RE: DHCP reservations explained...

[Matthew W. Ross]

I've done both... Assigned a reservation via DHCP, and assigned the address on 
the server statically.

Several benefits to this approach:

1. If you have to reset the machine in some way, it can pick up its' address 
dynamically. Also allow the server to be PXE booted if you have WDS or some 
other network boot solution that depends on DHCP.

2. It stops you from reserving the address for something else accidentally. 
Windows DHCP will bark if the address is already reserved. If you only set the 
address statically, the DHCP server would be happy to "reserve" that IP for 
something else.

3. Performing a reservation and a static does not harm to the network.


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Schorr
[mailto:b...@rolandschorr.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Mon, 24 Jan 2011
13:33:54 -0800
Subject: RE: DHCP reservations explained...


> We always prefer static addresses for servers.  One less variable when
> we're troubleshooting later.
> 
>  
> 
> Ben M. Schorr
> Chief Executive Officer
> __
> Roland Schorr & Tower
> www.rolandschorr.com <http://www.rolandschorr.com/> 
> b...@rolandschorr.com <mailto:b...@rolandschorr.com> 
> 
>  
> 
> From: Candee [mailto:can...@gmail.com] 
> Sent: Monday, January 24, 2011 09:40
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
> 
>  
> 
> I use static addresses for my servers.
> 
> I also have my pool start at say x.x.x.100, so I know the address won't
> be assigned elsewhere.
> 
> On Tue, Jan 18, 2011 at 2:14 PM, Jonathan  wrote:
> 
> Hmmm... interesting concept. I personally prefer static addressing
> assigned on each individual server. Though I could see the appeal of
> using DHCP, I don't have enough confidence in DHCP to use it for server
> addressing. Just my $0.02
> 
> On Jan 18, 2011 2:06 PM, "David Lum"  wrote:
> > The other day someone commented that it seemed like a bit much that
> 50% of my 100-ish servers have DHCP reservations - driving home
> yesterday I realized another reason why I have it that way (because yes,
> I chew on these questions and constantly evaluate why I do some process
> or another) - because my fellow SE's have their server monitoring set up
> to look at specific IP's instead of hostnames and I am unable to
> convince them otherwise. If the server IP changes it hoses their tests
> and the dependencies.
> > 
> > It's not how I set *MY* monitoring up for servers I maintain, but I
> have posted that question here in fact and have seen differing opinions
> on weather hostname or IP is preferred.
> > 
> > David Lum // SYSTEMS ENGINEER
> > NORTHWEST EVALUATION ASSOCIATION
> > (Desk) 503.548.5229 // (Cell) 503.267.9764
> > 
> > 
> > 
> > 
> > 
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> > 
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
>  
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[Ben Schorr]

We always prefer static addresses for servers.  One less variable when
we're troubleshooting later.

 

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com <http://www.rolandschorr.com/> 
b...@rolandschorr.com <mailto:b...@rolandschorr.com> 

 

From: Candee [mailto:can...@gmail.com] 
Sent: Monday, January 24, 2011 09:40
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

 

I use static addresses for my servers.

I also have my pool start at say x.x.x.100, so I know the address won't
be assigned elsewhere.

On Tue, Jan 18, 2011 at 2:14 PM, Jonathan  wrote:

Hmmm... interesting concept. I personally prefer static addressing
assigned on each individual server. Though I could see the appeal of
using DHCP, I don't have enough confidence in DHCP to use it for server
addressing. Just my $0.02

On Jan 18, 2011 2:06 PM, "David Lum"  wrote:
> The other day someone commented that it seemed like a bit much that
50% of my 100-ish servers have DHCP reservations - driving home
yesterday I realized another reason why I have it that way (because yes,
I chew on these questions and constantly evaluate why I do some process
or another) - because my fellow SE's have their server monitoring set up
to look at specific IP's instead of hostnames and I am unable to
convince them otherwise. If the server IP changes it hoses their tests
and the dependencies.
> 
> It's not how I set *MY* monitoring up for servers I maintain, but I
have posted that question here in fact and have seen differing opinions
on weather hostname or IP is preferred.
> 
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Rene de Haas]

+1

We had different groups depending on the device. Server, switch, router,
sniffer etc.

On Mon, Jan 24, 2011 at 5:40 PM, Candee  wrote:

> I use static addresses for my servers.
> I also have my pool start at say x.x.x.100, so I know the address won't be
> assigned elsewhere.
>
> On Tue, Jan 18, 2011 at 2:14 PM, Jonathan  wrote:
>
>> Hmmm... interesting concept. I personally prefer static addressing
>> assigned on each individual server. Though I could see the appeal of using
>> DHCP, I don't have enough confidence in DHCP to use it for server
>> addressing. Just my $0.02
>>   On Jan 18, 2011 2:06 PM, "David Lum"  wrote:
>> > The other day someone commented that it seemed like a bit much that 50%
>> of my 100-ish servers have DHCP reservations - driving home yesterday I
>> realized another reason why I have it that way (because yes, I chew on these
>> questions and constantly evaluate why I do some process or another) -
>> because my fellow SE's have their server monitoring set up to look at
>> specific IP's instead of hostnames and I am unable to convince them
>> otherwise. If the server IP changes it hoses their tests and the
>> dependencies.
>> >
>> > It's not how I set *MY* monitoring up for servers I maintain, but I have
>> posted that question here in fact and have seen differing opinions on
>> weather hostname or IP is preferred.
>> >
>> > David Lum // SYSTEMS ENGINEER
>> > NORTHWEST EVALUATION ASSOCIATION
>> > (Desk) 503.548.5229 // (Cell) 503.267.9764
>> >
>> >
>> >
>> >
>> >
>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> > ~  ~
>> >
>> > ---
>> > To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> > or send an email to listmana...@lyris.sunbeltsoftware.com
>> > with the body: unsubscribe ntsysadmin
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Candee]

I use static addresses for my servers.
I also have my pool start at say x.x.x.100, so I know the address won't be
assigned elsewhere.

On Tue, Jan 18, 2011 at 2:14 PM, Jonathan  wrote:

> Hmmm... interesting concept. I personally prefer static addressing assigned
> on each individual server. Though I could see the appeal of using DHCP, I
> don't have enough confidence in DHCP to use it for server addressing. Just
> my $0.02
>   On Jan 18, 2011 2:06 PM, "David Lum"  wrote:
> > The other day someone commented that it seemed like a bit much that 50%
> of my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
> >
> > It's not how I set *MY* monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
> >
> > David Lum // SYSTEMS ENGINEER
> > NORTHWEST EVALUATION ASSOCIATION
> > (Desk) 503.548.5229 // (Cell) 503.267.9764
> >
> >
> >
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~  ~
> >
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: RE: DHCP reservations explained...

[David Lum]

Probably :)

From: Jonathan [mailto:ncm...@gmail.com]
Sent: Monday, January 24, 2011 7:08 AM
To: NT System Admin Issues
Subject: Re: RE: DHCP reservations explained...


Don't you mean broadcasts, rather than requests?

Jonathan
On Jan 24, 2011 10:05 AM, "David Lum" 
mailto:david@nwea.org>> wrote:
> If your clients are Windows clients can't you set the firewall to only listed 
> to DHCP requests from a given IP?
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
> -Original Message-
> From: Phil Brutsche [mailto:p...@optimumdata.com<mailto:p...@optimumdata.com>]
> Sent: Monday, January 24, 2011 7:00 AM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
>
> I have one addition to this:
>
> The helper-address command tells the L3 device to forward ALL UDP
> broadcasts - DHCP, TFTP, NetBIOS, etc. You would also need to execute
> these commands to exclude everything that's not DHCP:
>
> no ip forward-protocol udp domain
> no ip forward-protocol udp time
> no ip forward-protocol udp netbios-ns
> no ip forward-protocol udp netbios-dgm
> no ip forward-protocol udp tacacs
>
> That is not an exhaustive list.
>
> PC-based routers (Windows, Linux, *BSD, etc) include what's called a
> DHCP relay agent that will truly listen for DHCP requests and forward
> them on.
>
> On 1/24/2011 7:45 AM, Mayo, Bill wrote:
>> I believe what Brian was referring to was the "dhcp snooping" command,
>> which is designed to prevent undesired DHCP servers. What you ran into
>> is related to the fact that DHCP stops at the network boundary
>> (router/VLAN) because it is a broadcast. The helper-address command is
>> used to listen and forward requests on a VLAN to a designated DHCP
>> server, thereby preventing you from having to have a DHCP server on
>> every VLAN. That command will not stop any rogue DHCP servers.
>
> --
>
> Phil Brutsche
> p...@optimumdata.com<mailto:p...@optimumdata.com>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: RE: DHCP reservations explained...

[Jonathan]

Don't you mean broadcasts, rather than requests?

Jonathan
On Jan 24, 2011 10:05 AM, "David Lum"  wrote:
> If your clients are Windows clients can't you set the firewall to only
listed to DHCP requests from a given IP?
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
> -Original Message-
> From: Phil Brutsche [mailto:p...@optimumdata.com]
> Sent: Monday, January 24, 2011 7:00 AM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
>
> I have one addition to this:
>
> The helper-address command tells the L3 device to forward ALL UDP
> broadcasts - DHCP, TFTP, NetBIOS, etc. You would also need to execute
> these commands to exclude everything that's not DHCP:
>
> no ip forward-protocol udp domain
> no ip forward-protocol udp time
> no ip forward-protocol udp netbios-ns
> no ip forward-protocol udp netbios-dgm
> no ip forward-protocol udp tacacs
>
> That is not an exhaustive list.
>
> PC-based routers (Windows, Linux, *BSD, etc) include what's called a
> DHCP relay agent that will truly listen for DHCP requests and forward
> them on.
>
> On 1/24/2011 7:45 AM, Mayo, Bill wrote:
>> I believe what Brian was referring to was the "dhcp snooping" command,
>> which is designed to prevent undesired DHCP servers. What you ran into
>> is related to the fact that DHCP stops at the network boundary
>> (router/VLAN) because it is a broadcast. The helper-address command is
>> used to listen and forward requests on a VLAN to a designated DHCP
>> server, thereby preventing you from having to have a DHCP server on
>> every VLAN. That command will not stop any rogue DHCP servers.
>
> --
>
> Phil Brutsche
> p...@optimumdata.com
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[David Lum]

If your clients are Windows clients can't you set the firewall to only listed 
to DHCP requests from a given IP?

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764



-Original Message-
From: Phil Brutsche [mailto:p...@optimumdata.com] 
Sent: Monday, January 24, 2011 7:00 AM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

I have one addition to this:

The helper-address command tells the L3 device to forward ALL UDP
broadcasts - DHCP, TFTP, NetBIOS, etc. You would also need to execute
these commands to exclude everything that's not DHCP:

no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs

That is not an exhaustive list.

PC-based routers (Windows, Linux, *BSD, etc) include what's called a
DHCP relay agent that will truly listen for DHCP requests and forward
them on.

On 1/24/2011 7:45 AM, Mayo, Bill wrote:
> I believe what Brian was referring to was the "dhcp snooping" command,
> which is designed to prevent undesired DHCP servers.  What you ran into
> is related to the fact that DHCP stops at the network boundary
> (router/VLAN) because it is a broadcast.  The helper-address command is
> used to listen and forward requests on a VLAN to a designated DHCP
> server, thereby preventing you from having to have a DHCP server on
> every VLAN.  That command will not stop any rogue DHCP servers.

-- 

Phil Brutsche
p...@optimumdata.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[N Parr]

Yes I understand, not relevant to this thread I guess.  But good
information to have when you change servers and your DHCP dies.



From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Monday, January 24, 2011 7:45 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...


I believe what Brian was referring to was the "dhcp snooping" command,
which is designed to prevent undesired DHCP servers.  What you ran into
is related to the fact that DHCP stops at the network boundary
(router/VLAN) because it is a broadcast.  The helper-address command is
used to listen and forward requests on a VLAN to a designated DHCP
server, thereby preventing you from having to have a DHCP server on
every VLAN.  That command will not stop any rogue DHCP servers.
 
Bill Mayo
 


From: N Parr [mailto:npar...@mortonind.com] 
Sent: Monday, January 24, 2011 8:24 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...


Just ran in to that with Cisco last week when I migrated my DHCP from 03
to 08r2.  Only Vlan that could see the server was the one the server was
on.
Int vlan xx

Ip helper-address 192.168.1.x




From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Sunday, January 23, 2011 4:36 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...



There is a feature on Cisco switches at least that will inspect and
block DHCP server packets on switch ports not trusted for DHCP. My
higher education customers who run residential networks tend to deploy
this given the propensity for students to plug their Best Buy special
Linksys in "backwards" (e.g. LAN port into the resnet). 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

w - 312.625.1438 | c   - 312.731.3132

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, January 19, 2011 8:29 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

"I've seen more things go wrong (particularly in smaller networks) with
DHCP than with DNS.   (Admin deploys new networking device with DHCP
server functionality turned out, etc)"

 

Granted, I've seen that too, once or twice.  Rogue DHCP can be a threat
regardless, because if name resolution is working, and servers are
statically assigned, but workstations get rogue assignments,
productivity is still impacted ( although less systemically )

 

Kind of a pick your poison issue... choose based on your own comfort
level with the associated risks and then deal with it.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, January 18, 2011 4:50 PM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

 

I am not fond of DHCP for server management, even though I will admit
that it is a viable possibility.

 

I prefer the flexibility of configuration that is possible when you have
statically mapped IPs, and I've done this with hundreds of servers in
various environments.

 

In my experience, I've seen more things go wrong (particularly in
smaller networks) with DHCP than with DNS.   (Admin deploys new
networking device with DHCP server functionality turned out, etc)

 

Sure, DHCP maintenance of IP addresses means that you can change them
quickly, etc, but I can script that if necessary, and I've probably
performed major IP address changes a half dozen times in the past decade
and a half (including consulting clients and my home network).

 

But, it's just me.   I'm not going to get too religious about it either
way. 


 

ASB (My Bio via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 

 

On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff 
wrote:

I've always liked DHCP reservations over static IP addresses for servers
where possible for ease of management

   Single view of most servers from DHCP client list

   simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server

   less likely to experience IP in use conflict from out of date
tracking spreadsheets when adding new devices to the network 

etc, etc, etc 

but if your clients/applications use hostnames, then that's what I'd
monitor for most checks, keeping a single/simple check using the IP
address to cross verify against name resolution.

On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:

The other day someone commented that it seemed like a bit much that 50%
of my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on
these questions and constantly evaluate why I do some process or
another) - because my fellow SE's have their server monit

Re: DHCP reservations explained...

[Phil Brutsche]

I have one addition to this:

The helper-address command tells the L3 device to forward ALL UDP
broadcasts - DHCP, TFTP, NetBIOS, etc. You would also need to execute
these commands to exclude everything that's not DHCP:

no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs

That is not an exhaustive list.

PC-based routers (Windows, Linux, *BSD, etc) include what's called a
DHCP relay agent that will truly listen for DHCP requests and forward
them on.

On 1/24/2011 7:45 AM, Mayo, Bill wrote:
> I believe what Brian was referring to was the "dhcp snooping" command,
> which is designed to prevent undesired DHCP servers.  What you ran into
> is related to the fact that DHCP stops at the network boundary
> (router/VLAN) because it is a broadcast.  The helper-address command is
> used to listen and forward requests on a VLAN to a designated DHCP
> server, thereby preventing you from having to have a DHCP server on
> every VLAN.  That command will not stop any rogue DHCP servers.

-- 

Phil Brutsche
p...@optimumdata.com

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: RE: DHCP reservations explained...

[Jonathan]

