Prevent IP address conflicts on your wireless network by managing DHCP scopes

There are two main problems that wireless access points can cause when they act as DHCP servers.

The first is that there is the potential for IP address conflicts. The majority of the wireless access points on the market are configured by default to assign clients IP addresses in the 192.168.0.x range. This is a problem because it is fairly common to include multiple wireless access points on a single network segment. If each of these access points is assigned the same DHCP scope, then IP address conflicts are bound to occur. Keep in mind that these address assignments may not be limited to wireless clients. Many wireless access points will assign IP addresses to clients on the wired network as well, so you could potentially have clients on your wired network conflicting with wireless clients.

The other problem with the default DHCP configuration used by most wireless access points is that the 192.168.0.x address range may not mesh with the address range that you are already using. For example, suppose that -- prior to installation of any wireless access points -- your network uses the 190.160.25.x address range (I'm just making up a number). If this were the case, there are two reasons why having a wireless access point assigning clients 192.168.0.x addresses would cause problems.

First, the clients that had been assigned the 192.168.0.x addresses would not be able to communicate with network hosts using the 190.160.25.x addresses. The reason is that clients using the 192.168.0.x address range would think that hosts with the 190.160.25.x addresses were on a diffe...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Wireless Networks How to plan for 802.11n wireless LAN upgrades Deploying 802.11n access points: Best practices Rogue access points: Preventing, detecting and handling best practices Persistent, secure connections for roaming WiMAX, 3G and 802.11x Securing embedded 802.11n devices 802.11n's impact on WLAN security Set up secure wireless networks with 802.11x, access points and bridges How to use Netsh WLAN to configure Windows Server 2008 and Windows Vista wireless connections from the CLI How to avoid the WPA wireless security standard attack IEEE 802.11w protects wireless LAN management frames Troubleshooting Wireless Networks University tackles large-scale 802.11n wireless network management Why is my network adapter not working after a Vista Business upgrade? Meru reinvents wireless LAN troubleshooting and management APs drop connection in WLAN configured as a wireless mesh network How to plan for 802.11n wireless LAN upgrades Vendors strive to automate wireless LAN troubleshooting and management Fluke gets WLAN design, management, security cred with AirMagnet Wi-Fi RTLS for WLAN management, location-based security, asset tracking How radio frequency (RF) of microwaves alter wireless signal strength Distributed antenna systems and WLAN: A network management burden Troubleshooting Wireless Networks Research IP Networking What is the definition of ATM (Asynchronous Transfer Mode)? Do I have to disable DHCP on my router to create a DHCP server? Windows Server 2008 IP routing configuration: Static and dynamic RIPv2 What is IP? Connect your LAN to the Internet using static or dynamic NAT Using tracert and TTL to troubleshoot network connectivity problems Test your TCP/IP protocol stack to troubleshoot network connectivity IP addressing and subnetting explained Checking IP configuration to troubleshoot Windows network connectivity Does IPv6 abandon TCP/IP fragmentation?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary 802.11a  (SearchNetworking.com) home agent  (SearchNetworking.com) iDEN  (SearchNetworking.com) radio frequency  (SearchNetworking.com) repeater  (SearchNetworking.com) spectrum analyzer  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

rent network segment, even if that were not the case. They would therefore look for a router and try to use the routing tables to figure out how to reach this segment. Assuming that both address ranges existed on the same segment, communications simply wouldn't work.

The other problem with allowing wireless access points to assign 192.168.0.x addresses is that these addresses are not routable. If your network consists of multiple segments, you won't be able to use this address range.

Now that I have discussed the problems associated with the way that wireless access points assign IP addresses by default, I want to talk about how to get around these problems. First, I should mention that some wireless access points are more flexible than others. Not all of the techniques I will be discussing will work with all access points.

The best way of preventing IP address conflicts and other communications problems is to decide beforehand what scope of addresses each DHCP server and each access point will manage. That way, you can allow each DHCP server and access point to assign IP addresses as needed, without having to worry about overlaps.

For example, on my own network I use the address range 147.101.x.x. Again, I chose this address range at random. Since I have one DHCP server and one wireless access point, I configured the DHCP server to assign addresses ranging from 147.101.101.1 to 147.101.101.100. I then configured the wireless access point to assign addresses ranging from 147.101.101.101 to 147.101.101.200. That way, all of the IP addresses that could potentially be assigned fall within a common range, but there is no risk of addresses overlapping and causing an IP address conflict.

When you configure an access point to assign a specific IP address range that is unique to your network, a couple of other things need to be taken into account. One thing that you need to consider is that you probably use a few static IP addresses on your network. You must define exceptions for any static IP addresses that are in use, to prevent that address from being assigned. On my own network, for example, I have a DNS server that uses the address 147.101.101.34. This address falls within the range of addresses that my DHCP server is configured to assign. I therefore defined an exception so that the DHCP server would never assign 147.101.101.34 to a client.

The other thing that you need to take into account is that if you configure an access point to assign addresses that are unique to your network, you will also have to configure the access point to assign a DNS address to clients. If you don't do this, clients either won't be made aware of the address of your DNS server, or they will try to use your ISP's DNS server, which of course will not contain the DNS records that are associated with the hosts on your private network.

As you can see, blindly installing a wireless access point can cause a number of problems. Since most access points also act as DHCP servers, it is important that you decide ahead of time how the new access point will fit in with your existing IP address scheme.

About the author:
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.