There are two main problems that wireless access points can cause when they act as DHCP servers.
The first is that there is the potential for IP address conflicts. The majority of the wireless access points on the market are configured by default to assign clients IP addresses in the 192.168.0.x range. This is a problem because it is fairly common to include multiple wireless access points on a single network segment. If each of these access points is assigned the same DHCP scope, then IP address conflicts are bound to occur. Keep in mind that these address assignments may not be limited to wireless clients. Many wireless access points will assign IP addresses to clients on the wired network as well, so you could potentially have clients on your wired network conflicting with wireless clients.
The other problem with the default DHCP configuration used by most wireless access points is that the 192.168.0.x address range may not mesh with the address range that you are already using. For example, suppose that -- prior to installation of any wireless access points -- your network uses the 190.160.25.x address range (I'm just making up a number). If this were the case, there are two reasons why having a wireless access point assigning clients 192.168.0.x addresses would cause problems.
First, the clients that had been assigned the 192.168.0.x addresses would not be able to communicate with network hosts using the 190.160.25.x addresses. The reason is that clients using the 192.168.0.x address range would think that hosts with the 190.160.25.x addresses were on a different network segment, even if that were not the case. They would therefore look for a router and try to use the routing tables to figure out how to reach this segment. Assuming that both address ranges existed on the same segment, communications simply wouldn't work.
The other problem with allowing wireless access points to assign 192.168.0.x addresses is that these addresses are not routable. If your network consists of multiple segments, you won't be able to use this address range.
Now that I have discussed the problems associated with the way that wireless access points assign IP addresses by default, I want to talk about how to get around these problems. First, I should mention that some wireless access points are more flexible than others. Not all of the techniques I will be discussing will work with all access points.
The best way of preventing IP address conflicts and other communications problems is to decide beforehand what scope of addresses each DHCP server and each access point will manage. That way, you can allow each DHCP server and access point to assign IP addresses as needed, without having to worry about overlaps.
For example, on my own network I use the address range 147.101.x.x. Again, I chose this address range at random. Since I have one DHCP server and one wireless access point, I configured the DHCP server to assign addresses ranging from 184.108.40.206 to 220.127.116.11. I then configured the wireless access point to assign addresses ranging from 18.104.22.168 to 22.214.171.124. That way, all of the IP addresses that could potentially be assigned fall within a common range, but there is no risk of addresses overlapping and causing an IP address conflict.
When you configure an access point to assign a specific IP address range that is unique to your network, a couple of other things need to be taken into account. One thing that you need to consider is that you probably use a few static IP addresses on your network. You must define exceptions for any static IP addresses that are in use, to prevent that address from being assigned. On my own network, for example, I have a DNS server that uses the address 126.96.36.199. This address falls within the range of addresses that my DHCP server is configured to assign. I therefore defined an exception so that the DHCP server would never assign 188.8.131.52 to a client.
The other thing that you need to take into account is that if you configure an access point to assign addresses that are unique to your network, you will also have to configure the access point to assign a DNS address to clients. If you don't do this, clients either won't be made aware of the address of your DNS server, or they will try to use your ISP's DNS server, which of course will not contain the DNS records that are associated with the hosts on your private network.
As you can see, blindly installing a wireless access point can cause a number of problems. Since most access points also act as DHCP servers, it is important that you decide ahead of time how the new access point will fit in with your existing IP address scheme.
About the author:
Brien M. Posey, MCSE, is a Microsoft Most Valuable Professional for his work with Windows 2000 Server and IIS. Brien has served as CIO for a nationwide chain of hospitals and was once in charge of IT security for Fort Knox. As a freelance technical writer, he has written for Microsoft, CNET, ZDNet, TechTarget, MSD2D, Relevant Technologies and other technology companies. You can visit Brien's personal Web site at www.brienposey.com.
This was first published in January 2008