09-14-2018 06:13 AM
Hello, I'm learning Cisco at the moment and have looked at the DHCP configuration. Mostly is makes sense. However, I dont understand the motivation for:
ip dhcp excluded-address x.x.x.x y.y.y.y
being part of the global configuration and not part of a pool.
It defines a contiguous range of excluded IP addresses that should not be used by any DHCP pool. However, DHCP pools also have a contiguous range of IP address to allocate (before exclusions). So, unless overlapping DHCP pools are used (which in its self would be odd?) for this command to affect, or its used to exclude the high end of one pool and the low end of another pool, it seems out of place being global.
Could anyone provide some motivation that I have overlooked? E.g. its easier to manage having a single block of excluded ip addresses at the top of the configuration instead of mixed into the pool definitions.
09-14-2018 12:31 PM
I am not particularly expert in DHCP but it makes sense to me that IOS would maintain a single table of addresses that should not be used in DHCP assignment rather than having to maintain multiple tables (one per scope).
HTH
Rick
09-15-2018 12:30 AM - edited 09-15-2018 02:43 AM
Hello Rick,
Thanks for your reply, I see your point about a technical implementation detail on IOS. Further, I see an argument for this at an organisation level: especially when the reserved addresses could be could be calculated on an organisational level and simply copied to all DHCP servers regardless of pool settings (e.g. which server is processing requests for which pool).
Albeit, it makes the configuration on the router less canonical. That is, some of the pools address's are configured in the sub commands which are affected by global commands.
Still, it would be interesting to know if this is the case. If anyone that has set up a non trivial DHCP scenario has a view, I'd be interested to hear it.
Thanks,
Karim
09-15-2018 02:55 AM
Hello
I would say has the router itself is the "dhcp server" then isn't it more practical to specify the exclusion on the router and no within the scope?
09-16-2018 03:20 AM
Hello Paul,
I suppose this is a matter of taste, as there are arguments to go either way.
For example, if I look at dhcpd in on Linux, its clear that the restricted addresses are linked to the subnet on the pool. E.g. see the following example taken from: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s1-dhcp-configuring-server#subnet shows the assignable range of addresses clearly as a sub attribute of the subnet/pool definition. Which at least in my mind is the canonical way of doing it - I think about defining the subnet and at the same time the valid range of addresses to assign.
subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.254; option subnet-mask 255.255.255.0; option domain-search "example.com"; option domain-name-servers 192.168.1.1; option time-offset -18000; # Eastern Standard Time range 192.168.1.10 192.168.1.100; }
However, an equivalent (up to the purposes of this questions) definition on a Cisco router would split out up the configuration into two parts.
ip dhcp excluded-address 192.168.1.0 192.168.1.9 ip dhcp excluded-address 192.168.1.101 192.168.1.254 ! ! potentially snip many config lines letting the above get orphaned
! from the pool definition ! ip dhcp pool mypool network 192.168.1.0 255.255.255.0 default-router 192.168.1.254 dns-server 192.168.1.1 domain-name example.com
However with this definition I struggle to see a clear advantage that outweighs the benefit of linking the excluded addresses to the pool definition.
Again, I am learning Cisco routers at the moment (coming from a Linux background) so I am just trying to understand the reason for choosing things in this way. Perhaps there is a deeper reason that it was chosen that I am not seeing. Or it is simply a matter of taste by Cisco designers from years ago that has persisted.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide