In the Technical
, ztech123 posted, “I
am curious, are there any security benefits to establishing DHCP reservations
for clients on my network – I have about 30 – so that each machine would always
get assigned the same IP based on MAC address. I’ve done it for the printers,
and I’m considering it for the client machines, but I was unsure if it’s a good
move or not. I am trying to enhance security.”


TechRepublic member voldar
responded: “The only benefit is the following: if you use reservations for
all your computers, and your IP’s
subnet range for lease by your DHCP is restricted to those 30 IP addresses, then
no new computer will be able to connect to your network unless you give to it
the rights to do that.”

Another TechRepublic member, ewgny, added, “One security benefit that I can think of is
that you may want to keep a grouping of workstations with contiguous IP
addresses for firewall rules; for example, no outbound port 80 for – You could also prevent the DHCP server from giving out IP addresses
by keeping your reservations in an exclusion zone and configuring DHCP not to
distribute IP addresses past the exclusion zone. An unauthorized person trying
to connect to your network would have to know the private IP range/subnet you
are using to get onto your network. Although this alone doesn’t give your
network a high level of security, it makes it more difficult for hackers.”

There are also two TechRepublic articles that help to answer
this question and show how to best use DHCP reservations:


The text of discussion posts from TechRepublic members has
been slightly edited for spelling, punctuation, and clarity.