+1, Bill is correct.
On Jan 24, 2011 8:46 AM, "Mayo, Bill"  wrote:
> I believe what Brian was referring to was the "dhcp snooping" command,
> which is designed to prevent undesired DHCP servers. What you ran into
> is related to the fact that DHCP stops at the network boundary
> (router/VLAN) because it is a broadcast. The helper-address command is
> used to listen and forward requests on a VLAN to a designated DHCP
> server, thereby preventing you from having to have a DHCP server on
> every VLAN. That command will not stop any rogue DHCP servers.
>
> Bill Mayo
>
> 
>
> From: N Parr [mailto:npar...@mortonind.com]
> Sent: Monday, January 24, 2011 8:24 AM
> To: NT System Admin Issues
> Subject: RE: DHCP reservations explained...
>
>
> Just ran in to that with Cisco last week when I migrated my DHCP from 03
> to 08r2. Only Vlan that could see the server was the one the server was
> on.
> Int vlan xx
>
> Ip helper-address 192.168.1.x
>
>
> 
>
> From: Brian Desmond [mailto:br...@briandesmond.com]
> Sent: Sunday, January 23, 2011 4:36 PM
> To: NT System Admin Issues
> Subject: RE: DHCP reservations explained...
>
>
>
> There is a feature on Cisco switches at least that will inspect and
> block DHCP server packets on switch ports not trusted for DHCP. My
> higher education customers who run residential networks tend to deploy
> this given the propensity for students to plug their Best Buy special
> Linksys in "backwards" (e.g. LAN port into the resnet).
>
>
>
> Thanks,
>
> Brian Desmond
>
> br...@briandesmond.com
>
>
>
> w - 312.625.1438 | c - 312.731.3132
>
>
>
> From: Erik Goldoff [mailto:egold...@gmail.com]
> Sent: Wednesday, January 19, 2011 8:29 AM
> To: NT System Admin Issues
> Subject: RE: DHCP reservations explained...
>
>
>
> "I've seen more things go wrong (particularly in smaller networks) with
> DHCP than with DNS. (Admin deploys new networking device with DHCP
> server functionality turned out, etc)"
>
>
>
> Granted, I've seen that too, once or twice. Rogue DHCP can be a threat
> regardless, because if name resolution is working, and servers are
> statically assigned, but workstations get rogue assignments,
> productivity is still impacted ( although less systemically )
>
>
>
> Kind of a pick your poison issue... choose based on your own comfort
> level with the associated risks and then deal with it.
>
> Erik Goldoff
>
> IT Consultant
>
> Systems, Networks, & Security
>
> ' Security is an ongoing process, not a one time event ! '
>
> From: Andrew S. Baker [mailto:asbz...@gmail.com]
> Sent: Tuesday, January 18, 2011 4:50 PM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
>
>
>
> I am not fond of DHCP for server management, even though I will admit
> that it is a viable possibility.
>
>
>
> I prefer the flexibility of configuration that is possible when you have
> statically mapped IPs, and I've done this with hundreds of servers in
> various environments.
>
>
>
> In my experience, I've seen more things go wrong (particularly in
> smaller networks) with DHCP than with DNS. (Admin deploys new
> networking device with DHCP server functionality turned out, etc)
>
>
>
> Sure, DHCP maintenance of IP addresses means that you can change them
> quickly, etc, but I can script that if necessary, and I've probably
> performed major IP address changes a half dozen times in the past decade
> and a half (including consulting clients and my home network).
>
>
>
> But, it's just me. I'm not going to get too religious about it either
> way.
>
>
>
>
> ASB (My Bio via About.Me <http://about.me/Andrew.S.Baker/bio> )
> Exploiting Technology for Business Advantage...
>
>
>
>
>
> On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff 
> wrote:
>
> I've always liked DHCP reservations over static IP addresses for servers
> where possible for ease of management
>
> Single view of most servers from DHCP client list
>
> simple to change parameters globally ( default gateway, primary DNS,
> secondary DNS, etc ) without having to visit each server
>
> less likely to experience IP in use conflict from out of date
> tracking spreadsheets when adding new devices to the network
>
> etc, etc, etc
>
> but if your clients/applications use hostnames, then that's what I'd
> monitor for most checks, keeping a single/simple check using the IP
> address to cross verify against name resolution.
>
&g

RE: DHCP reservations explained...

[Mayo, Bill]

I believe what Brian was referring to was the "dhcp snooping" command,
which is designed to prevent undesired DHCP servers.  What you ran into
is related to the fact that DHCP stops at the network boundary
(router/VLAN) because it is a broadcast.  The helper-address command is
used to listen and forward requests on a VLAN to a designated DHCP
server, thereby preventing you from having to have a DHCP server on
every VLAN.  That command will not stop any rogue DHCP servers.
 
Bill Mayo
 


From: N Parr [mailto:npar...@mortonind.com] 
Sent: Monday, January 24, 2011 8:24 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...


Just ran in to that with Cisco last week when I migrated my DHCP from 03
to 08r2.  Only Vlan that could see the server was the one the server was
on.
Int vlan xx

Ip helper-address 192.168.1.x




From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Sunday, January 23, 2011 4:36 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...



There is a feature on Cisco switches at least that will inspect and
block DHCP server packets on switch ports not trusted for DHCP. My
higher education customers who run residential networks tend to deploy
this given the propensity for students to plug their Best Buy special
Linksys in "backwards" (e.g. LAN port into the resnet). 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

w - 312.625.1438 | c   - 312.731.3132

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, January 19, 2011 8:29 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

"I've seen more things go wrong (particularly in smaller networks) with
DHCP than with DNS.   (Admin deploys new networking device with DHCP
server functionality turned out, etc)"

 

Granted, I've seen that too, once or twice.  Rogue DHCP can be a threat
regardless, because if name resolution is working, and servers are
statically assigned, but workstations get rogue assignments,
productivity is still impacted ( although less systemically )

 

Kind of a pick your poison issue... choose based on your own comfort
level with the associated risks and then deal with it.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, January 18, 2011 4:50 PM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

 

I am not fond of DHCP for server management, even though I will admit
that it is a viable possibility.

 

I prefer the flexibility of configuration that is possible when you have
statically mapped IPs, and I've done this with hundreds of servers in
various environments.

 

In my experience, I've seen more things go wrong (particularly in
smaller networks) with DHCP than with DNS.   (Admin deploys new
networking device with DHCP server functionality turned out, etc)

 

Sure, DHCP maintenance of IP addresses means that you can change them
quickly, etc, but I can script that if necessary, and I've probably
performed major IP address changes a half dozen times in the past decade
and a half (including consulting clients and my home network).

 

But, it's just me.   I'm not going to get too religious about it either
way. 


 

ASB (My Bio via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 

 

On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff 
wrote:

I've always liked DHCP reservations over static IP addresses for servers
where possible for ease of management

   Single view of most servers from DHCP client list

   simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server

   less likely to experience IP in use conflict from out of date
tracking spreadsheets when adding new devices to the network 

etc, etc, etc 

but if your clients/applications use hostnames, then that's what I'd
monitor for most checks, keeping a single/simple check using the IP
address to cross verify against name resolution.

On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:

The other day someone commented that it seemed like a bit much that 50%
of my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on
these questions and constantly evaluate why I do some process or
another) - because my fellow SE's have their server monitoring set up to
look at specific IP's instead of hostnames and I am unable to convince
them otherwise. If the server IP changes it hoses their tests and the
dependencies.

 

It's not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opini

RE: DHCP reservations explained...

[N Parr]

Just ran in to that with Cisco last week when I migrated my DHCP from 03
to 08r2.  Only Vlan that could see the server was the one the server was
on.
Int vlan xx

Ip helper-address 192.168.1.x




From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Sunday, January 23, 2011 4:36 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...



There is a feature on Cisco switches at least that will inspect and
block DHCP server packets on switch ports not trusted for DHCP. My
higher education customers who run residential networks tend to deploy
this given the propensity for students to plug their Best Buy special
Linksys in "backwards" (e.g. LAN port into the resnet). 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

w - 312.625.1438 | c   - 312.731.3132

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Wednesday, January 19, 2011 8:29 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

"I've seen more things go wrong (particularly in smaller networks) with
DHCP than with DNS.   (Admin deploys new networking device with DHCP
server functionality turned out, etc)"

 

Granted, I've seen that too, once or twice.  Rogue DHCP can be a threat
regardless, because if name resolution is working, and servers are
statically assigned, but workstations get rogue assignments,
productivity is still impacted ( although less systemically )

 

Kind of a pick your poison issue... choose based on your own comfort
level with the associated risks and then deal with it.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, January 18, 2011 4:50 PM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

 

I am not fond of DHCP for server management, even though I will admit
that it is a viable possibility.

 

I prefer the flexibility of configuration that is possible when you have
statically mapped IPs, and I've done this with hundreds of servers in
various environments.

 

In my experience, I've seen more things go wrong (particularly in
smaller networks) with DHCP than with DNS.   (Admin deploys new
networking device with DHCP server functionality turned out, etc)

 

Sure, DHCP maintenance of IP addresses means that you can change them
quickly, etc, but I can script that if necessary, and I've probably
performed major IP address changes a half dozen times in the past decade
and a half (including consulting clients and my home network).

 

But, it's just me.   I'm not going to get too religious about it either
way. 


 

ASB (My Bio via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 

 

On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff 
wrote:

I've always liked DHCP reservations over static IP addresses for servers
where possible for ease of management

   Single view of most servers from DHCP client list

   simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server

   less likely to experience IP in use conflict from out of date
tracking spreadsheets when adding new devices to the network 

etc, etc, etc 

but if your clients/applications use hostnames, then that's what I'd
monitor for most checks, keeping a single/simple check using the IP
address to cross verify against name resolution.

On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:

The other day someone commented that it seemed like a bit much that 50%
of my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on
these questions and constantly evaluate why I do some process or
another) - because my fellow SE's have their server monitoring set up to
look at specific IP's instead of hostnames and I am unable to convince
them otherwise. If the server IP changes it hoses their tests and the
dependencies.

 

It's not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opinions on
weather hostname or IP is preferred. 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software

RE: DHCP reservations explained...

[Brian Desmond]

There is a feature on Cisco switches at least that will inspect and block DHCP 
server packets on switch ports not trusted for DHCP. My higher education 
customers who run residential networks tend to deploy this given the propensity 
for students to plug their Best Buy special Linksys in "backwards" (e.g. LAN 
port into the resnet).

