This article is also available as a PDF download.
The growth of the young company you work for as network administrator has surpassed all expectations. Everyone--especially the bosses--has every reason to celebrate. But the IT crowd isn't in the same celebratory mood. The reason? They're running on empty (or, more precisely: the DHCP server is).
The problem is that the DHCP server is fast running out of IP addresses to dish out to all the new computers being added to serve your company's growing staff complement. There's an exclamation mark hanging like an ill omen over the DHCP server icon (Figure A), an indication that you're dangerously close to the end of the available address pool.
|The exclamation mark next to the DHCP server name is a warning that the IP addresses from the scope have nearly been depleted.|
When the company started out as a small business with 50 PCs three years ago, the 254 IP addresses a Class C subnet offered seemed more than enough for a long time. But now it's a different story. There are just eight unassigned IP addresses left. As the responsible network admin, what are your options?
You could lobby for another physical LAN (and thus another subnet), but that would mean you'd have to convince the boss to buy a router (or another one if you already have more than one physical LAN) and (maybe) another DHCP server. But suppose there's really no need for a separate physical LAN, apart from your IP address problem?
Changing to another IP address class--maybe Class B, which will provide you with more addresses--is another possibility, but again not a very attractive one. This time you'll have to justify purchasing this address range from your ISP and then face the prospect of migrating from the existing address range (scope) to the new one.
Thankfully, there's a much simpler solution--using a superscope. What's a superscope? A kind of mother of all scopes. It allows you to add more than one scope (called child scopes, or member scopes) under one umbrella.
Microsoft introduced the superscope feature with NT4 SP2.
Let's go ahead and create a superscope for the scenario described above. We'll assume DHCP is set up to use the scope 192.168.0.0. We want to add another scope from the same class (Class C), so let's use 192.168.1.0. But first we need to create a superscope. Here's how:
- Open DHCP.
- Right-click on the DHCP server.
- From the drop-down list, choose New Superscope (Figure B) to launch the New Superscope Wizard.
- The wizard prompts you to enter a name for the superscope. We'll just call it MySuperscope.
- On the next screen, you'll be asked to select a scope(s) to add to the superscope. You'll see the list of available scopes--in our example, just 192.168.0.0 (Figure C) Select it and click Next.
|The first step in creating a superscope.|
|Adding scopes to the superscope|
The final screen of the wizard informs you that you have successfully completed the New Superscope wizard and gives you the details (Figure D). If you go back into DHCP, you'll see that the new superscope has been created.
|The last screen of the wizard showing the details of the new superscope.|
Adopting another child
Now we're ready to create our brand new child scope that will be watched over by our superscope.
- Open DHCP.
- Right-click on the DHCP server.
- Select New scope (Figure E) to launch the New scope wizard.
- Choose a name and description for the new scope. As our first scope in this example was called Scope1, we'll just call this one Scope2.
- The wizard will prompt you to add an IP address range. We'll choose a range from the Class C range 192.168.1.0. (We could also have chosen 192.168.2.0, 192.168.3.0, etc., but we'll stick to ... 1.0, as it follows logically on our first range). As for start and end address, we'll select all available addresses, starting with 192.168.1.1 and ending with 192.168.1.254. Note that the wizard will automatically complete the Length and Subnet Mask fields (Figure F).
- On the next screen, you can choose which range of addresses you want to exclude, if any.
- Now, you get to select the duration of IP address leases. The default is eight days.
- The wizard then gives you the opportunity to configure DHCP options. You can choose to do it now or wait until later. Note, however, that you have to configure the most common options (like DNS server address and default gateway) before clients can use the scope, so now is as good a time as ever to do it. Just use the same options as your existing scope.
- After configuring the DHCP options, you are asked whether you want to activate the scope now or later. Once activated, you're done.
|The New scope wizard will walk you through the steps of creating a scope.|
|The address details of the new scope, with a little help from the wizard.|
Figure G shows our superscope and two child scopes. Notice the red downward pointing arrow to the right of the toolbar. Don't worry--it doesn't mean your superscope is down. You click on the arrow to deactivate a scope or superscope. Warning: Do not deactivate a superscope unless you want to get rid of all its member scopes!
|The new scope and the two child scopes.|
One last step
You now have what is termed a multinet--multiple subnets on a single physical network. But you're not quite there yet. Yes, you have an additional scope; yes, you have a superscope. But your superscope won't assign IP addresses from the new scope. And even if you add a static address from the pool to a client machine, you'll notice that you can't browse the network.
You still need to add the route to your DHCP server's network adaptor, and if you have a router, you'll want to add the IP address to it as well. Here's how to add that new address to your NIC:
- Open your Local Area Connection and click on Properties.
- Highlight Internet Protocol (TCP/IP) and click on the Properties tab to open the properties screen shown in Figure H.
- Click on Advanced which will take you to Advanced TCP/IP settings.
- Select Add. A window will open where you have to add the new IP address (Figure I). Enter the address and click Add.
- The next window will show both your IP addresses. Click OK, OK again on the next screen, and Close and you're done.
|The TCP/IP properties screen.|
|Here, you add the address of your new subnet.|
Now, if you add an address from the new subnet as a static IP address to a client machine, you should be able to browse the network.
I won't go into the details of adding the new IP address range to a router's Ethernet interface, but if you're Cisco certified, you'll find it to be a simple procedure. (If you don't know your way around a router, though, steer clear.)
The commands to add an IP address to an interface look something like this (depending on the interface and address):
int e 0/0
ip address 192.168.1.0 255.255.255.0
But you're adding a second address to the same interface, so you have to add the keyword secondary to the command. So to add the address range from our new child scope, the command would be:
int e 0/0
ip address 192.168.1.0 255.255.255.0 secondary
Help for remote subnets
So far, we have assumed you have a single physical subnet. But what if you have another one (let's call it physical subnet B) and you're running out of IP addresses there? We're assuming that your DHCP server on subnet A supplies addresses to subnet B. A superscope will also come to your rescue in a scenario like this--with a little help from a relay agent.
A relay agent is a program that relays DHCP/BOOTP messages between clients and servers on different subnets.
Warning: Do not attempt to set up your DHCP server as a relay agent--it won't work as a DHCP server any longer. Instead, try to relay any DHCP requests from clients to "another" DHCP server.
To supply IP addresses from a DHCP server located on subnet A to clients on another physical network--subnet B--you'll set up a superscope on subnet A. To this superscope, you'll add one or more child scopes, which will supply IP addresses to clients on subnet B.
Because you're concerned only with creating additional scopes to support clients on subnet B, you don't need to include the scope for subnet A as part of the superscope.
As most--probably all--modern routers have DHCP/BOOTP relay agent support, as described in RFC 1542, you probably won't need to set up another server as a DHCP relay agent. So all you'll need to do is configure the router (or have it configured) with its relay agent set to point to the IP address of the DHCP server.
Although you could set up an NT server or workstation as a DHCP relay agent, you can do this only on a server with Windows 2000 server and Windows Server 2003.