Table of Contents

Configuring DHCP Scopes and Leases

This chapter describes how to configure scopes for a DHCP server and how (and when) to edit and remove a scope, if necessary. It also describes how to activate and de-activate leases in the scope, and how to make lease reservations. Finally, it describes how to set certain advanced scope options, such as pinging addresses before offering them and configuring a secondary scope.

Table 8-1 lists the topics in this chapter and their associated sections.

Defining and Configuring Scopes

This section describes how to define and configure scopes for the DHCP server.

Scopes in Network Registrar

A scope is an administrative grouping of IP addresses with associated information about those addresses. You must define a scope before DHCP clients can use the server for dynamic TCP/IP configuration.

To create a scope, supply the following information:

• Scope name assigned by the administrator when the scope is created
  
  
• Network number and subnet mask of the subnet to which the range of IP addresses belongs
  
• Range or ranges of IP addresses
  
  
• A policy, which defines such things as how long DHCP clients can lease an address
  

The Scope Properties dialog box of the GUI (Figure 8-1) has a number of tabs that relate to configuring a DHCP scope for a server. These tabs and where they are described in this guide are described in Table 8-2.

Adding a Scope for the Server

A scope is an administrative grouping of TCP/IP addresses. Create one or more scopes for each subnet on the network to pool addresses for that subnet. This section describes how to define and use a primary scope for a DHCP server.

Each scope needs to have a:

• Name
  
• Policy that defines the lease times, grace period, and options
  
• Network address
  
• Subnet mask for the network address
  
• Range or ranges of addresses
  

Using the GUI:

Step 2   Click the Add toolbar button.

Step 3   In the Add Scope dialog box (Figure 8-2), enter the name of the scope in the Name field. This name should reflect the administrative intent of the scope.

Step 4   In the Policy field, do one of the following:

• Select an existing policy from the drop-down list. The default policy initially appears. You can also select the system_default_policy or any policy you create at the server level in the "Configuring Server Policies" section.
  
  
• Create a new policy for the scope. Click the View policy button to open a DHCP Server Properties dialog box that includes just the Policies tab (Figure 7-2). Proceed as in the "Configuring Server Policies" section.
  

You can associate only one policy per scope.

Step 5   In the Network number field, enter the network number for the subnet.

Step 6   In the Subnet mask field, enter the subnet mask. In most cases, you would enter 255.255.255.0.

Step 7   Enter the address range or ranges for the scope. Enter the first address in the range in the Start Address column. Enter the ending address in the range in the End Address column. Do this for each range, as long as the ranges do not overlap. (As a time server, enter only the last octet of the start and end address. Entering n specifies the nth address in the subnet, based on the subnet mask.)

Step 8   Click OK.

Step 9   Reload the server.

Using the CLI:

Use the scope create command to create a scope with the network number for the subnet and mask.

nrcmd> scope testScope create 192.168.1.0 255.255.255.0 
 

Use the scope set policy command to set the policy for the scope.

nrcmd> scope testScope set policy=internal 
 

Use the scope addRange command to add the (space-separated) ranges of IP addresses for the scope.

nrcmd> scope testScope addRange 192.168.1.10 192.168.1.100 
 

You can also attach individual options to a scope using the scope-policy command. You might want to do this to define just the router option for a particular scope. (For a description of embedded policies for scopes, see the "Configuring an Embedded Policy for the Scope" section.)

Using Multiple Scopes

You can configure multiple scopes (with disjoint ranges of IP addresses) that have the same network number and subnet mask. The DHCP server pools together the available leases from all of the scopes on the same subnet together and offers them, in a round-robin fashion, to any client that requests a lease (that is, for which there is no reservation or previous lease information available).

You might want to configure the addresses for a single subnet into multiple scopes to increase the speed of the GUI update for the Leases tab. Another reason might be to organize the addresses in a more natural way for administration-although remember that unless the client has a reservation or is a member of a client-class there is no way to control from which scope a client will obtain a lease.

Because each scope can have a separate reservation list, you might want to organize the leases in multiple scopes on the same subnet. You could put all the dynamic leases in one scope, with a policy with one set of options and lease times, and all the reservations in another scope, with a different policy of options or lease times.

You can also have multiple scopes for different subnets and some of the scopes may not be locally connected to your computer. If this is the case, ensure that the router (with BOOTP Relay Support) is configured with the appropriate helper address.

