Reservations, Scopes and Leases

Video Activity

Reservations, Scopes and Leases This lesson covers reservations, scopes and leases. Reservations are settings on a DHCP server which reserves a specific IP address for a device with a specific MAC address. Scopes allow us to discover a range of IP addresses that the DHCP server will give out. Leases are how long IP addresses are good for. When an a...

Join over 3 million cybersecurity professionals advancing their career
Sign up with

Already have an account? Sign In »

31 hours 29 minutes
Video Description

Reservations, Scopes and Leases This lesson covers reservations, scopes and leases. Reservations are settings on a DHCP server which reserves a specific IP address for a device with a specific MAC address. Scopes allow us to discover a range of IP addresses that the DHCP server will give out. Leases are how long IP addresses are good for. When an address is given out DHCP, they are only good for a finite period. DHCP servers allow us to lease a period of time that an IP address is good for. The lease can be renewed and extended if the address is still available.

Video Transcription
now, when we talked about our dynamic versus our static I p addresses, we mentioned reservations. Now, reservations are settings on our D A. C P server, which essentially tell R D h c P server that we are research reserving a particular i p address for a particular Mac address.
So are the HDP server will not give that i, p a drought address out to anybody else
except for this Mac address device. A device with this Mac address.
when we are setting a static address or when we're setting up a reservation on device a device we typically would want to set first set the static address on the device itself so it doesn't go out and try to perform the HCP and look for other D A c P servers. And then we'll want to reserve the address on the D H d P server.
Now, why do we do both?
Well, we do both just so that our device doesn't have to go out and constantly be performing the HCP,
but it is also reserved on our d. C. P server. So our d a. C P server isn't gonna accidentally give that advice or give that I p address out to somebody else.
We may not want to set our I p address statically say, if we have a reservation for a particular laptop on our D A. C P server. But that laptop has taken home sometimes. Then we may not want to systematically set the I. P addressing information on that laptop because the user who's taking at home
may not know how to change it back to automatic when they're trying to connect to their own network.
So it's important to know what a reservation, how reservations work and that we can set, weaken, set statically on the device as another fail safe, but typically will, at least at the very minimum, want to reserve that address on our D A. C. P. Server. So our D. C. P. Server does not give that address out to anybody else.
Next we have, and then with our i p address reservations, typically, the devices that will want to reserve over if we don't reserve all the devices in our network will want to at least reserve devices that people go to a lot such a CZ servers, routers, I. D. S is intrusion detection systems,
printers, network attached storage devices
and many others essentially anything that it needs to receive data at a particular I P address that needs to make sure that that I p address doesn't change and doesn't affect configurations of other computers or other servers. We set a static address on that device. Are we set? Or rather, we set a D. H CP reservation
for that device, so its I p address isn't constantly changing.
Next, we have our scopes. Now our scopes is essentially the range of addresses that are D H C P server will give out. So say, for example, we have a network that is running on the 1 92.1 68.1 dot exe network.
Well, in this situation,
we could hypothetically give out addresses between one and 2 54 so we could have addresses that we give out there. Between. That could be 1 92 that 1 68.1 dot one through 1 92.1 68 Not one but 2 54
Now we could set up our scope, said that are the HDP server gives out all those addresses. But we typically don't want to do that because especially if it's our home or a small office, we may not have 254 devices connecting to our network.
So we sort of want to limit that date. What addresses were being given out by d she piece server in order to a help narrow down that range a little bit and be leave us with some addresses that are not included in our scope to set static computers as,
say, we need to statically set a computer as a particular i p address, then weaken statically set a cz a three measure of making sure that that address isn't given out to anybody. We give them an address that is not in our scope. We said it's statically on the device and we reserve it in our d a C. P
we can set our scope rather than being 1 92.1 68 not 1.13 to 54. We set our scope to be
1 92.1 68
and so our D. A. C P server will only give out addresses that are addressed. Number address 1 92 That 1 68 50 and all the way. 51 52. 53 through 1 92.1 68.200 So would only give out addresses within that scope
now. So So now, if we ever needed to statically set a server or a printer or another device we could set it at was 1 92.1 68.1 through 49 or 201 through 254.
And those addresses, we wouldn't have to worry about them being given out by our d. C P server to someone else.
with our scopes, we may have multiple D A. C P servers on our network say we have a very large network with several different with one very large broadcast domain. So we have more than one D. H c P service on our network are Maybe we have multiple D H CP servers on our network for redundancy sake. In case one goes down, we still have another one.
