DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 10th October 2013
mikesg's Avatar
mikesg mikesg is offline
I can has a title?
 
Join Date: Aug 2009
Posts: 26
Thanked 1 Time in 1 Post
Default DHCPd questions

I'm increasing my available pool of addresses to accommodate network growth. This has raised some questions for me with dhcpd. I'm running 5.3, and using the default lease time which looks to be one day.

Question 1. If all available addresses are in use, and one device leaves, does this device's IP address remain unavailable to new devices until the end of the lease, even if it is not in use? I ask because we have several people that come and go with their own personal devices. I don't want their lease to make an address unavailable to a new arrival if they aren't actively using it.

Question 2. I want this to work for a network of about 250 clients. Maybe in a few years it doubles. If I need to lower the lease time to something like 20 minutes, does that create other problems?

TIA!
__________________
Mike
Reply With Quote
  #2   (View Single Post)  
Old 11th October 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,190
Thanked 182 Times in 149 Posts
Default

I cannot answer these questions completely, but the OpenBSD dhclient(8) states:

Code:
In order to keep track of leases across system reboots and server
restarts, dhclient keeps a list of leases it has been assigned in the
/var/db/dhclient.leases.<IFNAME> file.  IFNAME represents the network
interface of the DHCP client (e.g. em0), one for each interface.  On
startup, after reading the dhclient.conf(5) file, dhclient reads the
leases file to refresh its memory about what leases it has been assigned.

Old leases are kept around in case the DHCP server is unavailable when
dhclient is first invoked (generally during the initial system boot
process).  In that event, old leases from the dhclient.leases.<IFNAME>
file which have not yet expired are tested, and if they are determined to
be valid, they are used until either they expire or the DHCP server
You could monitor the DHCP traffic with tcpdump(8) to see how other clients behave.

Code:
# tcpdump -eni fxp0 -s1500 -vvv port 67 or port 68

12:52:21.542162 00:1f:33:f1:ff:f9 ff:ff:ff:ff:ff:ff 0800 342: 192.168.222.20.68 > 255.255.255.255.67: [udp sum ok] xid:0xb6a32e84 ether 00:19:db:47:b0:4c vend-rfc1048 DHCP:REQUEST HN:"hercules" RQ:192.168.222.20 PR:SM+BR+DG+DN+NS+HN [tos 0x10] (ttl 16, id 0, len 328)

12:52:21.543071 00:08:c7:05:ca:0b 00:1f:33:f1:ff:f9 0800 348: 192.168.222.10.67 > 192.168.222.20.68: [udp sum ok] xid:0xb6a32e84 Y:192.168.222.20 S:192.168.222.10 ether 00:19:db:47:b0:4c file "pxeboot" vend-rfc1048 DHCP:ACK SID:192.168.222.10 LT:86400 SM:255.255.255.0 DG:192.168.222.10 DN:"utp.xnet" NS:192.168.222.10 RN:43200 RB:75600 TFTP:"hercules" [tos 0x10] (ttl 16, id 0, len 334)
Because of the -vv option the output is quite readable.

RE: doubling network users from 250 to 500

Having so many clients in one subnet or broadcast domain usually is not such a good idea. You can use subnets and still use a central DHCP server, by setting up dhcrelay(8) in each subnet.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #3   (View Single Post)  
Old 11th October 2013
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,798
Thanked 214 Times in 189 Posts
Default

Per the protocol, an acknowledged lease is reserved until expiration or until the client explicitly releases it. A DHCP server will not reassign a leased address.

As j65nko suggests, if your architecture permits you could manage the load with multiple subnets.

There are two other options you may wish to consider, as well:
  • Use a realistic lease length. 24 hours is fine when you have a large pool and no addressing constraints. Consider shorter leases, commensurate with use.

    The shortest lease I've ever seen used has been 5 minutes, issued on AT&T's "U-Verse" VDSL network by a gateway router to a DMZ subnet.

    Keep in mind that DHCP clients will typically request a renewal when the lease reaches 50% of its lifespan. In that 5 minute example, the client ... which happened to be OpenBSD's dhclient(8) ... requested renewals every 2.5 minutes.
  • Expand the size of your subnet and your DHCP pool. We use /24 subnets because they are convenient. But they are arbitrary.
---

Edited to add:

The DHCP server will always test a lease address before reassigning it. If the address is still in use, it will not be issued as a new reassigned lease to the requesting client. Instead, the address will be placed in the "abandoned" address queue for misused addresses and refused leases. The abandoned queue will not be utilized until all other addresses in the pool are consumed with active leases, and these abandoned addresses will be tested again prior to the server issuing any of them as a reassigned lease.

Last edited by jggimi; 11th October 2013 at 02:06 PM. Reason: addendum
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
dhcpd not working as I would expect vdubjunkie OpenBSD General 6 9th July 2010 03:45 PM
dhcpd, dhcrelay, and ipsec VPN dontek OpenBSD General 2 22nd May 2010 08:52 PM
dhcpd, vista and wlan hamba FreeBSD Ports and Packages 5 8th September 2009 04:34 PM
dhcpd and dns sputnik OpenBSD General 8 8th May 2009 02:50 PM
dhcpd within ezjail? zelut FreeBSD General 7 10th February 2009 10:31 PM


All times are GMT. The time now is 07:24 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick