Short version:

Using DHCP server in NW65SP5, is it possible to have manually assigned
IP addresses in different subnets with same MAC address, using only one
DHCP server?

Long version:

I'm implementing DHCP service in our network, based on NW65SP5 and
I'm hitting a problem with mobile users.

For reasons of security and accountability, I do not use any dynamic
address ranges in our internal network, I only have manual IP addresses
(i.e. each IP address is tied to specific MAC).

Our network consists of several VLANs, each having it's own IP subnet.
The single DHCP server is successfully able to serve clients in all
subnets. Everything would be fine if laptops wouldn't exist ;)

The problem is that laptop users occasionally want to roam from one
subnet to other. Of course they would like to receive usable IP address
from DHCP, no matter which subnet they are in.

I tried it out with one laptop - I created manual IP addresses with same
MAC in two subnets, with IP addresses correct for each specific subnet.

Plugged the laptop into the first VLAN, and it received address OK. Plugged
it into second VLAN, no address.

The DHCP server gives this error message:
"Error code = 24 after DHCPSRVR cache has been queried for client <MAC>"

This is with server setting "Allow mobile user but delete previously assigned
address". Looking at DHCP debug log, there is further error message. Unfortunately
I've lost the log, but the gist of the message is that previously assigned address
cannot be deleted, because it is manual. Makes sense, I guess.

I also tried with setting "Allow mobile user but do not delete previously
assigned address". In this case, the server gives "Warning: out of addresses
for <MAC>" and the client still doesn't get an address. In DHCP debug log
there is message "Fill pool returned error 1". This led me to TID10058728,
which is somewhat dated but seems to indicate that mobile users are possible
only with dynamic address ranges defined.

Is it possible to do what I'm trying to do, or are mobile users really only
possible with dynamic address ranges? That would suck.

Toomas Aas