DHCP client moving between networks

Tim Gavin livewire98801 at gmail.com
Wed Sep 30 22:44:19 UTC 2009 

I'm keeping the 172 network on the vlan it was originally on.  I'm
essentially moving large numbers of hosts to another interface on the
router, and therefore the DHCP server.

Everything works after I let the leases expire on the new interface,
as when they sent the DHCPDISCOVER, they hit the new interface.  It
was only when the server got the DHCPREQUEST for the old address that
they got 172s.



On Wed, Sep 30, 2009 at 15:40, Shawn Holland <sholland at sandara.ca> wrote:
> On Wed, 2009-09-30 at 14:57 -0700, Tim Gavin wrote:
>> I have a DHCP server (on Debian) that handles several VLANs.  I am
>> also in the middle of rebuilding the physical and logical network.
>> Occasionally, this means moving large numbers of hosts between vlans.
>>
>> A few weeks ago, I moved about 150 users to a new VLAN on my network
>> in a midnight maintenance window.  When I did, something unexpected
>> happened. . . I changed from a private NAT (172.16.x.x) to public IPs
>> (216.x.x.x).
>>
>
> So did you remove the 172.16.x.x pool completely?
>
>> Beforehand, I had set my main DHCP pool to one hour leases
>
> This main pool.. is it the new 216.x.x.x pool?
>
>> (there were
>> roughly 2000 users on it originally).  When I did this, all of the
>> clients sent DHCPREQUESTs for their 172. addresses,
>
> Thats expected.
>
>>  and I expected the
>> server to respond with a "wrong network" or some other error
>> condition, and issue them a new lease.
>
> If the server is authoritative, and it doesn't know about the lease they
> are asking it should send a DHCPNACK
>
>> Instead, they sent a "DHCPACK"
>> and the client kept their lease.
>
> The server would only ACK if the lease they requested was still valid.
>
>> Obviously, the clients couldn't get
>> out, since their network and gateway were invalid.
>>
>> At the time, I just killed that VLAN interface on the server, and
>> waited for the lease timeout, and reconnected it.  Then the users all
>> got new leases.
>>
>
> It is possible that the leases file still contained their valid lease
> because it hadn't expired based on what was created originally with the
> old lease time.
>
>> I'm going to be doing this again in the future, and will probably be
>> doing it with larger numbers of users that will not accept the
>> downtime waiting for everyone else's leases to expire.  Can someone
>> tell me what I'm doing wrong, or how to work around this?  Most of my
>> clients are using Windows clients, but a lot of them are using
>> residential routers or computers with other OSs, so there is no client
>> consistency.  Since I'm at an ISP, I can't mandate a change client
>> side.
>>
>
> I would make sure that the leases file was updated to expire their
> leases.
>
>> I KNOW I've seen an answer to this somewhere. . . something about a
>> guy using his laptop on multiple floors of a building or something,
>> but I can't find it anywhere now (wish I had read it then, was looking
>> for something else :-/ ), so a link to info would be fine :-D
>>
>> Thanks,
>>
>> Tim
>
> It would be very helpful to post your dhcpd.conf file before and after
> the change. I'm just making an educated guess as to what teh problem is
> without seeing the conf.
>
> --
> Regards,
> Shawn Holland
> Sandara Technologies Ltd.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>

More information about the dhcp-users mailing list