Coping with Holiday Traffic – Secondary DHCP Subnets

Years ago the IT of the organization I worked for assigned a /28 to my home office. It seemed enough; after all, who would ever have more than ~10 IP hosts at home (or more than four computers at a site).

When the number of Linux hosts and iGadgets started to grow, I occasionally ran out of IPv4 addresses, but managed to kludge my way around the problem by reducing DHCP lease time. However, when the start of school holidays coincided with the first snow storm of the season (so all the kids used their gadgets simultaneously) it was time to act.

This is what ~20 cm (8 inches) of snow look like

This is what ~20 cm (8 inches) of snow look like

Before you tell me IPv6 would be a solution – I know that, but none of my ISPs managed to configure IPv6 on my uplinks yet, and tunnels are so last millennium.

Reducing lease time

Some battery-powered gadgets turn off after a while… but the IPv4 address they acquired is still leased to them, preventing some other gadget from getting Internet connectivity. Reducing lease time to a very short interval (30 seconds, for example) solves that problem… as long as the number of concurrently active gadgets doesn’t exceed the threshold.

This is the relevant DHCP configuration from my home router:

Short DHCP lease time
ip dhcp pool DHCP
   network 192.168.200.192 255.255.255.240
   default-router 192.168.200.193
   domain-name example.com
   dns-server 192.168.200.193
   lease 0 0 30

Adding a secondary subnet

With the older kids bringing all sorts of fruity gadgets home, and having their smart phones connected to WiFi all the time, the reduced lease time trick collapsed… and you probably know how nervous teenagers might get when they can’t connect to Facebook. It was time to add a secondary subnet.

Fortunately, Cisco introduced secondary DHCP subnets in 12.4T – I had to add only three lines to my router configuration to add the second subnet to my home network:

Secondary DHCP subnet
interface Vlan1
 ip address 10.217.233.1 255.255.255.0 secondary
!
ip dhcp pool DHCP
   network 192.168.200.192 255.255.255.240
   network 10.217.233.0 255.255.255.0 secondary
     override default-router 10.217.233.1
   default-router 192.168.200.193
   domain-name example.com
   dns-server 192.168.200.193
   lease 0 0 30

The secondary DHCP subnet functionality is exactly what I needed:

Addressing problem solved… now I have to find that second WiFi access point somewhere deep in my drawers.

4 comments:

  1. Nice tip. And what's funny I was going there with IPv6 when I read the first few sentences..
  2. Thanks for this. My setup is (WWW)-(ASA)-880wifi. I had similar issue and took a different approach by subnetting wifi devices different from wired (seems like problem comes with proliferation of all the new wifi gadgets). I then just NAT overload all wifi through one of the wired IP addresses. A little crude but works, nonetheless.

    Regards,

    Marc
  3. Thanks, didnt known about secondary pool addresses.
    And thanks for that link to Ron Broersma presentation.
  4. Pity it is not my solution... Netscreen 50 can't assign more that 255 IP in total, in it's DHCP Pools... :(
    I can't find a way to do that...
Add comment
Sidebar