Re: Static IP Vs DHCP
From: Moe Trin (ibuprofin_at_painkiller.example.tld)
Date: 02/28/05
- Next message: Walter Roberson: "Re: Apache 1.3.33 strange log entry"
- Previous message: Walter Roberson: "Re: adaware"
- Next in thread: Takcal: "Re: Static IP Vs DHCP"
- Reply: Takcal: "Re: Static IP Vs DHCP"
- Reply: Lassi Hippeläinen: "Re: Static IP Vs DHCP"
- Maybe reply: Moe Trin: "Re: Static IP Vs DHCP"
- Maybe reply: T. Sean Weintz: "Re: Static IP Vs DHCP"
- Maybe reply: John: "Re: Static IP Vs DHCP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Feb 2005 16:01:00 -0600
In article <6sDUd.38997$k4.760649@news1.nokia.com>, Lassi Hippeläinen wrote:
>wayne.taylor2@gmail.com kirjoitti:
>> DHCP is good for large companies as they do not have to keep a log of
>> all IP addresses used,
Thus, when someone does something stupid the company has no means of
determining who. This is especially true if the non-techincal users have
administrative rights to their computers and can install all the spyware
they desire.
>> it also gives the flexibility when lets say for example you have 300 PCs
>> in a Class C network
Do all of those computers need to be reachable from the Internet? If not,
why are you wasting valuable IP addresses? See RFC1918 - there are nearly
nineteen million IP addresses available that you can use as you wish. Being
non-routable over the Internet also increases security.
>> but at anyone given time there is no more than 200 PCs active.
Something wrong with the business model.
>>From the (theoretical) security point of view, DHCP is good for all
>networks with workstations. It prevents running services in hosts that
>shouldn't have any.
Setting the computer up correctly in the first place (which includes
setting static addresses, and enabling/disabling software) and not giving
the administrative password to the users provides more security.
>Only dedicated servers need stable IP addresses.
You like to guess where the computer is that some luser installed the
latest virus on - that is trashing your bandwidth?
>But in real life, it really doesn't matter that much. IP addresses are
>pretty permanent even in DHCP networks, because the hosts renew their
>leases before they expire.
Is that why microsoft developed the 'link-local' or 'zero-conf' service
that allows the computer to grab some random address out of mid air?
>A host in active use may have the same IP address for many years. And even
>renumbering permanent servers isn't that bad, since DNS updates can cover
>the changes.
I think a lot of that depends on individual circumstances.
>IMHO, DHCP is the way to go. Static IPs should be considered only in the
>management interfaces of low level infrastructure (routers &c) that need
>to be accessible even when the network is crippled.
If you have a thousand employees, and only one can spell 'IP', and you
allow anyone to install anything on your network - you may be right. I'd
certainly hate to be that one person.
Background: True story - my wife works at a small company in an office
with about 125 employees. The company president decided to drop a pile of
money upgrading the desktops to w2k, but didn't think it was necessary
to have any computer support other than the retailer who installed the
hardware and gave everyone the administrative password (even more
brilliant - the same password "password" on all systems). It took almost
two months before the inevitable happened, and the computers were so
infested with mal-ware as to be unusable. Not only did their profits
fall through the floor, the computers were so badly screwed that they
missed the quarterly tax return to the state. The state was "not amused".
Four people got fired (but not, of course, the company president). They
now have a staff of three (one with clue, one who has heard of that word
and may eventually discover it's meaning, and a grunt to carry hardware
around and replace toner cartridges). Meanwhile, I'm the net-admin at a
larger facility with about 2000 computers and part of a staff of 9 doing
all computer/network maintenance. We don't have computer problems.
Old guy
- Next message: Walter Roberson: "Re: Apache 1.3.33 strange log entry"
- Previous message: Walter Roberson: "Re: adaware"
- Next in thread: Takcal: "Re: Static IP Vs DHCP"
- Reply: Takcal: "Re: Static IP Vs DHCP"
- Reply: Lassi Hippeläinen: "Re: Static IP Vs DHCP"
- Maybe reply: Moe Trin: "Re: Static IP Vs DHCP"
- Maybe reply: T. Sean Weintz: "Re: Static IP Vs DHCP"
- Maybe reply: John: "Re: Static IP Vs DHCP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
