Do you use dhcp reservations?

johnpoz

Some of you might have noticed lots of threads about kea, or just dhcp in general lately.

Reservations came up in one, do people even use them, etc.. Which got me curious.. I personally use them for everything... If pfsense didn't support them, I would be running dhcp else where on my network that did, etc

I would think users that find use and benefit of running something like pfsense on their network would most of the time want their devices to have a specific IP.. But maybe I am completely off base?

if you do not know what a dhcp reservation is, more than likely you would answer no on the below poll going to link too.. But before you do.. Lets be sure maybe you just know it by a different term..

In pfsense its called Static Mappings

https://docs.netgate.com/pfsense/en/latest/services/dhcp/ipv4.html#static-mappings

example

This is where you assign a device a specific IP on your network based upon some criteria, normally the devices mac address, but it could also be any sort of Client Identifier.. Or sometimes you just want to hand a device specific info that is different than your normal dhcp scope and don't really care what IP it gets, etc.

I use this extensively - anything that is on my network other than setup or guest gets a reservation. But I am curious am I the odd ball here?

Since it seems we can not create polls here - I created this free external one.. This is just something curious about see if we can get some responses that hints at used or not used by users.. Thanks.

https://smartpolls.co.uk/p/57738

elvisimprsntr

@johnpoz

I use static reservations for anything I need a static IP address for.
Saves me from having to enter ip, mask, gw, dns on each and every client/device.

johnpoz

@elvisimprsntr exactly, I would think that anyone that has migrated away from your typical run of the mil wifi router their isp gives them would leverage reservation to some extent..

bmeeks

I don't currently use any DHCP reservations in my home network. I have a carved out block of IP addresses where I place static IP assignments for a few servers (virtual machines and two ESXi hosts). I use static IPs when configuring those machines.

I do manage the firewall for a local church (SG-6100 appliance) and have some DHCP reservations configured there for a pair of label printers for the nursery. They print labels to "tag the kids with" on Sunday mornings .

For my home network, I currently use DHCP on my Windows domain controller. Would like to eventually retire that and use pfSense exclusively, but really want the dynamic DNS update feature of the DHCP server to work better (not the current "restart the service with each lease renewal" method used now). Hopefully Kea offers opportunity for finally fixing that quirk once Kea is fully fleshed out in pfSense.

maverickws

Poll seems 7 to yes 0 - 0 by when I voted.

Yes we do use reservations. For everything. Only known Macs are allowed to connect to networks.
There is one network without reservations, the gust network.

Now-a-days there are devices that cloak their real MAC address, so sometimes what we do when a new device is introduced to the home network (we don't exchange phones that much) we temporarily allow any client to connect, then make the reservation.

AndyRH

I only use static when I have to, gateway, Proxmox, Piholes.
Anything that I care about the address is a DHCP reservation, such as AP, computers, servers, cameras.
Other is just DHCP, I do not care what IP a phone has. The DHCP scope is small, I think it is 30 addresses.
VLAN666 (Alexia) is isolated and is straight DHCP, I don't manage the evil network...

bmeeks

@AndyRH said in Do you use dhcp reservations?:

I only use static when I have to, gateway, Proxmox, Piholes.
Anything that I care about the address is a DHCP reservation, such as AP, computers, servers, cameras.

Not trying to be argumentative, and don't want to start a war ... just asking why choose reservation over static when you want a given device to have a given IP.

To me, it is easier in such situations to use a static IP assignment. That way, should I replace the physical device, I simply configure it with the same static IP.

If I use a reservation, I have to find the new MAC address for the replacement device, then go edit the DHCP reservation, then either reboot the device or renew its lease so it picks up the proper IP address. It just seems like extra work. Carving out a section of the IP space for static assignments seems easier. For example, in a /24 netblock I might carve out .1 through .29 for static assignments (more or less depending on anticipated needs). And in the DHCP configuration in pfSense, you can't assign a reservation from your DHCP scope anyway. It must be a separate IP address not covered in the active DHCP scope pool. At least in Windows you can arbitrarily choose any IP within the scope to be a DHCP reservation.

AndyRH

@bmeeks No war needed. If I change PiHoles, which has happened, I update DHCP and the changes are propagated. Same thing with NTP.
When I changed physical firewalls, it was great. I just put in the new settings and waited a day then turned off the old one.
Either way is valid.

maverickws

@bmeeks said in Do you use dhcp reservations?:

just asking why choose reservation over static when you want a given device to have a given IP

Mind elaborating the difference between "reservation" and "static" in your perspective. afaik there is none.

bmeeks

@AndyRH said in Do you use dhcp reservations?:

@bmeeks No war needed. If I change PiHoles, which has happened, I update DHCP and the changes are propagated. Same thing with NTP.
When I changed physical firewalls, it was great. I just put in the new settings and waited a day then turned off the old one.
Either way is valid.

