Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    DHCP Problem/Question

    Scheduled Pinned Locked Moved
    DHCP and DNS
    3
    4
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      thafener
      last edited by

      Hi @ll

      I am using pfsense in a Hotel with some 200 rooms with big success, it works great. But :

      All the various Smartphones and Laptops have WLAN enabled per default and though they
      are not logged in to the captive portal they are using a IP Adress in case they connect to
      the Wireless LAN.

      Though there are often more than 2 people per room and many have a smartphone, a Tablet
      and a Laptop and all of them are on I am running out of IP Adresses during peak times.

      Of course I could change from a class C to a class B private network, but some of my access
      points are not capable of this.

      I think there is no way from preventing the machines from obtaining a IP adress as soon as
      they connect to the network, correct ?

      So does anyone of you have a Tip for me how to solve this issue in a convenient way ?

      Thank you in advance

      thafener

      1 Reply Last reply Reply Quote 0
      • T
        tommyboy180
        last edited by

        As as network professional, I always base a public network using a private /8 network.
        The problem can be solved by changing over to /8 private address space.

        You mentioned that your APs will not working with 'class B' network ranges..why? Just move to a /8 private IP range.

        -Tom Schaefer
        SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

        Please support pfBlocker | File Browser | Strikeback

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          The way you address that in any network with a large number of devices that change frequently is to use a short lease length (equal to the length of your captive portal hard timeout if you're using CP, otherwise a couple hours is generally a fine choice), and make sure your pool is much larger than the number of devices that will connect within that period.

          I would never use a /8 under any circumstances, you don't need 16 million devices on the network (if you do, you seriously need to reconsider your network design as that's not going to work), and using 10./8 will break every VPN where the person is trying to get to any 10.x.x.x IP space over the VPN because they'll see that as local IP space. You're going to create problems for your users if you're using a /8.

          It shouldn't matter whether or not your APs can use a /16 mask, from the client's perspective they should be nothing more than a dumb bridge. For management purposes, you'll want an IP, but you'll want that on a separate VLAN and subnet from the client devices as you don't want them having access to the management interfaces of any devices along those lines. If you're stuck with no other option, then use a different static private IP subnet on the same broadcast domain, a /24 is fine, for management of APs.

          1 Reply Last reply Reply Quote 0
          • T
            tommyboy180
            last edited by

            Good point. VPNs would be a huge issue with that ip range.

            -Tom Schaefer
            SuperMicro 1U 2X Intel pro/1000 Dual Core Intel 2.2 Ghz - 2 Gig RAM

            Please support pfBlocker | File Browser | Strikeback

            1 Reply Last reply Reply Quote 0
            • First post
              Last post