dhcp fails with big dhcpd.leases

Simon Hobson dhcp1 at thehobsons.co.uk
Thu Sep 2 07:00:39 UTC 2010 

Thinking some more about this, I'll add a few thoughts on things that 
have popped up.

1) Big bridged network.
I'd personally doubt the sense in having one huge bridged network. If 
the number of active clients grows as big as dorian suggests, then I 
could see the amount of broadcast traffic getting quite significant. 
Unless all the links in the network are fairly high in capacity, I 
could see a situation where a big chunk of network capacity is taken 
up with broadcast traffic.
It potentially makes any troubleshooting harder, since it won't be 
quick and easy to identify the location of a device causing problems 
- that would involve looking into the traffic and querying switches 
etc to find the device (although he may have put systems in place to 
automate this).

2) Does anyone know if there are any problems running dhcpd on a 
bridge interface ?

3) dorian also suggests they want to keep client IPs the same and 
this is important for management purposes. Two problems with this :
Unless he uses fixed addresses or reserved leases, then a clients 
address is not guaranteed. All it takes is just one bad (or 
malicious) device, and some or all devices with expired leases could 
find their addresses change when they next connect.
Secondly, any device can change it's address quite easily - just by 
changing client-id (trivial) or MAC address (almost trivial these 
days).

Relying on IP addresses not changing is likely to come back at some 
point and bite - badly. It also means that the evidence is unreliable 
should it be used for legal purposes. There has already been at least 
one well publicised case where an innocent victim was dragged into 
court on copyright theft charges because the ISP got their timezone 
wrong and gave the wrong customer details relating to the IP in 
question.

If you need to keep track of who is using the network and when and 
what they are doing (such as billing for traffic) then some other 
mechanism needs to be in place - neither IP nor MAC address are 
adequate for this.

3b) Giving customers the appearance of fixed addresses will raise 
expectations. Some customers will get accustomed to it, and will get 
upset if their IP does change. Having fewer IPs than customers (but 
enough to satisfy all concurrent needs) and forcing some churn will 
keep expectations realistic.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list