This section discusses methods of assigning IP addresses to end systems and explains their influence on administrative overhead. Address assignment includes assigning an IP address, a default gateway, one or more domain name servers that resolve names to IP addresses, time servers, and so forth. Before selecting the desired IP address assignment method, the following questions should be answered:

■ How many devices need an IP address?

■ Which devices require static IP address assignment?

■ Is IP address renumbering expected in the future?

■ Is the administrator required to track devices and their IP addresses?

■ Do additional parameters (default gateway, name server, and so forth) have to be configured?

■ Are there any availability issues?

■ Are there any security issues?

Static Versus Dynamic IP Address Assignment Methods

Following are the two basic IP address assignment strategies:

■ Static: An IP address is statically assigned to a system. The network administrator configures the IP address, default gateway, and name servers manually by entering them into a special file or files on the end system with either a graphical or text interface. Static address assignment is an extra burden for the administrator—especially on large-scale networks— who must configure the address on every end system in the network.

■ Dynamic: IP addresses are dynamically assigned to the end systems. Dynamic address assignment relieves the administrator of manually assigning an address to every network device. Instead, the administrator must set up a server to assign the addresses. On that server, the administrator defines the address pools and additional parameters that should be sent to the host (default gateway, name servers, time servers, and so forth). On the host, the administrator enables the host to acquire the address dynamically; this is often the default.

When IP address reconfiguration is needed, the administrator reconfigures the server, which then performs the host-renumbering task. Examples of available address assignment protocols include Reverse Address Resolution Protocol, Boot Protocol, and DHCP. DHCP is the newest and provides the most features.

When to Use Static or Dynamic Address Assignment

To select either a static or dynamic end system IP address assignment method or a combination of the two, consider the following:

■ Node type: Network devices such as routers and switches typically have static addresses. End-user devices such as PCs typically have dynamic addresses.

■ The number of end systems: If there are more than 30 end systems, dynamic address assignment is preferred. Static assignment can be used for smaller networks.

■ Renumbering: If renumbering is likely to happen and there are many end systems, dynamic address assignment is the best choice. With DHCP, only DHCP server reconfiguration is needed; with static assignment, all hosts must be reconfigured.

■ Address tracking: If the network policy requires address tracking, the static address assignment method might be easier to implement than the dynamic address assignment method. However, address tracking is also possible with dynamic address assignment with additional DHCP server configuration.

■ Additional parameters: DHCP is the easiest solution when additional parameters must be configured. The parameters have to be entered only on the DHCP server, which then sends the address and those parameters to the clients.

■ High availability: Statically assigned IP addresses are always available. Dynamically assigned IP addresses must be acquired from the server; if the server fails, the addresses cannot be acquired. To ensure reliability, a redundant DHCP server is required.

■ Security: With dynamic IP address assignment, anyone who connects to the network can acquire a valid IP address, in most cases. This might be a security risk. Static IP address assignment poses only a minor security risk.

The typical enterprise network uses both static and dynamic address assignment methods. As shown in Figure, the static IP address assignment method is typically used for campus network infrastructure devices, in the Server Farm and Enterprise Data Center modules, and in the modules of the Enterprise Edge (the E-Commerce, Internet Connectivity, Remote Access and VPN, and WAN and MAN and Site-to-Site VPN modules). Static addresses are required for systems such as servers or network devices, in which the IP address must be known at all times for connectivity, general access, or management.

Using DHCP to Assign IP Addresses

DHCP is used to provide dynamic IP address allocation to hosts. DHCP uses a client/server model; the DHCP server can be a Windows server, a UNIX-based server, or a Cisco IOS device. Cisco IOS devices can also be DHCP relay agents and DHCP clients. Figure 5.8 shows the steps that occur when a DHCP client requests an IP address from a DHCP server.

Step 1 The host sends a DHCPDISCOVER broadcast message to locate a DHCP server.

Step 2 A DHCP server offers configuration parameters such as an IP address, a MAC address, a domain name, a default gateway, and a lease for the IP address to the client in a DHCPOFFER unicast message.

Step 3 The client returns a formal request for the offered IP address to the DHCP server in a DHCPREQUEST broadcast message.

