Multiple DHCP scopes (ranges) for single interface / supernetting bug in Windows



  • I noticed that Windows 2000 (supposedly, it affects every version before Vista) does not like IP addresses ending in x.x.x.255, e.g 192.168.23.255, even if the subnet mask (255.255.240.0 in my case) would allow it.
    Microsoft has documented this behavior in a knowledge base article (Issues with using supernetted IP address ranges). It seems like Windows still has some leftovers from the pre-CIDR era which cause this problem (every other OS handles it just fine).

    Because of this, it is impossible to use a DHCP range that includes more than 254 clients (e.g. 192.168.24.0-192.168.31.254) because clients that receive the .255 IP will not be able to use the network.

    For this reason, it would really be great if pfSense's Web GUI could add support for multiple DHCP scopes (so that I can enter 192.168.24.1-254, 192.168.25.1-254, 192.168.26.1-254, …, 192.168.31.1-254). ISC DHCPd already supports multiple scopes on a single interface, so it's only a Web GUI issue.
    The dhcpd.conf file would contain something like this for a multi-scope configuration:

    subnet 192.168.16.1 netmask 255.255.240.0 {
     range 192.168.24.1 192.168.24.254;
     range 192.168.25.1 192.168.25.254;
     range 192.168.26.1 192.168.26.254;
     range 192.168.27.1 192.168.27.254;
     range 192.168.28.1 192.168.28.254;
     range 192.168.29.1 192.168.29.254;
     range 192.168.30.1 192.168.30.254;
     range 192.168.31.1 192.168.31.254;
    }
    


  • I haven't tried this to see if it works, but could you set the xxx.xxx.xxx.255 addresses as static addresses to fake mac addresses? Not the best solution if you are DHCP'ing out a class A.



  • Interesting thought. I'll try it and let you know if it works.

    By the way, do you know in which order DHCPd hands out IPs from the scope? I noticed that (with a DHCP scope of 192.168.24.0-192.168.31.255), the IPs were handed out in an order something like this:
    192.168.31.255
    192.168.30.255,
    192.168.30.254
    192.168.29.255
    192.168.29.254
    192.168.29.253
    192.168.28.255
    I can't seem to find a pattern here.



  • Well, your suggestion doesn't work. Adding the invalid .255 IPs to the static leases, I'm getting the following error message in the web interface:

        * 192.168.24.255 is inside the range you specified.
        * 192.168.25.0 is inside the range you specified.
        * 192.168.25.255 is inside the range you specified.
        * 192.168.26.0 is inside the range you specified.
        * 192.168.26.255 is inside the range you specified.
        * 192.168.27.0 is inside the range you specified.
        * 192.168.27.255 is inside the range you specified.
        * 192.168.28.0 is inside the range you specified.
        * 192.168.28.255 is inside the range you specified.
        * 192.168.29.0 is inside the range you specified.
        * 192.168.29.255 is inside the range you specified.
        * 192.168.30.0 is inside the range you specified.
        * 192.168.30.255 is inside the range you specified.
        * 192.168.31.0 is inside the range you specified.
    

    Any other suggestions? My DHCP range is 192.168.24.0-192.168.31.255.


Locked