Creating Your DHCP Server Design

It is important to create a DHCP server design that meets the needs of your organization in terms of functionality, availability, interoperability, and total cost of ownership (TCO).

Figure 2.2 shows the process for creating a DHCP server design.

Figure 2.2: Designing Your DHCP Server

Upgrading Your Existing DHCP Server Hardware

Determine whether your current hardware and software, including routers, switches, and other servers and clients, support Windows Server 2003 DHCP. Windows Server 2003 DHCP servers support Windows DHCP clients and third-party operating systems that use DHCP and comply with RFC 2131. For more information about the operating systems that support DHCP, see the Networking Guide of the Windows Server 2003 Resource Kit (or see the Networking Guide on the Web at http://www.microsoft.com/reskit).

If your current systems support Windows Server 2003, but are close to the end of their expected lifecycle, consider upgrading your hardware at the same time that you upgrade to Windows Server 2003. Upgrading DHCP servers running Microsoft Windows NT Server version 4.0 or earlier to Windows Server 2003 allows you take advantage of benefits related to the Active Directory directory service, such as integrated secure dynamic updates of the DNS database.

For information about hardware life expectancy, contact your hardware vendor or refer to any internal metrics that your organization might have developed. For information about hardware compatibility, see the Windows Catalog link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources.

For more information about performing a hardware inventory, see "Planning for Deployment" in Planning, Testing, and Piloting Deployment Projects of this kit.

Determining DHCP Server Locations

To determine where to locate your DHCP servers, consider whether you are deploying a distributed, centralized, or combined DHCP infrastructure.

For a distributed DHCP infrastructure, locate a DHCP server on each subnet. Because distributed infrastructures use a DHCP server on each subnet, they require a greater number of servers than centralized networks. For example, a network that includes 30 subnets and that is using a true distributed topology requires at least 30 DHCP servers, and possibly more to provide for redundancy.

In a centralized DHCP infrastructure, DHCP servers are placed in a central location. A centralized DHCP topology requires the deployment of DHCP/bootstrap protocol (BOOTP) relay agents. Additional hardware resources are not generally required for DHCP relay agents; in most cases, the routers that are positioned between each subnet can assume this role, as defined in RFC 1542. If the routers cannot relay DHCP messages, configure a computer running Windows Server 2003 to act as a DHCP/BOOTP relay agent. For more information about configuring relay agents, see "Enabling DHCP Support for Multiple Subnets" later in this chapter.

Combining both distributed and centralized DHCP infrastructures provides the maximum efficiency for your network. In a combined DHCP infrastructure, the locations for DHCP servers are based on the physical characteristics of the local area network (LAN) or wide area network (WAN) infrastructure, and not the logical groupings defined by the Active Directory logical structure. DHCP servers are not required for every subnet if the connecting routers support DHCP/BOOTP relay agents. You can administer Windows Server 2003 DHCP servers remotely from a computer running Windows Server 2003 and Microsoft Management Console (MMC) DHCP snap-in. You can also administer a DHCP server remotely at the command line by using Netsh commands for DHCP, or you can remotely administer a DHCP server from a computer running Microsoft Windows XP Professional that has the Windows Server 2003 Administration Tools Pack installed. You must have the correct level of security permissions in order to administer a DHCP server. For more information about using the Windows Server 2003 Administration Tools Pack, see "Windows Server 2003 Administration Tools Pack" in Help and Support Center for Window Server 2003.

Optimizing DHCP Server Performance

You can optimize the performance of DHCP servers in your organization by doing the following:

• Extending the duration of the IP address lease.

• Improving DHCP server hardware, specifically upgrading to a faster hard drive or adding random access memory (RAM).

Extending the IP Address Lease and Renewal Duration

The volume of traffic on your network can have a negative impact on DHCP performance. For example, a subnet that relies on a DHCP server at a remote location on the WAN might experience poor performance at start of day, when users turn on computers and a large load of requests might be sent over the network.

DHCP traffic does not use significant network bandwidth during periods of normal usage; however, the following two phases of DHCP client configuration generate some network traffic load:

• IP address lease

• IP address renewal

When a DHCP client initializes TCP/IP or renews its address lease, it acquires an IP address from the DHCP server. This process results in an exchange between the DHCP client and the DHCP server, which typically consists of four packets, each containing a maximum of 4 kilobytes (KBs). For more information about the DHCP exchange, see the Networking Guide of the Windows Server 2003 Resource Kit (or see the Networking Guide on the Web at http://www.microsoft.com/reskit).

You can reduce the amount of network traffic generated by DHCP IP address lease and IP address renewal by extending the lease duration. Before you extend the lease duration, you must take into consideration other factors in your network, such as ratio of clients to available IP addresses, or clients that frequently lease addresses on more than one subnet, such as laptops that move frequently. If you have a relatively stable network and many more available IP addresses than DHCP clients, increasing the lease duration reduces network traffic, because DHCP messages are sent less frequently. If, however, you have a limited number of IP addresses available to your DHCP clients, or a network that changes frequently, a longer lease duration might cause you to run out of IP addresses because IP addresses are not returned to the address pool and made available to other DHCP clients until the lease expires. For more information about extending the lease duration, see "Determining Lease Duration" later in this chapter.

