Filter
Top Products
Network > DHCP Server
386
SonicOS 5.8.1 Administrator Guide
Multiple Scopes for Group VPN – When using an internal DHCP server, a SonicWALL GVC
client could be configured using scope ranges that differ from the LAN/DMZ subnet. The scope
range for the SonicWALL GVC client is decided by the “Relay IP Address (Optional)” set in the
central gateway.
Compatible with Conflict Detection – Currently, the SonicWALL DHCP server performs
server-side conflict detection when this feature is enabled. The advantage of server-side
conflict detection is that it detects conflicts even when the DHCP client does not run client-side
conflict detection. However, if there are a lot of DHCP clients on the network, server-side
conflict detection can result in longer waits for a full IP address allocation to complete. Conflict
Detection (and Network Pre-Discovery) are not performed for an IP address which belongs to
a “relayed” subnet scope. The DHCP server only performs a conflict detection ICMP check for
a subnet range attached to its interface.
How Do Multiple DHCP Scopes per Interface Work?
Normally, a DHCP client initiates an address allocating procedure by sending a Broadcast
DHCP Discovery message. Since most routes do not forward broadcast packets, this method
requires DHCP clients and server(s) to reside on the same IP network or subnet.
When DHCP clients and their associated DHCP server are not on the same subnet, some type
of third-party agent (BOOTP relay agent, IP Helper, etc.) is required to transfer DHCP
messages between clients and server. The DHCP relay agent populates the giaddr field with
its ingress interface IP address and then forwards it to the configured DHCP server. When the
DHCP server receives the message, it examines the giaddr field to determine if it has a DHCP
scope that could be used to supply an IP address lease to the client.
Figure 26:1 Multiple Subnets Sharing One DHCP Server
The Multiple DHCP Scopes per Interface feature provides security enhancements to protect
against potential vulnerabilities inherent in allowing wider access to the DHCP server. The
DHCP Advanced Setting page provides security with a new tab for Trusted Agents where
trusted DHCP relay agents can be specified. The DHCP server discards any messages relayed
by agents which are not in the list.