How to configure DHCP Server on Cisco IOS

Thanks Rene ,

If I need to modify the config of a specific DHCP server like change the defualt gateway or dns server etc, I will use “ip dhcp pool mypoolname” command to do that right? or there is something else?

Hi Hussein,

That’s right, the subnet, DNS server, gateway and options are all configured under the pool.

The only exception are the excluded IP addresses, this is done in global mode:

R1(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.100

Rene

Thank you very much Rene

Hi Rene ,

I have tow question:

1 - if I have 2 DHCP server in the same network or router and we learn when the host request
an IP address it will send DHCP discover message right, the question is, to message will
Receive to which DHCP server ?

2 - and can I create DHCP server in switch layer 2 ?

Hi Rene,

I try to create dhcp server in switch 2960 in packet tracer and it’s work normally
but I need to assigning an ip address to the vlan in order to function of dhcp server
My question is why i need to assigning this ip address ?

Hi Hussein,

When you have two DHCP servers in the same subnet then the host will receive an IP address from whoever answers first. This can be dangerous btw, take a look here:

The 2950 or 2960 switches support DHCP server I believe but I would probably not use them for this as you can configure only one IP address on them (for management).

Rene

Hi Hussein,

This is because the DHCP server will respond with unicast, take a look at the wireshark captures in this post:

Rene

Hi Rene

How about reserving certain IP addresses and having the Dhcp allocate them automatically to specific hosts on the LAN

Thanks

Andrew

Hi Andrew,

Here’s an example how to do this:

Rene

Many thanks Rene

Hi,

I think you there is conflict between the diagram and the configuration, in the diagram it is written “.254” as the default gateway, but the config states “.1” as the default router !

1 Like

Nice explanation Rene.

You are welcome bhargavi

19 posts were merged into an existing topic: How to configure DHCP Server on Cisco IOS

If you have multiple pools configured on a server, which one will it take the address from?

Hello Chris

If you have an interface on a router with an IP address of 192.168.1.1/24 and a DHCP pool of 192.168.1.0 255.255.255.0 then that specific interface will function as the IP address of the DHCP server on the IOS device for that specific subnet. Why? Because the IP address of the interface is found within the range of the DHCP pool.

So lets say you have three interfaces on a router, each with the following IP addresses:

  1. 10.10.10.1/24
  2. 192.168.55.1/25
  3. 172.16.3.129/26

and three dhcp pools configured with the following ranges:

10.10.10.0 255.255.255.0
192.168.55.0 255.255.2555.128
172.16.3.128 255.255.225.192

then you can easily match up which DHCP pool will be offered from which interface. Now if you added a new DHCP pool with the following range:

10.255.255.0 255.255.255.0

then this address pool would not be offered at all, not until an active interface is configured with an IP address within the range of addresses.

I hope this has been helpful!

Laz

Rene’,

We were upgrading a customer network recently from a single router to dual router. They had over 200 VoIP phones that needed DHCP addresses. Splitting the pool wouldn’t work because if one router went down, you’d only have 100 IPs to lease. I did some digging and found a command the allowed us to run DHCP on the routers without any chance of duplicate IP assignments. That command is:

ip dhcp ping packets

What it does it this: Before it leases an IP, it will ping it 2x (by default). If there’s no reply, then it will lease that IP. We set it to ping 3x just to be on the safe side. We have used this at two production sites with no issues. Just wanted to pass this along if you want to include this in your lesson here.

Hello Andy

Thanks for the info! Keep in mind that this ip dhcp ping feature is enabled by default on Cisco IOS DHCP servers. By adjusting this to 3 or more, you are indeed verifying that the address does not exist on the network. This should be applied with care as some devices such as Cisco IP phones, have a control plane policy to either not respond to pings, or rate limit them. Be sure that the devices on the network segment will indeed respond to such test pings from the DHCP server, otherwise you may still get duplicate addresses.

I hope this has been helpful!

Laz

Lazaros, big thanks for that info. I was not aware of those issues. Do you know if that is also true for Polycom phones? That’s what we’re working with at this customer’s locations.

What is this recommended way of handling DHCP when you have a dual router location and want to ensure that all phones can grab an IP if one router fails?

Thanks,

Andy

Hello Andy

I’m not sure if this is true of Polycom phones, but it is indeed true of Cisco IP phones. If you ping them from a Cisco device such as a router or a switch. you’ll get something like this:

R1#ping 192.168.1.1 repeat 50
Type escape sequence to abort.
Sending 50, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!!!!!!!!!!!!.!!!!!!!!
Success rate is 94 percent (47/50), round-trip min/avg/max = 2/4/13 ms

If during a DHCP allocation procedure, it just happens that you coincide with one of those lost pings due to such a policy, you may find that you will indeed give out a duplicate IP address. For each device type, it’s a good idea to go to the manufacturer and determine if pings are hindered in any way, and if so, how you can remove or adjust that behaviour as needed.

In the event of a failure, DHCP is not a service that will have an immediate impact on the network. This is because of the fact that there is a lease time on IP addresses that is on the order of hours, days or even weeks. This means that if a DHCP server fails, you have a lot of time to get it back up again before it is needed to renew addresses. Just make sure you have a monitoring system in place to inform you of downed services, otherwise you may find out about your DHCP server failure when IPs are not being renewed. Such a configuration is usually more than sufficient for most implementations.

To provide a completely airtight solution, splitting the pool among backup servers is the best way to go. This would require you to have a DHCP pool twice as large (or three times or four times if you have more than one backup DHCP server) as the number of devices on the network. This way, a backup DHCP server would be able to function indefinitely without address limitations.

Now if this is not possible as in your case, on a network where there are few changes taking place (addition or removal of hosts), such as is the case with an IP telephony deployment, increase the lease time on the DHCP servers to several days or even a week. This will give you more leeway in the event of a DHCP server failure. If a server goes down, you should get it back up within the configured lease time.

For networks where users come and go very often, such as Wi-Fi networks, increasing the lease time is not an option, as this will quickly deplete the available IP addresses in the DHCP server(s). The only option here is to find a way to increase the range of IP addresses that can be given to users. If this is not possible due to IP address allocation issues, consider using a large range of private IP addresses behind a NAT device.

I hope this has been helpful!

Laz