MAC randomisation and DHCP pools

glenn.satchell at uniq.com.au glenn.satchell at uniq.com.au
Mon Jul 27 13:08:09 UTC 2020 

Hi Mike,

Going back to the original question where you have a pool of 100 leases 
and 50 clients with a 7 day lease time. Here is what I think might 
happen.

On day 1 the 50 clients each take one lease. 50 in use, 50 free.

On day 2 the 50 clients all have a new MAC address, now we assume that 
once the new MAC switches over the next time the client tries to renew 
it will not match the old lease but will get a new lease. With a 7 day 
lease the usual renewal time is half way through the lease, so none of 
these 50 clients try to renew until 3.5 days after initially getting the 
lease. So no problems for days 2 or 3 until later in the day.

So now we have 50 old leases and 50 new leases. Of course some systems 
may have been shutdown and released their lease, so maybe less than 50 
leases in use initially so <50 old leases and 50 new leases.

On day 4 the first few clients to renew with a new MAC address use up 
the previous few free leases. Other clients get "no free leases". The 
dhcp server can't revoke a lease it has already legitimately given to a 
client. I would expect this behaviour to continue until the first of the 
7 day leases expire.

Now the question is, for a client with a new MAC address, but possibly 
the same dhcp-identifier, will it match the existing lease? If it does 
match,then no problem. Behaviour will be much the same as previously.

The other thing with this is that if the client gets a new IP address, 
all existing sessions break, so apps and webpages may have to reload or 
may not pass authentication. So there could be a noticeable 
interruption.

The above is what I think will happen based on my understanding of ISC 
dhcpd. I don't really know exactly how the new IOS version will behave. 
I would suggest setting up a trial and testing with one of these new 
devices and see what actually happens. There are too many variables to 
predict what will happen exactly.

regards,
-glenn


On 2020-07-27 19:34, Mike Richardson wrote:
> On Sun, Jul 26, 2020 at 03:13:16PM -0400, Bill Shirley wrote:
>>    Did you see my reply about:?
>>    adaptive-lease-time-threshold       75;       # use min-lease-time 
>> when
>>    pool is above this percent
> 
> I did and thanks for the information, that sounds very useful in the
> circumstances but I'm not after a solution to a problem, I'm just 
> trying to
> understand the behaviour of the server in a given configuration.  I 
> have to
> write up a 'these are the implications' type summary to be sent to a 
> large
> number of different organisations and knowing what happens when using 
> longer
> leases will help.  I don't know their configurations and can't dictate 
> to
> them.  All I can do is say "if you're doing X then Y happens".
> 
> Thanks,
> 
> Mike

More information about the dhcp-users mailing list