When multiple scopes are available on a particular subnet (through the use of secondary subnet), the DHCP server searches through all of them looking for a scope that meets the needs and requirements of an incoming DHCP client request. For instance, if a subnet has three scopes, only one of which supports dynamic BOOTP, any BOOTP request for which there is not a reservation in another scope is automatically satisfied from the scope that supports dynamic BOOTP.

You can also configure a scope to disallow DHCP requests (the default is to allow them). By using these capabilities together, you can easily configure the addresses on a subnet so that all of the DHCP requests are satisfied from one scope (and address range), all of the reserved BOOTP requests come from a second scope, and all of the dynamic BOOTP requests come from a third scope. This allows you to support dynamic BOOTP while minimizing the impact on the address pools that support DHCP clients.

Editing a Scope

While there is no limit to the number of leases that you can configure per scope, if you have a scope with several thousand leases it can take Network Registrar a while to sort them. That is why it is a good idea to divide the leases among multiple scopes.

Using the GUI:

Step 2   Change the properties on the applicable tabs of the dialog box.

Step 3   Click OK.

Using the CLI:

To check the properties for all the scopes on the server, use the scope list command. Use the scope get command to get a particular property and the scope enable command to enable it.

nrcmd> scope testScope list 
nrcmd> scope name get ping-clients 
ping-clients=disabled
nrcmd> scope name enable ping-clients 
ping-clients=enabled
 

In Network Registrar 5.0, you can change the subnet mask of a scope by using the scope changemask command. This changes the primary-mask attribute on any secondary scopes, iterates over all reservations and ranges, and displays reservations and ranges that now fall outside the scope.

nrcmd> scope testScope changemask 255.255.254.0 
 

(See the "Making a Scope a Secondary" section. See also the scope changemask command in the Network Registrar CLI Reference Guide for details on what actions this command performs.)

Other examples of the scope command are given in the "Excluding a Leased Address from a Range" section, and the "Reserving a Lease" section.

Configuring an Embedded Policy for the Scope

An embedded policy is created automatically for each scope when you create the scope. However, the embedded policy has no properties or DHCP options associated with it until you enable or add them. An embedded policy can be useful, for example, in defining the router for the scope. As described in the "Types of Policies" section, the DHCP server looks at the embedded policy of a scope before it looks at its assigned policy.

The only way to configure an embedded policy is by using the scope-policy command features, properties, and methods in the CLI. The GUI does not support configuring embedded policies.

Using the CLI:

Check to see if there are any embedded property values already set for a scope. Use the scope-policy show command for this. You can then enable or disable a feature by using the scope-policy enable or scope-policy disable commands, set properties using the scope-policy set command, set DHCP options using the scope-policy setOption command, and set the lease time using the scope-policy setLeaseTime command (there are related get methods as well).

nrcmd> scope-policy name show 
100 Ok
scope-policy:name:
allow-lease-time-override =
bootp-reply-options =
    dhcp-reply-options =
    grace-period =
    offer-timeout =
    packet-file-name =
    packet-server-name =
    packet-siaddr =
    permanent-leases =
    server-lease-time =
    split-lease-times =
nrcmd> scope-policy name enable allow-lease-time-override 
nrcmd> scope-policy name set server-lease-time=2880 
nrcmd> scope-policy name setOption routers 204.253.96.180 
nrcmd> scope-policy name setLeaseTime 228800 
 

Removing a Scope

You can remove scopes from the DHCP server.

Caution   Although removing a scope from a DHCP server is easy to do, you should be very careful when you perform this operation. Doing so compromises the integrity of your network. There are several ways to remove a scope from a server, either by re-using or not re-using addresses, as described in the following sections.

The DHCP protocol, as defined by the IETF, provides a lease to a client for a particular IP address for a specific amount of time (defined by the administrator of the server). Until that time elapses, the client is free to use its leased IP address. There is no defined way for the server to revoke a lease, and to cause a client to stop using an IP address. As a result, while you can easily remove a scope from a DHCP server, the clients who obtained leases on IP addresses from this scope can continue to use them until the lease expires. This is true even if the server does not respond to their attempts to renew the lease (as is the case if the scope was removed from the server).

If the addresses you removed from the scope are not configured into another DHCP server or re-used in any way, then this is not a problem. If, however, the addresses contained in this scope are configured in another DHCP server before the last lease expires, the same IP address might be used by two different clients. This situation can cause serious errors.

Removing a Scope if Not Re-using the Addresses

If you do not plan to re-use the addresses from the scope, you can remove the scope from the server.

Using the GUI:

Step 2   Click Cancel.