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c   - 312.731.3132

From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Wednesday, January 19, 2011 8:29 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

"I've seen more things go wrong (particularly in smaller networks) with DHCP 
than with DNS.   (Admin deploys new networking device with DHCP server 
functionality turned out, etc)"

Granted, I've seen that too, once or twice.  Rogue DHCP can be a threat 
regardless, because if name resolution is working, and servers are statically 
assigned, but workstations get rogue assignments, productivity is still 
impacted ( although less systemically )

Kind of a pick your poison issue... choose based on your own comfort level with 
the associated risks and then deal with it.
Erik Goldoff
IT  Consultant
Systems, Networks, & Security
'  Security is an ongoing process, not a one time event ! '
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Tuesday, January 18, 2011 4:50 PM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

I am not fond of DHCP for server management, even though I will admit that it 
is a viable possibility.

I prefer the flexibility of configuration that is possible when you have 
statically mapped IPs, and I've done this with hundreds of servers in various 
environments.

In my experience, I've seen more things go wrong (particularly in smaller 
networks) with DHCP than with DNS.   (Admin deploys new networking device with 
DHCP server functionality turned out, etc)

Sure, DHCP maintenance of IP addresses means that you can change them quickly, 
etc, but I can script that if necessary, and I've probably performed major IP 
address changes a half dozen times in the past decade and a half (including 
consulting clients and my home network).

But, it's just me.   I'm not going to get too religious about it either way.



ASB (My Bio via About.Me<http://about.me/Andrew.S.Baker/bio>)
Exploiting Technology for Business Advantage...



On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff 
mailto:egold...@gmail.com>> wrote:
I've always liked DHCP reservations over static IP addresses for servers where 
possible for ease of management
   Single view of most servers from DHCP client list
   simple to change parameters globally ( default gateway, primary DNS, 
secondary DNS, etc ) without having to visit each server
   less likely to experience IP in use conflict from out of date tracking 
spreadsheets when adding new devices to the network
etc, etc, etc
but if your clients/applications use hostnames, then that's what I'd monitor 
for most checks, keeping a single/simple check using the IP address to cross 
verify against name resolution.
On Tue, Jan 18, 2011 at 2:06 PM, David Lum 
mailto:david@nwea.org>> wrote:
The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>

Re: RE: DHCP reservations explained...

[Sean Martin]

I'm testing our Netscalers for load balancing our AD DNS. So far they're
working pretty well.

- Sean

On Wed, Jan 19, 2011 at 7:18 AM, Free, Bob  wrote:

>  FWIW- If you consider that route, there are a number of players in the
> DNS/DHCP/IPAM appliance space, for example, multiple infoblox devices can be
> deployed in a HA “grid” that spans numerous locations.
>
>
>
> That’s not an indictment of Bluecat or an endorsement of infoblox, just an
> observation that there are a number of options.
>
>
>
> *From:* Ziots, Edward [mailto:ezi...@lifespan.org]
> *Sent:* Wednesday, January 19, 2011 6:10 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: RE: DHCP reservations explained...
>
>
>
> Then go with Bluecat Devices… if you want the HA with your DHCP.. We are
> doing that here with 2 Bluecat Appliances.
>
>
>
> Z
>
>
>
> Edward E. Ziots
>
> CISSP, Network +, Security +
>
> Network Engineer
>
> Lifespan Organization
>
> Email:ezi...@lifespan.org 
>
> Cell:401-639-3505
>
>
>
> *From:* Jonathan [mailto:ncm...@gmail.com]
> *Sent:* Tuesday, January 18, 2011 2:38 PM
> *To:* NT System Admin Issues
> *Subject:* Re: RE: DHCP reservations explained...
>
>
>
> Right @ 100 servers. Haven't been burned, but I'm not thrilled about lack
> of true failover/redundancy in DHCP in W2k3.  80/20 doesn't cut it, IMHO.
>
> On Jan 18, 2011 2:34 PM, "David Lum"  wrote:
> > +1. For same reasons.
> >
> > Jonathan I'm guessing you've been burned by DHCP issues in the past, or
> have few enough servers it's not too inconvenient?
> >
> > Dave
> >
> > From: Erik Goldoff [mailto:egold...@gmail.com]
> > Sent: Tuesday, January 18, 2011 11:16 AM
> > To: NT System Admin Issues
> > Subject: Re: DHCP reservations explained...
> >
> > I've always liked DHCP reservations over static IP addresses for servers
> where possible for ease of management
> > Single view of most servers from DHCP client list
> > simple to change parameters globally ( default gateway, primary DNS,
> secondary DNS, etc ) without having to visit each server
> > less likely to experience IP in use conflict from out of date tracking
> spreadsheets when adding new devices to the network
> > etc, etc, etc
> > but if your clients/applications use hostnames, then that's what I'd
> monitor for most checks, keeping a single/simple check using the IP address
> to cross verify against name resolution.
> > On Tue, Jan 18, 2011 at 2:06 PM, David Lum  david@nwea.org>> wrote:
> > The other day someone commented that it seemed like a bit much that 50%
> of my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
> >
> > It's not how I set *MY* monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
> > David Lum // SYSTEMS ENGINEER
> > NORTHWEST EVALUATION ASSOCIATION
> > (Desk) 503.548.5229 // (Cell) 503.267.9764
> >
> >
> >
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> >
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com>
> > with the body: unsubscribe ntsysadmin
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> >
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com>
> > with the body: unsubscribe ntsysadmin
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> >
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to 

RE: RE: DHCP reservations explained...

[Free, Bob]

FWIW- If you consider that route, there are a number of players in the 
DNS/DHCP/IPAM appliance space, for example, multiple infoblox devices can be 
deployed in a HA "grid" that spans numerous locations.

That's not an indictment of Bluecat or an endorsement of infoblox, just an 
observation that there are a number of options.

From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, January 19, 2011 6:10 AM
To: NT System Admin Issues
Subject: RE: RE: DHCP reservations explained...

Then go with Bluecat Devices... if you want the HA with your DHCP.. We are 
doing that here with 2 Bluecat Appliances.

Z

Edward E. Ziots
CISSP, Network +, Security +
Network Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

From: Jonathan [mailto:ncm...@gmail.com]
Sent: Tuesday, January 18, 2011 2:38 PM
To: NT System Admin Issues
Subject: Re: RE: DHCP reservations explained...


Right @ 100 servers. Haven't been burned, but I'm not thrilled about lack of 
true failover/redundancy in DHCP in W2k3.  80/20 doesn't cut it, IMHO.
On Jan 18, 2011 2:34 PM, "David Lum" 
mailto:david@nwea.org>> wrote:
> +1. For same reasons.
>
> Jonathan I'm guessing you've been burned by DHCP issues in the past, or have 
> few enough servers it's not too inconvenient?
>
> Dave
>
> From: Erik Goldoff [mailto:egold...@gmail.com<mailto:egold...@gmail.com>]
> Sent: Tuesday, January 18, 2011 11:16 AM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
>
> I've always liked DHCP reservations over static IP addresses for servers 
> where possible for ease of management
> Single view of most servers from DHCP client list
> simple to change parameters globally ( default gateway, primary DNS, 
> secondary DNS, etc ) without having to visit each server
> less likely to experience IP in use conflict from out of date tracking 
> spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd monitor 
> for most checks, keeping a single/simple check using the IP address to cross 
> verify against name resolution.
> On Tue, Jan 18, 2011 at 2:06 PM, David Lum 
> mailto:david@nwea.org><mailto:david@nwea.org<mailto:david@nwea.org>>>
>  wrote:
> The other day someone commented that it seemed like a bit much that 50% of my 
> 100-ish servers have DHCP reservations - driving home yesterday I realized 
> another reason why I have it that way (because yes, I chew on these questions 
> and constantly evaluate why I do some process or another) - because my fellow 
> SE's have their server monitoring set up to look at specific IP's instead of 
> hostnames and I am unable to convince them otherwise. If the server IP 
> changes it hoses their tests and the dependencies.
>
> It's not how I set *MY* monitoring up for servers I maintain, but I have 
> posted that question here in fact and have seen differing opinions on weather 
> hostname or IP is preferred.
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com><mailto:listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>>
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com><mailto:listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>>
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to 
> listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterpr

RE: RE: DHCP reservations explained...

[Ziots, Edward]

Then go with Bluecat Devices... if you want the HA with your DHCP.. We
are doing that here with 2 Bluecat Appliances. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Network Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Jonathan [mailto:ncm...@gmail.com] 
Sent: Tuesday, January 18, 2011 2:38 PM
To: NT System Admin Issues
Subject: Re: RE: DHCP reservations explained...

 

Right @ 100 servers. Haven't been burned, but I'm not thrilled about
lack of true failover/redundancy in DHCP in W2k3.  80/20 doesn't cut it,
IMHO.

