DHCP Assignment based on Mac address

How would I go about configuring a Mapping so that when a specified interface sent a DHCP discover to a sever (cisco router) it would get the IP address defined by the mapping?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

networker050184

You can do a static mapping from MAC with the command

ip dhcp pool example
host 1.1.1.1 /24
hardware-address aaaa.aaaa.aaaa

I don't see why you wouldn't just assign a static IP manually though.

gojericho0

Remember as well in large environments DHCP will normally run on a server will you can reserve part of your scope based on MAC address as well. We normally did this for network printers

redwarrior

I do this with my own work laptop. That way, I still have an IP address out of the regular dhcp pool, but it's always the same so I don't have to figure out what my IP is every time I want to test something. I've also found this is handy in situations like an ASA that is configured for Easy VPN that sometimes connects to one network and other times another. This way, I can keep it set up with dhcp for the outside interface but still know what the IP will be when it is connected to a certain network.

I think dhcp reservations come in most handy when you're talking about a device with the mobility to connect to multiple networks and you don't want to be bothered having to change a static IP configuration.

aueddonline

networker050184 wrote:
You can do a static mapping from MAC with the command
ip dhcp pool example
host 1.1.1.1 /24
hardware-address aaaa.aaaa.aaaa
I don't see why you wouldn't just assign a static IP manually though.

so this only allows on host to be configure per pool, is there a way to configure a database of mappings for DHCP to use?

xwesleyxwillisx

redwarrior wrote:

I do this with my own work laptop. That way, I still have an IP address out of the regular dhcp pool, but it's always the same so I don't have to figure out what my IP is every time I want to test something. I've also found this is handy in situations like an ASA that is configured for Easy VPN that sometimes connects to one network and other times another. This way, I can keep it set up with dhcp for the outside interface but still know what the IP will be when it is connected to a certain network.

I think dhcp reservations come in most handy when you're talking about a device with the mobility to connect to multiple networks and you don't want to be bothered having to change a static IP configuration.

Bingo! I do the same think with my laptop in my home network. It's a huge pain to mess with static IP's. Usually you forget you set one and then you can't figure out why you can't connect to the network anywhere else.

tech-airman

aueddonline wrote:

How would I go about configuring a Mapping so that when a specified interface sent a DHCP discover to a sever (cisco router) it would get the IP address defined by the mapping?

aueddonline,

Is there a managed switch(es) involved with VLAN capabilities?

aueddonline

tech-airman wrote:

aueddonline wrote:

How would I go about configuring a Mapping so that when a specified interface sent a DHCP discover to a sever (cisco router) it would get the IP address defined by the mapping?

aueddonline,

Is there a managed switch(es) involved with VLAN capabilities?

will I have my host plugged into a 2950?why?

Luckycharms

aueddonline -

You have two options... Create individual pools/reservations for each mac-to-IP or create a list...

http://www.cisco.com/en/US/docs/ios/12_3t/12_3t11/feature/guide/gtdhcpsm.html#wp1027188

tech-airman

aueddonline wrote:

tech-airman wrote:

aueddonline wrote:

How would I go about configuring a Mapping so that when a specified interface sent a DHCP discover to a sever (cisco router) it would get the IP address defined by the mapping?

aueddonline,

Is there a managed switch(es) involved with VLAN capabilities?

will I have my host plugged into a 2950?why?

aueddonline,

You could configure your 2950 for "VLAN association based on MAC address." Then associate that VLAN with the specific subinterface on the router on a stick with the IP subnet that you want that specific host to receive it's DHCP address from. Unless you're trying to configure end to end "DHCP" reserved IP address for the specific MAC address?

sprkymrk

networker050184 wrote:
You can do a static mapping from MAC with the command
ip dhcp pool example
host 1.1.1.1 /24
hardware-address aaaa.aaaa.aaaa
I don't see why you wouldn't just assign a static IP manually though.

The reason for using static IP Addresses with DHCP rather than manually assign an ip on the workstation is because DHCP can also assign default gateways, DNS servers, etc. This way if any part of the infrastructure changes you won't have to go to every machine you hard coded to change one of these other options that can be assigned through DHCP.

I hope I understood your question correctly, and hopefully I worded my response in a way that can be understood. I am suffering from a bit of travel-fatigue at the moment.

aueddonline

tech-airman wrote:

aueddonline wrote:

tech-airman wrote:

aueddonline wrote:

How would I go about configuring a Mapping so that when a specified interface sent a DHCP discover to a sever (cisco router) it would get the IP address defined by the mapping?

aueddonline,

Is there a managed switch(es) involved with VLAN capabilities?

will I have my host plugged into a 2950?why?

aueddonline,

You could configure your 2950 for "VLAN association based on MAC address." Then associate that VLAN with the specific subinterface on the router on a stick with the IP subnet that you want that specific host to receive it's DHCP address from. Unless you're trying to configure end to end "DHCP" reserved IP address for the specific MAC address?