Step 3   Select the scope in the Server Manager window

Step 4   Click the Remove toolbar button.

Step 5   Click Yes in the confirmation dialog box.

Using the CLI:

Use the scope delete command to delete a scope.

nrcmd> scope testScope delete 
 

Removing a Scope if Re-using the Addresses

If you want to re-use the addresses after removing a scope, you have two options:

• If you can afford to wait until all the leases in the scope expire, you can remove the scope from the DHCP server, and then wait for the longest lease time in the policy that was in use by that scope to expire. At that point, you know that no clients are using any IP addresses from that scope, and you can safely re-use the addresses.
  
  
• If you cannot afford to wait until all the leases in the scope expire, you can de-activate all the leases in the scope. A de-activated lease is not offered and cannot be renewed (as a lease from a scope that was removed). In contrast to a lease from a scope that was removed, however, the DHCP server will refuse a client's request to renew a de-activated lease—and for many clients this action forces them into the state where they try to request a new lease. This means that they will move more quickly off the de-activated lease than they would if it were removed from the DHCP server.
  
  

Using the GUI, you can check the Leases tab in the Scope Properties dialog box to see the state of de-activated leases. After they are no longer in use, you can remove the scope and re-use the addresses.

When you de-activate the leases in a scope, you can also take a more active approach to moving the clients away from the leases in the scope. If you use winipcfg.exe on Windows 95 or ipconfig.exe on Windows NT to cause the clients to release, and then reacquire (renew) their leases, they will move off de-activated leases immediately. These commands can only be issued from the client machine, and so this step may not be practical for a scope with thousands of leases in use. These commands can be useful to move the last few clients off de-activated leases in a scope.

For the description of how to de-activate a lease, see the "De-activating a Lease" section.

Configuring Leases in the Scope

After setting the address ranges for a scope, you can monitor and adjust the leases that result from DHCP assignments in the scope.While there is no limit to the number of leases that you can configure per scope, if you have a scope with several thousand leases, it can take Network Registrar a while to sort them.

Viewing Leases

You can view the current state of leases for the scope address ranges.

Using the GUI:

Step 2   Click the Leases tab (Figure 8-4).

The Leases tab shows the following columns of information:

• Address—Leases for the scope
  
• State—Lease state (available, unavailable, leased, expired, or de-activated; see the "Lease States" section)
  
• R—Reserved status flag
  
• D—De-activated status flag
  
• Host Address—MAC address of the DHCP client with the currently active lease
  
• DNS Host Name—Host name if you are not using dynamic DNS updates, or the name entered into DNS through dynamic DNS updates (see "Configuring Dynamic DNS Update")
  

Tip Click a column heading to sort the leases table by that column. Adjust each column horizontally by dragging a header separator line.

Using the CLI:

Use the lease list command to list all the leases in the cluster.

nrcmd> lease list 
100 Ok
204.253.96.99:
    client-mac-addr = 1,6,01:02:03:04:05:fe
    expiration = "Wed Dec 31 19:00:00 1969"
    flags = failover-updated
    mac = 1,6,01:02:03:04:05:fe
    start-time-of-state = "Wed Dec 31 19:00:00 1969"
    state = available
 

Lease States

A lease is assigned one of the following states:

• Available—Can be given a client
  
• Unavailable—Not leasable
  
• Leased—Held by a client
  
• Offered—Offered the client
  
• Expired—Available when the lease grace period expires
  
• De-activated—Not renewable or leasable after the lease expires
  
• Pending available—Failover-related (see "Configuring DHCP Failover")
  

Guidelines for Lease Times

To define appropriate values for lease times, consider the following events on your network:

• Frequency of changes to DHCP options and default values
  
  
• Number of available IP addresses compared to clients requesting addresses
  
  
• Number of network interface failures
  
  
• Amount of computer removals for any purpose
  
  
• Number of subnet changes by users
  

All these events can cause clients to release IP addresses or the leases to expire at the DHCP server. Consequently, the IP addresses are returned to the free-address pool to be re-used.

If many changes occur on your network, you should assign a short lease time, such as four days (but you do not want to have the lease expire over a weekend so that DNS name disappears and causes performance problems). With a short lease time, the address assigned to a client that leaves the subnet can be reassigned quickly to new DHCP client computers requesting TCP/IP configuration information.

Another important factor is the ratio between connected computers and available IP addresses. For example, the demand for re-using addresses is low in a network where 40 systems share a class C address (with 254 available addresses). A long lease time, such as two months, would be appropriate in such a situation. If 240 to 260 computers can be connected at one time, the demand for leases will be high. In this situation, you should try to configure more addresses. Until you do, keep the DHCP lease time to under a hour.

