Tip

Prevent IP address conflicts on your wireless network by managing DHCP scopes

One of the problems with bringing a wireless access point into a wired network is that the vast majority of wireless access points are configured by default to act as DHCP servers. Unless you plan ahead, this can cause some

    Requires Free Membership to View

problems if your network already makes use of DHCP.

There are two main problems that wireless access points can cause when they act as DHCP servers.

The first is that there is the potential for IP address conflicts. The majority of the wireless access points on the market are configured by default to assign clients IP addresses in the 192.168.0.x range. This is a problem because it is fairly common to include multiple wireless access points on a single network segment. If each of these access points is assigned the same DHCP scope, then IP address conflicts are bound to occur. Keep in mind that these address assignments may not be limited to wireless clients. Many wireless access points will assign IP addresses to clients on the wired network as well, so you could potentially have clients on your wired network conflicting with wireless clients.

More on DHCP
Troubleshooting a DHCP server 

DHCP services for WLANs

Building a WLAN proxy server, DHCP services: Part 2

The other problem with the default DHCP configuration used by most wireless access points is that the 192.168.0.x address range may not mesh with the address range that you are already using. For example, suppose that -- prior to installation of any wireless access points -- your network uses the 190.160.25.x address range (I'm just making up a number). If this were the case, there are two reasons why having a wireless access point assigning clients 192.168.0.x addresses would cause problems.

First, the clients that had been assigned the 192.168.0.x addresses would not be able to communicate with network hosts using the 190.160.25.x addresses. The reason is that clients using the 192.168.0.x address range would think that hosts with the 190.160.25.x addresses were on a different network segment, even if that were not the case. They would therefore look for a router and try to use the routing tables to figure out how to reach this segment. Assuming that both address ranges existed on the same segment, communications simply wouldn't work.

The other problem with allowing wireless access points to assign 192.168.0.x addresses is that these addresses are not routable. If your network consists of multiple segments, you won't be able to use this address range.

Now that I have discussed the problems associated with the way that wireless access points assign IP addresses by default, I want to talk about how to get around these problems. First, I should mention that some wireless access points are more flexible than others. Not all of the techniques I will be discussing will work with all access points.

The best way of preventing IP address conflicts and other communications problems is to decide beforehand what scope of addresses each DHCP server and each access point will manage. That way, you can allow each DHCP server and access point to assign IP addresses as needed, without having to worry about overlaps.

For example, on my own network I use the address range 147.101.x.x. Again, I chose this address range at random. Since I have one DHCP server and one wireless access point, I configured the DHCP server to assign addresses ranging from 147.101.101.1 to 147.101.101.100. I then configured the wireless access point to assign addresses ranging from 147.101.101.101 to 147.101.101.200. That way, all of the IP addresses that could potentially be assigned fall within a common range, but there is no risk of addresses overlapping and causing an IP address conflict.

When you configure an access point to assign a specific IP address range that is unique to your network, a couple of other things need to be taken into account. One thing that you need to consider is that you probably use a few static IP addresses on your network. You must define exceptions for any static IP addresses that are in use, to prevent that address from being assigned. On my own network, for example, I have a DNS server that uses the address 147.101.101.34. This address falls within the range of addresses that my DHCP server is configured to assign. I therefore defined an exception so that the DHCP server would never assign 147.101.101.34 to a client.

More on troubleshooting wireless connectivity
Learning guide: Wireless troubleshooting

How do I troubleshoot wireless connectivity on desktops?

How do I troubleshoot wireless access points (APs) losing connectivity?

Wireless interference can be frustrating (and fun?)

The other thing that you need to take into account is that if you configure an access point to assign addresses that are unique to your network, you will also have to configure the access point to assign a DNS address to clients. If you don't do this, clients either won't be made aware of the address of your DNS server, or they will try to use your ISP's DNS server, which of course will not contain the DNS records that are associated with the hosts on your private network.

As you can see, blindly installing a wireless access point can cause a number of problems. Since most access points also act as DHCP servers, it is important that you decide ahead of time how the new access point will fit in with your existing IP address scheme.

About the author:
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.


This was first published in January 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.