DHCP client moving between networks

[Tim Gavin]

I have a DHCP server (on Debian) that handles several VLANs.  I am
also in the middle of rebuilding the physical and logical network.
Occasionally, this means moving large numbers of hosts between vlans.

A few weeks ago, I moved about 150 users to a new VLAN on my network
in a midnight maintenance window.  When I did, something unexpected
happened. . . I changed from a private NAT (172.16.x.x) to public IPs
(216.x.x.x).

Beforehand, I had set my main DHCP pool to one hour leases (there were
roughly 2000 users on it originally).  When I did this, all of the
clients sent DHCPREQUESTs for their 172. addresses, and I expected the
server to respond with a "wrong network" or some other error
condition, and issue them a new lease.  Instead, they sent a "DHCPACK"
and the client kept their lease.  Obviously, the clients couldn't get
out, since their network and gateway were invalid.

At the time, I just killed that VLAN interface on the server, and
waited for the lease timeout, and reconnected it.  Then the users all
got new leases.

I'm going to be doing this again in the future, and will probably be
doing it with larger numbers of users that will not accept the
downtime waiting for everyone else's leases to expire.  Can someone
tell me what I'm doing wrong, or how to work around this?  Most of my
clients are using Windows clients, but a lot of them are using
residential routers or computers with other OSs, so there is no client
consistency.  Since I'm at an ISP, I can't mandate a change client
side.

I KNOW I've seen an answer to this somewhere. . . something about a
guy using his laptop on multiple floors of a building or something,
but I can't find it anywhere now (wish I had read it then, was looking
for something else :-/ ), so a link to info would be fine :-D

Thanks,

Tim