Re: "Verizon managed" devices / IP address range
Cang_Household
Community Leader
Community Leader

@Observer wrote:

Could you provide an authoritative source for your assertion:  "Static DHCP reservation should only be used when the device can only be configured with DHCP."

I don’t believe there is a standard on DHCP reservation. I would avoid using non-standardized features because different devices may disagree on how to implement it. Also, as another CL mentioned, if your DHCP server goes down or compromised, all DHCP devices would go down with it.

Re: "Verizon managed" devices / IP address range
Observer1
Enthusiast - Level 3

@Cang_Household wrote:

Nothing in the RFC you cited prohibits the presence of two or more DHCP servers on the link... The RFC you cited also demand DHCP mechanism should coexist with static addresses and DHCP servers should not assign an already allocated address...


Right.  But I hope you will now agree that it is permissible to configure one's DHCP server to allocate static IP addresses outside of the dynamic range configured in that DHCP server.  In fact, there is no reason a sophisticate DHCP server couldn't support multiple dynamic ranges, and then select the pool from which to allocate by device type.  And then hand out static addresses as well (whether in the pools or not).


...Then you only need to leave your DHCP pool as 192.168.1.1-254, since the DHCP server is aware of all current addresses in use and whether they are static or dynamic. I can at least confirm G1100 and G3100’s DHCP server operates in this way.


I plan my address space.  In the same way that Verizon has its reasons for apparently reserving 100-150 for STBs, I reserve certain space for certain devices.  I don't want DHCP to dynamic allocate addresses in my reserved space for other devices.  You suggestion to configure my DHCP pool as 1-254 (I think you meant 2-254) fails to meet my requirements.  Configuring my DHCP pool as 2-99, and then defining static addresses above 150 meets my requirements.  (There doesn't appear to be anything wrong with that approach, although it requires some imagination.)

0 Likes
Re: "Verizon managed" devices / IP address range
Observer1
Enthusiast - Level 3

I don’t believe there is a standard on DHCP reservation. I would avoid using non-standardized features...

That combination of statements is illogical.


...because different devices may disagree on how to implement it.

The topic we have been discussing is limited to the internal workings of a single DHCP server.  No disagreement on the network could result.  Or are you suggesting that DHCP servers share their configuration details with other DHCP servers (I hand out 2-99, or 2-254)?  If so, could you point me to that part of the RFC.


if your DHCP server goes down or compromised, all DHCP devices would go down with it.

As far as I can tell, that scenario has nothing to do with allocating static addresses outside of a dynamic range, all of which would be defined *internally* to a given DHCP server.

0 Likes
Re: "Verizon managed" devices / IP address range
Cang_Household
Community Leader
Community Leader

@Observer wrote:
But I hope you will now agree that it is permissible to configure one's DHCP server to allocate static IP addresses outside of the dynamic range configured in that DHCP server. 


DHCP server does not allocate static IP addresses. When we say static IP addresses, we mean the intrinsic IP address of a device that is explicitly defined on the device itself. Static DHCP reservation only ensures the DHCP server to hand out the same dynamic IP every time when requested. Although you can argue that IP address is a de facto static IP address, the assignment falters when we turn off the DHCP server.

Again, although what you proposed is operationally feasible, it may be an overstepping of authority on the DHCP server's part. DHCP server should manage only the addresses defined in its address pool. Giving leases other than belonging to the address pool is an overstepping of network administrative authority.

Re: "Verizon managed" devices / IP address range
Cang_Household
Community Leader
Community Leader

"That combination of statements is illogical."

May you elaborate? I am saying DHCP reservation mechanism is not to my knowledge defined by any standards. A mechanism without standards is not standardized. I would avoid using non-standardized mechanism/feature. Without standards, different DHCP servers apply DHCP reservations differently. I am just saying in general, not in reference to any network.

"As far as I can tell, that scenario has nothing to do with allocating static addresses outside of a dynamic range, all of which would be defined *internally* to a given DHCP server."

What do you mean by internally? I am saying if you use Static DHCP reservation on the G3100 to assign de facto "static" addresses, your devices will lose IP addresses when the lease is expired and the DHCP server is down. Devices with static DHCP reservation still needs the DHCP server to renew the same address. If it cannot renew it because the DHCP server is down, RFC2131 says the device cannot continue to use the address and needs to notify the local users of the problem.

Re: "Verizon managed" devices / IP address range
Observer1
Enthusiast - Level 3

@Cang_Household wrote:

@Observer wrote:
But I hope you will now agree that it is permissible to configure one's DHCP server to allocate static IP addresses outside of the dynamic range configured in that DHCP server. 


DHCP server does not allocate static IP addresses. When we say static IP addresses, we mean the intrinsic IP address of a device that is explicitly defined on the device itself. Static DHCP reservation only ensures the DHCP server to hand out the same dynamic IP every time when requested. Although you can argue that IP address is a de facto static IP address, the assignment falters when we turn off the DHCP server.

Again, although what you proposed is operationally feasible, it may be an overstepping of authority on the DHCP server's part. DHCP server should manage only the addresses defined in its address pool. Giving leases other than belonging to the address pool is an overstepping of network administrative authority.


You have failed to cite any authority, yet claim something "is an overstepping of network administrative authority". 

Also, you seem to falsely assume:

  • that the specification describing how network entities should operate via the DHCP protocol also constrains how a DHCP server may operate internally.
  • that an IP address is intrinsically static or dynamic, instead of simply acknowledging that it is merely an address used for routing packets.  How an address is assigned to a device is either automatic (supplied via some network protocol) or manual (input at the device by the operator).
  • that a failure mode (e.g., among DHCP servers) defines what is permitted in terms of DHCP server configuration.  Perhaps you meant to say that one should keep in mind failure modes while designing networks.  That would be a safe recommendation.  But to leap from that safe position to a statement of the form "you can't do that because..." without being able to cite an authority is unsupported.

