan to deploy the addresses in stage, smoothly.
0
 

Author Comment

by:cur
ID: 40615951
currently we  do not integrated AD firewall . half of the users in the work group . this will rollover very soon . issue is this . we have given the internet access based on the host ip . if I go with the dhcp how am I going to keep the client PC ip static all the time
some time we need to connect work group users connecting to internet . if I go with AD integration . it will make more complex without proper understand
0
 
LVL 9

Assisted Solution

by:nattygreg
nattygreg earned 200 total points
ID: 40615957
DHCP allows static mapping and you can restrict and permit host ips to the internet, never mind if you know the specific time of day when they need to be on the internet you can schedule it via DHCP, its a powerful tool that you'll love.
do some reading on it.
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 200 total points
ID: 40616117
Better you could use Windows domain based DHCP server which can assign IPs to both domain clients and workgroup clients as well
After that allow IP range on firewall as allowed internet access
This will avoid creation of 500 reservations in DHCP
I believe DHCP is there to lease out IPs freely without much intervention and in exceptional case few DHCP reservations to be used

Also check how to setup DNS - DHCP advanced integration, scavenging once you setup domain based DHCP server
Check below articles for more information:
http://blogs.technet.com/b/askpfe/archive/2011/06/03/how-dns-scavenging-and-the-dhcp-lease-duration-relate.aspx
http://blogs.msmvps.com/acefekay/2009/08/20/dhcp-dynamic-dns-updates-scavenging-static-entries-amp-timestamps-and-the-dnsproxyupdate-group/
0
 

Author Comment

by:cur
ID: 40616161
if the clients PC get change the IP time to time . monthly internet bill will generation will have the impact due to ip change
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 200 total points
ID: 40616203
Before setting up DHCP still you are using 500 static addresses for internet access

After you setup, still IP addresses count remains same

I don't see how bill will get impacted

Further more how your firewall is setup?

It should have NATTED internet access so that on internet actually default firewall public IP would be displayed and no matter which machine \ IP combination is connected from intarnet
0

Join & Write a Comment

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now