Improving DHCP Server Hardware

You can optimize DHCP performance in your system by optimizing individual DHCP server performance. Windows Server 2003 includes performance monitoring tools that you can use to test and monitor your servers.

For more information about performance monitoring tools, see "Performance Monitoring Tools" in Help and Support Center for Windows Server 2003.

The primary factors that impact DHCP server performance include:

• The speed of the server disk drives.

• The amount of RAM installed in the DHCP server computer.

The greatest volume of disk usage occurs when the service is started and when the database is backed up. When planning your DHCP server hardware specifications, evaluate the average time required for disk access and for disk read/write operations. If necessary, maximize DHCP server performance by increasing RAM and purchasing high-speed disk drives for the servers.

Enabling DHCP Support for Multiple Subnets

If you have multiple subnets in your network, and do not have a DHCP server on every subnet, determine whether your current routers relay DHCP/BOOTP messages.

If your routers cannot be used for DHCP/BOOTP relay, set up a DHCP/BOOTP relay agent on at least one computer running Windows Server 2003 on each subnet. The DHCP/BOOTP relay agent relays DHCP and BOOTP message traffic between the DHCP-enabled clients on the local network and a remote DHCP server located on another physical network by using the IP address of the remote DHCP server.

Figure 2.3 shows a simple, routed network in which the router acts as a DHCP relay agent.

Figure 2.3: Subnets Configured to Use a DHCP Relay Agent

If your routers cannot be used for DHCP/BOOTP relay and you choose not to configure DHCP/BOOTP relay agents, you must configure your network so that a DHCP server has a network adapter on each subnet it serves. You can accomplish this by either placing a DHCP server on each subnet, or by multihoming DHCP servers. This distributed configuration does not provide fault tolerance. If a DHCP server becomes unavailable, DHCP clients on the subnet cannot receive IP addresses and options.

For more information about installing and configuring DHCP relay agents, see "Configure the DHCP Relay Agent" in Help and Support Center for Windows Server 2003. For more information about the DHCP Relay Agent service, see the Networking Guide of the Windows Server 2003 Resource Kit (or see the Networking Guide on the Web at http://www.microsoft.com/reskit) or see Help and Support Center for Windows Server 2003.

Determining How Many DHCP Servers to Deploy

A single DHCP server can serve an almost unlimited number of clients. However, factors such as the size and layout of your network, the IP address class selected for use, and the volume of traffic on your network often make this impractical. You can deploy multiple DHCP servers to reduce the volume of DHCP-related traffic across your network and create faster response times for DHCP messages. Deploying multiple DHCP servers also creates fault tolerance on your network. If you choose to deploy more than one DHCP server, it is important to weigh the benefits of increased response times against the costs required for additional hardware.

When deciding how many DHCP servers you need, consider:

• The location of DHCP-enabled clients on your network.

• The transmission speeds between the segments for which DHCP service is provided.

  If you have slower WAN or dial-up links, place a DHCP server on both sides of these links to improve DHCP response times for local clients.

• The network traffic that DHCP produces, as well as your current network traffic.

  If your current volume of network traffic is high, consider deploying multiple DHCP servers to reduce the volume of DHCP requests traveling across the network. Make sure to account for periods when network traffic is heaviest, such as the beginning of the day, when many users turn on their computers at the same time.Disk space requirements.

  It is important to consider the database size when choosing your hardware. Each lease requires approximately 600 bytes per lease for the database, plus 1200 bytes for backup (600 bytes for the backup and 600 bytes for the temporary directory). In addition, the audit logs require approximately 500 bytes per lease transaction and are stored for seven days.

  Tip

  In general, allow at least 50–70 MB for the audit logs, however the number of lease transactions depends on the number of leases as well as the lease duration.

  To figure out how much hard disk space is required, first multiply the number of leases by 600 bytes, then multiply the estimated number of lease transactions by 500 bytes, and add these two results. The sum is the minimum amount of disk space required by the DHCP server.

  For example, a DHCP server with 10,000 leases and lease duration of one week requires approximately 18 MB to store the leases and the backup (6 MB for the database, 6 MB for the backup, and 6 MB for the temporary database). The audit logs would require an absolute minimum of 10 MB: 5 MB (500 bytes x 10,000 leases) for startup, and 5 MB when the leases renew halfway through the week. If the number of leases increases or if lease time is shortened, this requirement will increase. A company might allocate 100 MB for audit logs to allow for flexibility in adding leases or reducing lease duration, as well as dealing with any peak-load events.

