Available IP Addresses - Future Strategies

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
User avatar
rbeede
Member
Posts: 205
Joined: Sat Apr 02, 2011 1:33 pm
Contact:

#21

Post by rbeede »

We don't have much issue with admin/clerk computers being on the same network since the computers have firewalls as well.
russellhltn
Community Administrator
Posts: 34422
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#22

Post by russellhltn »

rbeede wrote:We don't have much issue with admin/clerk computers being on the same network since the computers have firewalls as well.

As long as no printer sharing, file sharing or remote access is turned on.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
Aczlan
Member
Posts: 358
Joined: Sun Jun 06, 2010 5:29 pm
Location: Upstate, NY, USA

#23

Post by Aczlan »

rbeede wrote:We don't have much issue with admin/clerk computers being on the same network since the computers have firewalls as well.
I trust a hardware firewall running on a non-end-user-configurable device MUCH more than a end-user-configurable software firewall running on a Windows admin computer.
If they cant configure it, they cant bypass it.

Aaron Z
sammythesm
Member
Posts: 225
Joined: Tue Jan 05, 2010 2:50 pm
Location: Texas, United States
Contact:

DHCP Lease Time

#24

Post by sammythesm »

I was in a building yesterday with WiFi which ran out of IP addresses. It was very frustrating because I was there to give a training and couldn't get on the network.

I called the GSC today. I proposed two solutions 1) to increase the address allocation (which they can't do for PIX or ASA due to licensing issues, previously explained in this thread) or 2) shorten the DHCP lease time to something like 1 hour. This would free up IP addresses quicker, especially for wireless clients whose network connections go to sleep (like iPads and iPods) but who still take up precious IP addresses.

The answer from the GSC was that their engineers can't alter the DHCP lease time. :( Darn it. Was worth a shot, though.

Their solution is to upgrade to a 881, which is capable of larger IP address pool w/o licensing problems. But - if anyone from the Church network design team is listening - a shorter DHCP lease time (it's currently 24 hours - I think 1 hour would be good) would also help a lot! He did mention that the captive portal (coming next year) would also help to solve this problem as it would require the person to log in before it gave them an address from the pool.
russellhltn
Community Administrator
Posts: 34422
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#25

Post by russellhltn »

Odd. our 501 only leases for an hour.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
jdlessley
Community Moderators
Posts: 9861
Joined: Mon Mar 17, 2008 12:30 am
Location: USA, TX

#26

Post by jdlessley »

sammythesm wrote:The answer from the GSC was that their engineers can't alter the DHCP lease time.
Each of the appliances, Cisco PIX 501, ASA 5505, and 881W have configurable lease times according to Cisco's product information. Perhaps what they meant to say was that they weren't allowed to change the standard configuration. The longest lease time I have heard was the ASA's which was set to four hours. The 501 standard configuration lease time is 1 hour. I have not seen what the 881W's lease time is set to be.
JD Lessley
Have you tried finding your answer on the ChurchofJesusChrist.org Help Center or Tech Wiki?
sammythesm
Member
Posts: 225
Joined: Tue Jan 05, 2010 2:50 pm
Location: Texas, United States
Contact:

#27

Post by sammythesm »

jdlessley wrote:Perhaps what they meant to say was that they weren't allowed to change the standard configuration.
Yes. That is what he said/I meant. Sorry that was unclear.
jdlessley wrote:The longest lease time I have heard was the ASA's which was set to four hours. The 501 standard configuration lease time is 1 hour. I have not seen what the 881W's lease time is set to be.
Hmm. Meriting further investigation, I did an 'ipconfig /all' on a computer behind a PIX and another behind an ASA. You're right. Both have lease times of an hour. (i guess i should have done that before suggesting it as a solution to the gsc) Hmm. The tech said with some confidence that the default was 24 hrs. Oh well. Back to the drawing board. Sure would be nice to have more tools/views of what's going on in the network at a given time.
russellhltn
Community Administrator
Posts: 34422
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

#28

Post by russellhltn »

sammythesm wrote:Sure would be nice to have more tools/views of what's going on in the network at a given time.

I haven't used it myself, but if you set up Wireshark you could monitor what's happening.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
Post Reply

Return to “Meetinghouse Internet”