I would be more interested in reading your theories if you could back them up with references. 

0 Likes
Re: "Verizon managed" devices / IP address range
Cang_Household
Community Leader
Community Leader

Let's keep the discussion civil and I will cite lines from RFC's going forward.

About "overstepping network administrative authority," I was trying to be comical, I guess the text does not convey tones. Can you refute my hotel reservation analogy? I am interested to hear that.

I will address all of the alleged assumptions at a later time.

Re: "Verizon managed" devices / IP address range
LawrenceC
Moderator Emeritus

Just a reminder to everyone to please keep your posts courteous and respectful of others.  Thanks.

0 Likes
Re: "Verizon managed" devices / IP address range
Observer1
Enthusiast - Level 3

@Cang_Household wrote:

Let's keep the discussion civil and I will cite lines from RFC's going forward.

About "overstepping network administrative authority," I was trying to be comical, I guess the text does not convey tones. Can you refute my hotel reservation analogy? I am interested to hear that.

I will address all of the alleged assumptions at a later time.


I have kept the discussion civil, and appreciate that you have too; my complaints have to do with going down rabbit holes without specifications to enlighten the way.

I appreciate the attempt at humor, but it didn't seem you were joking about "overstepping authority".  That assertion was consistent with other claims of yours, very few of which, if any, have been shown to be supported by facts.

I refuted the hotel reservation analogy a few times, but perhaps I was too inferential.  E.g., you claimed that an individual DHCP server, once configured to hand out dynamic addresses from a given range, is constrained [by no specification citations thus far] to only respond within that universe of IP addresses.

This improper constraint relies on an assumption that the internal "pool definition" of that DHCP server might be shared with another entities in the network.  I am not aware of that possibility (and it would presumably have to be in the DHCP spec).  Instead, it is simpler to assume it is merely up to the DHCP admins to configure their servers to operate in compatible fashion with one another, and for DHCP server programmers to merely comply with the DHCP spec, and do whatever they wish w.r.t. their internal configuration and operation methods.

Also, IP addresses are IP addresses.  They are not owned by a DHCP server.  As you have pointed out, an admin can manually configure an IP address (into a device) on a subnet that conflicts with the DHCP server's  configured (not owned) dynamic IP range.  The DHCP server is supposed to notice and not hand out that conflicted address despite it being in the range that DHCP server considers to be fair game for dynamic allocations.  Doesn't this effectively mean that server's dynamic range is now bifurcated into two ranges:  one below the conflicting address, and another beginning above it?  And if there are many conflicts, that poor DHCP server could have end up with a sparse list, not a "range".

I mention these not as concrete statements that the configuration I described is valid.  But absent a statement in a specification that it is not valid, it probably is.  And I shared logic to help you get comfortable with that thinking, which would seem outside the box if you began with the assumption that the dynamic range specified for a DHCP server was, in fact, THE RANGE allowed for that server.

I'm guessing the reason that FIOS routers have allowed me to do this for the past 15 years is because we're all allowed to do this.  And it just doesn't seem worth spending more time on this "Solved" thread.

0 Likes
Re: "Verizon managed" devices / IP address range
Cang_Household
Community Leader
Community Leader

@Observer wrote:
you claimed that an individual DHCP server, once configured to hand out dynamic addresses from a given range, is constrained [by no specification citations thus far] to only respond within that universe of IP addresses.


Section 4.3.1 of RFC2131 is appropriate for investigating the above claim/opinion.

4.3.1 DHCPDISCOVER message

   When a server receives a DHCPDISCOVER message from a client, the
   server chooses a network address for the requesting client.  If no
   address is available, the server may choose to report the problem to
   the system administrator. If an address is available, the new address
   SHOULD be chosen as follows:

      o The client's current address as recorded in the client's current
        binding, ELSE

      o The client's previous address as recorded in the client's (now
        expired or released) binding, if that address is in the server's
        pool of available addresses and not already allocated, ELSE

      o The address requested in the 'Requested IP Address' option, if that
        address is valid and not already allocated, ELSE

      o A new address allocated from the server's pool of available
        addresses; the address is selected based on the subnet from which
        the message was received (if 'giaddr' is 0) or on the address of
        the relay agent that forwarded the message ('giaddr' when not 0).

Assuming a new device joins the network, knows nothing about the network, and does not demand to obtain a particular IP address lease, the DHCP server on link would choose an address satisfying the 4th bullet cited above?

I interpret the "pool of available addresses" contains a limited and constrained number of addresses set by a network admin.


@Observer wrote:
 Doesn't this effectively mean that server's dynamic range is now bifurcated into two ranges:  one below the conflicting address, and another beginning above it?  And if there are many conflicts, that poor DHCP server could have end up with a sparse list, not a "range".

The numerical range set by the admin is not an absolute range from which the DHCP server should assign address. DHCP server should probe a selected address before assigning it. RFC2131 Section 3.1.2

When allocating a new address, servers SHOULD check that the offered network address is not
      already in use; e.g., the server may probe the offered address
      with an ICMP Echo Request. 

Whether the final addresses assigned by the DHCP server constitutes a single continuous range or not does not alter the nominal range designation set by the admin, also known as the "pool."

If the DHCP server should check the address before assigning it, it opens up the possibility for multiple DHCP servers on the same link to be configured with overlapping address pool ranges.

Please rebut any misinterpreted/erroneous/incomplete points.