How to add another address range to DHCP server

Question

Short version

Long Version

Window Server 2012 DHCP server is currently configured as:

Subnet: 10.0.x.x (e.g. 10.0.0.0/16)
Dynamic IP Range: 10.0.0.12 - 10.0.0.120

This is done to limit dynamically assigned addresses to a small range on the subnet (and not overlap into other ranges).

I would like to add another address range to pool of available ranges that DHCP can pull from on our 10.0.x.x subnet:

DHCP Address Pool

10.0.0.12 - 10.0.0.200
10.0.27.12 - 10.0.27.150

Of course you can't do that because:

Of course it doesn't conflict; it's just being stubbon.

I want the DHCP server to offer addresses from a pool of two ranges on the 10.0.x.x subnet:

DHCP Address Pool

10.0.0.x
10.0.27.x

How do i do that?

Workaround

i suppose i could do it with exclusions:

Range: 10.0.0.0 - 10.0.255.255
Exclude: 10.0.0.0 - 10.0.0.11
Exclude: 10.0.0.151 - 10.0.0.255
Exclude: 10.0.1.0 - 10.0.26.255
Exclude: 10.0.27.0 - 10.0.27.11
Exclude: 10.0.27.151 - 10.0.26.255
Exclude: 10.0.28.0 - 10.0.255.255

But that idea is so dumb that I won't even bring it up.

Bonus Reading

Bonus Chatter

How does DHCP work?

Dynamic host configuration protocol can be used to automatically configure network devices with information they need:

Network subnet mask (e.g. 255.255.0.0)
DNS server (e.g. 10.0.42.7, 10.0.13.29)
Domain name (e.g. stackoverexchange.com)
Default gateway (e.g. 10.0.241.1)

In addition to being able to configure host options, it can automatically give clients an IP address. The DHCP server is given a block of IP addresses it can assign to clients, e.g.:

10.0.0.12 -10.0.0.100
10.0.0.200 - 10.0.0.245
10.0.3.100 - 10.0.3.200

And when a client shows up needed an IP address, it looks in it's available pool of addresses, picks one, and gives it to the machine:

10.0.0.12 - Unassigned
10.0.0.13 - Unassigned
10.0.0.14 - Unassigned
...
10.0.0.98 - Unassigned
10.0.0.99 - Unassigned
10.0.0.100 - Unassigned
10.0.0.200 - Unassigned
10.0.0.201 - Unassigned
10.0.0.202 - Unassigned
...
10.0.0.243 - Unassigned
10.0.0.244 - Unassigned
10.0.0.245 - Unassigned
10.0.3.100 - Unassigned
10.0.3.101 - Assigned to de-ad-be-ef-ba-ad (IANBOYD)
10.0.3.102 - Unassigned
...
10.0.3.198 - Unassigned
10.0.3.199 - Unassigned
10.0.3.200 - Unassigned

I want to add more ranges of IPs to the available pool of IPs to be assigned.

Other DHCP servers do it

Of course other DHCP servers can do this:

But i already know how to do it in other DHCP servers. I'm asking how to do it in the DHCP server that ships with Windows Server 2012.

If Windows Server 2012 DHCP server cannot do it: it's ok to say it:

It cannot be done; Windows Server 2012 does not support this feature that other DHCP servers support.

But i'm hoping it does support it. DHCP has been around a long time; and Microsoft has had a long time to get it right.

Actually I believe your dumb solution is the answer. :) I guess a question might be, why be so complicated. Rarely ever are networks subnetted in to a single /16 network. It’s bad network design that is causing this issue. — Appleoddity, Oct 12 '18 at 15:52
Superscoping isn't applicable here. A Super Scope would combine two or more "logically distinct" subnets into a single DHCP scope. What you're trying to do is to create a new scope that is technically encompassed by an existing scope. — joeqwerty, Oct 12 '18 at 16:57
MS DHCP will not allow adding overlapping pools in this manner. - "Windows Server 2012 does not support this feature that other DHCP servers support." — George, Oct 12 '18 at 17:37
The exclusion system is probably your easiest approach, but I'm not sure why you think you need five of them. I would simply have a range of 10.0.0.12-10.0.27.150, with a single exclusion of 10.0.0.151-10.0.27.11. That should have the same net effect as a pool with two ranges, even if it is not as nice visually. — Kevin Cathcart, Oct 12 '18 at 18:24

joeqwerty · Answer 1 · 2018-10-12T16:49:22.823

10

Of course it doesn't conflict; it's just being stubborn.

It does conflict with your existing scope. Your proposed new scopes are encompassed by your existing scope. In order to do what you want you would need to change the subnet mask of your existing scope so that it's range doesn't encompass the proposed new scopes.

