DHCP Superscope
What is Superscope?
A superscope is a collection of individual scopes that can be
managed as a single administrative unit. That’s what the book
says, so it must make sense, right? Well if that doesn’t make
much sense to you
A superscope is actually a collection of individual scopes. When
you group different scopes together into a single superscope, you
can do the following:
Place DHCP clients from multiple network IDs on the same
physical segment
Allow remote DCHP clients from multiple network IDs to
obtain an address from a DHCP Server
Place multiple DHCP Servers on the same physical segment,
with each DCHP Server being responsible for a different
scope.
The superscope will allow the DHCP Server to answer requests from
DHCP clients from different network IDs. Now, you might ask,
can’t you just create multiple scopes on a DHCP Server and then
everything will be cool? Let’s see what happens.
Multiple Scopes on a Single DHCP Server
Imagine that you have configured a DHCP Server with two scopes
serving the entire address range for the following network IDs:
192.168.1.0/24
192.168.2.0/24
The DHCP Server has a single network interface, and its IP
address is 192.168.1.5. You want the DHCP Server to answer
requests from clients on its locally attached network
192.168.1.0/24, and from the remote network, 192.168.2.0/24. The
remote DHCPRequest messages are forwarded through BOOTP Relay.
What will happen when a request from a client on the
192.168.2.0/24 makes a request to this DHCP Server?
The request is forwarded through the BOOTP Relay to the DHCP
Server. The DHCP Server checks the giaddr field in the
DHCPRequest or Discover message to see what network ID the
request is coming from. The DHCP Server compares this information
with the network ID assigned to its local interface. If the
network ID in the request and the network ID of the DHCP Server’s
interface is the same, the DHCP Server will check to see if it
has a scope that can service the request. If it does have a
scope, it continues the DHCP negotiation.
However, if the request from a network ID that is different from
that of the DHCP Server, the DHCP Server will see if it has a
superscope that includes an address pool that can service that
network ID. If it does not have such a superscope, then it will
send a NACK packet, and the DHCP client must start all over
again.
How about adding multiple IP addresses to the DHCP Server’s
Interface? In this way, the DHCP Server would be able to compare
the source network ID with the addresses on its interface, and
see that the source was on the name network ID as the DHCP
Server. Now it wouldn’t need to look for a superscope.
This will not work! It will not work because when you bind
multiple IP address to a single adapter on the DHCP Server, the
DHCP Server service will only use the primary IP address to make
its assessments. It will not use any of the secondary IP
addresses bound to the adapter.
A solution to this problem could be to include a second NIC on
the DHCP Server and assign it a primary address on the
192.168.2.0/24 network ID. However, using a superscope is a lot
easier and a lot cheaper than adding new hardware.
Conclusion
If you didn’t know about the utility of superscopes, you do now.
You now know that putting multiple scopes on a single DHCP Server
and letting ‘er rip won’t do the job, and so you have to consider
the network IDs of the clients that need to access the DHCP
Server, and the IP addresses and network interfaces on the DHCP
Server.
Superscopes allow you to not add extra network interfaces to your
DHCP and still be able to service DHCP clients from multiple
network IDs. They also allow you to place multiple DHCP Servers
on a single physical segment and prevent clients from obtaining
IP addresses on a different network ID as well as reducing the
number of NACKS send by the DHCP Server. This will help reduce
the number of NACK entries in your Event Log as well.
Can I use Super scopes like this:
I am in 4 floor Building.
Each floor is divided into 2 sides “F” & “B”, F=left & B=right.
And each side has a 24-port 3com super stack III switch.
And each switch per side has up to 23 user/pc.
Each floor has 2 printers one on each side, HP Lasejet 4200.
And one HP Color LaserJet CP3525 in the server room.
Each switch is connect via fiber to a main switch in
a server room “netgear gsm 7312”
I have 17 server in the server room, static ip-address.
My network is now 192.168.0.0/23. Gateway=192.168.0.1 DNS1=192.168.0.3 DNS2=192.168.0.146
I have one Scope in DHCP: Start=192.168.0.1 & End=192.168.1.254, lease for 1 day.
I want to segment my network so that each switch is on its own network, and can access the servers.
Like This:
Netmask: 255.255.255.224 = 27
4F: Network=192.168.0.224/27 Broadcast=192.168.0.255 IPs=192.168.0.225-254
4B: Network=192.168.0.192/27 Broadcast=192.168.0.223 IPs=192.168.0.193-222
3F: Network=192.168.0.160/27 Broadcast=192.168.0.191 IPs=192.168.0.161-190
3B: Network=192.168.0.128/27 Broadcast=192.168.0.159 IPs=192.168.0.129-158
2F: Network=192.168.0.96/27 Broadcast=192.168.0.127 IPs=192.168.0.97-126
2B: Network=192.168.0.64/27 Broadcast=192.168.0.95 IPs=192.168.0.65-94
1F: Network=192.168.0.32/27 Broadcast=192.168.0.63 IPs=192.168.0.33-62
1B: Network=192.168.0.0/27 Broadcast=192.168.0.31 IPs=192.168.0.1-30