On Jan 18, 2011 2:34 PM, "David Lum"  wrote:
> +1. For same reasons.
> 
> Jonathan I'm guessing you've been burned by DHCP issues in the past,
or have few enough servers it's not too inconvenient?
> 
> Dave
> 
> From: Erik Goldoff [mailto:egold...@gmail.com]
> Sent: Tuesday, January 18, 2011 11:16 AM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
> 
> I've always liked DHCP reservations over static IP addresses for
servers where possible for ease of management
> Single view of most servers from DHCP client list
> simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server
> less likely to experience IP in use conflict from out of date tracking
spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd
monitor for most checks, keeping a single/simple check using the IP
address to cross verify against name resolution.
> On Tue, Jan 18, 2011 at 2:06 PM, David Lum
mailto:david@nwea.org>> wrote:
> The other day someone commented that it seemed like a bit much that
50% of my 100-ish servers have DHCP reservations - driving home
yesterday I realized another reason why I have it that way (because yes,
I chew on these questions and constantly evaluate why I do some process
or another) - because my fellow SE's have their server monitoring set up
to look at specific IP's instead of hostnames and I am unable to
convince them otherwise. If the server IP changes it hoses their tests
and the dependencies.
> 
> It's not how I set *MY* monitoring up for servers I maintain, but I
have posted that question here in fact and have seen differing opinions
on weather hostname or IP is preferred.
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to
listmana...@lyris.sunbeltsoftware.com<mailto:listmanager@lyris.sunbeltso
ftware.com>
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to
listmana...@lyris.sunbeltsoftware.com<mailto:listmanager@lyris.sunbeltso
ftware.com>
> with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> 
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[Erik Goldoff]

“I've seen more things go wrong (particularly in smaller networks) with DHCP
than with DNS.   (Admin deploys new networking device with DHCP server
functionality turned out, etc)“

 

Granted, I’ve seen that too, once or twice.  Rogue DHCP can be a threat
regardless, because if name resolution is working, and servers are
statically assigned, but workstations get rogue assignments, productivity is
still impacted ( although less systemically )

 

Kind of a pick your poison issue… choose based on your own comfort level
with the associated risks and then deal with it.

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Tuesday, January 18, 2011 4:50 PM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

 

I am not fond of DHCP for server management, even though I will admit that
it is a viable possibility.

 

I prefer the flexibility of configuration that is possible when you have
statically mapped IPs, and I've done this with hundreds of servers in
various environments.

 

In my experience, I've seen more things go wrong (particularly in smaller
networks) with DHCP than with DNS.   (Admin deploys new networking device
with DHCP server functionality turned out, etc)

 

Sure, DHCP maintenance of IP addresses means that you can change them
quickly, etc, but I can script that if necessary, and I've probably
performed major IP address changes a half dozen times in the past decade and
a half (including consulting clients and my home network).

 

But, it's just me.   I'm not going to get too religious about it either way.



 

ASB (My Bio via About.Me <http://about.me/Andrew.S.Baker/bio> ) 
Exploiting Technology for Business Advantage...

 





On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff  wrote:

I've always liked DHCP reservations over static IP addresses for servers
where possible for ease of management

   Single view of most servers from DHCP client list

   simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server

   less likely to experience IP in use conflict from out of date tracking
spreadsheets when adding new devices to the network 

etc, etc, etc 

but if your clients/applications use hostnames, then that's what I'd monitor
for most checks, keeping a single/simple check using the IP address to cross
verify against name resolution.

On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:

The other day someone commented that it seemed like a bit much that 50% of
my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on these
questions and constantly evaluate why I do some process or another) -
because my fellow SE's have their server monitoring set up to look at
specific IP's instead of hostnames and I am unable to convince them
otherwise. If the server IP changes it hoses their tests and the
dependencies.

 

It’s not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opinions on
weather hostname or IP is preferred. 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Micheal Espinola Jr]

+1

--
ME2





On Tue, Jan 18, 2011 at 11:16 AM, Erik Goldoff  wrote:

> I've always liked DHCP reservations over static IP addresses for servers
> where possible for ease of management
>Single view of most servers from DHCP client list
>simple to change parameters globally ( default gateway, primary DNS,
> secondary DNS, etc ) without having to visit each server
>less likely to experience IP in use conflict from out of date tracking
> spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd
> monitor for most checks, keeping a single/simple check using the IP address
> to cross verify against name resolution.
>
>  On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:
>
>>  The other day someone commented that it seemed like a bit much that 50%
>> of my 100-ish servers have DHCP reservations - driving home yesterday I
>> realized another reason why I have it that way (because yes, I chew on these
>> questions and constantly evaluate why I do some process or another) -
>> because my fellow SE's have their server monitoring set up to look at
>> specific IP's instead of hostnames and I am unable to convince them
>> otherwise. If the server IP changes it hoses their tests and the
>> dependencies.
>>
>> It’s not how I set **MY** monitoring up for servers I maintain, but I
>> have posted that question here in fact and have seen differing opinions on
>> weather hostname or IP is preferred.
>> *David Lum** **// *SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>>
>>
>>
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Steven Peck]

Entire Data-center go offline because something went wrong servicing the UPS
in 'routine' maintenance.  Several hundred physical, virtual, mainframe,
etc that was also not a good night, last month  :)

There's a big 'portal UPS in a trailer with cables going into the building
right now and some poor security guard that gets to stand near it until a
replacement goes in.

Steven Peck
http://www.blkmtn.org


On Tue, Jan 18, 2011 at 3:51 PM, Michael B. Smith wrote:

>  I’ve seen four full cabinets (over 120 servers) in a data-center go
> offline because of a power short that caused first caused one UPS to go
> offline and then two more UPS’ to go offline because of overload.
>
>
>
> That was not a good night.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Tuesday, January 18, 2011 3:06 PM
> *To:* NT System Admin Issues
> *Subject:* RE: DHCP reservations explained...
>
>
>
> If DNS stops responding, what’s working?
>
>
>
> Having said that, I see your point. We (%dayjob%) have 3 DNS servers and I
> suppose you’re right, a perfect storm of all 3 being offline would prevent
> other systems from being monitored. At %I.T.GarageClient% if DNS is down
> then I’m already working one of the two or three servers that matter already
> and my clients aren’t getting any work done anyway.
>
>
>
> Along these lines, what’s the worst chain of issues you’ve seen? During our
> move we had three simultaneous SAN issues – fibre channel controller was
> dead, two drives (in different containers thankfully) died, and a redundant
> power supply in the SAN went out. What relies on this SAN? Our file shares,
> Exchange, 80% of our SQL DB’s….
>
>
>
> At the same time we have new audio-video and that the vendor neglected to
> mention they have some multicast(?) turned on that flooded our switches,
> making the servers that could run really spotty to hit from a PC. SAN guy
> not  happy, network guy not happy, but my DC’s were fine, lol.
>
>
>
> Dave
>
>
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Tuesday, January 18, 2011 11:37 AM
> *To:* NT System Admin Issues
> *Subject:* RE: DHCP reservations explained...
>
>
>
> I will always do one of two things:
>
>
>
> [1] use an IP address, or
>
>
>
> [2] have a rather complex hosts file on the server(s) running the
> monitoring software.
>
>
>
> After all, if DNS stops responding, are you going to stop monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Tuesday, January 18, 2011 2:06 PM
> *To:* NT System Admin Issues
> *Subject:* DHCP reservations explained...
>
>
>
> The other day someone commented that it seemed like a bit much that 50% of
> my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
>
>
>
> It’s not how I set **MY** monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>

RE: DHCP reservations explained...

[Michael B. Smith]

I've seen four full cabinets (over 120 servers) in a data-center go offline 
because of a power short that caused first caused one UPS to go offline and 
then two more UPS' to go offline because of overload.

That was not a good night.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, January 18, 2011 3:06 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

If DNS stops responding, what's working?

Having said that, I see your point. We (%dayjob%) have 3 DNS servers and I 
suppose you're right, a perfect storm of all 3 being offline would prevent 
other systems from being monitored. At %I.T.GarageClient% if DNS is down then 
I'm already working one of the two or three servers that matter already and my 
clients aren't getting any work done anyway.

Along these lines, what's the worst chain of issues you've seen? During our 
move we had three simultaneous SAN issues - fibre channel controller was dead, 
two drives (in different containers thankfully) died, and a redundant power 
supply in the SAN went out. What relies on this SAN? Our file shares, Exchange, 
80% of our SQL DB's

At the same time we have new audio-video and that the vendor neglected to 
mention they have some multicast(?) turned on that flooded our switches, making 
the servers that could run really spotty to hit from a PC. SAN guy not  happy, 
network guy not happy, but my DC's were fine, lol.

Dave

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, January 18, 2011 11:37 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

I will always do one of two things:

[1] use an IP address, or

[2] have a rather complex hosts file on the server(s) running the monitoring 
software.