Note   Short lease durations require that the DHCP server be available when the client wants to renew the lease. Backup servers are especially important if you specify short lease times.

Although you can create policies that have permanent leases, you should use them carefully. Even in a relatively stable environment, there is a certain amount of turnover among clients. At a minimum, portable computers might be added and removed, desktop computers might be moved from one office to another, and network adapter cards might be replaced. If a client with a permanent lease is removed from the network, the IP address cannot be re-used until the server is reconfigured. A better option would be to create a lease with a long duration, such as six months. A long lease duration ensures that addresses are ultimately recovered without administrator intervention.

Importing and Exporting Lease Data

Network Registrar can import and export lease data from or to text files. You can only do so by using the CLI.

Using the CLI:

The import leases and export leases commands use the following file format. Each record (line) in the file represents one DHCP client:

field-1|field-2|field-3|...|field-12 
 

There are no spaces between the vertical line (|) delimiter and the field values. You must include at least the first four required fields. If including more, so you must delimit all the remaining null fields with the vertical line (|) so that there are 12 fields. The fields are, in order:

• MAC address in aa:bb:cc:dd:ee:ff format (required)
  
• MAC address type (required)
  
  
• MAC address length (required)
  
  
• IP address in dotted decimal format, a.b.c.d (required)
  
• Start of lease time (GMT) (optional)
  
• Lease expiration time (GMT) (optional)
  
• Allowable extension time (GMT) (optional)
  
• Last transaction time (GMT) (optional)
  
• IP address of the DHCP server (optional)
  
• Host name (without domain) (optional)
  
• Domain name (optional)
  
• Client ID (optional)
  

For all the time fields, use either the number of seconds since 1970, or the day-month-day-time-year format (such as Mon Apr 10 16:35:48 2000).

When you use the export leases command, you can choose between writing the state of all current and expired leases, or just the current leases, to the output file.

Example 8-1 shows selections from a lease data export from the Network Registrar DHCP server. Blank lines are inserted between records for clarity—these were not in the original output. The format of this file is often called "JOIN" format, because this output was first introduced in Competitive Automation's JOIN DHCP server.

00:60:97:40:c1:96|1|6|204.253.96.103|Wed Aug 30 08:36:57 2000|Fri Sep 01 13:34:05 2000| 
Wed Aug 30 08:36:57 2000|Fri Sep 01 09:34:05 2000|204.253.96.57|nomad|cisco.com| 
01:00:60:97:40:c1:96
 
08:00:09:9f:6a:f8|1|6|204.253.96.77|Thu Aug 17 13:10:11 2000|Fri Sep 01 14:24:46 2000| Thu 
Aug 17 13:10:11 2000|Fri Sep 01 10:09:46 2000|204.253.96.57|NPI9F6AF8|cisco.com
 
00:a0:c9:59:e7:b2|1|6|204.253.96.78|Fri Jun 23 15:02:18 2000|Fri Sep 01 14:11:40 2000| Fri 
Jun 23 15:02:18 2000|Fri Sep 01 09:56:40 2000|204.253.96.57|JTB-LOCAL|cisco.com
 

De-activating a Lease

The reason you would choose to de-activate a lease is to move a client off a lease. If the lease is available, de-activating the lease prevents Network Registrar from giving the lease to a client. If the lease is active (held by a client), de-activating the lease prevents the client from renewing the lease and it being given to another client. You can only de-activate a lease if the server is running. Network Registrar de-activates the lease immediately; you do not need to reload the DHCP server.

Note   To release a client's lease at their workstation, run the winipcfg.exe (Windows 95) or ipconfig.exe (Windows NT) utility with the /release option.

Using the GUI:

Step 2   Click the Leases tab (Figure 8-4).

Step 3   Select the lease you want to de-activate.

Step 4   Click Lease properties (or double-click the address) to open the Lease Properties dialog box (Figure 8-5).

Step 5   Check the Lease state information. If the lease is available, de-activating it makes it unavailable; if it is active, it becomes unavailable for renewal or any initial lease.

Step 6   Select the Deactivate lease check box.

Step 7   Click OK.

The Leases tab of the Scope Properties dialog box now shows the address as being de-activated, with an X in the D (De-activated) column.

