I am rebuilding the entire IPAM structure to include all of our subnets and DHCP scopes. I am having trouble understanding how IPAM maintains IPs for subnets that are larger than the DHCP scope address pool and handles excluded addresses in the DHCP scope. I am in the unique position of adjusting either IPAM supernets/subnets and/or DHCP scopes. What is the best practice?
An example will illustrate best the questions.
Current Situation:
Subnet is 10.33.8.0/21
DHCP distribution range: 10.33.11.1 --> 10.33.12.100
excluded addresses: None
Options, which is it better?
1. Simple, current: Does this work well?
Configure IPAM with a subnet 10.33.8.0/21
Define the DHCP address pool as needed, any valid IPs begin and end ranges within the subnet CIDR
Address Pool = 10.33.11.1 --> 10.33.12.100
Exclude none
2. Change DHCP ranges to match IPAM subnet CIDR
Configure IPAM with a subnet 10.33.8.0/21
Define the DHCP address pool "equal to" the subnet CIDR and set up excluded addresses to cover the ranges we reserve for statically-assigned devices
Address Pool = 10.33.8.1 --> 10.33.15.254
Exclude = 10.33.8.1 --> 10.33.10.255 and 10.33.12.101 --> 10.33.15.254
3. Create a supernet to a new matching expanded DHCP scope subnets
Configure IPAM with a supernet 10.33.8.0/21
Configure IPAM subnets
10.33.8.0/23
10.33.10.0/24
10.33.11.0/24
10.33.12.0/24
10.33.13.0/24
10.33.14.0/23
Define the DHCP address pool "equal to" the subnets and set up excluded addresses to cover the ranges we reserve for statically-assigned devices
Address Pool = 10.33.11.0 --> 10.33.12.255
Exclude = 10.33.11.0, 10.33.11.255, 10.33.12.0, 10.33.12.255
Waste = 10.33.10.0, 10.33.10.255, 10.33.11.0, 10.33.11.255, 10.33.12.0, 10.33.13.0, 10.33.13.255, 10.33.14.0 (no IPAM management)
4. Something else?
Option 1 doesn't provided visibility in the GUI to the DHCP scope.
Option 2 behavior is unknown, I am not sure this will work, but likely the best option
Option 3 has added complexity and wastes IP addresses that are the network address and broadcast address within a subnet in the supernet. Also will need to verify there are no static IPs assigned in the newly expanded DHCP scope that falls into the CIDR IP ranges, setup reservations, etc. for those static IPs.
Option 4 please tell me the right thing to do
Thanks.