Results 1 to 8 of 8

Thread: Running out of DHCP address leases howto rectify?

  1. #1
    connor_a@hotmail.com Guest

    Running out of DHCP address leases howto rectify?

    Hi everyone,

    What is the best way to add more address leases in DHCP to support
    multiple subnets for 400 - 600 users in a single building?

    On idea would be to create a DHCP superscope with RRAS enabled to
    perform the routing between subnets but this would place too heavy
    load on the DC which is also the DHCP server.

    I'm thinking more toward using DHCP relaying on the switches but not
    sure if the switches can perform the layer 3 routing.

    Any suggestions most appreciated.

    Thanks!


  2. #2
    Ace Fekay [MVP] Guest

    Re: Running out of DHCP address leases howto rectify?

    In news:9db901bd-238d-4b70-8d69-4c5d238d6095@h11g2000prf.googlegroups.com,
    connor_a@hotmail.com <connor_a@hotmail.com> typed:
    > Hi everyone,
    >
    > What is the best way to add more address leases in DHCP to support
    > multiple subnets for 400 - 600 users in a single building?
    >
    > On idea would be to create a DHCP superscope with RRAS enabled to
    > perform the routing between subnets but this would place too heavy
    > load on the DC which is also the DHCP server.
    >
    > I'm thinking more toward using DHCP relaying on the switches but not
    > sure if the switches can perform the layer 3 routing.
    >
    > Any suggestions most appreciated.
    >
    > Thanks!



    Just add a scope for that subnet. If the router doesn't handle IP helper or
    relay, you can setup a relay agent on the other subnet(s) and specify the
    DHCP server at the main office. You really don't want to multihome a DC (if
    that was what you were implying). This will introduce numerous errors with
    AD and the clients if not configured properly. If you were not implying
    that, good.

    For the relay agent on the other subnet, you can install RRAS on a server
    and enable the Relay agent. However, if you have the possibility of adding
    another server at another subnet, why not just configure DHCP over there?

    --
    Regards,
    Ace

    This posting is provided "AS-IS" with no warranties or guarantees and
    confers no rights.

    Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
    MVP Microsoft MVP - Directory Services
    Microsoft Certified Trainer

    Infinite Diversities in Infinite Combinations






  3. #3
    connor_a@hotmail.com Guest

    Re: Running out of DHCP address leases howto rectify?

    On Jan 20, 1:39*pm, "Ace Fekay [MVP]" <PleaseAs...@SomeDomain.com>
    wrote:
    > Innews:9db901bd-238d-4b70-8d69-4c5d238d6095@h11g2000prf.googlegroups.com,


    >
    >
    > Just add a scope for that subnet. If the router doesn't handle IP helper or
    > relay, you can setup a relay agent on the other subnet(s) and specify the
    > DHCP server at the main office. You really don't want to multihome a DC (if
    > that was what you were implying). This will introduce numerous errors with
    > AD and the clients if not configured properly. If you were not implying
    > that, good.
    >
    > For the relay agent on the other subnet, you can install RRAS on a server
    > and enable the Relay agent. However, if you have the possibility of adding
    > another server at another subnet, why not just configure DHCP over there?


    Hi Ace,

    Thanks for the reply and ideas. I have a single DC in the building
    which also hosts DNS and DHCP for 4 floors.

    We have about 20 DHCP leases available on the existing 147.109.x.y
    subnet
    This subnet needs to be migrated to a 10.16.128.0/23 subnet range
    (10.16.128.0 - 10.16.131.0) so more hosts can be available.

    What would be the best DHCP migration strategy to achieve this?

    Thanks.

  4. #4
    Ace Fekay [MVP] Guest

    Re: Running out of DHCP address leases howto rectify?

    In news:3ff2a6af-9084-491c-ba84-1e84e387f2a5@q77g2000hsh.googlegroups.com,
    connor_a@hotmail.com <connor_a@hotmail.com> typed:

    >
    > Hi Ace,
    >
    > Thanks for the reply and ideas. I have a single DC in the building
    > which also hosts DNS and DHCP for 4 floors.
    >
    > We have about 20 DHCP leases available on the existing 147.109.x.y
    > subnet
    > This subnet needs to be migrated to a 10.16.128.0/23 subnet range
    > (10.16.128.0 - 10.16.131.0) so more hosts can be available.
    >
    > What would be the best DHCP migration strategy to achieve this?
    >
    > Thanks.


