DHCP vs. Static IP—Which Is Better?
Written by David Baker on November 16, 2012
In a Control4 system, most network components need an IP address. (Items on the Zigbee network, like switches and dimmers, thermostats and door locks, have their own network.) Media players, touch screens, network-enabled televisions, networked receivers, speaker points and other connected devices all need to be connected to the network either via Ethernet or a wireless connection. This is all done using IP (Internet Protocol) addressing.
Static IP Addressing
With static IP addressing, addresses are assigned manually, and have to be provisioned carefully so that each device has its own address—with no overlap. When you connect a new device, you would have to select the "manual" configuration option and enter in the IP address, the subnet mask, the default gateway and the DNS server(s). If you understood any of what I just said, you probably have the skills and knowledge necessary to manage static IP addresses on a home network. If it was basically gibberish, you’d probably be more comfortable with DHCP.
Dynamic Host Configuration Protocol (DHCP)
DHCP takes all of the manual work out of IP addressing. Generally, the device that's at the "top" of your home network—whether it's a standalone firewall or a router/gateway device or your Control4 home controller—will provide DHCP by default as a service on the network. When DHCP is enabled, a new device connected to the network asks the DHCP server for an address, and the server assigns one from its pool of unused locations. The server itself tracks which addresses are used and which addresses are available, and keeps a record of which addresses have been assigned to the various devices. This ensures that addresses don't conflict with each other. However, it also means that, if a device goes offline, when it reconnects it may not have the same IP address it had before.
It's entirely possible to mix static IP and DHCP addressing schemes. Since the default DHCP address range is between 100 and 149, you'll want to avoid all of the addresses between 192.168.1.100 and 192.168.1.149 when you're assigning static IP addresses. That leaves the ranges from 2-99 and from 150-254 wide open, which is usually plenty for most home networks.
So Which Is Better?
DCHP provides true "plug and play" networking, but it can come at a cost. There is less control, so you can't count on a particular device having a particular address if you have a networking challenge that requires this.
Because DHCP is a more-or-less “hands off” technology, there is a danger is that someone could plant an unauthorized DHCP server, which could direct traffic to a different router that is under that person's control. This would make it possible to hijack the network for nefarious purposes. Also, because DHCP servers make it so easy to add new clients to the network, DHCP also makes it possible to join a network without explicit permission. This issue can be prevented by forcing a DHCP network to require authentication when adding a new device, but that kind of defeats the purpose of DHCP in the first place.
DHCP is especially dangerous when combined with an unprotected wireless network. You wouldn't think this would happen very often, but homeowners who don't understand the risks do this all the time. This makes it possible for someone to sit with a laptop in a car on the street and gain access to every network resource: every computer, every network drive, and every tablet or phone connected to the LAN. It's like leaving your doors and windows open while at the same time leaving a welcome mat out for data and identity thieves.
For most home networks, fully dynamic or mixed addressing configurations are just fine. As long as all wireless networks are locked down and no "bad guys" can gain physical access to the network, DHCP is a good option for easy home networking. But if you are truly serious about network security—if you have sensitive data residing on your network or just want to make data or identity theft much less likely—you're probably better off sticking with disabling DHCP and maintaining full manual control of your home network.