After all, if DNS stops responding, are you going to stop monitoring?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, January 18, 2011 2:06 PM
To: NT System Admin Issues
Subject: DHCP reservations explained...

The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Rankin, James R]

I was leery about DHCP for servers (especially as I did it dynamically) but it 
worked surprisingly issue-free. Totally depends on your environment though. We 
had total control of what went on to the network, and IP changes were almost 
non-existent. The only issues we ever had were with vmware templates trying to 
grab in-use addresses. YMM (vastly) V
Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: "Andrew S. Baker" 
Date: Tue, 18 Jan 2011 16:49:47 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: DHCP reservations explained...

I am not fond of DHCP for server management, even though I will admit that
it is a viable possibility.

I prefer the flexibility of configuration that is possible when you have
statically mapped IPs, and I've done this with hundreds of servers in
various environments.

In my experience, I've seen more things go wrong (particularly in smaller
networks) with DHCP than with DNS.   (Admin deploys new networking device
with DHCP server functionality turned out, etc)

Sure, DHCP maintenance of IP addresses means that you can change them
quickly, etc, but I can script that if necessary, and I've probably
performed major IP address changes a half dozen times in the past decade and
a half (including consulting clients and my home network).

But, it's just me.   I'm not going to get too religious about it either
way.


*ASB *(My Bio via About.Me <http://about.me/Andrew.S.Baker/bio>)
 *Exploiting Technology for Business Advantage...*

*
*



On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff  wrote:

> I've always liked DHCP reservations over static IP addresses for servers
> where possible for ease of management
>Single view of most servers from DHCP client list
>simple to change parameters globally ( default gateway, primary DNS,
> secondary DNS, etc ) without having to visit each server
>less likely to experience IP in use conflict from out of date tracking
> spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd
> monitor for most checks, keeping a single/simple check using the IP address
> to cross verify against name resolution.
>
>  On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:
>
>>  The other day someone commented that it seemed like a bit much that 50%
>> of my 100-ish servers have DHCP reservations - driving home yesterday I
>> realized another reason why I have it that way (because yes, I chew on these
>> questions and constantly evaluate why I do some process or another) -
>> because my fellow SE's have their server monitoring set up to look at
>> specific IP's instead of hostnames and I am unable to convince them
>> otherwise. If the server IP changes it hoses their tests and the
>> dependencies.
>>
>> It’s not how I set **MY** monitoring up for servers I maintain, but I
>> have posted that question here in fact and have seen differing opinions on
>> weather hostname or IP is preferred.
>> *David Lum** **// *SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>>
>>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Andrew S. Baker]

I am not fond of DHCP for server management, even though I will admit that
it is a viable possibility.

I prefer the flexibility of configuration that is possible when you have
statically mapped IPs, and I've done this with hundreds of servers in
various environments.

In my experience, I've seen more things go wrong (particularly in smaller
networks) with DHCP than with DNS.   (Admin deploys new networking device
with DHCP server functionality turned out, etc)

Sure, DHCP maintenance of IP addresses means that you can change them
quickly, etc, but I can script that if necessary, and I've probably
performed major IP address changes a half dozen times in the past decade and
a half (including consulting clients and my home network).

But, it's just me.   I'm not going to get too religious about it either
way.


*ASB *(My Bio via About.Me )
 *Exploiting Technology for Business Advantage...*

*
*



On Tue, Jan 18, 2011 at 2:16 PM, Erik Goldoff  wrote:

> I've always liked DHCP reservations over static IP addresses for servers
> where possible for ease of management
>Single view of most servers from DHCP client list
>simple to change parameters globally ( default gateway, primary DNS,
> secondary DNS, etc ) without having to visit each server
>less likely to experience IP in use conflict from out of date tracking
> spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd
> monitor for most checks, keeping a single/simple check using the IP address
> to cross verify against name resolution.
>
>  On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:
>
>>  The other day someone commented that it seemed like a bit much that 50%
>> of my 100-ish servers have DHCP reservations - driving home yesterday I
>> realized another reason why I have it that way (because yes, I chew on these
>> questions and constantly evaluate why I do some process or another) -
>> because my fellow SE's have their server monitoring set up to look at
>> specific IP's instead of hostnames and I am unable to convince them
>> otherwise. If the server IP changes it hoses their tests and the
>> dependencies.
>>
>> It’s not how I set **MY** monitoring up for servers I maintain, but I
>> have posted that question here in fact and have seen differing opinions on
>> weather hostname or IP is preferred.
>> *David Lum** **// *SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>>
>>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[Michael B. Smith]

Of course. I always monitor TCP and UDP ports 53 on my DNS servers. Along with 
the DNS Server service (if Windows DNS).

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Tuesday, January 18, 2011 4:45 PM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

If DNS stops monitoring, I'd like my monitoring server to notice that too.
The likelihood is that the apps I am running will rely on DNS, so other things 
will break beyond the monitoring.



ASB (My Bio via About.Me<http://about.me/Andrew.S.Baker/bio>)
Exploiting Technology for Business Advantage...




On Tue, Jan 18, 2011 at 2:37 PM, Michael B. Smith 
mailto:mich...@smithcons.com>> wrote:
I will always do one of two things:

[1] use an IP address, or

[2] have a rather complex hosts file on the server(s) running the monitoring 
software.

After all, if DNS stops responding, are you going to stop monitoring?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: David Lum [mailto:david@nwea.org<mailto:david@nwea.org>]
Sent: Tuesday, January 18, 2011 2:06 PM

To: NT System Admin Issues
Subject: DHCP reservations explained...

The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Andrew S. Baker]

If DNS stops monitoring, I'd like my monitoring server to notice that too.
 The likelihood is that the apps I am running will rely on DNS, so other
things will break beyond the monitoring.


*ASB *(My Bio via About.Me )
 *Exploiting Technology for Business Advantage...*

*
*



On Tue, Jan 18, 2011 at 2:37 PM, Michael B. Smith wrote:

>  I will always do one of two things:
>
>
>
> [1] use an IP address, or
>
>
>
> [2] have a rather complex hosts file on the server(s) running the
> monitoring software.
>
>
>
> After all, if DNS stops responding, are you going to stop monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com
>
>
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Tuesday, January 18, 2011 2:06 PM
>
> *To:* NT System Admin Issues
> *Subject:* DHCP reservations explained...
>
>
>
> The other day someone commented that it seemed like a bit much that 50% of
> my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
>
>
>
> It’s not how I set **MY** monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Ben Scott]

  I think this depends on one's environment.  If you only have a
handful of servers, manual configuration is fine, even preferred.  If
you've got 100 servers, manual configuration is unwieldy at best, and
if you ever have to renumber your network, you're in for a lot of
work.  We manually config our servers, but DHCP our printers.

  I always go for static IP addresses for servers, printers, and the
like.  Only "regular PCs" are in the dynamic address pool.

  hosts files I don't use.  If DNS is down, nothing's working anyway,
and DNS will be my first priority.  But we're a small shop (2 person
IT department).  In a large shop, you might have enough people that
you'd want them working other issues even if DNS was out.  So
monitoring by IP address, or with a hosts file, might make sense.
Maybe.

  I don't think I'd ever want to get in to copying hosts files around
to *all* servers, though.  I can't see that ever being worth the
potential troubles.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Jonathan Link]

That's one thing I do need to brush up on.  My playing with GPP has been
haphazard, with similar results.

On Tue, Jan 18, 2011 at 4:14 PM, Rankin, James R wrote:

