|
|
lists the DHCP server scope configuration topics found in this chapter and their associated sections.
| If you want to... | Go to this section... |
|---|---|
Know more about DHCP server scope methodology, including information about using multiple scopes | |
Add scopes to a DHCP server | |
Edit scopes on a DHCP server | |
Remove scopes from a DHCP server, including information about reusing and not reusing addresses | |
View a lease list for a scope | |
Delete a lease | |
De-activate a lease | |
De-activate all leases in a scope | |
Make a lease available | |
Refresh the lease list | |
Make lease reseverations, including information about reserving a single lease or making several lease reservations | |
Cancel a lease reservation | |
Associate scope selection tags that you defined for clients and/or client-classes with a scope | |
Ping an address before assigning it | |
Make a secondary scope | |
Enable BOOTP | |
Disable DHCP | |
De-activate a scope |
A scope is an administrative grouping of TCP/IP addresses. Create one or more scopes for each subnet on the network to pool addresses for that subnet. The following sections discuss defining and using scopes.
Each scope needs to have the following information:
You can configure multiple scopes (with disjoint ranges of IP addresses) that have the same network number and subnet mask. The DHCP server pools together the available leases from all of the scopes on the same subnet together and offers them, in a round-robin fashion, to any client that requests a lease (that is, for which there is no reservation or previous lease information available).
You might want to configure the addresses for a single subnet into multiple scopes to increase the speed of the GUI update for the Leases tab. Another reason might be to organize the addresses in a more natural way for administration---although remember that unless the client has a reservation or is a member of a client-class there is no way to control from which scope a client will obtain a lease.
Because each scope can have a separate reservation list, you might want to organize the leases in multiple scopes on the same subnet. You could put all the dynamic leases in one scope, with a policy with one set of options and lease times, and all the reservations in another scope, with a different policy of options or lease times.
You can also have multiple scopes for different subnets and some of the scopes may not be locally connected to your computer. If this is the case, ensure that the router (with BOOTP Relay Support) is configured with the appropriate helper address.
When multiple scopes are available on a particular subnet (through the use of secondary subnet), the DHCP server searches through all of them looking for a scope that meets the needs and requirements of an incoming DHCP client request. For instance, if a subnet has three scopes, only one of which supports dynamic BOOTP, any BOOTP request for which there is not a reservation in another scope is automatically satisfied from the scope that supports dynamic BOOTP.
In addition, you can configure a scope to disallow DHCP requests (the default is to allow DHCP requests). By using these capabilities together, you can easily configure the addresses on a subnet so that all of the DHCP requests are satisfied from one scope (and address range), all of the reserved BOOTP requests come from a second scope, and all of the dynamic BOOTP requests come from a third scope. This allows you to support dynamic BOOTP while minimizing the impact on the address pools that support DHCP clients.
Step 1 From the Server Manager window (Figure 2-3), select the DHCP server for which you want to add scopes.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Add toolbar button.
Step 4 In the Add Scope dialog box (Figure 7-1), enter the name of the scope.
Step 5 In the Policy box, do one of the following:
For more information, see the "Configuring Policies" section.
Step 6 Enter the network number for the subnet.
Step 7 Enter the subnet mask.
Step 8 Specify the scope address range by typing a series of single addresses and/or address ranges.
Specify the full address, for example, 192.168.1.100, 192.168.1.200, or only the relative addresses, for example, 100, 200.
Step 9 Click OK.
Step 10 If this is the first scope you have added, you must reload the server now.
Step 1 Use the scope create command to create a scope and supply the network number for the subnet and the subnet mask.
nrcmd> scope testScope create 192.168.1.0 255.255.255.0
Step 2 Use the scope set command to specify the policy for the scope.
nrcmd> scope testScope set policy=internal
Step 3 Use the scope command addRange method to specify the range of IP addresses for the scope.
nrcmd> scope testScope addRange 192.168.1.10 192.168.1.100
You can change the properties of a scope after you have created it.
Step 1 From the Server Manager window (Figure 2-3), select the DHCP scope you want to edit.
Step 2 Click the Show Properties toolbar button.
Step 3 Change any of the parameters by entering or by selecting different values.
Step 4 Click OK.
You can use the scope command to change scope features or properties.
Use the scope enable command to enable a scope feature. For example, to enable the ping-clients feature, type:
nrcmd> scope testScope enable ping-clients
Although removing a scope from the configuration of a DHCP server is easy to do, you should be very careful whenever you perform this operation. The DHCP protocol, as defined by the IETF, provides a lease to a client for a particular IP address for a specific amount of time (defined by the administrator of the server). Until that time has elapsed, the client is free to use the IP address it has been leased. There is no defined way for the server to revoke a lease, and to cause a client to stop using an IP address. As a result, while you can easily remove a scope from a DHCP server, the clients who have obtained leases on IP addresses from this scope will continue to use them until the expiration of the lease. This is true even if the server does not respond to their attempts to renew the lease (as is the case if the scope has been removed from the server).
