dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
658
share rss forum feed


Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN

DHCP Question

How would you configure DHCP so that a machine could possibly receive a different address on each boot?

Forget the why would you want to do this, I don't. I do want to know how you would do it.

I'd also like to know if this would increase DHCP address request traffic, even by machine that already have an address on the network.
--
"Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something." - Robert A. Heinlein


PToN
Premium
join:2001-10-04
Houston, TX
I can only think of lease duration on the scope properties... But this will cause ALL of the clients on that scope to request a new IP, but this also result in the client more likely than not getting the same IP.


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3

1 recommendation

reply to Kilroy
I think the only sure way would require a custom programed dhcp server, it'd have to tell the client the address was in use and give it a new one.

I don't think any existing dhcp server would do that, as when the lease expires the client will do a renew and as it has the IP it'll just get the lease renewed.

the manual way would be to do a release then delete the lease then make sure another client takes the ip and then do a renew

If someone were to custom program the dhcp server then they could do something funy like right after it issues the lease increment the MAC tied to the lease in the DHCP DB so the client that was given the lease could not renew it, and tack on a lease time slightly higher than what the client was told so when it would go to renew it'd be told its in use and be give a diff address

but such behavior would likely be seen as a bug by most admins, but if done right could be done as a per client feature and linked to a lease reservation

but if you just set a really short lease then if something else boots and takes the IP while the client is off and after the lease has expired then it might get a new IP.
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv

JoelC707
Premium
join:2002-07-09
Lanett, AL
kudos:5
reply to Kilroy
The others have answered the "how". As for it increasing the DHCP address traffic, I guess it would depend on how you did it. If you simply shortened the lease duration that means that it has to renew or request a new lease much more often which of course would increase traffic (by a lot because it would be ALL machines that have increased traffic now).

The question I have is how often is this hypothetical computer booted? If it's just once a day (booted every morning, left off at night for example), you could get by with say an 8 hour or 12 hour lease. When it boots the next morning it doesn't have a current lease so it may or may not get the same address. That really depends on the order of boots and so forth. If you want it to get a new address no matter when you boot it (IE you want it to get an address every single time it boots), that's a little more tricky and would likely require some kind of server change.


exocet_cm
Free at last, free at last
Premium
join:2003-03-23
New Orleans, LA
kudos:3
reply to Kilroy
Really short lease time as others have stated.

You could get insane with it and run two different authoritative DHCP servers on the network each with different DHCP scopes and script one to run for a 24 hour period, (if Windows) "net stop" the DHCP service on the first server and "net start" the DHCP service on the second server at midnight or something.

Not only is the client going to get a new address, it will get one from a second DHCP server with a completely different scope.

Again, insane, but theoretically possible.
--
"I have often regretted my speech, never my silence." - Xenocrates
My wife's Etsy shop: »www.laurenCball.com ; After-hours tech: »www.JLTCtech.com ; My blog: »www.johndball.com


maartena
Elmo
Premium
join:2002-05-10
Orange, CA
kudos:3
reply to Kilroy
There really is not any fool proof way of doing this. Yes you can set extremely short lease times, but DHCP is designed to first check if the old IP address is still available, and then just renew that. So your 100 computers may be turned off all weekend, and come Monday there is a good chance 90 of them will have the same address they had on Friday, even if you set the lease time to 1 hour.

As far as DHCP traffic goes, it is negligible if you do lease times of say 1 hour.
--
"I reject your reality and substitute my own!"


maartena
Elmo
Premium
join:2002-05-10
Orange, CA
kudos:3
reply to exocet_cm
said by exocet_cm:

Really short lease time as others have stated.

You could get insane with it and run two different authoritative DHCP servers on the network each with different DHCP scopes and script one to run for a 24 hour period, (if Windows) "net stop" the DHCP service on the first server and "net start" the DHCP service on the second server at midnight or something.

Not only is the client going to get a new address, it will get one from a second DHCP server with a completely different scope.

Again, insane, but theoretically possible.

Windows Active Directory has a system to really prevent dual DHCP servers, because it may cause problems. So you will have to authorize a DHCP server in active directory, and make it the primary. You can have multiple DHCP servers authorized for different network segments, but not on the same segment, the second DHCP server may exist (e.g on a secondary domain controller as a backup server) but will only become operational when the first one goes down, and typically carries an active copy of leases.

What the topic starter wants to do might be a bit difficult to do. Not completely impossible, but it will likely give a lot more headaches then solutions if you do this from the server side. Now, this said, there may be a way to do it from the client side. DHCP works via MAC address, so if you change the MAC address on the client on each boot up, you will get a different IP address. The problem is, that DHCP activates before any scripts can be ran so it will get last nights IP address first, then a script is ran that changes the Mac, followed by a disable and enable of the network connection... And that might cause all sorts of problems with mapped network resources, etc.