> I use group policy preferences to keep files of this ilk updated on
> servers.
>
> Typed frustratingly slowly on my BlackBerry® wireless device
> --
>  *From: *Jonathan Link 
> *Date: *Tue, 18 Jan 2011 16:09:24 -0500
>  *To: *NT System Admin Issues
> *ReplyTo: *"NT System Admin Issues"  >
>  *Subject: *Re: DHCP reservations explained...
>
>  I have a hostfile I keep in a central location.
> There's a scheduled task on each server that copies it daily.  The only
> risk is that if I stand up a new server, I might forget to create the task,
> but it's on my checklist, so not too likely.
>
> Of course, I only have 10 servers...
>
>  On Tue, Jan 18, 2011 at 4:05 PM, Michael B. Smith 
> wrote:
>
>>  Automate, automate, automate.
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith
>>
>> Consultant and Exchange MVP
>>
>> http://TheEssentialExchange.com <http://theessentialexchange.com/>
>>
>>
>>
>> *From:* Erik Goldoff [mailto:egold...@gmail.com]
>> *Sent:* Tuesday, January 18, 2011 4:03 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* RE: DHCP reservations explained...
>>
>>
>>
>> I **would** recommend having a proper host file available but not in
>> production.  Personally I’d use it only if name resolution dies, but if I
>> had a host file on every computer then the chance of some system somewhere
>> not having the most current increases, and the chance of lesser trained
>> staff copying an older version to a new box instead of the ‘master’ current
>> version increases.  {don’t ask how I know}
>>
>>
>>
>> *Erik Goldoff***
>>
>> *IT  Consultant*
>>
>> *Systems, Networks, & Security *
>>
>> '  Security is an ongoing process, not a one time event ! '
>>
>> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
>> *Sent:* Tuesday, January 18, 2011 2:37 PM
>> *To:* NT System Admin Issues
>> *Subject:* RE: DHCP reservations explained...
>>
>>
>>
>> I will always do one of two things:
>>
>>
>>
>> [1] use an IP address, or
>>
>>
>>
>> [2] have a rather complex hosts file on the server(s) running the
>> monitoring software.
>>
>>
>>
>> After all, if DNS stops responding, are you going to stop monitoring?
>>
>>
>>
>> Regards,
>>
>>
>>
>> Michael B. Smith
>>
>> Consultant and Exchange MVP
>>
>> http://TheEssentialExchange.com <http://theessentialexchange.com/>
>>
>>
>>
>> *From:* David Lum [mailto:david@nwea.org]
>> *Sent:* Tuesday, January 18, 2011 2:06 PM
>> *To:* NT System Admin Issues
>> *Subject:* DHCP reservations explained...
>>
>>
>>
>> The other day someone commented that it seemed like a bit much that 50% of
>> my 100-ish servers have DHCP reservations - driving home yesterday I
>> realized another reason why I have it that way (because yes, I chew on these
>> questions and constantly evaluate why I do some process or another) -
>> because my fellow SE's have their server monitoring set up to look at
>> specific IP's instead of hostnames and I am unable to convince them
>> otherwise. If the server IP changes it hoses their tests and the
>> dependencies.
>>
>>
>>
>> It’s not how I set **MY** monitoring up for servers I maintain, but I
>> have posted that question here in fact and have seen differing opinions on
>> weather hostname or IP is preferred.
>>
>> *David Lum** **// *SYSTEMS ENGINEER
>> NORTHWEST EVALUATION ASSOCIATION
>> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>

Re: DHCP reservations explained...

[Rankin, James R]

I use group policy preferences to keep files of this ilk updated on servers.

Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: Jonathan Link 
Date: Tue, 18 Jan 2011 16:09:24 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: DHCP reservations 
explained...

I have a hostfile I keep in a central location.
There's a scheduled task on each server that copies it daily.  The only risk
is that if I stand up a new server, I might forget to create the task, but
it's on my checklist, so not too likely.

Of course, I only have 10 servers...

On Tue, Jan 18, 2011 at 4:05 PM, Michael B. Smith wrote:

>  Automate, automate, automate.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com <http://theessentialexchange.com/>
>
>
>
> *From:* Erik Goldoff [mailto:egold...@gmail.com]
> *Sent:* Tuesday, January 18, 2011 4:03 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: DHCP reservations explained...
>
>
>
> I **would** recommend having a proper host file available but not in
> production.  Personally I’d use it only if name resolution dies, but if I
> had a host file on every computer then the chance of some system somewhere
> not having the most current increases, and the chance of lesser trained
> staff copying an older version to a new box instead of the ‘master’ current
> version increases.  {don’t ask how I know}
>
>
>
> *Erik Goldoff***
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
> '  Security is an ongoing process, not a one time event ! '
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Tuesday, January 18, 2011 2:37 PM
> *To:* NT System Admin Issues
> *Subject:* RE: DHCP reservations explained...
>
>
>
> I will always do one of two things:
>
>
>
> [1] use an IP address, or
>
>
>
> [2] have a rather complex hosts file on the server(s) running the
> monitoring software.
>
>
>
> After all, if DNS stops responding, are you going to stop monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com <http://theessentialexchange.com/>
>
>
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Tuesday, January 18, 2011 2:06 PM
> *To:* NT System Admin Issues
> *Subject:* DHCP reservations explained...
>
>
>
> The other day someone commented that it seemed like a bit much that 50% of
> my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
>
>
>
> It’s not how I set **MY** monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
&

RE: DHCP reservations explained...

[Erik Goldoff]

I don’t disagree with your assessment, just that my choice would still be
DHCP reservations given the low incidence of name resolution problems I’ve
seen.  YMMV, and thanks for the alternative.

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Tuesday, January 18, 2011 4:06 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

Automate, automate, automate.

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: Erik Goldoff [mailto:egold...@gmail.com] 
Sent: Tuesday, January 18, 2011 4:03 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

I *would* recommend having a proper host file available but not in
production.  Personally I’d use it only if name resolution dies, but if I
had a host file on every computer then the chance of some system somewhere
not having the most current increases, and the chance of lesser trained
staff copying an older version to a new box instead of the ‘master’ current
version increases.  {don’t ask how I know}

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Tuesday, January 18, 2011 2:37 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

I will always do one of two things:

 

[1] use an IP address, or

 

[2] have a rather complex hosts file on the server(s) running the monitoring
software.

 

After all, if DNS stops responding, are you going to stop monitoring?

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, January 18, 2011 2:06 PM
To: NT System Admin Issues
Subject: DHCP reservations explained...

 

The other day someone commented that it seemed like a bit much that 50% of
my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on these
questions and constantly evaluate why I do some process or another) -
because my fellow SE's have their server monitoring set up to look at
specific IP's instead of hostnames and I am unable to convince them
otherwise. If the server IP changes it hoses their tests and the
dependencies.

 

It’s not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opinions on
weather hostname or IP is preferred. 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Jonathan Link]

I have a hostfile I keep in a central location.
There's a scheduled task on each server that copies it daily.  The only risk
is that if I stand up a new server, I might forget to create the task, but
it's on my checklist, so not too likely.

Of course, I only have 10 servers...

On Tue, Jan 18, 2011 at 4:05 PM, Michael B. Smith wrote:

>  Automate, automate, automate.
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com <http://theessentialexchange.com/>
>
>
>
> *From:* Erik Goldoff [mailto:egold...@gmail.com]
> *Sent:* Tuesday, January 18, 2011 4:03 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: DHCP reservations explained...
>
>
>
> I **would** recommend having a proper host file available but not in
> production.  Personally I’d use it only if name resolution dies, but if I
> had a host file on every computer then the chance of some system somewhere
> not having the most current increases, and the chance of lesser trained
> staff copying an older version to a new box instead of the ‘master’ current
> version increases.  {don’t ask how I know}
>
>
>
> *Erik Goldoff***
>
> *IT  Consultant*
>
> *Systems, Networks, & Security *
>
> '  Security is an ongoing process, not a one time event ! '
>
> *From:* Michael B. Smith [mailto:mich...@smithcons.com]
> *Sent:* Tuesday, January 18, 2011 2:37 PM
> *To:* NT System Admin Issues
> *Subject:* RE: DHCP reservations explained...
>
>
>
> I will always do one of two things:
>
>
>
> [1] use an IP address, or
>
>
>
> [2] have a rather complex hosts file on the server(s) running the
> monitoring software.
>
>
>
> After all, if DNS stops responding, are you going to stop monitoring?
>
>
>
> Regards,
>
>
>
> Michael B. Smith
>
> Consultant and Exchange MVP
>
> http://TheEssentialExchange.com <http://theessentialexchange.com/>
>
>
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Tuesday, January 18, 2011 2:06 PM
> *To:* NT System Admin Issues
> *Subject:* DHCP reservations explained...
>
>
>
> The other day someone commented that it seemed like a bit much that 50% of
> my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
>
>
>
> It’s not how I set **MY** monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
>
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>
>
>
>
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[Michael B. Smith]

Automate, automate, automate.

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Tuesday, January 18, 2011 4:03 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

I *would* recommend having a proper host file available but not in production.  
Personally I'd use it only if name resolution dies, but if I had a host file on 
every computer then the chance of some system somewhere not having the most 
current increases, and the chance of lesser trained staff copying an older 
version to a new box instead of the 'master' current version increases.  {don't 
ask how I know}

Erik Goldoff
IT  Consultant
Systems, Networks, & Security
'  Security is an ongoing process, not a one time event ! '
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, January 18, 2011 2:37 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

I will always do one of two things:

[1] use an IP address, or

[2] have a rather complex hosts file on the server(s) running the monitoring 
software.

After all, if DNS stops responding, are you going to stop monitoring?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, January 18, 2011 2:06 PM
To: NT System Admin Issues
Subject: DHCP reservations explained...