If the addresses from the scope that you have removed are not configured into another DHCP server or reused in any way, then this is not a problem. If, however, the addresses contained in this scope are placed into another DHCP server before the expiration of the last lease, the same IP address might be in use by two different clients. This situation can cause serious errors in operation.
In other words, do not simply remove a scope from one DHCP server and add the addresses into another scope in a different DHCP server. Doing so compromises the integrity of your network. There are several ways to accomplish the operation of removing a scope from a DHCP server, either by re-using or not re-using addresses as described in the following sections.
Using the GUI:
Step 1 From the Server Manager window (Figure 2-3), select the scope you want to remove.
Step 2 Click the Remove toolbar button.
Step 3 Click Yes in the Confirmation dialog box.
Use the scope delete command to delete a scope.
nrcmd> scope testScope delete
If you do want to re-use the addresses, you have two options:
Step 1 From the Server Manager window (Figure 2-3), select the DHCP scope of which lease activity you want to monitor or view.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Leases tab (Figure 7-2).
The Leases tab (Figure 7-2) displays:
Use the lease list command to list the leases in a cluster.
nrcmd> lease list
100 Ok
204.253.96.99:
client-mac-addr = 1,6,01:02:03:04:05:fe
expiration = "Wed Dec 31 19:00:00 1969"
flags = failover-updated
mac = 1,6,01:02:03:04:05:fe
start-time-of-state = "Wed Dec 31 19:00:00 1969"
state = available
Before you delete a lease, first de-activate it, and then wait for it to become available. If the lease is currently available, the wait is instantaneous; otherwise, it may be as long as the lease time plus the grace period. If you delete a lease that is not available, Network Registrar displays a warning. Make sure this is what you want to do, because deleting an active client's lease could result in a duplicate IP address on the network if the deleted address is later assigned to a new active client.
Step 1 From the Server Manager window (Figure 2-3), select the scope that contains the lease you want to delete.
Step 2 Click the Show Properties toolbar button.
Step 3 From the DHCP Scope Properties dialog box, click the General tab (Figure 7-3).
Step 4 Specify the address pool, omitting the address of the lease that you want deleted.
Step 5 Click OK.
Step 6 Reload the DHCP server.
Use a combination of scope commands to delete a lease. For example to remove the lease 192.168.1.55, type the following commands:
Step 1 List the available addresses in the testScope scope.
nrcmd> scope testScope listRanges 100 Ok 192.168.1.4-192.168.1.10:start=192.168.1.4; end=192.168.1.10; 192.168.1.50-192.168.1.60:start=192.168.1.50; end=192.168.1.60; 192.168.1.110-192.168.1.120:start=192.168.1.110; end=192.168.1.120;
Step 2 Remove the range that the lease is in.
nrcmd> scope testScope removeRange 192.168.1.50 192.168.1.60
Step 3 Add ranges from the beginning of the range to the lease before the removed lease.
nrcmd> scope testScope addRange 192.168.1.50 192.168.1.54
Step 4 Add ranges from the lease after the removed lease to the end of the range.
nrcmd> scope testScope addRange 192.168.1.56 192.168.1.60
The reason you would choose to de-activate a lease is to move a client off of a lease. If the lease is available, deactivating the lease prevents Network Registrar from giving the lease to a client. If the lease is leased (held by a client), deactivating the lease prevents the client from renewing the lease, and Network Registrar from giving it to another client. You can only de-activate a lease if the server is running. Network Registrar de-activates the lease immediately; you do not need to reload the DHCP server.
Step 1 From the Server Manager window (Figure 2-3), select the scope that contains the lease you want to de-activate.
Step 2 Click the Show Properties toolbar button.
Step 3 From the DHCP Scope Properties dialog box, click the Leases tab (Figure 7-2).
Step 4 Select the lease you want to de-activate.
Step 5 Click Lease properties.
Step 6 In the Lease Properties dialog box, select the Deactivate Lease check box.
Step 7 Click OK.
Use the lease deactivate command to prevent the lease from being given out or renewed.
nrcmd> lease 192.168.1.20 deactivate
To de-activate all the leases in a single scope, disable BOOTP and DHCP. For more information see the "De-activating a Scope" section.
The Force Available check box allows you to make a lease currently held by a host available. If the lease is currently held, you should request that the user release the lease, or do so yourself, before selecting this option. You do not need to reload the DHCP server to make the change take effect.
