DHCP pool issues

26 10 2010

Thought I’d write about a situation with DHCP that I came across recently.

Our satellite office was designed to have a maximum of 50 staff. It has one VLAN set up for Cisco phones (which uses one DHCP pool) and one for staff computers. We sub-let some seating in this office, so there are also VLANs for the tenants.

The DHCP pool contains 100 addresses available for lease, which has been sufficient for the three years that we’ve had the office.

A few days ago, however, I received a call saying that “some staff could not access the network”. I obtained clarification, as definitions of “the network” vary greatly depending on which end user you’re talking to.

The difference this time was that “the network” actually meant the network, rather than just a file server or Sharepoint intranet – the file server, email server and internet connectivity were all unavailable to some users.

I knew that no configuration changes had been made to the network in the last few days, so this wasn’t the cause (when something breaks, always check the last thing that was changed). I also verified that the tenants weren’t affected – so this was specific to the staff address range.

I logged in to the AD server remotely (verifying the internet / VPN connectivity in the process) and had a look at the DHCP server.

Immediately I noticed some blue exclamation marks against the “Staff” DHCP pool.

Right-clicking on the Scope, and selecting “Show Statistics” showed that 100% of the addresses had been leased.

This meant that when new devices attempted to access the network, or the existing machines attempted to renew their DHCP lease, there were no addresses to lease, so their machines instead assigned themselves an APIPA address, and therefore couldn’t access any resources.

But what was the actual cause of this? There were still very much less than 50 end users using the staff VLAN and thus that DHCP pool, so what changed?

The short answer is smart phones. The number of smart devices on the network has grown massively. Whenever WiFi is enabled on these devices, the owner connects to the corporate WLAN, using a DHCP lease in the process.

Another related change is the usage of the satellite office.. more staff from HQ are having meetings in the city, and going to the office for the rest of the day. So, although the number of permanent users hasn’t increased, the number of users “passing through” has.

So how did I alleviate this issue? This network was originally configured by a consultant, so I took a look at the DHCP configuration, and found that the lease length was 8 days. So the computers of these brief-visit users, their smart phones, and the smart phones of the permanent staff were all obtaining DHCP leases, which weren’t expiring for over a week. This depleted the pool very quickly.

I made two changes to alleviate this issue. Firstly, I increased the size of the DHCP pool. Admittedly, I was lucky to be able to do this – it’s not always possible due to a large number of IPs in the network being configured (for servers etc).

Secondly, I reduced the lease length to 1 day.

This will result in an increase in traffic on the network, as a result of the leases expiring much sooner and the hosts renewing their leases.

However, it lends itself well to the temporary nature of the staff / devices using the office, and will have a negligable effect on the  user experience for the staff based in the office full-time.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: