13

I want to assign a fixed private IP address to a server so that local computers can always access it.

Currently, the DHCP address of the server is something like 192.168.1.66.

Should I simply assign the server this same IP as fixed and configure the router so that it will exclude this IP from the ones available for DHCP?
Or are there some ranges of IP that are traditionally reserved for static addresses?

My beginner's question doesn't relate to commands but to general principles and good practices.

Practical case (Edit 1 of 2)

Thank you for the many good answers, especially the very detailed one from Liam.

I could access the router's configuration.

Router's overview panel:
========================
Connectivity type is set to DHCP and PPoE.
(...)

Network panel
=============
IPv4 address distribution (DHCP)
--------------------------------
Enable DHCP on LAN : Off
DHCP range starts at IP address : 192.168.1.33
DHCP range ends at IP address : 192.168.1.35
(...)
Nota bene: There is also an IPv6 section.

When booting any computer, it obtains its IPv4 address in DHCP.

The IP and the MAC addresses that I can see with the ipconfig all command in Windows match those in the list of connected devices that the router displays, so that I can confirm who is who.

The list of connected devices is something like

Description IP address              MAC address
«Unknown»   192.168.1.xx (static)   01:02:03:04:05:06
«Unknown»   192.168.1.yy (static)   07:08:09:10:11:12

Things that I don't understand:

  • Although all IP addresses are all obtained in DCHP, they are displayed as by the router as if they are static addresses.
  • The router's setting "Enable DHCP on LAN" is set on "Off" but the IP addresses are obtained in DHCP.
  • IP addresses attributed to the computers are outside of the very narrow DHCP range of 192.168.1.33 to 192.68.1.35

On any Windows computer connected in DCHP, ipconfig /all shows something like:

IPv4 Address    ........ 192.168.1.xx (preferred)
Default Gateway ........ 192.168.1.1  (= IP of the router)
DHCP server ............ 192.168.1.5

I'm missing something, but what?

Practical case (Edit 2 of 2)

Solution found.

For details, see my answer to Michal's comment at the bottom of this message.

I must admit that the way the router display things keeps some parts a mystery. The router seems to be using DHCP by default, but remembers the devices that were connected to it (probably using their mac address). It could be the reason why it lists the IPs as static although they're dynamic. There was also Cisco router at 192.168.1.4 which appeared for some business communications service, but I had no credentials to access it.

Alexis Wilke
  • 2,057
  • 1
  • 18
  • 33
OuzoPower
  • 327
  • 1
  • 4
  • 10
  • There's no standard governing DHCP reservation ranges, but it would be kinda nice. – LawrenceC Apr 05 '18 at 02:43
  • Some routers allow you to define an IP for a chosen mac-address. Use that and DHCP will keep that address for your server. You could also set a DHCP range to e.g. 192.168.0.128 - 192.168.0.254 in a 192.168.0.1/255.255.255.0 network and set all static addresses on the "static" servers from within 192.168.0.2 - 192.168.0.127 range. – Michal B. Apr 05 '18 at 07:29
  • @Michal B.: I agree and did it meanwhile.: 1. Obtain the server's mac address. 2. Observe which IPs the router assigns to computers (eg. `192.168.0.50` to `192.168.1.70`) 3. Start the server in DHCP. In the router panel, name it, basing on its mac address so that the router will remember it. 4. In the server switch IP from DHCP mode to manual and assign an IP that is beyond the ones that the router would assign to other devices (eg. `192.168.1.100`). You can use nmtui and then edit the config file where you can replace `PREFIX=32` by `NETMASK=255.255.255.0`. 6. Restart the network service. – OuzoPower Apr 06 '18 at 09:58

7 Answers7

17

Determine the IP address that is assigned to your server and then go onto the DHCP and set a DHCP reservation for that server.

JohnA
  • 556
  • 3
  • 12
  • 1
    Reservations are essentially self-documenting. ++ – mfinni Apr 04 '18 at 21:30
  • 5
    @mfinni `++` only works for programmers. `--` for your comment :P – Canadian Luke Apr 04 '18 at 23:59
  • ..and yes he should also use a fixed IP, and label it. Document it. Maybe even reserve a range for this. In an enterprise using internal VPN it is common for these IP's to be hard coded in HOSTS files and SSH config files so it is a big deal when they suddenly change. – mckenzm Apr 05 '18 at 01:30
11

DHCP services differ across many possible implementations, and there are no ranges of IP that are traditionally reserved for static addresses; it depends what is configured in your environment. I'll assume we're looking at a typical home / SOHO setup since you mention your router is providing the DHCP service.