Using the CLI:

Use the lease deactivate command to prevent a lease from being given out or renewed.

nrcmd> lease 192.168.1.20 deactivate 
 

De-activating All Leases in a Scope

To de-activate all the leases in a scope, you have to disable BOOTP and DHCP. These are advanced scope properties described in the "Setting Advanced Scope Options" section. For specifics, see the "De-activating a Scope" section.

Excluding a Leased Address from a Range

Addresses in a range need to be contiguous. You cannot just delete a lease from a range, because it would than disrupt the range. Also, you must first de-activate the lease, then wait for it to become available. There is no wait if the lease is currently available. If the lease is active, it may take as long as the lease time plus the grace period. If you try to delete an active lease, Network Registrar returns a warning.

Caution   Deleting an active lease can cause a duplicate IP address on the network if the deleted address is re-assigned. If you delete a lease, information about that lease no longer exists when you reload the server.

Using the GUI:

Step 2   De-activate the lease for the address, as in the "De-activating a Lease" section.

Step 3   Click the General tab (Figure 8-6).

Step 4   In the Start Address-End Address field, find the range to which the address belongs.

Step 5   Edit the address range so that the range starts just after or ends just before the address you want to remove.

Step 6   Add another range to the table that adds back the addresses you edited out in the previous step, but excludes the address you want to remove.

Step 7   Specify the address pool, omitting the address of the lease that you want deleted.

Step 8   Click OK to close the Scope Properties dialog box.

Step 9   Open the dialog box again and click the Leases tab to verify that the address is no longer in the list. If needed, click the Refresh list button.

Step 10   Click OK.

Step 11   Reload the DHCP server.

Using the CLI:

You can remove an address from a lease range by simply removing the range of just that address. The resulting ranges are then split appropriately. De-activate the lease first. Use the scope listRanges, lease deactivate, and scope removeRange commands, then reload the server. The following example removes the 192.168.1.55 address from the range.

nrcmd> scope testScope listRanges 
192.168.1.4-192.168.1.10:start=192.168.1.4; end=192.168.1.10;
nrcmd> lease 192.168.1.55 deactivate 
nrcmd> scope testScope removeRange 192.168.1.55 192.168.1.55 
nrcmd> server DHCP reload 
 

Reserving a Lease

To ensure that a client always gets the same lease, reserve the lease. You must reserve leases for DHCP clients whose addresses must remain constant.

Caution   If multiple DHCP servers are distributing addresses on the same subnet, the client reservations on each server should be identical. If not, a client intended for reservation can receive multiple lease offers from different servers.

To reserve a lease, match its IP address with the host's MAC address. You can choose any valid IP address on the network. It does not necessarily have to be in one of the scope's ranges. In fact, you can use the addresses in the scope's range for dynamic leases and the others not in the range for reserved leases.

Note   Even though an address with a reserved lease is not listed in the scope's range, the policy associated with the scope still applies to it.

Using the GUI:

Network Registrar provides two ways to make reservations using the GUI:

• On the Leases tab
  
  
• On the Reservations tab
  
  

Using the Lease Tab in the GUI:

Step 2   Double-click the address of the lease you want to reserve.

Step 3   Select the Reserve lease check box under Reservations.

Step 4   If the lease is available, enter the MAC address of the host in the Reserved for MAC address field. If the lease is active, the MAC address appears in the field because it needed to be defined to activate the lease. You can accept this MAC address or you can enter another one.

The hardware type and octet length of the MAC address is displayed as part of the MAC address in both the lease table and Reserved for MAC address field. This prefix to the address is usually 1,6, (meaning "Use Ethernet and make the address six octets long"). When adding or editing a MAC address, you can include or omit this prefix, unless you want a different hardware type and address length.) For details on the MAC address syntax, see the "Defining Client-Classes" section

Step 5   Click OK.

Step 6   Reload the DHCP server to make the reservations take effect.

Using the Reservations Tab in the GUI:

Step 2   Click Add.

Step 3   In the Add Reservation dialog box, enter the lease IP address and its MAC address.

You can include the hardware type and address length as part of the MAC address. This prefix is 1,6, (meaning "Ethernet and six octets long") by default, so you can omit it if the client uses Ethernet with the six-octet MAC address syntax. For details on MAC addresses, see the "Defining Client-Classes" section.

Step 4   Click Apply to continue adding reservations, or click OK to finish.

Step 5   Click the Leases tab to see the changes to the address properties. You should see an X in the R (Reserved) column and the MAC address displayed for each address you reserved. If you do not, refresh the list.

Step 6   Click OK.

Step 7   Reload the DHCP server.

