Community discussions

MUM Europe 2020
 
User avatar
horse1bun
just joined
Topic Author
Posts: 13
Joined: Wed Jul 29, 2015 1:05 am

How to prevent DHCP server from issuing an IP?

Thu Sep 21, 2017 2:53 am

I am trying to keep the DHCP Server from issuing an IP that is already in use, but was not issued by the server.

Background:

I have a DHCP server setup to issue IP addresses from a pool.

Example: 10.81.0.1/24

I have some field techs who think they are real wise guys setting things with a static IP, the same one the DHCP issued them originally. I mistakenly thought that the DHCP server knew what IPs were on the ARP list and, thus, didn't issue any IP conflicts automatically.

I can see that is NOT the case. After they set a device static to an IP of 10.81.0.184, the DHCP server issued that same IP to another device. I can see that the DHCP server only knows which addresses it has issued, and are added to the IP Pool Used Addresses at the time it is issued by the DHCP Server. A device set static occupying that IP pool won't appear on this list.

Additionally, there is no option to add an IP to the list of used addresses. Because there is a few addresses used statically, I would like to know a way to reserve those IPs or remove them from the available pool, without revising my IP pools. Otherwise an IP conflict keeps happening.

I want to go around and set these devices to DHCP, but in the meantime, how I keep the conflicts from happening?

Does anyone know a way to accomplish this?
 
User avatar
jspool
Member
Member
Posts: 399
Joined: Sun Oct 04, 2009 4:06 am
Location: Oregon

Re: How to prevent DHCP server from issuing an IP?

Thu Sep 21, 2017 7:15 am

Cant you do an IP scan in your address range and compare to your DHCP leases?
Then you could either modify the pools around the used IP's or you could set the static IP's with static leases. Even if they never use DHCP the router will be reserve those IP's and not assign them.

I know many WISP's utilize software / API's that will set a static lease for the customers router MAC and if the use DHCP or are set to static it will work perfectly fine since its reserved in the static DHCP list.
 
User avatar
horse1bun
just joined
Topic Author
Posts: 13
Joined: Wed Jul 29, 2015 1:05 am

Re: How to prevent DHCP server from issuing an IP?

Thu Sep 21, 2017 9:36 am

That's what I had thought to do first off and it didn't work when I tried before I posted. I looked at it again now as you mentioned this, and I see I put the static lease I made earlier on the wrong subnet.

10.80.0.184 instead of 10.81.0.184
...Facepalm!

edit: Just to clarify this is solved. Here is the code I used to set the static lease reservation:
add address=10.81.0.184 client-id=70:DB:98:8B:3C:05 comment=\
    "21882 - Reserved Lease even though set for a Static IP 9-21-2017" \
    mac-address=70:DB:98:8B:3C:05 server=dhcp-server-81
A follow up / tangent question:
Say I want devices in the subnet(s) assigned by my DHCP Server to only work when issued by my DHCP Server, so as to prevent people on the network from being allowed to set a static lease in my pools. I can't fathom how one would create a firewall rule or other policy to prevent that. I apologize in advance if this is MTCNA 101 basic that every neophyte should know, I'm just a fledgling in the world wide web of networking. And thank you very much for your help jspool!
 
andriys
Forum Guru
Forum Guru
Posts: 1192
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: How to prevent DHCP server from issuing an IP?

Thu Sep 21, 2017 10:01 am

There's a somewhat "hackish" way to do what you want. You will need to set ARP to 'reply-only' on your LAN-facing interface, then configure DHCP server to also populate the ARP table by setting add-arp=yes.

Who is online

Users browsing this forum: Google [Bot] and 78 guests