    Sorry for the late reply.

    So you are looking at a major IP migration from a public range to a private
    range and not simply extending the current scopes. You have a major
    undertaking on your hands. Let's see... from memory:

    Come up with a plan that includes an IP range for all servers and static set
    hosts, as well as an IP range for each floor, unless you simply use the same
    subnet for teh whole building, which is what most designs entail, and MUCH
    easier to deal with.
    For the whole building, I would probably use, which will give you 65,000
    IPs:
    10.10.0.0/16

    If you want to keep with the separate subnets for each floor, which I think
    complicates matters with DHCP and connecitivity), I would break it down to
    the following whch will give you 4096 hosts for each subnet:
    10.10.0.0/20 (10.10.0.0 - 10.10.15.255)
    10.10.16.0/20 (10.10.16.0 - 10.10.31.255)
    10.10.32.0/20 (10.10.32.0 - 10.10.47.255)
    10.10.48.0/20 (10.10.48.0 - 10.10.63.255)
    etc

    Change the DC/DNS servers IPs
    Re-register them in DNS
    Make sure all old IP refefences are manually removed if the registration
    process above does not overwrite the old ones, which it should.
    Create a new reverse zone for the planned IP subnets, Make sure updates are
    allowed.
    Change all of your servers' IPs.
    Change any static hosts, including printer cards, and other IP static
    entries.
    Make sure the above works, AD is functional, the DCs and servers can get to
    the printers, etc.
    Make sure the router can handle NAT. If not, time to look for a new one.
    Change the internal IP of the router.
    If using multiple floors, change the static route entries on the edge router
    to be able to get to the other subnets.
    Test internet connectivity from your DCs and servers.
    DHCP - Take note of exclusions, reservations, etc. Delete all scopes.
    Create a new big scope, or multiples if you still dealing with separate
    scopes for each floor.
    Test with a couple of workstations, logons, internet connectivity, printers,
    resource access, etc.

    I'm sure I missed a few steps and only briefed over many. This should give
    you a good start.

    Ace



  5. #5
    connor_a@hotmail.com Guest

    Re: Running out of DHCP address leases howto rectify?

    On Jan 24, 4:56*pm, "Ace Fekay [MVP]" <PleaseAs...@SomeDomain.com>
    wrote:
    > Innews:3ff2a6af-9084-491c-ba84-1e84e387f2a5@q77g2000hsh.googlegroups.com,
    > conno...@hotmail.com <conno...@hotmail.com> typed:
    >
    >
    >
    > > Hi Ace,

    >
    > > Thanks for the reply and ideas. I have a single DC in the building
    > > which also hosts DNS andDHCPfor 4 floors.

    >
    > > We have about 20DHCPleases available on the existing 147.109.x.y
    > > subnet
    > > This subnet needs to be migrated to a 10.16.128.0/23 subnet range
    > > (10.16.128.0 - 10.16.131.0) so more hosts can be available.

    >
    > > What would be the bestDHCPmigration strategy to achieve this?

    >
    > > Thanks.