Should I simply assign the server this same IP as fixed and configure the router so that it will exclude this IP from the ones available for DHCP?

I would say that is not best practice. Many consumer routers will not have the ability to exclude a single address from within the DHCP range of addresses for lease (known as a 'pool'). In addition, because DHCP is not aware that you have "fixed" the IP address at the server you run the risk of a conflict. You would normally either:

  • set a reservation in DHCP configuration so that the server device is always allocated the same address by the DHCP service, or
  • set the server device with a static address that is outside the pool of addresses allocated by the DHCP service.

To expand on these options:

Reservation in DHCP

If your router allows reservations, then the first, DHCP reservation option effectively achieves what you have planned. Note the significant difference: address assignment is still managed by the DHCP service, not "fixed" on the server. The server still requests a DHCP address, it just gets the same one every time.

Static IP address

If you prefer to set a static address, you should check your router's (default) configuration to determine the block of addresses used for DHCP leases. You will normally be able to see the configuration as a first address and last address, or first address and a maximum number of clients. Once you know this, you can pick a static address for your server.

An example would be: the router is set to allow a maximum of 128 DHCP clients with a first DHCP IP address of 192.168.1.32. Therefore a device could be assigned any address from 192.168.1.32 up to and including 192.168.1.159. Your router will use a static address outside this range (generally the first or last address .1 or .254) and you can now pick any other available address for your server.

TL;DR

It depends on the configuration of your DHCP service. Check the settings available to you for DHCP then either reserve an address in DHCP or pick a static address that is not used by DHCP - don't cross the streams.

Liam
  • 113
  • 1
  • 9
  • 1
    Double++ on this. – ivanivan Apr 05 '18 at 03:26
  • 1
    Thank you Liam for your very detailed and useful answer. After accessing the router's configuration, other issues arised that I added in the original message. – OuzoPower Apr 05 '18 at 09:45
  • @OuzoPower I'm new to responding here so don't have enough rep to comment on the question. Your update shows your router is not providing the DHCP service. The setting is _off_ on the router, and your Windows `ipconfig` output shows the DHCP service is provided from a device at **192.168.1.5**. Do you have Pi-Hole or another similar device providing DHCP? That's where you'll find your DHCP configuration. NB: This also explains why the router shows the addresses as static and why DHCP assigned addresses are outside the range configured on the router. – Liam Apr 06 '18 at 09:52
  • @Liam: No Pi-Hole or similar thing as far as I know. Solution found: As I could not set DHCP ranges in the router but could register the mac address of the server in the router and then attribute to the server a fixed IP address that is far beyond the range that the router is naturally assigning to existing devices. Thanks to the registration of the server's mac address, the router keeps it in memory and shows the server as missing when thus is off. For details, see my answer to Michal B. in the original post. This solution seems working like a charm. – OuzoPower Apr 06 '18 at 10:11
  • @OuzoPower That approach may work in the short term but how do you know that the address you have picked is outside the DHCP range? Many DHCP systems pick addresses at random from the available pool. At some point you will need to _know_ what your DHCP configuration actually is, rather than estimating by observation (!) otherwise you will experience some conflict. Your question asked about best practice. Here, best practice would be to know what system is handling DHCP for your LAN. I would start by visiting http://192.168.1.5/ or [https://192.168.1.5/](https://192.168.1.5/) for clues. – Liam Apr 06 '18 at 10:48
1

It's not a bad habit to divide your subnet to DHCP pool range and static ranges, but of course you can do what JohnA wrote - use reservation for your server, but first case is IMHO clearer, because you are not messing up your DHCP server with unused extra settings (it could be confusing then for another admins who are not aware of that the server is static). if using DHCP pool + static pool, then just don't forget to add your static server to DNS (create A/AAAA record for it).