Using the CLI:

Use the scope addReservation command to reserve a lease (by including the IP and MAC addresses). (Use the save command to provide validation and save your change to the database.) To effect the reservation immediately without having to reload the server, use the lease send-reservation command.

nrcmd> scope testScope addReservation 192.168.1.10 1,6,00:a0:24:2e:9c:20 
nrcmd> save 
nrcmd> lease 192.168.1.10 send-reservation 
 

Use the scope listReservations command to list lease reservations for a scope.

nrcmd> scope testScope listReservations 
 

Removing a Lease Reservation

Although you can remove reservations at any time, if the lease is still active, the client continues to use the lease until it expires. If you reserve the lease for someone else, Network Registrar displays a message to that effect when you start the DHCP server.

Using the GUI:

Step 2   Select the IP address.

Step 3   Click Remove.

Step 4   Click the Leases tab to confirm removing the lease reservation.

Step 5   Reload the DHCP server.

Using the CLI:

Use the scope removeReservation command to remove a lease reservation, indicating either the client's MAC or IP address (if you omit them, this removes all lease reservations). This requires you to save the configuration and reload the server.

nrcmd> scope testScope removeReservation 192.168.41.41 
nrcmd> save 
nrcmd> server DHCP reload 
 

You can also delete the reservation from the lease itself, by using the lease delete-reservation command. This does not require a server reload. (The Network Registrar CLI Reference Guide includes a section on how to use this command to reserve an address currently leased to another client.)

nrcmd> lease 192.168.41.41 delete-reservation 
 

Forcing Lease Availability

You can force a lease currently held by a host to become available. If the lease is currently held, you should request that the user release the lease, or do so yourself, before forcing its availability. You do not need to reload the DHCP server to make the change take effect.

Using the GUI:

Step 2   Double-click the address to open the Lease Properties dialog box (Figure 8-5).

Step 3   Click the Force available button.

Step 4   Click OK.

Using the CLI:

Use the lease force-available command to force making the currently held lease available.

nrcmd> lease 192.168.1.21 force-available 
 

You can also make all unavailable leases in a scope available by using the scope clearUnavailable command.

nrcmd> scope scope1 clearUnavailable 
 

Running an Address Usage Report

You can run an Address Usage report from the Web GUI.

• Select All. This displays the Address Usage Report (Figure 8-8) for all servers in your node.
  
  

• Enter the name of the server in the Select the Server Named field. Then enter the name of the server for which you want to display the Address Usage report.
  
  

Step 2   Enter the mask bits number or accept the default of 16.

Step 3   Click DHCP Only if you want to display the Address Usage report for DHCP leases only.

Step 4   Click Address Usage. The Address Usage Report Request screen displays a report for the specified server or all servers.

Running a Lease Utilization Report

Network Registrar can produce a utilization summary of the static and dynamic IP address on one or more clusters. You can only do so using the CLI.

Using the CLI:

The report command displays a row of information for each subnet specified by a scope or deduced from DNS static address assignments outside of scopes. It displays subtotal rows when more than one scope shares a common subnet, and when addresses share a common subnet, as specified by their address and mask. The report command assumes that there is no overlap between static addresses and scope ranges.

For each scope or subnet, the report command displays the following information:

• Network number, in hexadecimal
  
• Number of bits in the subnet mask
  
  
• Network number in canonical dotted-octet format
  
  

For each scope-specified subnet, the report command also displays the following values:

• Cluster name
  
  
• Scope role—If using safe failover on a main or backup server
  
• Scope name
  
  
• Addresses—Total number of addresses within the scope ranges, addresses = free + dynamically leased + reserved + unavailable + de-activated + other available
  
  
• Free—Addresses within a range and in the available state and not flagged reserved or de-activated
  
  
• % free—As a percentage of all addresses within scope ranges
  
  
• Reserved—Within a range and flagged reserved, unless unavailable
  
  
• Leased—Within a range and in the leased, offered expired, or released state, even if flagged reserved or de-activated
  
  
• Dynamically leased—Within a range and in the leased, offered, or expired state, unless flagged reserved or de-activated
  
  
• Unavailable—Within a range and marked as unavailable by the server, regardless of flags
  
  
• De-activated—Within a range and flagged de-activated, unless unavailable
  
  
• Other available—Leases set aside for the safe failover partner to lease when communication is interrupted
  
  
• Other reservations—Addresses marked reserved which are not within a scope range
  
  

Addresses have both a current state and a pending state after their lease expires.The categories leased and unavailable represent current states. The categories dynamically leased, reserved, and de-activated may represent current or pending states. The category free represents the current state available minus addresses flagged reserved or de-activated. Note that, the leased category overlaps other categories and is not incorporated in the scope total.

