DHCP Best Practices

Unanswered Question
Mar 20th, 2009

Want to confirm best practices for DHCP for wireless users...

Client would rather use WLC internal DHCP server to manage 4 scopes - APs, employees, wireless device, and guests. I typically use the wireless controller's internal server for guests, but for the others I usually recommend using the existing deployed server. This provides several advantages, but I'm looking more for the cons against using the internal server.

Any input would be appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Scott Fella Fri, 03/20/2009 - 20:00

I agree with your approach.... only guest is where I will use the internal dhcp..... CONS.... well, the internal dhcp isn't as reliable as an external dhcp. Also it is recommended that your dhcp scope do not overlap with other wlc internal dhcp scopes.

kenneth.hall Sat, 03/21/2009 - 17:05

My apologies, I must not have been clear.

Let's call the DHCP server capability within the WLC "internal" and the use of a DHCP server elsewhere in the domain "external".

Using that terminology, I would typically recommend guest users pull from "internal" and everyone else from "external". Which is what I think you were saying?!?

Scott Fella Sat, 03/21/2009 - 18:07

That is exactly what I was saying. Guest would get their ip from the wlc. No need to open ports on the FW for that.

kenneth.hall Sat, 03/21/2009 - 18:24

Can you think of any other cons of using the internal dhcp, other than the reliability of the server? My understanding was that it was simply not designed to perform that function and was just a bonus feature for demo-ing and speed of deployment (on a smaller scale, of course)...

Scott Fella Sun, 03/22/2009 - 11:04

I have used the wlc internal dhcp for guest use for a long time. Also in big installs where there are a few hundred guest users. Yes the WLC internal dhcp is not a "TRUE" dhcp, but if everything is configured correctly, you should not have any issues. Monitor the amount of dhcp address that are handed out, because that might be where it becomes a pain. Guest users will need an ip address to hit the webauth page..... So really take a look, since most of the time you will have the ssid broadcasted, is that wireless device utility might associate to your ssid not on purpose, just because how they have their device configured.... this will take up one of your dhcp address.


This Discussion



Trending Topics - Security & Network