Lesson 5	Designing functional DHCP solution for LAN
Objective	Describe how to design a DHCP service in a non-routed LAN environment.

Designing a Functional DHCP Solution for a Non-Routed LAN

Learn how to design a DHCP service for a non-routed Local Area Network (LAN) environment, ensuring efficient IP address allocation and network configuration.

Overview of DHCP in a Non-Routed LAN

Dynamic Host Configuration Protocol (DHCP) automates IP address assignment and network configuration for devices in a LAN. In a non-routed LAN, all devices reside on the same logical subnet, and a single DHCP server can efficiently manage IP address allocation. This guide focuses on designing a DHCP solution for such environments, considering scalability, redundancy, and modern best practices.

Key Considerations for DHCP Design

When designing a DHCP solution, evaluate:

Host Types: Identify the devices (e.g., desktops, laptops, IoT devices, or servers) to determine IP address and configuration needs.
Network Scale: Assess the number of devices to size the IP address pool appropriately.
Redundancy Needs: Plan for high availability to prevent service disruptions.
Security: Implement measures to protect against unauthorized DHCP servers or IP exhaustion attacks.

Designing for a Non-Routed LAN Environment

In a non-routed LAN, devices communicate within a single subnet, typically connected via Layer 2 switches. This setup simplifies DHCP design but requires careful planning for scalability and reliability.

1. DHCP Server Placement

Single DHCP Server: For small to medium-sized LANs (up to several thousand devices), a single DHCP server can manage all clients. Place the server on the same subnet as the clients to ensure direct communication.
Scope Configuration: Define a single DHCP scope, which includes:
- IP Address Range: A pool of addresses for dynamic allocation (e.g., 192.168.1.100–192.168.1.200 for a /24 subnet).
- Subnet Mask: Matches the LAN’s subnet (e.g., 255.255.255.0 for a /24 network).
- Default Gateway: The router’s IP address for external connectivity.
- DNS Servers: Primary and secondary DNS server addresses for name resolution.
- Lease Duration: Set based on network dynamics (see below).

2. Lease Duration Strategies

Lease duration impacts network traffic and configuration flexibility:

Stable Networks: For LANs with consistent device populations (e.g., corporate desktops), use longer lease durations (e.g., 7–14 days) to reduce DHCP traffic.
Dynamic Networks: For environments with frequent device changes (e.g., guest Wi-Fi), use shorter leases (e.g., 24 hours) to allow faster IP reconfiguration.
Permanent Assignments: For critical devices like servers, consider reserved IP addresses (static assignments within DHCP) instead of infinite leases to simplify management.

3. Redundancy and High Availability

To ensure uninterrupted DHCP service, implement redundancy:

Split-Scope Configuration: Use two DHCP servers, each managing a portion of the IP address pool (e.g., 80/20 split: Server 1 handles 80% of the range, Server 2 handles 20%). This ensures clients receive addresses even if one server fails.
- Example: For a subnet 192.168.1.0/24, configure:
  - Server 1: Scope 192.168.1.100–192.168.1.180
  - Server 2: Scope 192.168.1.181–192.168.1.254
- Both servers share the same subnet settings (e.g., gateway, DNS) but operate independently.
Failover Clustering: Modern DHCP servers (e.g., Microsoft DHCP, ISC DHCP) support failover protocols, where two servers synchronize lease data for seamless failover. This is preferred for critical environments.

4. Security Best Practices

Protect the DHCP service from common threats:

DHCP Snooping: Enable on switches to filter unauthorized DHCP responses, preventing rogue servers.
IP Address Exhaustion Protection: Monitor lease usage and set limits to prevent malicious clients from consuming the entire pool.
Authentication: Use secure management protocols (e.g., HTTPS for web-based DHCP management) to protect server configurations.

5. TCP/IP Option Selection

Customize DHCP options to suit the LAN’s needs:

Essential Options:
- Option 3 (Router): Specifies the default gateway.
- Option 6 (DNS Servers): Provides DNS server addresses.
- Option 15 (Domain Name): Sets the local domain name (e.g., company.local).
Custom Options:
- Use DHCP classes to assign specific options to device types (e.g., shorter leases for “Portable” devices like laptops, longer leases for “Desktop” devices).
- Example: Assign different DNS servers for guest devices to route traffic through a filtered resolver.

6. Supporting IPv6

Modern LANs may support IPv6 alongside IPv4:

DHCPv6: Configure a DHCPv6 server for stateless or stateful address assignment if devices require dynamic IPv6 configuration.
SLAAC: For stateless environments, ensure routers support Stateless Address Autoconfiguration (SLAAC) with DHCPv6 for additional options (e.g., DNS servers).

Example Network Diagram

Below is a conceptual illustration of a DHCP setup in a non-routed LAN:

[LAN Subnet: 192.168.1.0/24]
        +-------------------+
        |   DHCP Server 1   |
        | Scope: 192.168.1.100–180 |
        | Gateway: 192.168.1.1     |
        | DNS: 192.168.1.10        |
        +-------------------+
                 |
                 | (Layer 2 Switch)
                 |
+----------------+----------------+
|                                |
| DHCP Server 2                  | Clients (Desktops, Laptops, etc.)
| Scope: 192.168.1.181–254       | 192.168.1.x
| Gateway: 192.168.1.1           |
| DNS: 192.168.1.10              |
+----------------+

Description:

Two DHCP servers provide redundancy using a split-scope configuration.
All devices are on the same subnet (192.168.1.0/24), connected via a Layer 2 switch.
Clients receive consistent gateway and DNS settings from either server.

Summary

Designing a DHCP solution for a non-routed LAN involves:

Placing a DHCP server on the same subnet as clients, using a single scope for simplicity.
Configuring appropriate lease durations based on network dynamics.
Implementing redundancy via split-scope or failover clustering.
Securing the DHCP service with snooping and monitoring.
Customizing TCP/IP options for different device types and supporting IPv6 if needed.

This design ensures efficient IP management, scalability, and reliability for modern LAN environments.

Next Lesson: Designing a DHCP service for a routed network, including DHCP relay agents and multi-subnet configurations.