Step 1 From the Server Manager window (Figure 2-3), select the scope that contains the lease you want to make available.
Step 2 Click the Show Properties toolbar button.
Step 3 From the DHCP Scope Properties dialog box, click the Leases tab (Figure 7-2).
Step 4 Select the lease you want to force available.
Step 5 Click Lease Properties.
Step 6 In the Lease Properties dialog box, click Force Available.
The force-available property allows you to make a lease currently held by a host available. If the lease is currently held, you should request that the user release the lease, or do so yourself, before selecting this option. You do not need to reload the DHCP server to make the change take effect.
Use the lease force-available command to make the currently held lease available.
nrcmd> lease 192.168.1.21 force-available
Step 1 From the Server Manager window (Figure 2-3), select the scope which you want to refresh.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Leases tab (Figure 7-2).
Step 4 Use the Refresh List button to update the display with the latest lease information.
Use the lease list command to show the state of all the leases.
nrcmd> lease list
To ensure that a client always gets the same lease, reserve the lease. To reserve a lease, pair an IP address with the host's MAC address. You can choose any valid IP address that is within your network number. The IP address does not have to be one that is listed in the scope's range of addresses. In fact, you can use the scope's range of IP numbers for dynamic leases, and use other addresses for reserved leases.
The leases should have the same network number and subnet mask as the scope. Network Registrar displays the current network number and subnet mask in noneditable fields above the lease reservation grid.
You must reserve leases for DHCP clients whose addresses must remain constant.
 | Caution If multiple DHCP servers are distributing addresses in the same subnet, the client reservations on each DHCP server should be identical. Otherwise, the DHCP reserved client may receive multiple offers of IP addresses, each from a different server. |
Network Registrar provides two ways to make reservations using the GUI:
You use the scope command addReservation method to reserve a reservation and the removeReservation to remove a lease reservation.
Step 1 From the Server Manager window (Figure 2-3), select the DHCP scope that contains the address or addresses you want to reserve.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Leases tab (Figure 7-2).
Step 4 Select the address of the lease you want to reserve.
Step 5 Click Lease properties.
Step 6 Select the Reserve lease check box.
Step 7 Click OK.
Step 8 Reload the DHCP server to make the reservations take effect.
Step 1 From the Server Manager window (Figure 2-3 ), select the scope that uses the policy you want applied to the reserved lease.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Reservations tab (Figure 7-5).
Step 4 Click Add.
Step 5 In the Add Reservations dialog box, enter the Lease and MAC addresses.
Step 6 Click Apply to continue adding reservations, or OK to finish.
Step 7 Reload the DHCP server.
Use the scope command addReservation method to reserve a reservation. Specify the lease's IP address and the client's MAC address.
nrcmd> scope testScope addReservation 192.168.1.10 1,6,00:a0:24:2e:9c:20
Although you can remove reservations at anytime, if the lease is still held, the client will continue to use the lease until the lease expires. If you reserve this lease for someone else, Network Registrar displays a message to that effect when you start the DHCP server.
Step 1 From the Server Manager window (Figure 2-3), select the scope that contains the lease reservation you want to cancel.
Step 2 Click the Show Properties toolbar button.
Step 3 From the DHCP Scope Properties dialog box, click the Reservations tab (Figure 7-5).
Step 4 Select the IP address.
Step 5 Click Remove.
Step 6 Reload the DHCP server.
Use the scope command removeReservation method to delete a reservation.
nrcmd> scope testScope removeReservation 192.168.1.10 1,6,00:a0:24:2e:9c:20
The Scope Selection Tags tab (Figure 7-6) allows you to associate scope selection tags that you defined for clients and/or client-classes with this scope. For more information, see "Defining Scope Selection Tags" section.
Step 1 From the Server Manager window (Figure 2-3), select the DHCP scope you want to associate with a selection tag.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Selection Tags tab.
Step 4 In the Selection Tags tab (Figure 7-6), click Edit Tags.
Step 5 In the Choose Scope Selection Tags dialog box, choose the tag you want associated with this scope.
Repeat steps 1 through 5 for additional tags.
Step 6 Click OK.
The Selection Tags dialog box displays the scope's tags.
Step 7 Click OK.
You can use the scope selection-tags property to associate existing selection tags with this scope. Note that theses are the scope selection tags that you defined for clients and/or client-classes. For more information, see the "Choosing Scope Selection Tags" section in this chapter.
Use the scope set command to associate a selection tag with this scope.
nrcmd> scope testScope set selection-tags=internal
Figure 7-7 shows the fields in the Advanced tab.
You can use the scope command to set the following scope options, as described in the following sections.