Addendum

Based on your comment to my answer:

I don't know anything about any other DHCP implementation, but it's doubtful to me that any other implementation could do what you want. Saying that it's a "Windows" shortcoming is probably erroneous. How would the DHCP server know to assign an address from your second scope, which is encompassed by your first scope, instead of assigning an address from the first scope? How would it make that differentiation? I'm honestly curious to know how that would work, how you think it should work, and if any other DHCP implementation supports such a configuration.

edited Oct 12 '18 at 16:49

answered Oct 12 '18 at 15:55

joeqwerty

109,901
6
81
172

What i mean is that there's no reason a DHCP server cannot assign IPs from any ranges i desire. It's a design limitation of how the DHCP server in Windows was implemented. But nothing is conceptually wrong when thinking about dynamic host configuration where the server cannot assign from two disjoint ranges. *It's just being stubborn*. – Ian Boyd Oct 12 '18 at 16:22
joe is correct. Ian, your initial scope is a 255.255.0.0 which encompasses the desired x.x.y.y scope of addresses ie. your 10.0.27.X range.. what you are wanting is to have 2 scopes with a /24 range not a /16 range. – George Oct 12 '18 at 16:38
@George My concern if i created two scopes i) 10.0.0.0/255.255.255.0 and ii) 10.0.27.0/255.255.255.0 is that DHCP clients would be assigned a subnet mask of 255.255.255.0 rather than 255.255.0.0, and that dynamically assigned clients would not be able to talk outside of their 255.255.255.0 range (e.g. would not be able to talk to fixed ip set aside in fixed ranges). DHCP needs to correctly assign the subnet of the network (10.0.0.0/24), and pull from IP ranges i suggest. If scopes can solve that problem: excellent. Phrase it in the form of an answer and you'll get an accept. – Ian Boyd Oct 12 '18 at 16:46
@IanBoyd You need to route between your subnet, some layer 3 switch can even do it and some router can have multiple IP assigned to them to route inter subnet. – yagmoth555 Oct 12 '18 at 16:55
1

@IanBoyd regarding broadcast messages and related communications I can understand your concerns. As joe just modified his answer to also include a valid point, "What decides who gets an address from which scope?" Are you intending to do VLAN tagging or limit a specific group of users to obtain addresses from this new scope? Seems there are more questions that come out of the network design here than an easy answer to scope conflicts. – George Oct 12 '18 at 16:55
@George I updated the question with an explanation of how DHCP solves the problem of assigned addresses to clients; and how other DHCP server products support it. – Ian Boyd Oct 12 '18 at 17:03

score 3 · Answer 2 · answered Oct 13 '18 at 01:14

So, your approach depends on the answer to one critical question.

Are you trying to create two different subnets that exist within one VLAN / broadcast domain? Or are you trying to create two ranges within the same subnet? That is, how many default gateways exist on this VLAN / broadcast domain?

So, if you have two subnets within this VLAN / broadcast domain:

I assume you need the subnets to be 10.0.0.0/24 (mask of 255.255.255.0) and 10.0.27.0/24 (mask of 255.255.255.0), with the appropriate exclusions
Fix the subnet mask of the existing scope to match the router's network settings.
Convert the existing scope to a superscope, and add a scope within the superscope, for 10.0.27.0/24.
Configure any exclusions necessary.

Alternatively, if you have one large subnet within this VLAN / broadcast domain:

Set the range for the scope to cover the entire possible range (10.0.0.0 - 10.0.255.255)
Create an exclusion for 10.0.0.1 - 10.0.0.11
Create an exclusion for 10.0.0.201 - 10.0.27.11
Create an exclusion for 10.0.27.151 - 10.0.255.255

If desired, you can set the range for the scope to cover only 10.0.0.12 - 10.0.27.150, which would mean you could create a single exclusion for 10.0.0.201 - 10.0.27.11.

I'm trying to add more addresses to the pool of addresses that DHCP will hand out. It's one subnet, and i want the DHCP server to use multiple ranges of IPv4 addresses to hand out to the one single existing subnet. It seems that Windows Server has no way to add more than just the one range of ip addresses to the pool, and it has to be simulated through exclusions. — Ian Boyd, Oct 13 '18 at 02:25
Remember, that a subnet and a VLAN are two separate concepts. The question was, are you trying to add an additional subnet to a VLAN? Or, do you **really** have a giant /16 that you apportion out in small chunks whenever you need more IPs? Because if so, this is a side effect of poor network design, not poor DHCP server implementation. — Mike Christiansen, Oct 14 '18 at 20:44