DHCP question

I've got a question regarding dhcp and best practice.
Say I have a network 192.168.1.0 and it's running out of address space and I want to increase the scope available into 192.168.2.0 giving me 510 available addresses.

Would the best practice be to just extend the existing scope by putting the scope end address as 192.168.2.254 or would it be better to create a new scope for the 192.168.2.0 address range and create a superscope together with the original range?
And would this affect the dhcp relay put on the router? I.e the relay would come from the 192.168.1.1 interface.

Many thanks in advance,

Mark

Find more posts tagged with

Comments

dynamik

You're going to need to be sure you have the appropriate subnet mask and routes (if you have multiple sites or want to route between subnets) configured to ensure that all devices will be able to communicate. You'll have communication problems if you just arbitrarily increase the IP range in the scope.

mark_s0

The subnet mask will be the same and the devices wouldn't be connecting to anything but the Internet including between devices so as long as the correct gateway is set that hopefully wouldnt be a problem. Using a superscope would be the way forward you think rather than simply increasing the existing range?

dynamik

What is your current subnet mask? If it's a /24 like it usually is for those networks, you'll get systems on different subnets and will have to route between them.

mark_s0

It is at the moment yes. If I changed it to /23 meaning my subnet would be between 1.0 and 2.255, that could work without systems being on different subnets?

dynamik

Actually no because that subnet mask will make the third octet ranges 0-1, 2-3, 3-4, etc.

Also, remember you're going to have to refresh all the ones that currently have the /24 otherwise they won't get the new subnet mask until their current lease expires.

mark_s0

No you're right, of course it wouldnt work. I must of been having some kind of thinking blip or something. Hmmm ok I'm gonna have to go away and think of how to get around this.

Thanks for your help dynamik.

chmorin

dynamik wrote: »

Actually no because that subnet mask will make the third octet ranges 0-1, 2-3, 3-4, etc.

Also, remember you're going to have to refresh all the ones that currently have the /24 otherwise they won't get the new subnet mask until their current lease expires.

Probably a stupid question, but any particular reason we assume he can't use the zero subnet nowadays?

dynamik

chmorin wrote: »

Probably a stupid question, but any particular reason we assume he can't use the zero subnet nowadays?

No, it has nothing to do with that. He just used 1 and 2 in his example, which would put them on different networks. He'd be fine with 0 and 1 or by using a /22, which would put 0-3 on the same network.

BrizoH

I had the exact same problem fairly recently, 192.168.1.0/24 network close to capacity and remote sites used 192.168.2.x, 3.x etc - so the only real option I had (without redesigning the entire IP scheme for the company) was to change to a 192.168.0.0/23 subnet.

The steps I took were:

1. A week or so beforehand I amended the existing DHCP lease time to 1 day

2. Noted all devices with static IP addresses as the subnet mask would need to be changed on them (also DHCP clients with reserved IPs)

3. At the weekend I amended the subnet mask on all servers, routers, printers etc before deleting the existing DHCP scope and creating new scopes using the /23 subnet

4. Reconfigured VPN tunnels to use /23

Then obviously testing to ensure clients are picking up the new DHCP settings, pinging across tunnels to/from 192.168.0 addresses etc

All went smoothly, as long as you plan it properly you shouldn't have any problems

BrizoH

dynamik wrote: »

No, it has nothing to do with that. He just used 1 and 2 in his example, which would put them on different networks. He'd be fine with 0 and 1 or by using a /22, which would put 0-3 on the same network.

Sorry, just noticed that - as above, my change was for 0 and 1

it_consultant

You can absolutely superscope your domain by ripping of one or more bits from your subnet mask. The private address range is 192.168.xxx.xxx so feel free to rip off right up until you get to the 8! Some of the Cisco guys will note that if you really have that many PCs, 254 is a good point to subnet anyway - keeps ARP traffic down among other things.