RE: DHCP Scope split
- From: Fahad <Fahad@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 30 Oct 2007 05:01:01 -0700
Thanks for your cooperation...
then what is the best scenario to achieve full redundancy on our DHCP servers?
shall we use clustering or splitting?
"Newell White" wrote:
This is not well explained in any book and I have only just found out myself.
because I had to!
DHCP server (in Win2k3) sees the world as consisting of 2 types of clients
and 3 types of IP address:
Clients are:
Reserved clients, recognised by MAC number, who must always be given a lease
on their reserved IP whenever they request.
First-come-first-served clients who are given any frre IP from the Pool when
they request - if no Pool IP is free the request is ignored.
Addresses are:
Out-of-scope, the DHCP server is not allowed to assign these.
Pool addresses, all those within the scope but not excluded. Any free pool
address can be given to a requesting client.
Excluded addresses (within scope). These can only be given to a client which
has a reservation on the address which is registered with the DHCP server.
Within these rules you have complete freedom to design your address structure.
Best practice 1: No DHCP server shall have a pool address in the pool range
of another server. This avoids IP conflict.
Best practice 2: No client MAC shall have different IPs reserved for it on
different DHCP servers. This avoids waste of IP addresses and meets our
intuitive understanding of a 'Reservation'.
So in the structure you outline you don't strictly need any pool addresses.
You could exclude the entire scope and distribute all used IPs as
reservations defined on all DHCP servers.
Now only clients with MAC address defined by you can access the LAN.
This is very secure.
But in practice, I would leave a small pool of first-come-first-served
addresses for important visitors. In my experience telling the CEO he can't
plug his laptop in because you designed the system to thwart him can be bad
for career prospects.
--
Regards,
Newell White
"Fahad" wrote:
thanks Newell
here is the full picture about our scenario....
Dear All
we have 2 DHCP 2003 servers & we are planning to use 80/20 method to
distribute the IP addresses on the clients. in the same time we need to use
the reservation for all assigned IPs to the clients (i.e. all clients on the
network will have static IP not dynamic).
the scopes as follow:
172.96.90.1 - 172.96.90.30 mask /27 exclusion: 172.96.90.28 -
172.96.90.31
172.96.90.33 - 172.96.90.62 mask /27 exclusion: 172.96.90.60 -
172.96.90.63
172.96.90.65 - 172.96.90.94 mask /27 exclusion: 172.96.90.92 -
172.96.90.95
172.96.91.1 - 172.96.91.30 mask /27 exclusion: 172.96.91.28 -
172.96.91.31
172.96.91.33 - 172.96.91.62 mask /27 exclusion: 172.96.91.60 -
172.96.91.63
:
:
etc
each VLAN consist of 30 IP address available for clients (by reserve the
required IP for the new client). we need to block the remaining IP addresses
in each VLAN after the initail assignment (i.e. if the VLAN have 10 clients,
we'll reserve 10 IP to those clients and create a new exclusion range to
block unassigned IPs from this range. if anew client come, we will change the
exclusion range and add new reservation for this client).
we want to achieve high availability by using 80/20 method. my questions are:
1- how can I make the split method and the reservation works together (since
we don't have dynamic assignment)?
2- how this scenario achieve high availability (if primary server down,
backup server should cover all clients served by server1)?
3- most of our VLANs have clients more than 80% of the full range, how can
backup server serve the clients served by primary server in case the primary
down?
"Newell White" wrote:
Before I answer your question, two of mine:
If you have less than 120 LAN clients why do you plan to use 80/20 instead
of the intuitively obvious 50/50?
And if you have more, how does 80/20 help?
But this is almost irrelevant if you are going to use reservations.
Because a Win2k3 DHCP server can assign a reserved lease whose IP address is
in a part of the scope excluded from that DHCP server address pool.
So on our network the reservations are defined on both DHCP servers with the
same IP addresses; in the DHCP pool of the PDC emulator, but out of the pool
of our second DC.
But when clients request extension of their lease, either DC can grant it.
Since the lease is renewed half-way through, this can result in both DHCP
servers marking the lease as active and imagining they are managing it.
But since that IP address can never be granted to another client this is not
a problem.
Assuming this works if the reservation is out of the pool of both DHCP
servers, perhaps the best design for you is 20% spare address pool on each
servers, and 60% for identical reservations on both servers.
--
Regards,
Newell White
"Fahad" wrote:
Hi
I'm planning to use 80/20 method to distribute our IP addresses on the
clients. in the same time I need to use the reservation for all assigned IPs
to the clients (i.e. all client on the network will have static IP not
dynamic).
does the reservation work properly with 80/20 method? if you, how to
configure the scopes ranges and the reservation?
thanks in advanced.
- Follow-Ups:
- RE: DHCP Scope split
- From: Newell White
- RE: DHCP Scope split
- References:
- RE: DHCP Scope split
- From: Fahad
- RE: DHCP Scope split
- From: Newell White
- RE: DHCP Scope split
- Prev by Date: RE: DHCP Scope split
- Next by Date: RE: DHCP Scope split
- Previous by thread: RE: DHCP Scope split
- Next by thread: RE: DHCP Scope split
- Index(es):
Relevant Pages
|
Loading