For each subtotal row, the report command provides summaries of any scope values in the subnet, and additionally, displays the following values:

• Total—All addresses in the subnet
  
  
• Static—Addresses statically assigned
  
• Unallocated—Addresses unallocated to DHCP scope ranges, otherwise reserved or statically assigned, and therefore available for static assignment or allocation to a scope range
  
  
• Grand total—At the end of the report summarizes all the data in the subnets
  
  

The comma-delimited text format is well suited for import into a database, spreadsheet or a similar tool. You can easily create customized reports.

Receiving Lease Notification

Network Registrar can survey all scopes on the Network Registrar clusters and produce a report of all the scopes in which the available addresses equals or falls below an absolute value or a percentage. This report is available through a CLI command only.

Using the CLI:

The lease-notification command specifies, through an available property, when the notification should occur if the number of available leases reaches or falls below a certain threshold. You can e-mail the report to a specific user. Although you can use the command interactively, its primary use is in an automated procedure such as a UNIX cron task or Windows Scheduled Task.

The following sets up lease notification for scope1 for when its free addresses fall to 10%. It sends the report to e-mail recipients billy, joe, and jane, on a specific Windows mail host.

nrcmd> lease-notification available=10% scopes=scope1 recipients=billy,joe,jane 
        mail-host=mailhost 
 

The output consists of an explanatory header, a table containing a row for each scope in which the number of free addresses is equal to or less than the threshold, and possible warnings related to the scopes and clusters requested.

Network Registrar uses the default cluster and the .nrconfig file by default unless you specify otherwise. For details on the command syntax, the configuration file syntax, and how to run the command in a procedure, see the lease-notification command in the Network Registrar CLI Reference Guide.

Setting Advanced Scope Options

You can set advanced options for a scope, including:

• Pinging a host before offering an address
  
  
• Changing a scope into a secondary one
  
  
• Enabling and disabling BOOTP
  
  
• Disabling DHCP for the scope
  
  
• De-activating the scope
  
  

Using the GUI:

Figure 8-9 shows the option selections on the Advanced tab of the Scope Properties dialog box.

Using the CLI:

You can use the scope command to set the scope options described in the following sections.

Pinging a Host Before Offering an Address

You can choose to have the DHCP server use the Internet Control Message Protocol (ICMP) echo message capability (the ping utility) to see if anyone responds to an address before assigning it. If you choose this option, the DHCP server checks that an address is not in use before assigning that address to the workstation. Using ping can help prevent two clients from using the same IP address. If a client responds to the ping, the DHCP server marks that address as unavailable and offers a different IP address to the client.

Using the GUI:

Step 2   Click the Advanced tab of the DHCP Scope Properties dialog box (Figure 8-9).

Step 3   Select the Ping address before offering it check box.

Step 4   Select a time interval (in milliseconds) to wait before assuming that no client will answer. The default is 300 milliseconds.

---

Note   A timeout period is a key part of this process. Because pinging ensures that no client responds to a particular IP address, each ping waits the entire timeout period. This period comes before an offer is made, so that the time specified has a considerable effect on server performance. If you set this time too long, it slows down the lease offering process. Making the time too short reduces the effectiveness of the pinging process.

---

Step 5   Click OK.

Step 6   Reload the DHCP server.

Using the CLI:

Use the scope enable ping-clients command to enable pinging clients before offering them an address. The default time interval to wait before assuming that no client will answer is 300 milliseconds. To change this, use the scope set ping-timeout command (see the preceding note).

nrcmd> scope testScope enable ping-clients 
nrcmd> scope testScope set ping-timeout=200 
 

Making a Scope a Secondary

Network Registrar supports multiple logical subnets on the same physical network segment, which are called secondary subnets. If you have several logical subnets on the same physical network, for example, 192.168.1 and 192.168.46, you might want to configure DHCP so that it offers addresses from both pools. By pooling addresses this way, you can combine two class C networks, or a Class B and Class C network.

To join two logical subnets, create two scopes, and elect one to be primary and the other to be a secondary. After you configure the secondary subnet, any client on this physical network will obtain a lease from one or the other scope, on a round-robin basis (as long as the client does not have a reservation or previous lease information).

Using the GUI:

Step 2   Open the properties for the scope.

