Anyone use DHCP for address allocation on their corporate network? Do you just let it dish out addresses at random?
A safer way, though admittedly a far more tedious approach, is to dish out addresses based on the MAC address of the network card. I know it means people have to ask you before they can get on the LAN, but in my mind this is a good thing.
If you can enforce a one-to-one mapping of IP address to MAC address, not only is troubleshooting made easier, but it means that you know what's connected to the network.
The initial setup process is tedious, as you have to do a MAC address audit of everything you own and introduce a policy for people bringing in their laptops for the first time. But it's well worth it, and all of the popular DHCP servers (including the one that comes with Red Hat Linux and the one in Windows 2000 Server) can handle this mapping process. Oh, and make sure you use something like "arpwatch" to monitor the network for new addresses or people changing the IP address of their PC by hand.
Bookmarks