Lesson 5: Troubleshooting DHCP

Previous page
Table of content
Next page

The most common DHCP client problem is a failure to obtain an IP address or other configuration parameters from the DHCP server during startup. The most common DHCP server problems are the inability to start the server on the network in a Windows 2000 or Active Directory domain environment and the failure of clients to obtain configuration from a working server. In this lesson, you will learn how to troubleshoot DHCP clients and DHCP servers.

After this lesson, you will be able to

  • Identify and solve DHCP client problems
  • Identify and solve DHCP server problems

Estimated lesson time: 35 minutes

Preventing DHCP Problems

Many DHCP problems involve incorrect or missing configuration details. To help prevent the most common types of problems, you should do the following:

  • Use the 75/25 design rule for balancing scope distribution of addresses where multiple DHCP servers are deployed to service the same scope. Using more than one DHCP server on the same subnet provides increased fault tolerance for servicing DHCP clients located on it. With two DHCP servers, if one server is unavailable, the other server can take its place and continue to lease new addresses or renew existing clients.
  • Use superscopes for multiple DHCP servers on each subnet in a LAN environment. A superscope allows a DHCP server to provide leases from more than one scope to clients on a single physical network. When started, each DHCP client broadcasts a DHCP discover message (DHCPDISCOVER) to its local subnet to attempt to find a DHCP server. Because DHCP clients use broadcasts during their initial startup, you cannot predict which server will respond to a client's DHCP discover request if more than one DHCP server is active on the same subnet.
  • Deactivate scopes only when removing a scope permanently from service. Once you activate a scope, it should not be deactivated until you are ready to retire the scope and its included range of addresses from use on your network. Once a scope is deactivated, the DHCP server no longer accepts those scope addresses as valid addresses.
  • Use server-side conflict detection on DHCP servers only when it is needed. Conflict detection can be used by either DHCP servers or clients to determine whether an IP address is already in use on the network before leasing or using the address.
  • Reservations should be created on all DHCP servers that can potentially service the reserved client. You can use a client reservation to ensure that a DHCP client computer always receives lease of the same IP address at its startup. If you have more than one DHCP server reachable by a reserved client, add the reservation at each of your other DHCP servers.
  • For server performance, remember that DHCP is disk-intensive and purchase hardware with optimal disk performance characteristics. DHCP causes frequent and intensive activity on server hard disks. To provide the best performance, consider RAID 0 or RAID 5 solutions when purchasing hardware for your server computer.
  • Keep audit logging enabled for use in troubleshooting. By default, the DHCP service enables audit logging of service-related events. With Windows 2000 Server, audit logging provides for a long-term service monitoring tool that makes limited and safe use of server disk resources.
  • Integrate DHCP with other services, such as WINS and DNS. WINS and DNS can both be used for registering dynamic name-to-address mappings on your network. To provide name resolution services, you must plan for interoperability of DHCP with these services. Most network administrators implementing DHCP also plan a strategy for implementing DNS and WINS servers.
  • Use the appropriate number of DHCP servers for the number of DHCP-enabled clients on your network. In a small LAN (for example, one physical subnet not using routers), a single DHCP server can serve all DHCP-enabled clients. For routed networks, the number of servers needed increases, depending on several factors, including the number of DHCP-enabled clients, the transmission speed between network segments, the speed of network links, the IP address class of the network, and whether DHCP service is used throughout the enterprise network or only on selected physical networks.

Troubleshooting DHCP Clients

Most DHCP-related problems start as failed IP configuration at a client, so it is a good practice when troubleshooting to start there. After you have determined that a DHCP-related problem does not originate at the client, check the system event log and DHCP server audit logs for possible clues. When the DHCP service does not start, these logs generally explain the source of the service failure or shutdown. Furthermore, you can use the Ipconfig TCP/IP utility at the command prompt to get information about the configured TCP/IP parameters on local or remote computers on the network.

The following sections describe common symptoms for DHCP client problems. When a client fails to obtain configuration, you can use this information to quickly identify the source of the problem.