Agree that either way is valid. It is a lot based on personal preference.

I came from a Fortune 500 network environment where we managed probably 50,000 devices or more (nearly 30,000 of those were employee desktop PCs and laptops). We made extensive use of Windows DHCP dynamic DNS updates to register those employee devices so the internal Help Desk could find them quickly by name instead of having to talk the user through identifying the particular IP address they had at the moment. We named the devices using a variation of the employee's network login ID.

We also used small static IP blocks carved out of the various IP subnets. In those static blocks is where we put things like core switches, network closet switch stacks, and most servers.

bmeeks

@maverickws said in Do you use dhcp reservations?:

@bmeeks said in Do you use dhcp reservations?:

just asking why choose reservation over static when you want a given device to have a given IP

Mind elaborating the difference between "reservation" and "static" in your perspective. afaik there is none.

Reservation is a DHCP construct based off of the client's MAC address. So anytime the hardware changes (new device or replace the network card), the MAC changes and you need to edit the reservation in the DHCP server. With static IP, I simply type in the desired IP address in the client's network setup screen. Both yield the same end result -- a given client gets a particular fixed IP address. What's different is exactly how you get there (at least that's how I define it).

maverickws

@bmeeks I don't think it was ever discussed in this topic "client-side configurations".

Truth be told, there is no reference on the pfSense software to DHCP Reservations (may be wrong but I really don't think there are).
When you go to DHCP Server you have an option to add a static entry. I believe it's a colloquialism where people are using reservation instead of static entry. You can't add "reservations" on pfSense, at least not by that nomenclature.

bmeeks

@maverickws said in Do you use dhcp reservations?:

@bmeeks I don't think it was ever discussed in this topic "client-side configurations".

Truth be told, there is no reference on the pfSense software to DHCP Reservations (may be wrong but I really don't think there are).
When you go to DHCP Server you have an option to add a static entry. I believe it's a colloquialism where people are using reservation instead of static entry.

The wording can be confusing. I like to think of it as a reservation because you are reserving that IP address in the mind of the DHCP server, but only for a client whose MAC address matches the one you enter in the static assignment setup.

The other way, when I say "static", is on the actual client device I configure the network for "static IP" and not DHCP, and I manually type in the address and subnet I want that client to use. I realize that in the world of IoT, there may be devices that can only do DHCP, and if that is the case then you would need to use the DHCP reservation route to have a known, fixed IP address on the device.

So, to clarify, when I say "reservation" I am thinking of an entry in the DHCP server's configuration where I link a particular MAC address with a particular IP address. When I say "static", I am thinking of the situation where the client device is NOT using DHCP and I instead enter the IP information directly into the client manually. Been doing this sort of thing for a little over 40 years, and that's just the way I learned way back when.

mer

Yep. Been using them for a long time on the home network.
Makes it very easy to distingush "normal" devices from guests.
Since pretty much everything defaults to doing DHCP you wind up managing everything from a single place.

maverickws

@bmeeks got it.
I figured it was just some nuance of speech but wanted to clear it out just to make sure. Personally I most times call them "static mappings" or "arp mappings".

Also I believe there is a situation here, if I'm wrong please someone correct me but

pfSense allows a static mapping from many to one. This is, you can have several static entries using different MACs and the same IP address.
Now I am not sure because I hardly ever selected this option, but I figure when you select the option to have that
ARP Table Static Entry maybe then it is a reservation? Again, not sure on this one.
But in the true concept of the term, as it allows several entries for the same IP, it hardly ever is a reservation.
Also, by the way pfSense works, static mappings only exist outside the DHCP dynamic range, so an IP on the range "static" wouldn't go to the dynamic attributions.

Bob.Dig

I use it, even with IPv6.
(One person doesn't like this)

KOM

I don't use reservations at home or at the office. For me the only benefit would be easier renumbering, and that's something I haven't needed to do in the 20+ years I've been at this company. I report directly to the owners and they want to be able to do whatever they want when they want including weekends and evenings when I'm not around. I appreciate the security aspects but the owners don't like security getting in the way of their convenience.

azdeltawye

@johnpoz
Yes, I rely heavily on DHCP reservations for firewall rules and grouping of similar devices..

Does Kea DHCP not allow for static mappings?

azdeltawye

@bmeeks said in Do you use dhcp reservations?:

To me, it is easier in such situations to use a static IP assignment....

Maybe in some cases. However, many dumb IOT devices are 'hardwired' for DHCP.

MoonKnight

@johnpoz

Yes I use lot of DHCP Static Mappings all over my VLAN's :)