22

We have a network setup for a demo, which lasts about 15mn. Our DHCP server is configured to assign ~ 100 addresses (max number of simultaneous connections or our AP) ... but since people might come and go very quickly we need to keep the lease time very short in order to free the IP addresses and allow other people to connect.

Initially I wanted to go for a lease time as short as 25 seconds, considering that the demo is quite short, and to be sure that no IP will be "abusively" reserved by the DHCP server ... However, I am afraid of several things.

First, the impact on the load of the network.

Second, I have read here and there that there might be some "weird" issues with time leases below 1 minute (e.g. What is a good DHCP lease timeout configuration).

Does somebody know what can be the different problems with using such a short time lease? What is the impact on the network? What would be a short but safe lease duration to use?

Community
  • 1
sebpiq
  • 345
  • 1
  • 2
  • 8
  • 5
    Anecdotal: Prior to a DHCP server migration I had dropped the lease time to 5 minutes for 4000ish clients. Migration got delayed and I forgot to reset the lease time for a few weeks. Nothing broke. Sub-minute lease time seems a bit excessive though. Couldn't you scale your scope to accommodate more than 100 addresses? – jscott Sep 18 '14 at 13:23
  • 1
    Ideally I'd put more APs, but currently I have only one AP, and it can cope with about 100 concurrent connections max. This is the reason for the 100 addresses limit. – sebpiq Sep 18 '14 at 13:26
  • 6
    @sebpiq 100 connections and 100 assigned IPs are a different thing though... in theory, i have a block of 200 address on my DHCP server, but im not going to reach that any time soon... – TiernanO Sep 18 '14 at 13:33
  • 4
    you could also just reset/drop all leases from the server after each demo... – SnakeDoc Sep 19 '14 at 03:36

2 Answers2

26

With a very low lease time you will see an increase of network traffic, particularly broadcast traffic as the "discover" and "offer" phases of DHCP are layer 2 broadcasts. How much of an issue this is depends on many factors such as the size and complexity of the network, latency, performance of the DHCP server, etc. Keep in mind DHCP clients do not wait until their lease is expired to try to renew it. So if you gave me a 60-second lease I'll be talking to the DHCP server (potentially) every 30 seconds to renew it.

As for "weird" issues, anything goes. Different DHCP clients will behave differently. Some may handle it fine, some may have problems renewing so often and fail. Perhaps there are clients which get a lease and simply sleep for a certain period of time then check if they need to renew or toss the address if it expired. If the sleep is longer than the lease then the system will keep the IP longer than it is allowed to. I haven't seen that issue before but I have seen things like the IP a client requests in the "request" phase being different than the one the server gave it in the "offer" phase but the server actually gave the client the "request" IP, which was already in use. Never under-estimate how poorly software can be written.

nobody
  • 190
  • 8
JeffW
  • 276
  • 3
  • 2
  • Hmm so basically it all depends on the implementations I guess ... and so I assume it is hard to come up with a safe lease time! Maybe I'll go with a compromise, such as 2-3mn!? – sebpiq Sep 18 '14 at 13:56
  • My main concern is some cheap IOT devices or printer appliance clients wearing out their EEPROM faster with short leases. Has anybody experienced this before? Or is this commonly only held in RAM? – user643011 May 04 '22 at 11:44
15

Matching the DHCP lease times with the connection limit of your AP doesn't strike me as the best way of handling the issue. The two don't have to match. Lower the DHCP lease time to something like twice the length of the demo (completely arbitrary suggestion) and expand your DHCP scope to accommodate as many leases as you think you'll have in a reasonable amount of time. As users drop off of the AP and new users connect they'll either get an unused IP from your ample DHCP pool or they'll get a previously leased IP address once those lease times expire.

If configuring your DHCP ip address pool is your means of controlling how many people can connect to the AP then I'd say there's probably a better way of doing that.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • You're absolutely right. I have to check if there's a way to limit the number of connections directly on the AP, and increase the number of assignable addresses to max. – sebpiq Sep 18 '14 at 14:02
  • 5
    This is a use of the 172.16.0.0/12 network. There's a lot of addresses in there. – Bryan Boettcher Sep 18 '14 at 17:50
  • 1
    Or the 10.0.0.0/8 range. You've got 16 million usable addresses in there (if the 1 million in @insta's suggestion isn't enough ;)) – Matthew Steeples Sep 18 '14 at 18:15
  • @joeqwerty I would really want to accept your answer since you solved my issue ... but JeffW's answer is more literal :( sorry about that. – sebpiq Sep 21 '14 at 09:54