But now, you've got another problem. Your network is growing, and as new employees join the company, it is getting harder and harder for the IT staff (you) to visit every new employee's computer to assign an IP address. Wouldn't it be easier if there was a way for LAN hosts to automatically configure their own IP address?
Fortunately, there is. Cisco routers, Windows servers and most (if not all) *Nix servers can provide a service known as "DHCP" -- "Dynamic Host Configuration Protocol." DHCP is a service that listens for configuration requests, and negotiates a number of settings, such as an IP address, default gateway, and subnet mask. Here's how you set it up:
lab2651rtr# conf t
lab2651rtr(config)# ip dhcp excluded-address 192.168.1.1 192.168.1.31
lab2651rtr(config)# ip dhcp pool LANPOOL
lab2651rtr(dhcp-config)# network 192.168.1.0 255.255.255.0
lab2651rtr(dhcp-config)# dns-server 192.168.1.2
lab2651rtr(dhcp-config)# default-router 192.168.1.1
lab2651rtr(dhcp-config)# domain-name lan.example.com
lab2651rtr(dhcp-config)# lease 0 6 0
lab2651rtr(dhcp-config)# exit
lab2651rtr(config)# exit
lab2651rtr# write mem
Building configuration...
lab2651rtr#
Now, if you tell your PC's to automatically obtain an IP address, the router will negotiate an address with the hosts on your network, making your life a lot easier!
Here's how the configuration above works:
* The first line tells the DHCP server to set aside a block of addresses. 192.168.1.1, of course, is the IP address of the router itself, and the rest of the reserved IP addresses are for the servers the company will be using (with room for expansion). It is possible, of course, to automatically issue IP addresses to the servers, but most of the time, that's not a particularly good idea, because a server should always be reachable at the same address (that's not necessarily true, but dynamic DNS is well beyond the scope of this article, and it doesn't always work especially well, so I would avoid it on my server farm). However, if your servers are automatically being assigned IP addresses, they might sometimes get a different address than they had last time, which can make it difficult for your users to find the server on the network when they need a resource it provides!
* The second line defines the pool of addresses that we will be handing out to our users.
* The third line defines the network from which we will be assigning the IP addresses (all addresses we are handing out belong to the 192.168.1.0/24 network).
* The fourth line tells the DHCP clients what server IP address to use for name service resolution (DNS). Notice that the address we are using for our DNS server is one of the 31 IP addresses that we reserved earlier.
* In the fifth line, we tell our clients who their default gateway (default router) is. Notice that it's the very router that we are working from.
* In the sixth line, we define our domain name. This domain name will be assigned to any hosts that negotiate an IP address with the router.
* In the seventh line, we set the length of time for which the IP address is valid. The format is "days hours seconds", so in this case, the router will reserve the IP address for exactly four hours. Just as a quick aside, there are some points about DHCP that are worth discussing at this point, as they relate to the lease time. First, it's very important that our hosts are able to renew their IP addresses before their leases expire, because otherwise they won't be able to communicate on the network. However, no man-made device ever has 100% uptime (although Unix servers come close, lol!) so the creators of the DHCP protocol built in a mechanism to make sure that network hosts renew their lease well before they expire. In fact, a network host will attempt to renew it's lease when HALF of the lease time has elapsed. So if we set the lease time to four hours, then after two hours, our hosts will attempt to renew their leases. If the DHCP server is down, then the network admin -- you -- have two hours to fix it before anybody notices. The shorter you set the lease time, the less time you have to fix problems. However, you don't want to set your lease times too long. Hosts break, employees come and go, business partners might connect to your network for short periods of time and therefore, your DHCP server *may* be frequently assigning new IP addresses to new computers on the LAN. Since your IP pool is limited, you don't want to wait too long for a lease to expire on a host that may not even still be connected to the network, since that IP address cannot be reused until the lease expires. Consequently, setting the lease period is a tuning process. The greater the ratio between the number of IP addresses you have available and the number of hosts you actually have on the network, and the less often your network changes, the longer the lease time you can use without ill effects. On the other hand, if you have a small IP pool with a lot of hosts on your network, or if you have a lot of hosts connecting, disconnecting and reconnecting with short time spans, the quicker you will want the leases to expire. To get a better idea of what I'm talking about, find three computers to connect to your LAN, and create a DHCP pool of two IP addresses. Set all three computers to obtain an IP address automatically, and set the lease time to an absurdly small number, say five minutes. Turn on all three computers. What happens? Now turn off one of the computers that successfully obtained an IP address, and try to obtain an IP address on the one that did not successfully negotiate an address. Now what happens? Wait three minutes and try to obtain an address again. What happened this time?
There are a number of other options we can set to modify the behaviour of DHCP, but we won't need those on our network quite yet. However, in the next lesson, we'll start playing with some of those options.
No comments:
Post a Comment