Re: wireless access to my network
- From: Jeff Liebermann <jeffl@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 30 Sep 2005 08:47:14 -0700
On Fri, 30 Sep 2005 09:03:27 -0300, Derek Broughton
<news@xxxxxxxxxxxxxx> wrote:
>Jeff Liebermann wrote:
>
>> Incidentally,
>> setting the DHCP range for the entire /24 block is a bad idea.
>
>Why's that Jeff? You don't want it handing out it's _own_ address or the
>broadcast address, but I shouldn't _think_ that couldn't happen (of course,
>unexamined assumptions will always come back to bite you on the ***...).
>Is there another reason? (fwiw, I _don't_ let the DHCP server hand out the
>full /24 range - but just because that's the way I've always seen it done).
The only DHCP server I know that will hand out its own IP address is
the original Windoze 2000 Server before the arrival of a patch. Then,
all it did was corrupt its DHCP cache every few days.
There are a few problems with extremely wide DHCP ranges, none of
which are fatal, but do get in the way. (Incidentally, I'm from the
stone age where the routers IP address was at the high end of the
range (xxx.xxx.xxx.254) so that DCHP assignments could conveniently
start at .1).
1. Most systems require a static IP address for some device. Usually,
it's an access point, print server, TIVO box, or other appliance. If
the DHCP server is setup to pass everything from .2 to .254, then
there's a chance that it will try to assign something that's already
in use with a static IP address. The DCHP servers I've inspect does a
ping (twice) to see if there is an existing device already on that IP,
but if the device does not respond to ping, duplicate IP's are
possible.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt1/1cddhcp.htm
That doesn't always work because the default timeout is 500msec and
many power save devices won't power up in the required time. This
gave me fits with power save laptops until I increased the number of
pings and the timeout on the DHCP server.
2. Some routers just don't have enough memory to store a large range.
You can configure the DCHP server to assign the full 252 IP's, but
when you actually try it, the router will roll over and die. I've
tested the effect using a MAC address generator. The older routers
would handle perhaps 32 IP's. The newer ones could handle 252 but
still had problems handling large number of MAC addresses. That's not
considered a "normal" situation until you setup a free hot spot in the
middle of a very high traffic zone where literally hundreds of
wireless devices might "accidentally" try to automatically connect.
I've ranted on the subject before and had to cut down the DHCP lease
expire time to an illegal 15 minutes to keep the table small.
3. I like to have more than one DHCP server on my LAN's. This is
very common when I have two routers using RIP2 for backup. If one
goes down (or hangs), the other takes over. Although protocols exist
for synchronizing the DHCP cache on two servers, most cheapo routers
don't support it. So, I just split the DCHP assigned IP range in
non-overlapping address pools. Router #1 gets .20-59. Router #2 gets
..60 through .99 and so on. It's a crap shoot as to which IP range a
particular client gets. Usually it's the "closest" router. However,
if one router goes down, I still have DHCP services on the WLAN and
without any duplication.
4. There's a few more reasons but my coffee is getting cold.
--
Jeff Liebermann jeffl@xxxxxxxxxxxxxxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
.
- References:
- wireless access to my network
- From: Bryce
- wireless access to my network
- Prev by Date: House to house antenna/cables on ebay
- Next by Date: Re: question about wireless and laptops
- Previous by thread: Re: wireless access to my network
- Next by thread: Non-working Taskbar Network Icon
- Index(es):