Maybe there is a completely reasonable alternative that has nothing to do with DHCP if you could explain some of the why you want to do this.
--
"I reject your reality and substitute my own!"


exocet_cm
Free at last, free at last
Premium
join:2003-03-23
New Orleans, LA
kudos:3
said by maartena:

said by exocet_cm:

Really short lease time as others have stated.

You could get insane with it and run two different authoritative DHCP servers on the network each with different DHCP scopes and script one to run for a 24 hour period, (if Windows) "net stop" the DHCP service on the first server and "net start" the DHCP service on the second server at midnight or something.

Not only is the client going to get a new address, it will get one from a second DHCP server with a completely different scope.

Again, insane, but theoretically possible.

Windows Active Directory has a system to really prevent dual DHCP servers, because it may cause problems. So you will have to authorize a DHCP server in active directory, and make it the primary. You can have multiple DHCP servers authorized for different network segments, but not on the same segment, the second DHCP server may exist (e.g on a secondary domain controller as a backup server) but will only become operational when the first one goes down, and typically carries an active copy of leases.

Correct. This is one way to have DHCP "redundancy" within the same scope/subnet with something like an 80/20 split between two authorized DHCP servers. The second DHCP server would respond to clients after 1000 ms as opposed to the first DHCP server responding to clients after 0 or 1 ms.

But what I was suggesting to the OP was something crazy based on the request that was posted. Not something I would do in production but it might be another brick in the layer to solve his problem.
--
"I have often regretted my speech, never my silence." - Xenocrates
My wife's Etsy shop: »www.laurenCball.com ; After-hours tech: »www.JLTCtech.com ; My blog: »www.johndball.com


Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN
reply to maartena
said by maartena:

What the topic starter wants to do might be a bit difficult to do.

It isn't what I want to do, it is what I am dealing with. I think I'll check the DCHP lease time on a machine on Monday. What happens is I may reboot a machine five times while working on an issue and I'll see anywhere from three to five different IP addresses on boot. This makes remote support difficult to say the least, especially if you have to log into the machine with an administrative account, rebuilding a profile for example.

I know why you would set short DHCP times, many mobile machines connecting to the same network. I'm just trying to figure out how this might be configured that the result is a different IP on reboot as I don't have access to the DHCP server. If I had access to the DHCP server this wouldn't be as much of an issue since it would allow me to determine a machine's IP address even if DNS was out of date and the IP address changed on reboot since I could look up the current IP addresses.
--
"Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something." - Robert A. Heinlein

JoelC707
Premium
join:2002-07-09
Lanett, AL
kudos:5
I was afraid you were going to say this was happening (as opposed to an academic "how would I do this" question) lol.

Since you don't have access to the DHCP server, I suspect there isn't much you yourself can do to solve it (except pass along the info unless it were somehow designed like this). So are you seeing a new IP every single reboot or is it just some reboots?

5 reboots and 3-5 different IPs seem to indicate it's not every reboot but those other times you don't get a new IP, do you have the previous IP or is it one of the ones you have had already? That sounds confusing to me so let me expand on it:
Boot 1: 192.168.101.10
Boot 2: 192.168.101.12
Boot 3: 192.168.101.10
Boot 4: 192.168.101.12
Boot 5: 192.168.101.13

In that example that has given you a "new IP" on every boot but you've really only gone through 3 different IPs. Is this what you are seeing or is it a completely new IP each and every time?

If you are seeing my example above, it could just be the 80/20 split on DHCP scopes like exocet_cm See Profile mentioned. Typically that 20% server should renew the original lease instead of issue a new one but there could be some funky config going on that's stopping it.


Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN
No, the same address doesn't repeat, unless the IP stays the same.

Boot 1: 192.168.100.50
Boot 2: 192.168.100.79
Boot 3: 192.168.100.68
Boot 4: 192.168.100.68
Boot 5: 192.168.100.159

Like I said, I'll have to check the lease information on Monday. Don't know why I didn't think of that previously. Currently I have a few machines that need their profiles rebuilt and I would rather do the work remotely than have the users come into my office.
--
"Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something." - Robert A. Heinlein

guppy_fish
Premium
join:2003-12-09
Lakeland, FL
kudos:3

2 recommendations

reply to Kilroy
DHCP reservations by the DHCP server, based on the MAC address is how this is done. By definition, its all on the server, a client can't do anything about this. If you don;t control the DHCP server, nothing you can do


maartena
Elmo
Premium
join:2002-05-10
Orange, CA
kudos:3
said by guppy_fish:

If you don;t control the DHCP server, nothing you can do

This. If you are expected to do IT technical support, it is not an unreasonable request to ask the sysadmins that deal with your servers, network, dhcp, etc, to come up with something that is working better.