Invalid IP Address Configuration

If a DHCP client does not have an IP address configured or has an IP address configured as 168.254.x.x, that means that the client was not able to contact a DHCP server and obtain an IP address lease. This is either because of a network hardware failure or because the DHCP server is unavailable. If this occurs, you should verify that the client computer has a valid, functioning network connection. First, check that related client hardware devices (cables and network adapters) are working properly at the client.

Autoconfiguration Problems on the Current Network

If a DHCP client has an autoconfigured IP address that is incorrect for its current network, this means that the Windows 2000 or Windows 98 DHCP client could not find a DHCP server and has used the APIPA feature to configure its IP address. In some larger networks, disabling this feature is desirable for network administration. APIPA generates an IP address in the form of 169.254.x.y (where x.y is a unique identifier on the network that the client generates) and a subnet mask of 255.255.0.0. Note that Microsoft has reserved IP addresses from 169.254.0.1 through 169.254.255.254 and uses this range to support APIPA.

Follow these steps to fix an invalid autoconfigured IP address for your network:

  1. First, use the ping command to test connectivity from the client to the server. Next, verify or manually attempt to renew the client lease. Depending on your network requirements, it might be necessary to disable APIPA at the client.
  2. If the client hardware appears to be functioning properly, check that the DHCP server is available on the network by pinging it from another computer on the same network as the affected DHCP client. Furthermore, you can try releasing or renewing the client's address lease, and check the TCP/IP configuration settings on automatic addressing.

Missing Configuration Details

If a DHCP client is missing configuration details, the client might be missing DHCP options in its leased configuration, either because the DHCP server is not configured to distribute them or the client does not support the options distributed by the server. If this occurs on Microsoft DHCP clients, verify that the most commonly used and supported options have been configured at either the server, scope, client, or class level of option assignment. Check the DHCP option settings.

Sometimes a client has the full and correct set of DHCP options assigned but its network configuration does not appear to be working correctly. If the DHCP server is configured with an incorrect DHCP router option (Option Code 3) for the Windows 98 or earlier client's default gateway address, you can do the following:

  1. Change the IP address list for the router (default gateway) option at the applicable DHCP scope and server.
  2. Set the correct value in the Scope Options tab of the Scope Properties dialog box.

    In rare instances, you might have to configure the DHCP client to use a specialized list of routers different from other scope clients. In such cases, you can add a reservation and configure the router option list specifically for the reserved client.

Clients running Windows NT 4.0 Server or Windows 2000 do not use the incorrect address because they support the dead gateway detection feature. This feature of the Windows 2000 TCP/IP protocol changes the default gateway to the next default gateway in the list of configured default gateways when a specific number of connections retransmits segments.

DHCP Servers Do Not Provide IP Addresses

If DHCP clients are unable to get IP addresses from the server, one of the following situations can cause this problem:

  • The IP address of the DHCP server was changed and now DHCP clients cannot get IP addresses. A DHCP server can only service requests for a scope that has a network ID that is the same as the network ID of its IP address. Make sure that the DHCP server IP address falls in the same network range as the scope it is servicing. For example, a server with an IP address in the 192.168.0.0 network cannot assign addresses from scope 10.0.0.0 unless superscopes are used.
  • The DHCP clients are located across a router from the subnet where the DHCP server resides, and are unable to receive an address from the server. A DHCP server can provide IP addresses to client computers on remote multiple subnets only if the router that separates them can act as a DHCP relay agent. Completing the following steps might correct this problem:
    1. Configure a BOOTP/DHCP relay agent on the client subnet (that is, the same physical network segment). The relay agent can be located on the router itself or on a Windows 2000 Server computer running the DHCP Relay service component.
    2. At the DHCP server, configure a scope to match the network address on the other side of the router where the affected clients are located.
    3. In the scope, make sure that the subnet mask is correct for the remote subnet.
    4. Do not include this scope (that is, the one for the remote subnet) in superscopes configured for use on the same local subnet or segment where the DHCP server resides.
  • Multiple DHCP servers exist on the same LAN. Make sure that you do not configure multiple DHCP servers on the same LAN with overlapping scopes. You might want to rule out the possibility that one of the DHCP servers in question is a Small Business Server (SBS) computer. By design, the DHCP service, when running under SBS, automatically stops when it detects another DHCP server on the LAN.