Well, what will need to do is we'll need to make sure that those D H cp servers are given separate parts of the scope.
So that way they aren't giving out. Ah, one D. H c p server isn't giving out addresses to someone that another computer already has.
So in that case, we could give out. We could set one scope to be 1 92.1 68.50 through
100 then another 11 92.1 68.101 through 200.
And that would be this would be D h c P server A. And this would be D H C P server be. And they give out those different addresses
Now. We didn't demonstrate it here, but typically with R D H cp servers, if we have to on a network, we want to follow what's called the 80 20 rule. The 80 20 rule is we give 80% of our address space to one D A. C P server, and we give 20 of our addresses to another D H C P server. So
if we were setting up to D H CP servers, we may use
1 93 2.1 68 dot
100 through 1 80 then 1 92.1 68.1 81 through 200 on the second server.
if we did have one server fail than what that would do is we would be able to bring that other certain one server back online while we had the other server still processing be htp requests. But it would allow us to have one d a. C p server, which is
sort of our primary one, which provides more of our address space
than our than our other DHD P server. So we may want to follow that 80 20 rule when we're actually setting up multiple D H CP servers in our environment.
So remember our reservations and how we reserve an I P address to our Mac address with R GHT P server and then our scopes, which is the portion of our address which are D. The portion of our I P addresses, which are D A. C. P server, will actually give out
next. We have our leases now leases on with our d A. C. P server are how long they give out I p addresses to be good for now, when an I P addresses given out via de a. C P. It's not good forever. If they were, then
it would give out one address, another address, another dress, and if we had multiple computers coming in and out of our environment, we'd run out eventually.
That's why when we set up our scopes, we don't want to set up our scopes too small. Because if we do those device that will have multiple addresses given out. And if we actually run out of addresses, our D a. C P server won't give out any more dresses.
If we only said our d a c p scope toe 1 92.1 68.100 toe 1 92.1 68 that 120
and then we have 23 computers try to connect. Three of those computers aren't gonna get an I p address,
so that's where our leases come into play. That's why I released are so important.
Our leases are going to our d A. C. P server. We're going to set a lease. We're going to set a length of time that an I P address is good for and our computer. When it gets near the end of that leased, it wants to keep its own same I p address. Release the house. It wants to keep it Same house doesn't want to move.
So when our device on our network interface card is at 87.5 of the lease has expired. It's goingto attempt renewal. So it's going to attempt or DCP request back to our d A. C P server and say, Hey, I have this address. Can I renew my lease? Can I keep it?
And then either R D H cp server's gonna say, Yeah, you're good. You can keep that for another length of time. Our D C P server may not respond if our device does not get a response from the D. A. C P server that it will wait until it's at a closer percentage, and then it'll send another request. Wait till it's a closer percentage and send another request.
And if we get to the very end of that cycle and our lease is completely expired than our computer will rule, do the entire D H CP leasing process all over again with the D A c p Discover
offer requests and acknowledge all over again.
This lease renewal is why we can We may have a computer that's on a network that has the same i p address for months.
If we're caught, we turn it on every day it performs. The renewal has the same i p address. But then we go on vacation for one week and we come back. And
we had to now have a new i p address because we were gone for longer than the least period. So we didn't attempt renewal. So the DHD P server gave that I p address out to someone else. And then when we came back, our lease was expired. So we had to redo the d H d P process, and we got a different I p address this time.
So that's how our leases work and how renewal process works at starting at 87.5% of the lease expired. So our computer will try to get back to the I P address. Now we can manually perform
an I P address, renew and release with an I. P. Config release slash release, and I p config forward slash Renew. And when we do that manually, our computer will automate will manually attempt to perform a renewal of the I P address from the D H C P server.
This these two commands we are able to be used if we have our have our network interface cards set to static I p addressing. But if it's set to automatic i p addressing, it will work. And this is an especially important command. If we've moved to a different network segment say we took our laptop and we moved it over to a different network, plugged it in.
It didn't perform a d h cp request properly.
And so it's sitting there with its old d a sheep with his old I p address from the old network. That's not gonna fly that old I p address isn't gonna work on this network, or it may be in the right scope, but there's another computer already with that i p address. So what we'll do is we'll perform a i p config. Release ford slash release
I p config board slash renew
In order to attempt to, uh, redo that D h cp discover process
Up Next
CompTIA Network+

This CompTIA Network+ certification training provides you with the knowledge to begin a career in network administration. This online course teaches the skills needed to create, configure, manage, and troubleshoot wireless and wired networks.

Instructed By