DHCP reservations

I am going from a Windows Server DHCP to our Sophos Firewall.

Am I to understand that the Sophos Firewall does not do static IP reservations? Or at least does not do it in the same manner as Windows does?

Does the reserved IP have to be outside of the lease pool?



Edited TAGs
[edited by: emmosophos at 6:40 PM (GMT -7) on 19 Aug 2022]

Top Replies

  • Hi ,

    I just mean that traditionally DHCP reservations are reserved IP's within a scope. No need to create gaps in the dynamic lease pool to insert a static IP.

    In essence, the Sophos Firewall…

Parents
  • Hi Tye - not sure why SOPHOS haven't changed this to act like most DHCP servers. I have a solution, however a little inelegant.

    You can split the DHCP pool to either side of the already assigned IP from DHCP that you would like to statically MAP.

    EG:

    Do you see how that is done? It's not the prettiest solution and would get quite messy if you have a lot of static DHCP reservations that you want to map, but it does the job.

    If you have any questions, let me know - happy to help.

  • On the contrary, the non-Sophos way of doing things makes little sense. You are "reserving" IP addresses within a "dynamic"  range? Huh? That's like a double-negative. "I'm assigning non non-dynamic addresses", or something like that.

    Rather, there are actually dynamic ranges and static ranges. Static IP addresses can be self-assigned, assigned by other servers/services, or they can be assigned by the XG's DHCP server, from addresses NOT being served dynamically.

    Dynamic addresses are dynamically served by the XG's DHCP server from a designated pool (a range or ranges) of IP addresses. 

    Simple. The other way of doing it is illogical, though it is convenient if you willy-nilly start reserving dynamic addresses on-the-fly so you have a patchwork -- like you describe above -- where you have to make lots of single-IP holes in Sophos' dynamic ranges. If you planned your network, you would maybe have three ranges: low (or high) reserved for self-assigned static IP addresses like the XG, a dynamic range for freelance devices, and a static range for official devices. That static range might be served by the XG ("reserved" IPs) or by other devices on the network that you don't want your XG to compete with.

  • I agree that, logically, the unique way SOPHOS has implemented DHCP server settings is rational, however it's not as useful as the rest of world's vendors implementations - and why be different just so you can argue for "correctness" if you're making it harder to use the product. The ability to take a DHCP assigned address and then map it so that the device receives the same IP address is, well, just useful. It IS a dynamic address, just reserved and assigned each time to the same MAC - I wouldn't conflate it with a true reserved static address - one requires planning and the other doesn't and both have their place.

Reply
  • I agree that, logically, the unique way SOPHOS has implemented DHCP server settings is rational, however it's not as useful as the rest of world's vendors implementations - and why be different just so you can argue for "correctness" if you're making it harder to use the product. The ability to take a DHCP assigned address and then map it so that the device receives the same IP address is, well, just useful. It IS a dynamic address, just reserved and assigned each time to the same MAC - I wouldn't conflate it with a true reserved static address - one requires planning and the other doesn't and both have their place.

Children
No Data