Cisco IOS is not an authoritative DHCP server

Imagine you have to move your DHCP clients to a different range within the same IP subnet. Can you do it if you run the DHCP server on a router running Cisco IOS? Sure, there’s the ip dhcp excluded-address command.

Not so fast … the ip dhcp excluded-address command does not affect the existing bindings. Sounds weird? It is. You tell the router to avoid some of the IP addresses in the DHCP pool and it will happily extend the leases for those IP addresses, it just won’t allocate new IP addresses from the excluded range. To change the IP address assignment of the existing clients, you have to clear the DHCP bindings with the clear ip dhcp binding command.

OK, so you clear the bindings. The next time the clients try to extend the lease, their requests will be rejected. Wrong – Cisco IOS is not an authoritative DHCP server. It ignores DHCPREQUEST messages coming from unknown clients in a correct subnet.

Read the DHCP client address change article in the CT3 wiki

1 comment:

  1. This is especially fun with DHCP client which do not fall back to DHCPDISCOVER but keep on sending DHCPREQUESTs.

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.