Do you use dhcp reservations?
-
@maverickws And what cisco is that, that is not how you would make sure a device gets a specific IP out of the pool of dhcp running the cisco device.
Would be something like this
ip dhcp excluded-address 192.168.1.10 ip dhcp pool CLIENT_10 hardware-address 0034.121b.0c19 host 192.168.1.10 255.255.255.0That is how you would set a static arp.. That isn't going to have dhcp hand out anything specific for a specific device.
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@johnpoz that was how we'd start the DHCP and establish a range for the pool instead of host.
I haven't been much around cisco lately but I'm pretty sure that was the command to add a reservation. I am probably mixing stuff. Let me check my notes! -
@johnpoz said in Do you use dhcp reservations?:
That is how you would set a static arp.. That isn't going to have dhcp hand out anything specific for a specific device.
Ok just checked so we didn't do it that way exactly. We'd create the ip DHCP pool and then invoke a static-bindings file that had the static bindings for that pool.
Part of my notes are not clear to me today, because I also have a whole part on adding ARP IP to Mac address mappings. Not sure if for quicker resolution, but I actually remember we used this plenty. -
@maverickws sure static aps are handy, etc.. But not really a "reservation" ;)
But sure they could go hand and hand with each other.
You find different terms all over the planet for sure, as long as you can convey what it is your actually talking about - doesn't really matter.. I have always used the term transit network for example, for a network that connects routers, etc. In my new gig working noticed some colleagues call them connector networks.. Ok that works too.. same thing ;)
And they use the term kit a lot, vs just gear or specific call out switch or router, or model of the device.. Again as long as we know what each other is talking about - doesn't really matter. And I find myself using some different terms now as well ;) Because that is the terms the team uses.
-
@johnpoz yeah I'm 100% with you.
Now I'm just mind bogged bc I can't remember exactly the context in we used the arp entries. Transit networks we used that too, and I believe we also used carrier networks. All and all, DHCP reservations or static mappings are in fact one of the most commonly used features. Clients get their addresses dynamically there is no need of configuring each client device, its mapping on the router and its done each device gets the proper IP. Wouldn't change a thing. -
Yeah I use static reseervations/mappings for numerous things.
I also usually add them for devices that statically configured because it makes them resolvable (except in Kea!) and prevents me forgetting and using that IP for something else. It also means if hat device forgets it's config and falls back to dhcp it still gets the same IP.
-
@johnpoz said in Do you use dhcp reservations?:
I would be running dhcp else where on my network that did
Exact.
On my captive portal network, reservations are impossible, as these devices are just part of 'my' network for a short time, they come and go.
On my main company LAN, and @home, I've a reservation for every device.
About 20 at work, and nearly as many @home.
Both IPv4 and Ipv6.My way of seeing things : as every device I use on my networks has a DHCP-client activated, I can 'admin' the DHCP process on the server = pfSense side. I've nothing to do on the device that is related to network settings.
Ok, maybe not nothing, as some still works with the "Microsoft Network Neighborhood" (is this still a ) thing. And another issue : most don't use the DHCP client ask (option 42) for a NTP client IP, so I have to enter it myself (= 192.168.1.1 as the IPv6 equivalent is a pain in the b*t).Right now, I can see that these devices :
don't have static DHCP leases, so these don't belong on my company LAN.
This could be a security issue. But ok, I know to who they belong ... -
@stephenw10 said in Do you use dhcp reservations?:
I also usually add them for devices that statically configured
I do the same for my main pc, but as of late have just left in dhcp mode.. If I have to change its IP for some test or something I just go to static, and then when I want to get back to my default setup I just move it back to dhcp..
But yeah adding a reservation for stuff you set static is good practice I would agree. Simple way to just know hey I assigned this ip to something already vs having to use some ipam software or spreadsheet or "memory" ;)
And yup if for some reason the thing does reset to default or whatever - if it comes up dhcp it will get the IP you want, etc.
-
I'm a long time user of ISC dhcpd for both enterprise and personal use. I certainly make use of reservations as well as many other custom options. This topic took me by surprise as I was unaware that dhcpd is no longer being maintained by ISC (I'm retired), so I spent a little time reading about migration to KEA as well as how to configure it. Perhaps I'm just old, but the new JSON configuration and the many restrictions and qualifications make it look like a serious step backwards. https://kea.readthedocs.io/en/latest/arm/config.html
--Larry
-
@johnpoz said in Do you use dhcp reservations?:
Reservations came up in one, do people even use them, etc.. Which got me curious.. I personally use them for everything...
Yes, I do; however, not on my edge firewall pfSense...just on my LAN with Mikrotik.
-
@SteveITS said in Do you use dhcp reservations?:
if you need to change your subnet or especially mask it saves time touching each device to update manually.
I just had to do this - I set up a site-to-site VPN, and there was a subnet conflict between one of my subnets and one of the other side's subnets. I was able to change my subnet with little trouble, and all the devices with reservations picked up their new IP addresses automatically.
I also have some devices that I want static IPs for, but they do not have the ability to set a static IP. (Offhand, the first example that comes to mind is DoorBird doorbells, but there are some others too. These have an API that can be scripted, but that requires knowing how to contact them.) For these types of devices, DHCP reservations are critical.
-
@johnpoz
I use statics for important things not reservations. My network is so small at home that over the last 15 years or so I have changed equipment enough that I just use DHCP and adapt.
I guess I should also say I run DHCP off my Cisco L3 switch not Pfsense. -
@johnpoz
Sad: 1,200 views and ~32 (!!!!!!) votes -
@KOM said in Do you use dhcp reservations?:
I don't use reservations at home or at the office. For me the only benefit would be easier renumbering, and that's something I haven't needed to do in the 20+ years I've been at this company.
Static IP mapping are VERY USEFUL for pf rules writing and also give You flexibility when hardware changes.
If someone (I mean boss) not understanding this - it has a right to pay for extra work hours ;)
—
CLOSE SKY FOR UKRAINE https://youtu.be/_tU1i8VAdCo !
Help Ukraine to resist, save civilians people’s lives !
(Take an active part in public protests, push on Your country’s politics, congressmans, mass media, leaders of opinion.) -
hey all,
FYI: static mappings are in use here too. I have DHCP reservations for all my clients (pure home network). Used to do static IPs on clients directly but cahnged that to dhcp reservations. And no, not using the new kea dhcp...still the old stuff here. -
My decision and arguments for using “IP static mapping” in middle-size companies or small firms with @johnpoz answers and arguments You may read here: Static IP - MAC mapping inside DHCP dynamic pool - how to?.
Thank You all!
-
I use them for every single device on my network. My 48 bit addresses and layer 2 addresses are all purple here because I do not want any mac address cloning going on. That is a cool pen testing tool to see that done.
-
@JonathanLee said in Do you use dhcp reservations?:
I do not want any mac address cloning going on.
Who is going to clone your macs? And for what purpose? Mac cloning is only a thing if they are already on your network..
Here is my pc mac.. Clone away ;)
Connection-specific DNS Suffix . : home.arpa Description . . . . . . . . . . . : Killer E2600 Gigabit Ethernet Controller Physical Address. . . . . . . . . : B0-4F-13-0B-FD-16 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.9.100(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Wednesday, March 6, 2024 2:02:01 PM Lease Expires . . . . . . . . . . : Monday, March 18, 2024 2:02:00 PM Default Gateway . . . . . . . . . : 192.168.9.253 DHCP Server . . . . . . . . . . . : 192.168.9.253 DNS Servers . . . . . . . . . . . : 192.168.3.10 NetBIOS over Tcpip. . . . . . . . : EnabledI would love to hear your theory how anyone could use that to do anything? That doesn't already have full access to my network anyway..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@johnpoz bro now I can run airsnort on your network and packet sniff hahahaha. Jk
-
@Sergei_Shablovsky said in Do you use dhcp reservations?:
give You flexibility when hardware changes
New hardware? What's that?? My company runs on Dell blades from 2012. We don't ever get new hardware because that would cost more than zero. Same with our desktops.