Step 4 The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client.

A DHCP client might receive offers from multiple DHCP servers and can accept any one of the offers; the client usually accepts the first offer it receives. An offer from the DHCP server is not a guarantee that the IP address will be allocated to the client; however, the server usually reserves the address until the client has had a chance to formally accept the address. DHCP supports three possible address allocation mechanisms:

■ Manual: The network administrator assigns an IP address to a specific MAC address. DHCP is used to dispatch the assigned address to the host.

■ Automatic: DHCP permanently assigns the IP address to a host.

■ Dynamic: DHCP assigns the IP address to a host for a limited time (called a lease) or until the host explicitly releases the address. This mechanism supports automatic address reuse when the host to which the address has been assigned no longer needs the address.

Name Resolution

Names are used to identify different hosts and resources on the network and to provide userfriendly interaction with computers; a name is much easier to remember than an IP address. This section covers the purpose of name resolution, provides information about different available name resolution strategies, and discusses Domain Name System (DNS) name resolution. Hosts (computers, servers, printers, and so forth) identify themselves to each other using various naming schemes. Each computer on the network can have an assigned name to provide easier communication between devices and among users. Because the IP network layer protocol uses IP addresses to transport datagrams, a name that is used to identify a host must be mapped or resolved into an IP address; this is known as name resolution. To select the desired name resolution method, the following questions should be answered:

■ How many hosts require name resolution?

■ Are applications that depend on name resolution present?

■ Is the network isolated, or is it connected to the Internet?

■ If the network is isolated, how frequently are new hosts added, and how frequently do names change?

Static Versus Dynamic Name Resolution

The process of resolving a hostname to an IP address can be either static or dynamic. Following are the differences between these two methods:

■ Static: With static name-to-IP-address resolution, both the administrative overhead and the configuration are very similar to those of a static address assignment strategy. The network administrator manually defines name-to-IP-address resolutions by entering the name and IP address pairs into the local database (HOSTS file) using either a graphical or text interface. Manual entries create additional work for the administrator; they must be entered on every host and are prone to errors and omissions.

■ Dynamic: The dynamic name-to-IP-address resolution is similar to the dynamic address assignment strategy. The administrator has to enter the name-to-IP-address resolutions only on a local DNS server rather than on every host. The DNS server then performs the name-to- IP-address resolution. Renumbering and renaming are easier with the dynamic name-to-IPaddress resolution method.

When to Use Static or Dynamic Name Resolution

The selection of either a static or dynamic end-system name resolution method depends on the following criteria:

■ The number of hosts: If there are more than 30 end systems, dynamic name resolution is preferred. Static name resolution is manageable for fewer hosts.

■ Isolated network: If the network is isolated (it does not have any connections to the Internet) and the number of hosts is small, static name resolution might be appropriate. The dynamic method is also possible; the choice is an administrative decision.

■ Internet connectivity: When Internet connectivity is available for end users, static name resolution is not an option, and dynamic name resolution using DNS is mandatory.

■ Frequent changes and adding of names: When dealing with frequent changes and adding names to a network, dynamic name resolution is recommended.

■ Applications depending on name resolution: If applications that depend on name resolution are used, dynamic name resolution is recommended.

Using DNS for Name Resolution

To resolve symbolic names to actual network addresses, applications use resolver or name resolver programs, which are usually part of the host operating system. An application sends a query to a name resolver that resolves the request with either the local database (HOSTS file) or the DNS server. To enable DNS name resolution, the network administrator sets up the DNS server, enters information about hostnames and corresponding IP addresses, and configures the hosts to use the DNS server for name resolution.

DHCP and DNS Server Location in a Network

As illustrated in Figure below, DHCP and DNS servers can be located at multiple places in the network, depending on the service they support.

For the Enterprise Campus, DHCP and internal DNS servers should be located in the Server Farm; these servers should be redundant. For remote locations, Cisco routers can provide DHCP and DNS at the Enterprise Edge. External DNS servers should be redundant—for example, at two service provider facilities, or one at a service provider facility and one in a demilitarized zone at the Enterprise Campus or remote data center.