To assist you in your planning and implementation of DHCP on your subnet, please consider the following. Once you have decided on the configuration options as described below, the NOC will assist in setting up your subnet for DHCP. You can contact them by e-mail to hostmaster with your requests and/or questions.
Administration
- There is no fee to use DHCP.
- It can be managed by the local network administrator.
- Subnet mask and gateway information is automatically delivered to the clients based on the registered subnet.
Conventions
CIT's DHCP service can be customized for your environment. You should consider the following issues before establishing DHCP on your subnet:
- DHCP connections from hosts to the server fall into two categories:
- A known host or MAC is one that is registered with the DHCP server. You can set your DHCP network to handle known hosts in one of the following ways:
- If the current and registered subnets match, use the existing DNS static address.
or- If the subnets are different, either refuse to extend an IP address or use the Dynamic Pool to assign a temporary address on this subnet.
- An unknown host or MAC is a new system from an unregistered department or off-campus site. DHCP can be set to handle unknown hosts in one of the following ways:
- Refuse to assign a temporary address on this subnet.
or- Use the Registration Pool to assign a temporary address and send the user to the host registration page.
- You will have to determine what existing DNS subdomain name is to be associated with your subnet within the DHCP service. An appropriate subdomain may follow the form: dept.cornell.edu
- The default lease duration is 5 minutes for registration pools, 1 hour for dynamic pools, and 1 hour for DHCP statically assigned addresses. If you need other options please discuss it with CIT at configuration time.
- Decide on a prefix for the DNS registration of the pool addresses. For example, most DHCP hostnames include "dhcp" and some portion of the IP address and/or location (location may not be practical on subnets that cross various buildings or in buildings housing several departments). For example:
128.84.123.XXX dhcp-<building>-XXX.dept.cornell.edu 128.84.143.59 dhcp-bakerlab-59.chem.cornell.edu 128.253.2.110 dhcp-bradfield-110.css.cornell.edu
- Decide how to distribute the IP addresses of your subnet between statically assigned addresses, dynamic and registration pools.
DHCP can deliver a static DNS registered IP address to a specific system or it can dynamically select an address to be delivered.
DHCP selection can be set up in one of three ways:
- Option 1: (strongly recommended) a large static host space with small dynamic and registration pools. Unknown systems receive a temporary, restricted IP address and the user is directed to a web page to register and obtain a static DHCP IP address. A small dynamic pool for known MAC addresses only should also be included; this will allow a user who is registered on a different subnet within CIT's DHCP server to connect to your net and receive a temporary address from this dynamic pool without having to re-register. The dynamic pool can be on-campus restricted or fully Internet enabled.
- Option 2: same as 1 but with no dynamic pool. This option further restricts the subnet to its own users.
- Option 3: one large dynamic pool with a small floating registration pool. This would allow anyone to register and become known to the DHCP server without being assigned a static IP address. This option is best used for public nets or lab spaces.
Example 1: Department subnet
Configure DHCP on the 128.253.230 subnet for department ONR in the following manner:
You would assign to provide 128.253.230.11 - 244 Static IP addresses: Allow the users to select their own host names. 10.253.230.11 - 244 Static IP addresses assigned by the netadmin. 128.253.230.245 - 254 Dynamic pool: Allow addresses for known hosts for Cornell faculty and staff who plug into our subnet for lectures or discussions. 10.253.230.245 - 254 Registration pool: Set aside 10 addresses for registration of unknown hosts. DHCP Domain
DHCP DNS domain name: onr.cornell.edu Dynamic Pool Information (for known hosts):
Starting IP Address: 128.253.230.245 Ending IP Address: 128.253.230.254 DNS base name: dhcp-bakerlab-59- Registration Pool information (for unknown hosts):
Starting IP Address: 10.253.230.245 Ending IP Address: 10.253.230.245 DNS base name: reg-bakerlab-59- Allow user to choose host name: yes User registration will be: static
Example 2: Student lounge or class room, registered
Set up DHCP for a student area subnet in department BIB. Dynamic address range 128.253.210.11-60. Anyone can connect to this. Students with computers on ResNet will get a number without registration. Students from off-campus will have to register once to become "known" to the DHCP server. No static IP addresses are assigned. Lease for 10 minutes to free up addresses after students leave.
Subnet Information:
DHCP DNS domain name: bib.cornell.edu Dynamic Pool Information:
Starting IP Address: 128.253.210.11 Ending IP Address: 128.253.210.60 DNS base name: dhcp-bib221 Lease Timeout (seconds): 600 Registration Pool information:
Starting IP Address: 10.253.210.11 Ending IP Address: 10.253.210.60 DNS base name: reg-bib221 Allow user to choose host name: no User registration will be: floating
Example 3: Student lounge or class room, open
Set up DHCP for a student area subnet in BBM. Address range 192.192.192.11-40; allow anyone to connect to this, no registration required. The network covers only one or two rooms for short durations, making it an ideal location from which to launch a DOS attack. We can locate the place but not the person responsible.
This type of setup is no longer allowed under the new Network Registry policy, effective June 1, 2004
Clearing a block of addresses for use in DHCP
Systems that are already registered with DNS and that also fall into an IP address range that will be used for a DHCP pool will need to be removed. This does not affect hosts outside those ranges, which can be left alone, or you can add the MAC addresses to those hosts to create a DHCP static assignment. You can examine your registered host list on the DNS database web page.
Find out more:
