Do you use dhcp reservations?
-
@azdeltawye said in Do you use dhcp reservations?:
Does Kea DHCP not allow for static mappings?
It does, but does not register them in unbound for dns as of yet.
-
Yes, for all my home VLANs except the Guest one.
-
@maverickws said in Do you use dhcp reservations?:
Personally I most times call them "static mappings" or "arp mappings".
Why I called it out and hope make clear what I was talking about.. The static mapping term seems to be newer wording.. Us old farts, at least in my part of the world use reservation - because that is what they are, they are reservation for that mac to get this specific IP.. Kind of like when you make a reservation at a restraunt for table by the window..
But maybe it also just regions of the world use different terms?
That is another thing that is curious ;) maybe I could start another poll - hehehe
static mapping and arp mapping don't make a lot sense to me... Because that is not what it is, its a "reservation" on the dhcp server to give client X ip Y..
And unlike the Seinfeld episode, a dhcp server normally knows how to hold a reservation ;)
-
@johnpoz said in Do you use dhcp reservations?:
Us old farts, at least in my part of the world use reservation
Welcome to the official pfSense old farts club
. We can be the charter members! -
@johnpoz
I use them extensively. I also have Aliases for groups of addresses that I put them into, so I can make rules. Example Desktops, Laptops, and a combined alias of Computers (Desktop + Laptops). IOT devices, etc . . . .I leave DHCP assigned to a certain range for new devices. I periodically (about once per week) look for any leases in that range (and hunt them down and kill them - J/K). If they are a new device that needs to be statically mapped I do so. If it is some temporary device I just make a mental note of it.
Phizix
-
@johnpoz
This is the real problem with migrating to Kea at this time. It is irrespective of using static mappings (or reservations), fully DHCP or a combination of both on each subnet.A good network should be using SSL on servers/services. An API call or just using a web browser breaks the validation of your cert if you use IP address instead of a FQDN. Modern browsers also are stopping you by forcing an acknowledgement to go to the site if you did not use the correct name in the URL, i.e. IP address.
One way around this is to set up all servers, like NAS, Plex, Home Assistant, Grafana, Influx.... (whatever you have on your local network), with static IP's (or static mappings) and then manually create an entry in unbound. But that extra work, more like BOUND and not unbound.
Let's just keep asking to add the KEA to unbound integration as a priority.
In the meantime, I'll be watching for any isc-dhcp CVE's and determine if I go the manual BOUND route or not. -
@johnpoz May be sample bias as most users here are advanced.
@bmeeks Two reasons for us…
-
Windows 10 1607 feature update IIRC had a high tendency to (apparently) reset/reinstall the network adapter and therefore lose static IP settings. Have also seen this with resetting printers or other hardware.
-
if you need to change your subnet or especially mask it saves time touching each device to update manually.
-
-
@SteveITS said in Do you use dhcp reservations?:
May be sample bias as most users here are advanced.
That was my whole thought/point to be honest, I would think users of pfsense would lean towards being more advanced than your typical home router, what is an IP user ;)
Which is why I would think using reservations would pretty common.. Which so far that is what the poll is showing as well.
-
I do, most of my devices are dhcp reservations.
After the update I and bet a lot of other people went back to the old dhcp server.
-
@johnpoz said in Do you use dhcp reservations?:
static mapping and arp mapping don't make a lot sense to me... Because that is not what it is, its a "reservation" on the dhcp server to give client X ip Y..
eheh well I can tell you straight why I called them that. One of my first jobs was on the network department of a big local ISP. over 90% of CPE were Cisco devices managed by us. If you were adding a reservation you'd go with the command
arp <ip> <mac> etcso that's why we called them "static arps" if anyone needed a reservation we'd go with "add an arp". Static only in the sense it's quicker said and a bit shorter word than re-ser-va-tion. Even translated to PT eheh but again this is slang.
Won't find me arguing if one is better than the other, main thing is people understand what it does, I've heard calling it so many things. -
johnpoz LAYER 8 Global Moderatorlast edited by johnpoz Feb 23, 2024, 11:05 AM Feb 23, 2024, 11:03 AM
@maverickws And what cisco is that, that is not how you would make sure a device gets a specific IP out of the pool of dhcp running the cisco device.
Would be something like this
ip dhcp excluded-address 192.168.1.10 ip dhcp pool CLIENT_10 hardware-address 0034.121b.0c19 host 192.168.1.10 255.255.255.0That is how you would set a static arp.. That isn't going to have dhcp hand out anything specific for a specific device.
-
@johnpoz that was how we'd start the DHCP and establish a range for the pool instead of host.
I haven't been much around cisco lately but I'm pretty sure that was the command to add a reservation. I am probably mixing stuff. Let me check my notes! -
@johnpoz said in Do you use dhcp reservations?:
That is how you would set a static arp.. That isn't going to have dhcp hand out anything specific for a specific device.
Ok just checked so we didn't do it that way exactly. We'd create the ip DHCP pool and then invoke a static-bindings file that had the static bindings for that pool.
Part of my notes are not clear to me today, because I also have a whole part on adding ARP IP to Mac address mappings. Not sure if for quicker resolution, but I actually remember we used this plenty. -
@maverickws sure static aps are handy, etc.. But not really a "reservation" ;)
But sure they could go hand and hand with each other.
You find different terms all over the planet for sure, as long as you can convey what it is your actually talking about - doesn't really matter.. I have always used the term transit network for example, for a network that connects routers, etc. In my new gig working noticed some colleagues call them connector networks.. Ok that works too.. same thing ;)
And they use the term kit a lot, vs just gear or specific call out switch or router, or model of the device.. Again as long as we know what each other is talking about - doesn't really matter. And I find myself using some different terms now as well ;) Because that is the terms the team uses.
-
@johnpoz yeah I'm 100% with you.
Now I'm just mind bogged bc I can't remember exactly the context in we used the arp entries. Transit networks we used that too, and I believe we also used carrier networks. All and all, DHCP reservations or static mappings are in fact one of the most commonly used features. Clients get their addresses dynamically there is no need of configuring each client device, its mapping on the router and its done each device gets the proper IP. Wouldn't change a thing. -
Yeah I use static reseervations/mappings for numerous things.
I also usually add them for devices that statically configured because it makes them resolvable (except in Kea!) and prevents me forgetting and using that IP for something else. It also means if hat device forgets it's config and falls back to dhcp it still gets the same IP.
-
@johnpoz said in Do you use dhcp reservations?:
I would be running dhcp else where on my network that did
Exact.
On my captive portal network, reservations are impossible, as these devices are just part of 'my' network for a short time, they come and go.
On my main company LAN, and @home, I've a reservation for every device.
About 20 at work, and nearly as many @home.
Both IPv4 and Ipv6.My way of seeing things : as every device I use on my networks has a DHCP-client activated, I can 'admin' the DHCP process on the server = pfSense side. I've nothing to do on the device that is related to network settings.
Ok, maybe not nothing, as some still works with the "Microsoft Network Neighborhood" (is this still a ) thing. And another issue : most don't use the DHCP client ask (option 42) for a NTP client IP, so I have to enter it myself (= 192.168.1.1 as the IPv6 equivalent is a pain in the b*t).Right now, I can see that these devices :
🔒 Log in to view
don't have static DHCP leases, so these don't belong on my company LAN.
This could be a security issue. But ok, I know to who they belong ... -
@stephenw10 said in Do you use dhcp reservations?:
I also usually add them for devices that statically configured
I do the same for my main pc, but as of late have just left in dhcp mode.. If I have to change its IP for some test or something I just go to static, and then when I want to get back to my default setup I just move it back to dhcp..
But yeah adding a reservation for stuff you set static is good practice I would agree. Simple way to just know hey I assigned this ip to something already vs having to use some ipam software or spreadsheet or "memory" ;)
And yup if for some reason the thing does reset to default or whatever - if it comes up dhcp it will get the IP you want, etc.
-
I'm a long time user of ISC dhcpd for both enterprise and personal use. I certainly make use of reservations as well as many other custom options. This topic took me by surprise as I was unaware that dhcpd is no longer being maintained by ISC (I'm retired), so I spent a little time reading about migration to KEA as well as how to configure it. Perhaps I'm just old, but the new JSON configuration and the many restrictions and qualifications make it look like a serious step backwards. https://kea.readthedocs.io/en/latest/arm/config.html
--Larry
-
@johnpoz said in Do you use dhcp reservations?:
Reservations came up in one, do people even use them, etc.. Which got me curious.. I personally use them for everything...
Yes, I do; however, not on my edge firewall pfSense...just on my LAN with Mikrotik.