You can choose to have the DHCP server use the Internet Control Message Protocol (ICMP) echo message capability (ping) to see if anyone responds to an address before assigning it. If you choose this option, the DHCP server checks that an address is not in use before assigning that address to the workstation. Using ping can help prevent two clients from using the same IP address.
The DHCP server makes use of the ICMP echo request and echo reply packets to determine whether a particular IP address is currently in use. If a computer responds to the ping, the DHCP server marks that address as unavailable and offers a different IP address to the client.
Step 1 In the Advanced tab of the DHCP Scope Properties dialog box (Figure 7-7), select the Ping address before offering it check box and select a time interval in milliseconds to wait before assuming that no client will answer.
The default is 300 milliseconds.
Step 2 Click OK.
Use the scope enable command to enable the ping-clients feature.
nrcmd> scope testScope enable ping-clients
Network Registrar supports multiple logical subnets on the same physical network segment, which are called secondary subnets. If you have several logical subnets on the same physical network, for example, 192.168.1 and 192.168.46, you might want to configure DHCP so that it will offer addresses from both pools. By pooling addresses this way, you can combine two class C networks or a Class B and Class C network.
To join two logical subnets, create two scopes, and elect one to be primary and the other secondary. After you have configured the secondary subnet, any client on this physical network will obtain a lease from one or the other scope, on a round-robin basis (as long as the client does not have a reservation or previous lease information).
To join the secondary scope to the primary scope, do the following.
Step 1 From the Server Manager window (Figure 2-3), select the secondary scope.
Step 2 Click the Show Properties toolbar button.
Step 3 Click the Advanced tab.
Step 4 From the Advanced tab, select the Make this scope a secondary check box (Figure 7-7).
Step 5 In the Primary scope box, select the scope that you want to designate as the primary scope.
Step 6 Click OK.
Step 7 Repeat steps 1 through 6 for each scope that you want to attach to this group.
Step 8 Reload the DHCP server.
Step 1 Use the scope set command to set the primary scope.
nrcmd> scope testScope set primary-scope=Example
Step 2 Use the server reload command to reload the server.
nrcmd> server DHCP reload
The nrcmd command automatically fills in the primary scopes's address and netmask.
You can configure Network Registrar to act like a BOOTP server. In addition, although BOOTP normally requires static address assignments, you can choose to either reserve IP addresses (and therefore use static assignments) or have IP addresses dynamically allocated.
Step 1 In the Policies tab of the DHCP Server Properties dialog box (Figure 6-2), configure a policy to contain the information that BOOTP requires.
Step 2 In the Edit Options dialog box, select the options you want.
Step 3 Click the Send to BOOTP clients check box.
Step 4 If you select the Always send to DHCP clients check box, the DHCP server sends an option back in the DHCP reply packet regardless of whether the client requested the option.
Step 5 Click OK.
Step 6 In the Advanced tab of the DHCP Scope Properties dialog box (Figure 7-7), select the Enable BOOTP check box.
(To disable BOOTP, uncheck the Enable BOOTP check box.)
Step 7 If you want dynamic IP address assignment, select the check box, otherwise create reservations.
For more information about making reservations, see the "Making Lease Reservations" section.
Step 8 Click OK.
Step 9 Reload the DHCP server.
Use the scope enable command to enable the bootp feature.
nrcmd> scope testScope enable bootp
Step 1 Under the DHCP server, right-click the scope for which you want to disable BOOTP.
Step 2 Select Properties.
Step 3 In the Advanced tab of the DHCP Scope Properties dialog box (Figure 7-7), uncheck the Enable BOOTP check box.
Step 4 Click OK.
Step 5 Reload the DHCP server.
Use the scope disable command to enable the bootp feature.
nrcmd> scope testScope disable bootp
You can disable DHCP for this scope if you want to use the scope only for BOOTP.
Step 1 Under the DHCP server, right-click the scope for which you want to disable DHCP.
Step 2 Select Properties.
Step 3 In the Advanced tab of the DHCP Scope Properties dialog box (Figure 7-7), select the Disable DHCP for this scope check box.
Step 4 Click OK.
Step 5 Reload the DHCP server.
Step 1 Use the scope disable command to disable the bootp feature.
nrcmd> scope testScope disable bootp
Step 2 Use the scope disable command to disable the dhcp feature.
nrcmd> scope testScope disable dhcp
To de-activate all the leases in a scope, disable BOOTP and disable DHCP.
Step 1 Use the scope disable command to disable the bootp feature.
nrcmd> scope testScope disable bootp
Step 2 Use the scope disable command to disable the dhcp feature.
nrcmd> scope testScope disable dhcp
Posted: Thu Nov 18 13:40:15 PST 1999
Copyright 1989-1999©Cisco Systems Inc.