Troubleshooting DHCP Servers

When a server fails to provide leases to its clients, the failure most often is discovered by clients when they experience one of three symptoms:

  1. The client might be configured to use an IP address not provided by the server.
  2. The server sends a negative response back to the client, and the client displays an error message or popup indicating that a DHCP server could not be found.
  3. The server leases the client an address but the client appears to have other network configuration-based problems, such as the inability to register or resolve DNS or NetBIOS names, or to perceive computers beyond its subnet.

The first troubleshooting task is to make sure that the DHCP services are running. This can be verified by opening the DHCP service console to view service status, or by opening Services And Applications under Computer Manager. If the appropriate service is not started, start the service. In rare circumstances, a DHCP server cannot start, or a Stop error might occur.

Follow these steps to restart a DHCP server that is stopped:

  1. Start Windows 2000 Server, and log on as an administrator.
  2. At the command prompt, type net start dhcpserver, and then press Enter.

NOTE

Use Event Viewer in Administrative Tools to find the possible source of problems with DHCP services.

DHCP Relay Agent Service Is Installed but Not Working

The DHCP Relay Agent service is running on the same computer as the DHCP service. Because both services listen for and respond to BOOTP and DHCP messages sent using UDP ports 67 and 68, neither service works reliably if both are installed on the same computer. To solve this problem, install the DHCP service and the DHCP Relay Agent component on separate computers.

DHCP Console Incorrectly Reports Lease Expirations

When the DHCP console displays the lease expiration time for reserved clients for a scope, it indicates one of the following:

  • If the scope lease time is set to an infinite lease time, the reserved client's lease is also shown as infinite.
  • If the scope lease time is set to a finite length of time (such as eight days), the reserved client's lease uses this same lease time.

The lease term of a DHCP reserved client is determined by the lease assigned to the reservation. To create reserved clients with unlimited lease durations, create a scope with an unlimited lease duration and add reservations to that scope.

DHCP Server Uses Broadcast to Respond to All Client Messages

The DHCP server uses broadcast to respond to all client configuration request messages, regardless of how each DHCP client has set the broadcast bit flag. DHCP clients can set the broadcast flag (the first bit in the 16-bit flags field in the DHCP message header) when sending DHCPDISCOVER messages to indicate to the DHCP server that broadcast to the limited broadcast address (255.255.255.255) should be used when replying to the client with a DHCPOFFER response.

By default, the DHCP server in Windows NT Server 3.51 and earlier versions ignored the broadcast flag in DHCPDISCOVER messages and broadcasted only DHCPOFFER replies. This behavior is implemented on the server to avoid problems that can result from clients not being able to receive or process a unicast response prior to being configured for TCP/IP.

Starting with Windows NT Server 4.0, the DHCP service still attempts to send all DHCP responses as IP broadcasts to the limited broadcast address, unless support for unicast responses is enabled by setting the value of the IgnoreBroadcastFlag registry entry to 1. The entry is located in: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DHCPServer\Parameters\IgnoreBroadcastFlag. When set to 1, the broadcast flag in client requests is ignored, and all DHCPOFFER responses are broadcast from the server. When it is set to 0, the server transmission behavior (whether to broadcast or not) is determined by the setting of the broadcast bit flag in the client DHCPDISCOVER request. If this flag is set in the request, the server broadcasts its response to the limited local broadcast address. If this flag is not set in the request, the server unicasts its response directly to the client.