When I did remote control of machines, we did it by machine NAME. The clients all had a name sticker on their machines, and the internal DNS on Active directory would update the DNS if the IP address changed. If it isn't updated on YOUR side yet (it uses a cache) all you have to do is type IPCONFIG /FLUSHDNS on your end (you can make a batch file on your desktop that does that), and when you reconnect to a machine name, it will just force a new lookup on the background, so you get the latest IP address for that machine.

Its also a lot easier to ask a user over the phone what their machine name is (right click on Computer on the desktop, what does it say as machine name?) as opposed to navigating to where they would find their IP address. (although thats not too hard either).

In any case, the machine name does not change. So if you have the PC name once, you are set to go. You can even keep your own spreadsheet of who is using what PC Name, as they usually won't change too often, unless they get a new computer.

Last but not least, I worked for many years on the.... "DHCP Server Side" so to speak, as a system/network administrator and if the Helpdesk support team encountered problems, and asked us to help find a solution, it was in our best interest (and the companies) to come up with a solution for them. If they aren't willing to help you out, you got much bigger problems....
--
"I reject your reality and substitute my own!"


Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN
I'm currently a contractor, so what I can ask is very limited. However, those of us who have worked with contractors in the past know that some contractors have ideas how things can be improved. We also know that there is usually a reason for how things are configured. However, the reason something was configured in a particular way may have changed and the configuration may no longer make sense.

I will give the IPCONFIG /FLUSHDNS a try, but don't have high hopes. Frequently when I ping a machine I will get an IP address in the VPN range, even though the machine is on the LAN. This leads me to believe that DNS isn't up to date and the issue isn't local.

I am supporting mainly laptops where the users will work at different locations on the network and VPN, often multiple times in a day. Getting the IP address from the user isn't difficult, having the IP address possibly changing on a reboot is.
--
"Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something." - Robert A. Heinlein


DarkLogix
Texan and Proud
Premium
join:2008-10-23
Baytown, TX
kudos:3
reply to Kilroy
said by Kilroy:

said by maartena:

What the topic starter wants to do might be a bit difficult to do.

It isn't what I want to do, it is what I am dealing with. I think I'll check the DCHP lease time on a machine on Monday. What happens is I may reboot a machine five times while working on an issue and I'll see anywhere from three to five different IP addresses on boot. This makes remote support difficult to say the least, especially if you have to log into the machine with an administrative account, rebuilding a profile for example.

I know why you would set short DHCP times, many mobile machines connecting to the same network. I'm just trying to figure out how this might be configured that the result is a different IP on reboot as I don't have access to the DHCP server. If I had access to the DHCP server this wouldn't be as much of an issue since it would allow me to determine a machine's IP address even if DNS was out of date and the IP address changed on reboot since I could look up the current IP addresses.

Well in the case of it happening vs trying to do it then sounds like a poorly programed DHCP server (like some consumer routers) that don't retain the info the right way and then get confused

Back when I used a consumer router I saw it issue a new DHCP lease for every request even if there was already a lease for that mac (IE just lazy programing)
--
semper idem
1KTzRMxN1a2ATrtAAvbmEnMBoY3E2kHtyv


whardman
Wesley Hardman

join:2007-02-19
Cincinnati, OH
reply to Kilroy
said by Kilroy:

users will work at different locations on the network and VPN, often multiple times in a day

This is going to be a large part of it. I'm thinking that you probably have a lot of users compared to the number of addresses in the scope, with only a smaller set there at any one time.

Lease time is probably less relevant here. If anything, it is probably higher, rather than lower. How long does the computer take to restart? If possible, check to see if the DHCP option "Release DHCP Lease on Shutdown" is enabled (it probably is). I am betting it is also a Linux server.

Essentially what is happening here is that on shutdown, the client is releasing the address, but before it has a chance to re-enable the network after boot, the address is already been given out to another device.


Kilroy
Premium,MVM
join:2002-11-21
Saint Paul, MN
said by whardman:

If possible, check to see if the DHCP option "Release DHCP Lease on Shutdown" is enabled (it probably is)

This is probably the issue. I'm guessing this is a server side setting and I can't see in on the client side. My IP address is showing a little over three days as my lease time. The site I have issues I haven't worked on any machines today. This was the information that I was hoping to get from this thread. Thank you.
--
"Progress isn't made by early risers. It's made by lazy men trying to find easier ways to do something." - Robert A. Heinlein