Journeyman Geek
  • 6,969
  • 3
  • 31
  • 49
patok
  • 693
  • 1
  • 5
  • 14
  • I would like to add that the downside of DHCP reservations for servers is that if your DHCP environment is not sufficient fault tolerant, a DHCP server outage could cause all manner of problems. Monitor the DHCP closely and set leases that are long enough to be able respond to problems even after a long weekend. – JohnA Apr 05 '18 at 02:06
1

I prefer to set my network devices, servers, printers, etc. that require a static IP address out of range of the DHCP pool. For example, xx.xx.xx.0 to xx.xx.xx.99 would be set aside for fixed IP assignments and xx.xx.xx.100 to xx.xx.xx.250 would be set as the DHCP pool.

user1780242
  • 157
  • 2
  • 11
  • I like this approach as well. This way I can still access the servers even if the DHCP server takes the morning off or decides to start handing out invalid leases! – ErikF Apr 05 '18 at 01:24
  • Using `isc-dhcp-server` this is required (this is what my pi does, along with DNS caching, a fake domain for my LAN, and some traffic shaping for some wireless stuff). Unfortunately, I've seen browser based router config pages (both factory and replacement) that either require a reserved address to be in the dynamic pool... or out of it. – ivanivan Apr 05 '18 at 03:30
1

In addition to the other answers I want to concentrate on the fact that your router configuration does not seem to fit the IP address configuration on your server.

Please have a look on the output of ipconfig /all:

IPv4 Address ........ 192.168.1.xx(prefered)

Default Gateway ........ 192.168.1.1 (= IP of the router)

DHCP server ............ 192.168.1.5

The clients in the network don't get the IP address from the router, but a different DHCP server in the network (192.168.1.5 instead of 192.168.1.1). You have to find this server and check it's configuration instead of the router's DHCP server config, which is seemingly only used for Wireless.

Qippix
  • 11
  • 1
0

My router (OpenWRT) allows for static DHCP leases.

Static leases are used to assign fixed IP addresses and symbolic hostnames to DHCP clients.

So, you supply the MAC address of the server and it's desired IP address as a "static lease", and DHCP will always allocate the same IP. The client machine (the server in this case) requires no configuration changes and still picks up its IP address (the configured address) from DHCP.

spender
  • 368
  • 1
  • 3
  • 13
-2

Note that you can't assign a fixed IP addresses in 192.168 so that clients can "always access it" unless you also give each client a fixed IP address and subnet. Because if the clients use DHCP, then they get whatever subnect the DHCP server gives them, and if they use automatic addressing, then they won't be in a 192.168 subnet.

Once you realise that the system can't be easily perfected, you can see that your best options depend on what you are trying to do. Upnp is a common way of making devices visible. DNS is a common way of making devices visible. WINS is a common way of making devices visible. DHCP is a common way of making devices visible.

All of my printers have reservations: my printers aren't critical infrastructure, I want to be able to manage them, many of the clients use UPNP or mDNS for discovery anyway.

My gateway and DNS servers have fixed IP address in a reserved range: My DHCP server provides gateway and DNS addresses, and my DHCP server does not have the capacity to do dynamic discovery or DNS lookup.

None of my streaming devices have fixed or reserved IP values at all: if the network is so broken that DHCP and DNS aren't working, there is no way that the clients will be able to connect to fixed IP addresses anyway.

user165568
  • 270
  • 1
  • 2
  • 9
  • This literally makes no sense. Are you asserting that you can’t mix static and dynamic in a /16? – Gaius Apr 05 '18 at 12:59
  • I have asserted that if you use static, you haven't gauaranteed that clients can "always access it"Not at all. I've just asserted that I've mixed static and dynamic in my setup. – user165568 Apr 06 '18 at 09:46
  • @Gaius I have asserted that if you use static, you haven't guaranteed that clients can "always access it". I'm sorry that doesn't make sense to you: it's one of the primary reasons the world moved away from static. I've also asserted that I've mixed static and dynamic in my setup: see: "none of my streaming devices have fixed or reserved" and "DNS servers have fixed IP": the DNS servers are indeed in the same subnet as the clients. – user165568 Apr 06 '18 at 09:52
  • Sorry, but I must admin not understanding most of your answer. As far as I know, DNS are domain name servers and are useful when you want to name servers, like when assigning domain names to web sites. As I don't need domain names, DNS appears me useless. Accessing the server is not an issue without DNS. See my answer to Michal B. in the original post for the solution that I found. – OuzoPower Apr 06 '18 at 10:18