I get ya, yeah I was thinking ' if this MAC sends a DHCP discover, OFFER this IP and so on.

on you point though if I had my multiple VLANS on the switch with a dot1Q trunk with subinterfaces would the 'ip dhcp smart-relay' command be used. In this book it mentions secondary IP addresses not subinterfaces.
I'm guessing the 'ip helper-address' would be configured on the sub-interface and it wouldn't be used?

networker050184

sprkymrk wrote:

I hope I understood your question correctly

I know why you would assign a host an address but the OP stated an "interface" which I took as setting an interface on a Cisco device to receive and IP address through DHCP.

tech-airman

aueddonline,

aueddonline wrote:

tech-airman wrote:

aueddonline wrote:

tech-airman wrote:

aueddonline wrote:

How would I go about configuring a Mapping so that when a specified interface sent a DHCP discover to a sever (cisco router) it would get the IP address defined by the mapping?

aueddonline,

Is there a managed switch(es) involved with VLAN capabilities?

will I have my host plugged into a 2950?why?

aueddonline,

You could configure your 2950 for "VLAN association based on MAC address." Then associate that VLAN with the specific subinterface on the router on a stick with the IP subnet that you want that specific host to receive it's DHCP address from. Unless you're trying to configure end to end "DHCP" reserved IP address for the specific MAC address?

I get ya, yeah I was thinking ' if this MAC sends a DHCP discover, OFFER this IP and so on.

Well, I was thinking even before the "...this MAC sends a DHCP discover..." in relation to my proposed solution. When that particular host is first plugged into the wall outlet that say leads to the FastEthernet 0/5 port, due to MAC to VLAN association, the FastEthernet 0/5 port would become a member of say VLAN 5. VLAN 5 is assigned say the 192.168.5.0 /24 subnet. Let's say VLAN 5 is associated with the FastEthernet0/1.5 subinterface of the router on a stick. So you configure DHCP on the router's FastEthernet0/1.5 subinterface, the host should be sending it's DHCP Discover to the router's FastEthernet0/1.5 subinterface, the router responds with the DHCP Offer back to the host, then life goes on.

aueddonline wrote:

on you point though if I had my multiple VLANS on the switch with a dot1Q trunk with subinterfaces would the 'ip dhcp smart-relay' command be used. In this book it mentions secondary IP addresses not subinterfaces.
I'm guessing the 'ip helper-address' would be configured on the sub-interface and it wouldn't be used?

Unfortunately, I'm not at the same studying point that you are, so I am not familiar with the "ip dhcp smart-relay" command. I'll try to help more as soon as I understand that command for myself.

APA

aueddonline wrote:

I get ya, yeah I was thinking ' if this MAC sends a DHCP discover, OFFER this IP and so on.

on you point though if I had my multiple VLANS on the switch with a dot1Q trunk with subinterfaces would the 'ip dhcp smart-relay' command be used. In this book it mentions secondary IP addresses not subinterfaces.
I'm guessing the 'ip helper-address' would be configured on the sub-interface and it wouldn't be used?

You would only use 'ip dhcp smart-relay' on an interface when you have secondary IP's configured on the one interface....

How it works is it allows the router to focus on pushing out the UDP requests as unicast through each IP subnet configured on an interface..... First it would use the primary IP addresses subnet by forwarding the DHCPRequests on with the GIADDR field set to the interface's primary IP... the smart-relay command keeps track off the attempts to forward the requests on with no DHCPOFFERS sent back from the server defined in the helper-address command.

After three attempts the smart-relay command changes the IP in the GIADDR field from the interface's primary IP to the interface's first secondary IP it then forwards on the DHCPREQUEST's again to the server defined in the helper-address command. This process follows on to each secondary IP until a DHCPOFFER is received from a server or until the process fails by having no more IP subnets to try.

So with the dot1q configured sub-interfaces you would be configuring 'ip helper-address' commands on each sub-interface that you have configured as they would be forwarding the DHCPREQUESTS on with the GIADDR field set to the primary IP configured on the sub-if.... sub-if would not have any secondary addresses configured so the 'ip dhcp smart-relay' command is not applicable.

Hope this helps

he-man

Hey guys,

Been having a play with this but cant seem to get my host to recieve the reserved address in my pool.

I can see the host sending out the DHCPDISCOVER but my DHCP server (cat 3550) doesnt respond, however if i create an actual pool of addresses the host snaps up an address? but not the reserved address!

I though it might be because id put the hardware-address in the wrong format xxxx.xxxx.xxxx because when the DHCPDISCOVER message comes in the address is prefixed with an 01 eg 01xx.xxxx.xxxx.xx

Also when debugging, DHCP packets the switch is bitching that there are addresses in a pool to allocate?

This is all i should need yea?

ip dhcp pool dan1
host 172.16.0.10 255.255.255.0
hardware-address 0012.3f32.0f94

VLAN 1 is addressed 172.16.0.1/24, and i know it can allocate addresses because it does when a normal scope is in play

Any thoughts?
Cheers,

he-man

figured this one out

Turns out you dont need the "hardware-address" but the "client-identifier" subcommand, pre-cedded with a 01

ie

ip dhcp pool dan1
host 172.16.0.10
client-identifier 01xx.xxxx.xxxx.xx