Recofiguring DNS/DHCP: a bit of advice?

I am administrating a LAN with a mix of Linux servers and Windows/OSX/Linux/other systems. A while ago I configured our DHCP- (isc-dhcpd-4.4.1) and DNS server (BIND 9.16.44-Debian) to implement DDNS, which works fine.

However, the address space is now looking really quite messy, with some servers having static addresses, so I want to isolate the static addresses at the lower end of the range. This is the interesting bit of dhcpd.conf:

subnet 192.168.50.0 netmask 255.255.255.0 {
  range 192.168.50.10 192.168.50.250;
  option routers 192.168.50.1;
  option broadcast-address 192.168.50.255;
  option boot-size 8208;
  next-server 192.168.50.111;
  option tftp-server-address 192.168.50.111;
  option bootfile-name "/boot/grub/x86_64-efi/core.efi";
  filename "/debian12/boot/efi/EFI/debian/grubx64.efi";
}

host bonsai {
  hardware ethernet FC:34:97:1A:D3:67;
  fixed-address 192.168.50.149;
}

...

As suggested by the host bonsai ... config, some systems are on fixed addresses – I want to move those to static addresses.

To my mind it seems as simple as changing the range parameters from range 192.168.50.10 192.168.50.250; to something like range 192.168.50.100 192.168.50.250; – and cleaning up the DNS files, leaving only the static addresses. But is it as simple as this:

  • Stop named and dhcp
  • Make the configuration changes (is there a DHCP- or DNS cache somewhere?)
  • Start named and dhcp
  • Change the fixed addresses to static addresses, one by one

I’m hoping to be able to do this without disrupting people’s work; my thinking is that the users on fully dynamic addresses shouldn’t notice the change at all – when they renew their lease, they get an address in the new range (unless there is a cache somewhere?).

Am I right, though? And I would welcome any advice or opinion.

Asked By: j4nd3r53n

||

Unless systems need to operate without a functioning DNS service (for example, when one is a DNS server) it’s generally a good idea to leave them assigned through DHCP. This gives you a single point of management for address allocation (fewer opportunities for duplicated addresses) and when you discover you need to rearrange the network addresses, e.g. changing subnet, amending the gateway.

To that end I would suggest you continue as you are, but reduce the range and move the fixed-address values as you have described.

There’s no DHCP reservation cache as such, but obviously if something is already using the address you want to assign you will either get an address clash or the reassignment will (temporarily) fail.

If you’re using DNS internally you may first want to reduce the TTL down to a minute or so for the hosts you’re going to re-IP.

Answered By: Chris Davies
Categories: Answers Tags: , , ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.