Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5991
Views
0
Helpful
4
Replies

Why is "ip dhcp excluded-address" Global

kazza
Level 1
Level 1

‎09-14-2018 06:13 AM

Hello, I'm learning Cisco at the moment and have looked at the DHCP configuration. Mostly is makes sense. However, I dont understand the motivation for:

ip dhcp excluded-address x.x.x.x y.y.y.y

being part of the global configuration and not part of a pool.

 

It defines a contiguous range of excluded IP addresses that should not be used by any DHCP pool. However, DHCP pools also have a contiguous range of IP address to allocate (before exclusions).  So, unless overlapping DHCP pools are used (which in its self would be odd?) for this command to affect, or its used to exclude the high end of one pool and the low end of another pool, it seems out of place being global.

 

Could anyone provide some motivation that I have overlooked? E.g. its easier to manage having a single block of excluded ip addresses at the top of the configuration instead of mixed into the pool definitions.

Labels:
0 Helpful
4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

‎09-14-2018 12:31 PM

I am not particularly expert in DHCP but it makes sense to me that IOS would maintain a single table of addresses that should not be used in DHCP assignment rather than having to maintain multiple tables (one per scope).

 

HTH

 

Rick

HTH

Rick
0 Helpful

kazza
Level 1
Level 1
In response to Richard Burts

‎09-15-2018 12:30 AM - edited ‎09-15-2018 02:43 AM

Hello Rick,

 

Thanks for your reply, I see your point about a technical implementation detail on IOS. Further, I see an argument for this at an organisation level: especially when the reserved addresses could be could be calculated on an organisational level and simply copied to all DHCP servers regardless of pool settings (e.g. which server is processing requests for which pool).

 

Albeit, it makes the configuration on the router less canonical. That is, some of the pools address's are configured in the sub commands which are affected by global commands.

 

Still, it would be interesting to know if this is the case. If anyone that has set up a non trivial DHCP scenario has a view, I'd be interested to hear it.

 

Thanks,

Karim

0 Helpful

paul driver
VIP
VIP
In response to kazza

‎09-15-2018 02:55 AM

Hello

I would say has the router itself is the "dhcp server" then isn't it more practical to specify the exclusion on the router and no within the scope?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

kazza
Level 1
Level 1
In response to paul driver

‎09-16-2018 03:20 AM

Hello Paul,

 

I suppose this is a matter of taste, as there are arguments to go either way.

 

For example, if I look at dhcpd in on Linux, its clear that the restricted addresses are linked to the subnet on the pool. E.g. see the following example taken from: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s1-dhcp-configuring-server#subnet shows the assignable range of addresses clearly as a sub attribute of the subnet/pool definition. Which at least in my mind is the canonical way of doing it - I think about defining the subnet and at the same time the valid range of addresses to assign.

subnet 192.168.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.254;
        option subnet-mask              255.255.255.0;
        option domain-search            "example.com";
        option domain-name-servers      192.168.1.1;
        option time-offset              -18000;     # Eastern Standard Time
	range 192.168.1.10 192.168.1.100;
}

However, an equivalent (up to the purposes of this questions) definition on a Cisco router would split out up the configuration into two parts.

ip dhcp excluded-address 192.168.1.0 192.168.1.9
ip dhcp excluded-address 192.168.1.101 192.168.1.254
!
! potentially snip many config lines letting the above get orphaned
! from the pool definition
!
ip dhcp pool mypool
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.254
   dns-server 192.168.1.1
   domain-name example.com

However with this definition I struggle to see a clear advantage that outweighs the benefit of linking the excluded addresses to the pool definition.

 

Again, I am learning Cisco routers at the moment (coming from a Linux background) so I am just trying to understand the reason for choosing things in this way. Perhaps there is a deeper reason that it was chosen that I am not seeing. Or it is simply a matter of taste by Cisco designers from years ago that has persisted.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card