Wifi DHCP

I have recently started work for a new company. A few days ago, all the available IP addresses to Wifi clients ran out. I deleted all the leases so that people could connect again. A few days later it happened again. When I checked, I noticed something odd. There are two DHCP Scopes on two floors for Wifi clients but there were several phones, laptops and tablets that were listed with IP addresses in BOTH scopes. . My theory is when some Wifi clients get an IP on one floor, that IP is not released when the device moves to another floor or area of the building and gets a different IP address. Am I correct? Is this possible? How can it be rectified?
DonKwizoteAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Tyler BrooksNetwork and Security ConsultantCommented:
Why is it configured with a scope for each floor? are they on the same subnet?
0
JohnBusiness Consultant (Owner)Commented:
It would appear the Wi-Fi units are hooked up with DHCP enabled in addition to your own DHCP server. Is this true?

You might consider setting the Wi-Fi units up as part of your network and disabling DHCP on the Wi-Fi units.
0
Tyler BrooksNetwork and Security ConsultantCommented:
Ultimately the simplest thing to do if you are able to would be to use one scope for both floors, if for some reason you absolutely must use two scopes you could try setting the lease time quite short (24 hours or less) to attempt to alleviate this issue.
0
Top Threats of Q1 & How to Defend Against Them

WEBINAR: Join WatchGuard CTO and our Threat Research Team on Aug. 2nd to hear the findings from our Q1 Internet Security Report! Learn more about the top threats detected in the first quarter and how you can defend your business against them!

Thomas GrassiSystems AdministratorCommented:
Are the DHCP scopes only for WiFi devices?

As Tyler said above are they on the same subnet?

What subnet mask you have?

Expand the address range

10.1.10.0/22   will give you 1022 hosts
0
TemodyPickalbatros, IT ManagerCommented:
1-On the WIFI AP make sure WDS is enabled
2-change DHCP Lase time
0
rindiCommented:
I would reduce the lease time, so that when an IP hasn't been used for some time that IP can be used again.
0
Fred MarshallPrincipalCommented:
If the issue is truly that the same device has more than one lease then a reasonable solution is to use shorter lease times as others have suggested.  But, in addition, you might choose lease times much shorter.  There is virtually no penalty for doing so.

For example: If a person with a cell phone moves from one floor to the other fairly frequently then I presume that phone will have a lease on each access point.  So, the phone uses up two addresses.
Because this *is* going to happen when the person first moves, there *will be* two addresses.  So the objective is to make the added addresses go away as soon as possible.  That's where the shorter lease time comes in.  You could set the lease times to be 1 hour and they will refresh from the client side every 30 minutes if connected.  At the end of the lease time, the DHCP server will drop the lease.

In the event that *ALL* mobile device users move frequently from one floor to the other then shorter lease times theoretically won't help.  What we're trying to achieve here is reducing the number of double leases per device and will accept some smaller number of those situations.

Presumably you've already determined that you don't really need more addresses but I wonder.....
It's a little hard to imagine that so many mobile devices are moving all that much unless the offices are all on one floor and the lunch room is on the other floor .. something like that so that virtually everyone with a cell phone moves from floor to floor.  It rather sounds like the number of addresses actually *is* marginal.  So, on to the next topic:

It's at least "unusual" to have multiple DHCP servers on the same network.  
If the networks were different then we'd not be having this conversation, eh?
And, it's certainly possible to buy wireless access points that provide DHCP service.  Presumably, that's what you have and the DHCP service only applies to wireless clients on each one.
A way around this is to do 2 things:
1) have a single DHCP server running on the network that any device can use.  I believe you can't rely on an access point with DHCP to do this as many of them are "wireless client only".  But, a commodity router set up as an access point would do it.
2) turn off the DHCP servers on the access points.  (the DHCP requests should pass through to the network in this case and hit the single DHCP server that's set up.
An effect of doing this will be that non-mobile devices can get IP addresses via DHCP.  Whether that's an issue, whether that's already happening, etc. is something you have to understand and decide is OK.
With these changes you should no longer have double leases.  If that's enough address space then you will be good to go.
I would still shorten the lease time to something like 4 hours so that people coming in and going out of the facility with cell phones won't "take leases with them" so to speak (the DHCP server's latency of lease times remains).  That's the other reason there will be too many leases.
0
vivigattCommented:
Leases can be released only when the dhcp client leaves the network in a clean way, i.e. when it is disconnected by the OS: reboot, shutdown of the tcp/ip stack or of the OS etc.
And even not always.
For instance, Windows client used not to release their dhcp lease by default:
https://msdn.microsoft.com/en-us/library/cc227278.aspx
https://technet.microsoft.com/en-us/library/cc977398.aspx
Not too sure what the behavior is nowadays, but a simple packet capture filtered on BOOTP/DHCP ports can give the answer

So what you may want to do, as many experts said earlier, is to shorten the DHCP default lease time. Make it 1Hour, it is more than enough. DHCP clients will ask to renew the lease when it half expired, so every 30 minutes. The overhead in term of network traffic is insignificant.  

You could also expend your scopes and/or gather your two scopes in a single scope
0
DonKwizoteAuthor Commented:
Thanks Everyone for your responses. I am working my way through them. Perhaps I am mistaken but I thought if a mobile device got an IP address and then moved out of range, shouldn't that IP be freed up for someone else? I know the lease time makes a big difference to how long an IP stays with a device. I ask because I am seeing situations where people leave the company to go home and IP's that were assigned to them during working hours are still showing as assigned to their device but these IP's can't be pinged.
0
Thomas GrassiSystems AdministratorCommented:
The ip address remains assign to the device even if it goes off line.

It will release back into the pool after the lease time expires
0
JohnBusiness Consultant (Owner)Commented:
My iPhones like to take and keep lower IP addresses. I have not figured out why, but what as you reduce lease times to see if phones drop their IP when taken out of range.
0
Fred MarshallPrincipalCommented:
It appears there's a bit of confusion regarding what the lease does:

The lease doesn't determine "how long an IP stays with a device".
It determines "how long an IP is reserved for a device" no matter whether it's being actively used or not at any moment.
Because of lease renewal by the devices, a lease is generally renewed when it's half up.  This way, a device keeps an IP address "forever" as long as it's there running and renewing the lease. (Neglecting any drastic events such as all the leases being terminated).
The lease remains (assigning an IP to a device) until the lease expires.

So, if a device moves out of range or is shut off, the lease remains intact.  But, it won't be renewed (by the device).  So it will expire in due time on the DHCP server.

This is why you're seeing the behavior when someone leaves to go home.
Another behavior you'd see would be if one of those people who went home (and let's say got a new IP address at home or at the coffee shop) and then came back into the office before their device's lease expired on the DHCP server, their device would get the same IP address it had before because the lease is still active on the server.
This is really much as you'd expected with the difference being that there's a time delay leading up to certain events.
When the device goes away, the IP address *is* released.  It just takes some time for that to happen .. the lease time.
In a large population of devices, the average time to release an IP address might be:
- with no movement of devices at all .. the addresses won't be released at all because the leases are being renewed by the devices.
- with 100% of the population leaving at the same time and forever, the average release time will be 3/4 the server lease time setting.  This assumes that no lease is shorter than 1/2 the lease time or it would have been renewed and the population of lease times is uniformly distributed between that 1/2 to a full lease time.  Thus, 3/4 is the average.  This is also the "expected value" (estimate) of time-to-release for any single device leaving.
So, if the set lease time is 4 hours, we expect the lease to expire in 3 hours +/- 1 hour.

And, this is why short lease times will free those IP addresses up sooner.  The effect of releasing them sooner is there are statistically more addresses available at any point in time if there's a transient population of devices.
Then, in the case of moving out and moving back in above, the server lease might expire while the person is out of the office IF the lease time is short enough.  In that case, they would get a *new* lease and likely a new IP address.  If there were but a single IP address left in the DCHP pool when they left, there would potentially be 2 IP addresses in the pool when their lease expires on the server.    So, "more" IP addresses are statistically available.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DonKwizoteAuthor Commented:
Thanks!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
DHCP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.