DHCP Server Fails to Issue Address Leases for a New Scope

You might find that a new scope has been added at the DHCP server for the purpose of renumbering the existing network but DHCP clients do not obtain leases from the newly defined scope. This situation is most common when you are attempting to renumber an existing IP network. For example, you might have obtained a registered class of IP addresses for your network, or you might be changing the address class to accommodate more computers or networks. In these situations, you want clients to obtain leases in the new scope instead of using the old scope to obtain or renew their leases. Once all clients are actively obtaining leases in the new scope, you intend to remove the existing scope.

When superscopes are not available or used, only a single DHCP scope can be active on the network at a given time. If more than one scope is defined and activated on the DHCP server, only one scope is used to provide leases to clients. The active scope used for distributing leases is determined by whether the scope range of addresses contains the first IP address that is bound and assigned to the DHCP server's network adapter hardware. When additional secondary IP addresses are configured on a server using the Advanced TCP/IP Properties tab, these addresses have no effect on the DHCP server in determining scope selection or responding to configuration requests from DHCP clients on the network.

This problem can be solved in the following ways:

  • Configure the DHCP server to use a superscope that includes the old scope and the new scope.
  • Change the primary IP address (the address assigned in the TCP/IP Properties tab) on the DHCP server's network adapter to an IP address that is part of the same network as the new scope.

    For Windows NT Server 3.51, support for superscopes is not available. In this case, you must change the first IP address configured for the DHCP server's network adapter to an address in the new scope range of addresses. If necessary, you can still maintain the prior address that was first assigned as an active IP address for the server computer by moving it to the list of multiple IP addresses maintained in the Advanced TCP/IP Properties tab.

Monitoring Server Performance

Because DHCP servers are of critical importance in most environments, monitoring the performance of servers can help in troubleshooting cases where server performance degradation occurs. For Windows 2000 Server, the DHCP service includes a set of performance counters that can be used to monitor various types of server activity. By default, these counters are available after the DHCP service is installed. To access these counters, you must use System Monitor (formerly Performance Monitor). The DHCP server counters can monitor the following:

  • All types of DHCP messages sent and received by the DHCP service
  • The average amount of processing time spent by the DHCP server per message packet sent and received
  • The number of message packets dropped because of internal delays on the DHCP server computer

Moving the DHCP Server Database

You may need to move a DHCP database to another computer.

Follow these steps to move a DHCP database:

  1. Stop the Microsoft DHCP service on the current computer.
  2. Copy the \System32\Dhcp directory to the new computer that has been configured as a DHCP server.

    Make sure the new directory is under exactly the same drive letter and path as on the old computer. If you must copy the files to a different directory, copy DHCP.MDB, but do not copy the .log or .chk files.

  3. Start the Microsoft DHCP service on the new computer. The service automatically starts using the .mdb and .log files copied from the old computer.

When you check DHCP Manager, the scope still exists because the registry holds the information on the address range of the scope, including a bitmap of the addresses in use. You need to reconcile the DHCP database to add database entries for the existing leases in the address bitmask. As clients renew, they are matched with these leases, and eventually the database is again complete.

Follow these steps to reconcile the DHCP database:

  1. In DHCP Manager, on the Scope menu, click Active Leases.
  2. In the Active Leases dialog box, click Reconcile.

Although it is not required, you can force DHCP clients to renew their leases in order to update the DHCP database as quickly as possible. To do so, type ipconfig /renew at the command prompt.

Lesson Summary

The most common DHCP client problem is a failure to obtain an IP address or other configuration parameters from the DHCP server during startup. The most common DHCP server problem is the inability to start the server on the network in a Windows 2000 or Active Directory domain environment. Most DHCP-related problems start as failed IP configuration at a client, so it is a good practice when troubleshooting to start there.


Previous page
Table of content
Next page
MCSE Training Kit(c) Microsoft Windows 2000 Accelerated 2000
MCSE Training Kit(c) Microsoft Windows 2000 Accelerated 2000
ISBN: N/A
EAN: N/A
Year: 2004
Pages: 244
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Crystal Reports 9 on Oracle (Database Professionals)
Strategies for Information Technology Governance
SQL Tips & Techniques (Miscellaneous)
Network Security Architectures
Special Edition Using Crystal Reports 10
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy