4.1 Creating a Scope, Scope Options, Reservations
Basics
A DHCP server has a limited number of IP addresses it can assign to a device. This range is called the DHCP scope. This range is customizable by the network administrator.
Terms to Know
You should know the following terms:
- DHCP discovery message
- DHCP/IP helpers
- DHCP relay
- DHCP scope
- Dynamic IP address
- Lease
- Multiple DHCP Scopes per Interface feature
- Reservation
- Static IP address
- Trusted agent
Information
A DHCP server assigns a dynamic IP address to a device, meaning that the IP address is considered leased for a set amount of time. That device does not get to keep that IP address permanently, which would be a static address. Instead, it has to periodically send requests to renew the lease while it is on the network. That keeps the IP addresses available for use even as new devices are added, as long as enough addresses are available in the server’s scope.
There may be cases where you want a device to be given the same IP address on your network from your DHCP server any time it is connected to your network. In that case, you can create a reservation for that device using its unique MAC address. Reservations are usually only used for special devices, such as Web servers, DHCP servers, DNS servers, routers, or network printers.
Scope Options
Your network administrator, which may be you, configures information for your DHCP server in a database by creating a DHCP scope. The information in the scope may include:
- The range of valid IP addresses as well as any IP addresses you do not want assigned. This may be referred to as a scope or pool of resources.
- The subnet mask
- Default gateway addresses
- DNS server addresses
- The length of the IP lease before it has to be renewed
You may also include additional configurations, such as any IP addresses that are reserved for specific devices or the IP address for a Voice Server or Gateway.
Multiple Scopes in the Same DHCP Server
If you are running multiple subnets in your network, a single DHCP server can provide IP addresses for host devices in multiple subnets, as long as it has a little help. In order for a host device to obtain a valid IP address when it joins a network, it sends out a broadcast DHCP discovery message to try to contact the DHCP server. You may remember that a broadcast message sends out a request to all of the devices on a network.
However, when using subnets, you’ve set up routers to regulate traffic. Generally, routers do not forward broadcast messages. That can stop that DHCP Discovery message from leaving the subnet it originated in and preventing new host devices from joining your network, even if it is an approved user and IP addresses are available. So, if you’ve set up several subnets controlled by routers, but you only have one DHCP server, how does that broadcast message get to the DHCP server so any new host on any subnet can obtain a valid IP address?
DHCP/IP Helpers
DHCP/IP Helpers are available when using the Multiple DHCP Scopes per Interface feature on your DHCP server and some helpers on your routers. On your DHCP Server, the Multiple DHCP Scopes per Interface feature can allow one DHCP server to manage multiple scopes of IP addresses that correspond to your subnets.
When a router on a subnet receives a broadcast DHCP request from a new host, but the DHCP router is NOT in the same subnet, you can configure the router with a DHCP relay, also called an IP Helper. This helper knows the router needs to transmit DHCP messages to and from the DHCP server. You configure the DHCP Helper to know the static IP address for the DHCP server, and any DHCP messages are transferred directly to that IP address. The DHCP server then runs through its usual routines to determine if there is a valid IP address within its scope and transmits the appropriate IP information back to the new host device on its appropriate subnet.
The Multiple DHCP Scopes per Interface should be configured to accept and transmit messages only from trusted agents. This may be an Advanced Setting on your server. It allows you to assign the routers on the network that manage your subnets to be identified as trusted agents. Requests from other agents can be considered malicious and discarded.
Additional Resources
Here are additional resources you may find useful:
- DHCP Explained - Dynamic Host Configuration Protocol by PowerCert Animated Videos
- What is a DHCP scope/pool? Helpful table from ShilpaSYS
- Multiple DHCP Scopes per Interface from sonicwall
Options for DHCP Settings for Windows can be found from your server manufacturer. For example:
- Windows Server documentation can be found at Learn Microsoft.
- You can also find step-by-step directions on How to Create a New Scope
For Linux users, one option to consider is https://linux.die.net/man/8/dhcpd
Task/Self-Assessment
Complete the following task or self-assessment:
- Review the information configured in your DHCP scope.
You may need to collaborate with someone if you don’t have access to this level of information. Some of this information can be found elsewhere, like the subnet mask, default gateway, and DNS server address. The scope can show the range of valid IP addresses and any reserved IP addresses. It also includes the length of the IP lease before it has to be renewed.
- Does your network use the Multiple DHCP Scopes per interface feature to manage multiple scopes across subnets in your network?
- If so, determine how IP helpers are configured to accept and transmit messages from trusted agents.