Optimizing DHCP Availability

A highly available solution must account for all possible points of failure, including server failures, WAN link interruptions, and router failures. You can increase the fault tolerance and availability of your design by using one or more of the following, depending on your needs and hardware cost considerations:

• Split-scope configurations

• Clustered DHCP servers

• Using standby servers

Using Split-Scope Configurations

You can increase fault tolerance by splitting DHCP scopes between multiple DHCP servers. With a split-scope configuration, if one server becomes unavailable, the other server can take its place and continue to lease new IP addresses or renew existing clients. Splitting DHCP scopes also helps to balance server loads.

When splitting the IP address pool of a scope between two servers, assign the same scope to both servers, and exclude opposite portions of the address range. You also need to make identical reservations at both DHCP servers, so that either server can assign the reserved IP address, ensuring that the intended device receives the address that is reserved for its use.

Figure 2.4 shows a network that is using a split-scope configuration.

Figure 2.4: Split-Scope Configuration

In Figure 2.4, DHCP Server 1 has 80 percent of the addresses in the scope and DHCP Server 2 has 20 percent of the addresses in the scope. Splitting a scope between servers in this way, which is commonly referred to as the "80/20 rule," often relies on the proximity of the DHCP servers to the clients it serves. For example, when a DHCP client that is on the same subnet as DHCP Server 1 sends out a DHCP Discover packet, it takes longer for DHCP messages from clients to reach the DHCP Server 2 than DHCP Server 1, because DHCP Server 2 is on the other side of a router from the DHCP client. You can also configure a delay on the DHCP relay agent to ensure the local DHCP server has adequate time to respond. Because DHCP clients always accept the lease from the DHCP server that sends the first response, clients normally obtain leases from DHCP Server 1. If DHCP Server 1 goes offline for any reason, clients accept leases from DHCP Server 2.

Using Clustered DHCP Servers

Windows Server 2003 DHCP can use Windows Clustering, which allows two or more servers to be managed as a single system. You can increase DHCP (or multicast address dynamic client allocation protocol [MADCAP]) scalability, availability, and reliability by using the Cluster service to deploy a DHCP server cluster.

By using clustering support for DHCP, you can implement a local method of DHCP server failover. In this way, you can achieve greater fault tolerance and minimize disruptions and work stoppages. Windows Clustering can automatically detect the failure of an application or server and restart the application on or transfer the server role to an alternate server. Users experience only a brief break in service.

Windows Clustering creates a virtual DHCP server so that if one of the clustered nodes fails, the namespace and all of the services contained in that node are automatically transferred to a second node. No changes are visible to the client, which sees the same IP address for the clustered DHCP servers.

Use Windows Clustering alone to create a fault-tolerant design that makes efficient use of available IP addresses. To further enhance DHCP fault tolerance and availability, combine DHCP server clustering with a remote failover configuration — such as a split-scope configuration across different segments of your network. Although combining server clustering with a split-scope configuration increases DHCP availability, you must consider whether the benefits to your organization outweigh the hardware costs involved.

Figure 2.5 shows an example of clustered DHCP servers. DHCP Server 1 is the active DHCP server, and DHCP Server 2 is the backup DHCP server.

Figure 2.5: Clustered DHCP Servers

Example: Using a Split-Scope Configuration in Combination with a DHCP Server Cluster to Enhance Availability and Fault Tolerance

A company has its main corporate office in North America, and two European offices in Milan and Seville. The North American DHCP server cluster includes two servers, which are configured as nodes of the server cluster.

Twenty percent of the available IP leases for the Milan and Seville sites are configured on the North American server cluster. The remaining 80 percent of the available IP leases are configured on the local Milan and Seville DHCP servers.

This configuration provides the following levels of fault tolerance for the European sites:

1. Under normal circumstances clients in Milan and Seville request IP lease assignments from the local DHCP server, which contains 80 percent of the available IP addresses for the subnet.

2. If either the Milan or Seville DHCP server is slow or unavailable, European DHCP clients use the North American DHCP server, which contains 20 percent of the available IP addresses for the Milan and Seville subnets. The relay agent between the European offices and the North American office is configured to delay the DHCP messages from the European offices, allowing the local (Milan or Seville) DHCP server enough time to respond.

3. Because the North American DHCP server is configured as a server cluster, if one node of the cluster becomes unavailable, Windows Clustering automatically brings the other node online.

Using Standby Servers

A standby server and its scopes are not activated for use under normal conditions, and are activated by the administrator only when needed, such as when a DHCP server fails or is taken offline for an extended period of time. Standby servers require manual administration to ensure failover transition, and therefore might not be as effective as other failover methods, such as split scopes and clustered servers.

To use a standby configuration, configure an additional DHCP server to server as a backup if the primary server goes offline. You can either configure the standby server to be identical to your primary DHCP server or configure the standby server with unused scopes to temporarily replace the primary DHCP server.

If you are configuring the standby server with the identical scope to your primary DHCP server, you must implement server-side address conflict detection to prevent the assigning of duplicate addresses.

For more information about backing up your DHCP servers, see "Backing Up the DHCP Database" or "Netsh Commands for DHCP" in Help and Support Center for Windows Server 2003.