    >
    > Sorry for the late reply.
    >
    > So you are looking at a major IP migration from a public range to a private
    > range and not simply extending the current scopes. You have a major
    > undertaking on your hands. Let's see... from memory:
    >
    > Come up with a plan that includes an IP range for all servers and static set
    > hosts, as well as an IP range for each floor, unless you simply use the same
    > subnet for teh whole building, which is what most designs entail, and MUCH
    > easier to deal with.
    > For the whole building, I would probably use, which will give you 65,000
    > IPs:
    > 10.10.0.0/16
    >
    > If you want to keep with the separatesubnetsfor each floor, which I think
    > complicates matters withDHCPand connecitivity), I would break it down to
    > the following whch will give you 4096 hosts for each subnet:
    > 10.10.0.0/20 * (10.10.0.0 - 10.10.15.255)
    > 10.10.16.0/20 (10.10.16.0 - 10.10.31.255)
    > 10.10.32.0/20 (10.10.32.0 - 10.10.47.255)
    > 10.10.48.0/20 (10.10.48.0 - 10.10.63.255)
    > etc
    >
    > Change the DC/DNS servers IPs
    > Re-register them in DNS
    > Make sure all old IP refefences are manually removed if the registration
    > process above does not overwrite the old ones, which it should.
    > Create a new reverse zone for the planned IPsubnets, Make sure updates are
    > allowed.
    > Change all of your servers' IPs.
    > Change any static hosts, including printer cards, and other IP static
    > entries.
    > Make sure the above works, AD is functional, the DCs and servers can get to
    > the printers, etc.
    > Make sure the router can handle NAT. If not, time to look for a new one.
    > Change the internal IP of the router.
    > If usingmultiplefloors, change the static route entries on the edge router
    > to be able to get to the othersubnets.
    > Test internet connectivity from your DCs and servers.DHCP- Take note of exclusions, reservations, etc. Delete all scopes.
    > Create a new big scope, or multiples if you still dealing with separate
    > scopes for each floor.
    > Test with a couple of workstations, logons, internet connectivity, printers,
    > resource access, etc.
    >
    > I'm sure I missed a few steps and only briefed over many. This should give
    > you a good start.
    >
    > Ace


    Thanks Ace for the info. Yes, we have a plan to standardise address
    ranges for servers, printers, switches etc

    I have been allocated the 10.16.128.0/23 address range. According to
    http://www.subnet-calculator.com/, this gives me 512 hosts between two
    subnets:

    10.16.128.0
    10.16.129.0

    If I have 10 procurve switches, a couple for each floor, whats the
    best migration strategy if there is procurve 'core' switch that is
    layer 2 / layer 3

    One DC for the entire building!

    Thanks.


  6. #6
    Ace Fekay [MVP] Guest

    Re: Running out of DHCP address leases howto rectify?

    In news:9e6a7a9c-93d1-4d67-92fd-d70264abe196@y5g2000hsf.googlegroups.com,
    connor_a@hotmail.com <connor_a@hotmail.com> typed:

    > Thanks Ace for the info. Yes, we have a plan to standardise address
    > ranges for servers, printers, switches etc
    >
    > I have been allocated the 10.16.128.0/23 address range. According to
    > http://www.subnet-calculator.com/, this gives me 512 hosts between two
    > subnets:
    >
    > 10.16.128.0
    > 10.16.129.0
    >
    > If I have 10 procurve switches, a couple for each floor, whats the
    > best migration strategy if there is procurve 'core' switch that is
    > layer 2 / layer 3
    >
    > One DC for the entire building!
    >
    > Thanks.


    I still think it complicates it a bit. And did you know it is recommended to
    have a minimal of two DCs per domain? What would happen if the only one DC
    you have fails? The whole company is down and you may lose all your user
    accounts.

    How many floors do you have? Two or five? If five, I guess you have two
    ranges for five different floors? Will one subnet handle multiple floors in
    your plan? Do you want to use the layer 3 functions of the switch with
    VLANs?

    Ace




  7. #7
    connor_a@hotmail.com Guest

    Re: Running out of DHCP address leases howto rectify?

    On Jan 28, 2:09*pm, "Ace Fekay [MVP]" <PleaseAs...@SomeDomain.com>
    wrote:
    > Innews:9e6a7a9c-93d1-4d67-92fd-d70264abe196@y5g2000hsf.googlegroups.com,


    > > Thanks.

    >
    > I still think it complicates it a bit. And did you know it is recommended to
    > have a minimal of two DCs per domain? What would happen if the only one DC
    > you have fails? The whole company is down and you may lose all your user
    > accounts.
    >
    > How many floors do you have? Two or five? If five, I guess you have two
    > ranges for five different floors? Will one subnet handlemultiplefloors in
    > your plan? Do you want to use the layer 3 functions of the switch with
    > VLANs?


    Hi Ace, apologies for not letting you know there is a single DC in the
    building and about another 20 statewide.

