Host declarations are GLOBAL (was: Query on default gateway with DHCP vs Static address)

Sten Carlsen stenc at s-carlsen.dk
Fri Mar 19 19:06:10 UTC 2021 




> On 19 Mar 2021, at 19.42, Simon Hobson <dhcp1 at thehobsons.co.uk> wrote:
> 
> Peter Yardley <peter.martin.yardley at gmail.com> wrote:
> 
>> I used to configure subnets like this …
>> 
>> subnet 10.20.50.0 netmask 255.255.254.0 {
>>   option subnet-mask 255.255.254.0;
>>   option broadcast-address 10.20.51.255;
>>   option routers 10.20.50.1;
>> 
>>   pool {
>>       # A device for Blah
>>       host HMTXYZ           { hardware ethernet 00:40:9d:54:4c:c7;
>>                                       fixed-address 10.20.50.32; }
>>>> 
>>       range 10.20.51.0 138.25.51.254;
>>   }
> 
> For the benefit of anyone finding this thread later ...
> 
> 
> DO NOT put host statements in anything other than the global scope (or a group that is within the global scope). Especially, do not put them inside a subnet declaration.
> 
> Yes, that is a **DO NOT**
> 
> Why ? They are treated as global in scope by the server, but inherit properties from where they are defined. What this means is that you can declare a host within one subnet, but that declaration is valid if the device moves to another network. So the device could get an address in the network to which it is attached, but inherit options from where it is defined. Since these inherited options include the router - which will not be valid on any other network - this is highly unlikely to be what you want. I'm sure there may be some esoteric configuration where that's useful, but AFAIK no-one has every come up with one on this list.
> I think you might be able to imagine how "interesting" it would be to debug why a client is getting a router that's not in it's own subnet :D
> 
> So just don't do it<period>

I could not agree more with Simon - There seems to be one other problem here - the Fixed address lies in what seems to be the address range for the pool. That is a NO-GO. The server will happily hand out the Fixed address to another host. Always put Fixed addresses outside any pool range - this is different from some other servers but will (has already) cause some "interesting" debug scenarios.

> 
> 
> Of course, with a single network and single subnet, this problem will be masked. But then you add another network, move some clients, and chaos ensues.
> 
> 
> Simon
> _______________________________________________
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list