As network segments, the scale of the infrastructure, and the number of devices residing within them have grown, the need to automate the network configuration process for endpoint devices has increased.
Classically, this scheme looked like each user had to manually configure his addressing according to the scheme. And there could be collisions when selecting the same IP-address. Now this problem is solved with the help of DHCP protocol!
What is DHCP?
DHCP is a dynamic host configuration protocol on devices that transmits IP address, gateway, netmask, and additional settings like DNS. Of course, security measures should be strengthened when using it, as it has no means of authenticating the node itself or differentiating access. DHCP algorithm meaning:
Why do you need to reserve an ip address already issued by the DHCP service? The point is that the service allows you to use it for rent, for a certain period of time. If the node in the required period does not respond, the address will be considered free and will be assigned to a new user. Which is not good from a security point of view, because it is difficult to detect the attacker below the level at which the domain is working. Therefore, it is important to keep an up-to-date report with IP numbers received via DHCP, which will be automatically configured and assigned to employees.
How do I configure DHCP address reservation for existing clients?
Let's go to the DHCP-server control panel, where we will select the desired one and go to the Address Leases tab.
It lists all the addresses in the lease, find the desired device, and by right-clicking add the address behind the desired MAC address to the reservation.
To remove the entry, you need to go to the reservation tab and delete the folder with the required IP address:
The device will then be able to get a new address again, but it will not be hardcoded to the device.
How do I configure DHCP address reservation for new clients?
To do this, right-click Reservation -> New Reservation and set the IP address in a new window, having previously secured the required MAC address of the device. It can be viewed on the endpoint machine itself with the command in the terminal:
ipconfig /allOr in Linux similar systems command:
ip a 
Afterwards, a reservation entry will appear on the DHCP server with the corresponding MAC and IP addresses. The deletion process is identical to the previous one as for an existing client. Due to DHCP use for work broadcast message, that can abuse, you need defend you server with DHCP snooping, in our additional article.
If you don't have sufficient resources than you can perform actions on powerful cloud servers. Serverspace provides isolated VPS / VDS servers for common and virtualize usage.