    We have about 5 floors:

    Floor 9
    Floor 8
    Floor 5
    Floor 4
    Floor 3

    Floor 9 has the 'core' layer 2 / layer 3 switch alongside about 4
    other switches servicing floors 9 and 8.
    Floor 5 has a 2524 switch
    Floor 4 has a 2524 switch
    Floor 3 has a 2524 switch

    What I'm proposing to do is:

    1) Document existing wall outlet to switch port mappings all floors
    2) Re-configure wall outlet to switch port mappings on a per floor
    basis if possible for ease of management and migration

    2) Add a spare procurve switch on floor 9
    3) On this spare switch create a VLAN IP address 10.16.128.6 in the
    new subnet range
    4) Then add an IP address-helper command on the VLAN to point the to
    DC DHCP Server 147.109.x.2

    5) Migrate each client from Floor 9 1st switch to the spare switch ie
    ports A1-A8, then B1-B8, C1-C8, D1-D8 etc
    6) Relocate remaining ports in use on 1st switch
    7) Use empty switch to and start over again.

    Sound like a plan?

    Thanks for you input Ace, much appreciated.

  8. #8
    Ace Fekay [MVP] Guest

    Re: Running out of DHCP address leases howto rectify?

    In news:73638c26-4521-445b-96ce-7a68522c674f@v17g2000hsa.googlegroups.com,
    connor_a@hotmail.com <connor_a@hotmail.com> typed:

    > Hi Ace, apologies for not letting you know there is a single DC in the
    > building and about another 20 statewide.
    >
    > We have about 5 floors:
    >
    > Floor 9
    > Floor 8
    > Floor 5
    > Floor 4
    > Floor 3
    >
    > Floor 9 has the 'core' layer 2 / layer 3 switch alongside about 4
    > other switches servicing floors 9 and 8.
    > Floor 5 has a 2524 switch
    > Floor 4 has a 2524 switch
    > Floor 3 has a 2524 switch
    >
    > What I'm proposing to do is:
    >
    > 1) Document existing wall outlet to switch port mappings all floors
    > 2) Re-configure wall outlet to switch port mappings on a per floor
    > basis if possible for ease of management and migration
    >
    > 2) Add a spare procurve switch on floor 9
    > 3) On this spare switch create a VLAN IP address 10.16.128.6 in the
    > new subnet range
    > 4) Then add an IP address-helper command on the VLAN to point the to
    > DC DHCP Server 147.109.x.2
    >
    > 5) Migrate each client from Floor 9 1st switch to the spare switch ie
    > ports A1-A8, then B1-B8, C1-C8, D1-D8 etc
    > 6) Relocate remaining ports in use on 1st switch
    > 7) Use empty switch to and start over again.
    >
    > Sound like a plan?
    >
    > Thanks for you input Ace, much appreciated.


    Your setup is much more complex than I thought. Apparently you are part of
    an enterprise design and not a stand alone at this location. The plan sounds
    fine. The IP helpers for the VLAN on the Procurvce are essentially the DHCP
    relay agents. The Procurve essentially will be your router to the other
    subnets on the floors. Since the one DC at 147.109.x.x will be handling it,
    make sure when you setup the IP helper you test and make sure you are
    getting an address from it.

    Mapping the ports to wall outlets is the ultimate in keeping track of each
    machine by MAC address and you can deny a MAC address and it will not be
    able to connect.

    I think you have a good plan. Did they tell you what IP ranges should be on
    each floor?

    Ace




Similar Threads

  1. script to get MAC address info. from DHCP
    By SalemOR97301 in forum Windows Server Help
    Replies: 3
    Last Post: 11-01-2014, 09:14 AM
  2. DHCP address
    By mangotra_rohit123 in forum Networking & Security
    Replies: 1
    Last Post: 20-04-2011, 05:56 PM
  3. Can't get IP address via DHCP
    By intoxicating in forum Networking & Security
    Replies: 3
    Last Post: 02-02-2011, 06:29 PM
  4. DHCP deny mac address
    By HWhite in forum Windows Server Help
    Replies: 5
    Last Post: 28-03-2009, 12:26 AM
  5. Replies: 0
    Last Post: 04-11-2008, 12:29 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •