MAC randomisation and DHCP pools
glenn.satchell at uniq.com.au
glenn.satchell at uniq.com.au
Mon Jul 27 13:08:09 UTC 2020
Hi Mike,
Going back to the original question where you have a pool of 100 leases
and 50 clients with a 7 day lease time. Here is what I think might
happen.
On day 1 the 50 clients each take one lease. 50 in use, 50 free.
On day 2 the 50 clients all have a new MAC address, now we assume that
once the new MAC switches over the next time the client tries to renew
it will not match the old lease but will get a new lease. With a 7 day
lease the usual renewal time is half way through the lease, so none of
these 50 clients try to renew until 3.5 days after initially getting the
lease. So no problems for days 2 or 3 until later in the day.
So now we have 50 old leases and 50 new leases. Of course some systems
may have been shutdown and released their lease, so maybe less than 50
leases in use initially so <50 old leases and 50 new leases.
On day 4 the first few clients to renew with a new MAC address use up
the previous few free leases. Other clients get "no free leases". The
dhcp server can't revoke a lease it has already legitimately given to a
client. I would expect this behaviour to continue until the first of the
7 day leases expire.
Now the question is, for a client with a new MAC address, but possibly
the same dhcp-identifier, will it match the existing lease? If it does
match,then no problem. Behaviour will be much the same as previously.
The other thing with this is that if the client gets a new IP address,
all existing sessions break, so apps and webpages may have to reload or
may not pass authentication. So there could be a noticeable
interruption.
The above is what I think will happen based on my understanding of ISC
dhcpd. I don't really know exactly how the new IOS version will behave.
I would suggest setting up a trial and testing with one of these new
devices and see what actually happens. There are too many variables to
predict what will happen exactly.
regards,
-glenn
On 2020-07-27 19:34, Mike Richardson wrote:
> On Sun, Jul 26, 2020 at 03:13:16PM -0400, Bill Shirley wrote:
>> Did you see my reply about:?
>> adaptive-lease-time-threshold 75; # use min-lease-time
>> when
>> pool is above this percent
>
> I did and thanks for the information, that sounds very useful in the
> circumstances but I'm not after a solution to a problem, I'm just
> trying to
> understand the behaviour of the server in a given configuration. I
> have to
> write up a 'these are the implications' type summary to be sent to a
> large
> number of different organisations and knowing what happens when using
> longer
> leases will help. I don't know their configurations and can't dictate
> to
> them. All I can do is say "if you're doing X then Y happens".
>
> Thanks,
>
> Mike
More information about the dhcp-users
mailing list