Step 3   Click the Advanced tab.

Step 4   Select the Make this scope a secondary check box (Figure 8-9).

Step 5   In the Primary scope field, select the scope that you want to designate as the primary. (This must be one of the other scopes for the server.)

Step 6   Click OK.

Step 7   Reload the DHCP server.

Using the CLI:

To make a newly created scope a secondary, include the scope set primary-scope command to assign it to a primary, then reload the server.

nrcmd> scope scope2 create 192.168.1.0 255.255.255.0 
nrcmd> scope scope2 addRange 192.168.1.101 192.168.1.200 
nrcmd> scope scope2 set policy=internal 
nrcmd> scope scope2 set primary-scope=scope1 
nrcmd> server DHCP reload 
 

Enabling and Disabling BOOTP

BOOTstrap Protocol (BOOTP) was originally created for loading diskless computers. This protocol was later used to allow a host to obtain all the required TCP/IP information so that it could use the Internet. Using BOOTP, a host can broadcast a request on the network and obtain the information required from a BOOTP server. The BOOTP server listens for incoming requests and generates responses from a configuration database for the BOOTP clients on that network. BOOTP differs from DHCP in that it has no concept of lease or lease expiration; all addresses that a BOOTP server allocates are permanent.

You can configure the Network Registrar DHCP server to act like a BOOTP server. In addition, although BOOTP normally requires static address assignments, you can choose either to reserve IP addresses (and use static assignments) or have IP addresses dynamically allocated (known as dynamic BOOTP).

When you need to move or decommission a BOOTP client, you can re-use its lease simply by forcing lease availability (see the "Forcing Lease Availability" section).

Using the GUI:

Step 2   On the Policies tab of the DHCP Server Properties dialog box, configure a policy to contain the information that BOOTP requires.

Step 3   Click Edit options. In the Edit Options dialog box, select the options you want. They are in the BOOTP Compatible category. Also select the Send to BOOTP clients check box. If you also select the Always send to DHCP clients check box, the DHCP server sends an option back in the reply packet regardless of whether the client requested the option.

Step 4   Click OK, then close the DHCP Server Properties dialog box.

Step 5   Open the properties for the scope for which you want to enable BOOTP.

Step 6   Click the Advanced tab of the Scope Properties dialog box (Figure 8-9).

Step 7   Select the Enable BOOTP check box.

(To disable BOOTP, clear the Enable BOOTP check box.)

Step 8   If you want the server to accept dynamic BOOTP requests for the scope, select the Dynamic BOOTP check box. Dynamic BOOTP requests do not match a reservation, but can be satisfied from the available lease pool. If you do not want dynamic BOOTP, you must reserve the addresses. (See the "Reserving a Lease" section.)

Step 9   Click OK.

Step 10   Reload the DHCP server.

Using the CLI:

Use the scope enable bootp command to enable BOOTP. To additionally enable dynamic BOOTP, use the scope enable dynamic-bootp command. To disable either one, use the scope disable command.

nrcmd> scope testScope enable bootp 
nrcmd> scope testScope enable dynamic-bootp 
nrcmd> scope testScope disable bootp 
 

Disabling DHCP

You can disable DHCP for a scope if you want to use it solely for BOOTP (see the "Enabling and Disabling BOOTP" section). You can also temporarily de-activate a scope (see the "De-activating a Scope" section), but it is more often used if you are enabling BOOTP.

Using the GUI:

Step 2   On the Advanced tab of the DHCP Scope Properties dialog box (Figure 8-9), select the Disable DHCP for this scope check box. If the Enable BOOTP check box is cleared, select it.

Step 3   Click OK.

Step 4   Reload the DHCP server.

Using the CLI:

Use the scope disable dhcp command to disable DHCP. You would also want to enable BOOTP.

nrcmd> scope testScope disable dhcp 
nrcmd> scope testScope enable bootp 
 

De-activating a Scope

You may want to temporarily de-activate all the leases in a scope. To do this, you must disable both BOOTP and DHCP for the scope.

Using the GUI:

Step 2   On the Advanced tab of the DHCP Scope Properties dialog box (Figure 8-9), be sure the Enable BOOTP check box is cleared.

Step 3   Select the Disable DHCP for this scope check box.

Step 4   Click OK.

Step 5   Reload the DHCP server.

Using the CLI:

Use the scope disable bootp command to disable BOOTP, then the scope disable dhcp command to disable DHCP for the scope.

nrcmd> scope testScope disable bootp 
nrcmd> scope testScope disable dhcp