The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[Erik Goldoff]

I *would* recommend having a proper host file available but not in
production.  Personally I’d use it only if name resolution dies, but if I
had a host file on every computer then the chance of some system somewhere
not having the most current increases, and the chance of lesser trained
staff copying an older version to a new box instead of the ‘master’ current
version increases.  {don’t ask how I know}

 

Erik Goldoff

IT  Consultant

Systems, Networks, & Security 

'  Security is an ongoing process, not a one time event ! '

From: Michael B. Smith [mailto:mich...@smithcons.com] 
Sent: Tuesday, January 18, 2011 2:37 PM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

 

I will always do one of two things:

 

[1] use an IP address, or

 

[2] have a rather complex hosts file on the server(s) running the monitoring
software.

 

After all, if DNS stops responding, are you going to stop monitoring?

 

Regards,

 

Michael B. Smith

Consultant and Exchange MVP

http://TheEssentialExchange.com

 

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, January 18, 2011 2:06 PM
To: NT System Admin Issues
Subject: DHCP reservations explained...

 

The other day someone commented that it seemed like a bit much that 50% of
my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on these
questions and constantly evaluate why I do some process or another) -
because my fellow SE's have their server monitoring set up to look at
specific IP's instead of hostnames and I am unable to convince them
otherwise. If the server IP changes it hoses their tests and the
dependencies.

 

It’s not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opinions on
weather hostname or IP is preferred. 

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[David Lum]

If DNS stops responding, what's working?

Having said that, I see your point. We (%dayjob%) have 3 DNS servers and I 
suppose you're right, a perfect storm of all 3 being offline would prevent 
other systems from being monitored. At %I.T.GarageClient% if DNS is down then 
I'm already working one of the two or three servers that matter already and my 
clients aren't getting any work done anyway.

Along these lines, what's the worst chain of issues you've seen? During our 
move we had three simultaneous SAN issues - fibre channel controller was dead, 
two drives (in different containers thankfully) died, and a redundant power 
supply in the SAN went out. What relies on this SAN? Our file shares, Exchange, 
80% of our SQL DB's

At the same time we have new audio-video and that the vendor neglected to 
mention they have some multicast(?) turned on that flooded our switches, making 
the servers that could run really spotty to hit from a PC. SAN guy not  happy, 
network guy not happy, but my DC's were fine, lol.

Dave

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, January 18, 2011 11:37 AM
To: NT System Admin Issues
Subject: RE: DHCP reservations explained...

I will always do one of two things:

[1] use an IP address, or

[2] have a rather complex hosts file on the server(s) running the monitoring 
software.

After all, if DNS stops responding, are you going to stop monitoring?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, January 18, 2011 2:06 PM
To: NT System Admin Issues
Subject: DHCP reservations explained...

The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: RE: DHCP reservations explained...

[Jonathan]

Right @ 100 servers. Haven't been burned, but I'm not thrilled about lack of
true failover/redundancy in DHCP in W2k3.  80/20 doesn't cut it, IMHO.
On Jan 18, 2011 2:34 PM, "David Lum"  wrote:
> +1. For same reasons.
>
> Jonathan I'm guessing you've been burned by DHCP issues in the past, or
have few enough servers it's not too inconvenient?
>
> Dave
>
> From: Erik Goldoff [mailto:egold...@gmail.com]
> Sent: Tuesday, January 18, 2011 11:16 AM
> To: NT System Admin Issues
> Subject: Re: DHCP reservations explained...
>
> I've always liked DHCP reservations over static IP addresses for servers
where possible for ease of management
> Single view of most servers from DHCP client list
> simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server
> less likely to experience IP in use conflict from out of date tracking
spreadsheets when adding new devices to the network
> etc, etc, etc
> but if your clients/applications use hostnames, then that's what I'd
monitor for most checks, keeping a single/simple check using the IP address
to cross verify against name resolution.
> On Tue, Jan 18, 2011 at 2:06 PM, David Lum > wrote:
> The other day someone commented that it seemed like a bit much that 50% of
my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on these
questions and constantly evaluate why I do some process or another) -
because my fellow SE's have their server monitoring set up to look at
specific IP's instead of hostnames and I am unable to convince them
otherwise. If the server IP changes it hoses their tests and the
dependencies.
>
> It's not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opinions on
weather hostname or IP is preferred.
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[Michael B. Smith]

I will always do one of two things:

[1] use an IP address, or

[2] have a rather complex hosts file on the server(s) running the monitoring 
software.

After all, if DNS stops responding, are you going to stop monitoring?

Regards,

Michael B. Smith
Consultant and Exchange MVP
http://TheEssentialExchange.com

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, January 18, 2011 2:06 PM
To: NT System Admin Issues
Subject: DHCP reservations explained...

The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DHCP reservations explained...

[David Lum]

+1. For same reasons.

Jonathan I'm guessing you've been burned by DHCP issues in the past, or have 
few enough servers it's not too inconvenient?

Dave

From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Tuesday, January 18, 2011 11:16 AM
To: NT System Admin Issues
Subject: Re: DHCP reservations explained...

I've always liked DHCP reservations over static IP addresses for servers where 
possible for ease of management
   Single view of most servers from DHCP client list
   simple to change parameters globally ( default gateway, primary DNS, 
secondary DNS, etc ) without having to visit each server
   less likely to experience IP in use conflict from out of date tracking 
spreadsheets when adding new devices to the network
etc, etc, etc
but if your clients/applications use hostnames, then that's what I'd monitor 
for most checks, keeping a single/simple check using the IP address to cross 
verify against name resolution.
On Tue, Jan 18, 2011 at 2:06 PM, David Lum 
mailto:david@nwea.org>> wrote:
The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com>
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Erik Goldoff]

I've always liked DHCP reservations over static IP addresses for servers
where possible for ease of management
   Single view of most servers from DHCP client list
   simple to change parameters globally ( default gateway, primary DNS,
secondary DNS, etc ) without having to visit each server
   less likely to experience IP in use conflict from out of date tracking
spreadsheets when adding new devices to the network
etc, etc, etc
but if your clients/applications use hostnames, then that's what I'd monitor
for most checks, keeping a single/simple check using the IP address to cross
verify against name resolution.

On Tue, Jan 18, 2011 at 2:06 PM, David Lum  wrote:

>  The other day someone commented that it seemed like a bit much that 50%
> of my 100-ish servers have DHCP reservations - driving home yesterday I
> realized another reason why I have it that way (because yes, I chew on these
> questions and constantly evaluate why I do some process or another) -
> because my fellow SE's have their server monitoring set up to look at
> specific IP's instead of hostnames and I am unable to convince them
> otherwise. If the server IP changes it hoses their tests and the
> dependencies.
>
> It’s not how I set **MY** monitoring up for servers I maintain, but I have
> posted that question here in fact and have seen differing opinions on
> weather hostname or IP is preferred.
> *David Lum** **// *SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 *// *(Cell) 503.267.9764
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Jonathan]

Hmmm... interesting concept. I personally prefer static addressing assigned
on each individual server. Though I could see the appeal of using DHCP, I
don't have enough confidence in DHCP to use it for server addressing. Just
my $0.02
On Jan 18, 2011 2:06 PM, "David Lum"  wrote:
> The other day someone commented that it seemed like a bit much that 50% of
my 100-ish servers have DHCP reservations - driving home yesterday I
realized another reason why I have it that way (because yes, I chew on these
questions and constantly evaluate why I do some process or another) -
because my fellow SE's have their server monitoring set up to look at
specific IP's instead of hostnames and I am unable to convince them
otherwise. If the server IP changes it hoses their tests and the
dependencies.
>
> It's not how I set *MY* monitoring up for servers I maintain, but I have
posted that question here in fact and have seen differing opinions on
weather hostname or IP is preferred.
>
> David Lum // SYSTEMS ENGINEER
> NORTHWEST EVALUATION ASSOCIATION
> (Desk) 503.548.5229 // (Cell) 503.267.9764
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
>
> ---
> To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DHCP reservations explained...

[Rankin, James R]

Is that so they can continue to monitor servers during a DNS outage? The only 
thing I have to use IP address for is WebSense and that's just because it won't 
accept a hostname. Even my ESX servers do most everything by FQDN. Depends a 
lot on the apps you have around though, I guess.

Typed frustratingly slowly on my BlackBerry® wireless device

-Original Message-
From: David Lum 
Date: Tue, 18 Jan 2011 11:06:13 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: DHCP reservations explained...

The other day someone commented that it seemed like a bit much that 50% of my 
100-ish servers have DHCP reservations - driving home yesterday I realized 
another reason why I have it that way (because yes, I chew on these questions 
and constantly evaluate why I do some process or another) - because my fellow 
SE's have their server monitoring set up to look at specific IP's instead of 
hostnames and I am unable to convince them otherwise. If the server IP changes 
it hoses their tests and the dependencies.

It's not how I set *MY* monitoring up for servers I maintain, but I have posted 
that question here in fact and have seen differing opinions on weather hostname 
or IP is preferred.

David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin