Implementing, Managing, and Troubleshooting DHCP


DHCP was the Internet community's answer to the problem of dynamically distributing IP addresses. Here's how a client computer gets an address:

  1. The client computer broadcasts a DHCPDISCOVER message that is intended for the DHCP server(s) on the network. If a router sits between the DHCP server and the client, it needs to be configured with the IP address of the DHCP server. It also needs to be configured to forward BOOTP.

  2. Each DHCP server that receives the DHCPDISCOVER message responds with a DHCP offer message, which includes an IP address that is appropriate for the subnet where the client computer is attached. The DHCP server determines the appropriate address by looking at the source subnet for the broadcast DHCPDISCOVER message.

  3. The client computer considers the offer messages and selects one (usually the first offer it receives). It sends a request (DHCPREQUEST) to use the address to the DHCP server that originated the offer. If there are multiple DHCP servers, they need to be carefully configured. It is very easy to inadvertently configure servers so that they conflict; therefore, it is important if you have multiple DHCP servers on a network that they do not have the capability to offer duplicate IP addresses. Because DHCP servers do not communicate with one another, they have no way of telling whether an address has already been issued by another DHCP server.

  4. The DHCP server acknowledges the request and grants the client computer a lease to use the address.

  5. The client computer uses the IP address to bind to the network. If the IP address is associated with any configuration parameters, the parameters are incorporated into the client computer's TCP/IP configuration.

  6. When 50 percent of the configured lease time has elapsed, the client sends another DHCPREQUEST message to the DHCP server that granted its lease, asking to renew and extend its current lease.

  7. If the DHCP server is reachable, it responds with a DHCPACK message to the client, renewing and extending the DHCP lease as requested.

  8. If the DHCP server is not reachable, the client continues trying to reach it until 87.5 percent of the lease time has elapsed. At that point, the client attempts to renew its lease with any DHCP server that responds. If this is unsuccessful, the client starts the process of acquiring a new DHCP lease.

DHCP is not a new service in Windows Server 2003, but it has undergone some changes from both Windows 2000 and Windows NT 4.0. The following list summarizes some of the major changes between DHCP in Windows NT 4.0 (and Windows 2000 Server as well) and Windows Server 2003:

  • DHCP integration in DNS DHCP servers in a Windows Server 2003 environment can trigger dynamic updates in the DNS database for all clients to which it leases IP addresses. Windows 2000 and newer clients can automatically update their DNS records if they are authorized to do so. Legacy clients can have their records updated by the DHCP server if it is authorized to do so.

  • Rogue DHCP server detection Unauthorized, or rogue, DHCP servers can cause a wide variety of problems, including a Denial of Service (DoS) to clients. To prevent such problems, Windows Server 2003 requires an administrator to authorize DHCP servers before they can start to service client requests. In this way, only those DHCP servers that have been authorized can provide DHCP leases to clients. You must be an enterprise administrator to authorize a DHCP server.

  • Superscope and multicast scope support Superscopes allow you to group several standard DHCP scopes into a single administrative group without causing any service disruption to network clients. Multicast scopes allow you to lease Class D IP addresses to clients for participation in multicast transmissions. These include streaming video and audio transmissions.

  • Local security groups for DHCP management Two new local administrative security groups are created when the DHCP service is installed: DHCP Users and DHCP Administrators.

  • Improved monitoring and reporting Windows Server 2003 provides a full set of performance monitoring counters that can be used to monitor DHCP server performance.

  • Custom DHCP option classes User- and vendor-specified option classes can be used to distribute specific options to the clients that need them.

A scope is a range of IP addresses that are available for dynamic assignment to hosts on a given subnet. The scope for a particular subnet is determined by the network address of the broadcast DHCP request. In addition to address information, a scope can include a set of configuration parameters to be assigned to client computers when the address is assigned. This list of configuration parameters can include DNS servers, WINS servers, default gateways, the subnet mask, a NetBIOS scope ID, IP routing information, and WINS proxy information.

A supernetted network is a network that has multiple network addresses or subnets running on the same segment. This configuration is common in a network environment with more than 254 hosts on a subnet and in an environment in which certain hosts need to be isolated from the rest of the logical network for security or routing reasons. Superscopes support a local multinet or a multinet that is located across a router and configured to use the BOOTP forwarder service.

Windows Server 2003 makes use of the concept of a multicast scope. The DHCP service has been extended to allow the assignment of multicast addresses in addition to unicast (single-computer) addresses. MADCAP (Multicast Address Dynamic Client Allocation Protocol) is an IETF standard (RFC 2730) that defines multicast address allocation.

You can configure DHCP options at four different levels for each DHCP server:

  • Server These are DHCP options that are applied to all scopes on the DHCP server.

  • Scope These are DHCP options that are applied only to the specific scope on the DHCP server.

  • Class These are DHCP options that are applied only to clients identified as members of specified user or vendor classes.

  • Reservation These are DHCP options that are applied only to a specific computer.

Some of the more common DHCP scope options are presented in Table 7.

Table 7. DHCP Scope Options

Code

Option Name

Option Description

2

Time Offset

Specifies the offset of the client's subnet in seconds from UTC.

3

Router

Specifies a list of IP addresses for routers on the client's subnet.

4

Time Server

Specifies a list of RFC 868 time servers available to the client.

5

Name Servers

Specifies a list of name servers available to the client.

6

DNS Servers

Specifies a list of DNS servers available to the client.

9

LPR Servers

Specifies a list of RFC 1179 line printer servers available to the client.

15

DNS Domain Name

Specifies the domain name that the client should use when resolving hostnames via DNS.

27

All Subnets Are Local

Specifies whether the client can assume that all subnets of the IP network to which the client is connected use the same MTU as the subnet of the network to which the client is directly connected.

28

Broadcast Address

Specifies the broadcast address in use on the client's subnet.

44

WINS/NBNS Servers

Specifies a list of RFC 1001/1002 NBNS servers, listed in order of preference.

46

WINS/NBT Node Type

Allows NetBT clients, which can be configured as described in RFC 1001/1002.

47

NetBIOS Scope ID

Specifies the NetBT scope parameter for the client, as specified in RFC 1001/1002.


Microsoft-specific DHCP options are shown in Table 8.

Table 8. Microsoft-Specific DHCP Options

Code

Option Name

Description

1

Microsoft Disable NetBIOS

This option can be used to selectively enable or disable NetBT for DHCP-enabled computers running Windows.

2

Microsoft Release DHCP Lease on Shutdown

This option can be used to control whether DHCP-enabled computers running Windows send a release for their current DHCP lease to the DHCP server when shutdown occurs.

3

Microsoft Default Router Metric Base

This value is a specified router metric base to be used for all default gateway routes.


When you provide DHCP using Windows Server 2003, you can take advantage of the tight integration between DHCP and DNS and thereby ensure that all clients are automatically registered in DNS. You can configure the following settings for DNS integration:

  • Dynamically Update DNS A and PTR Records Only If Requested by the DHCP Clients

  • Always Dynamically Update DNS A and PTR Records

  • Discard A and PTR Records When Lease Is Deleted

  • Dynamically Update DNS A and PTR Records for DHCP Clients That Do Not Request Automatic Updates

There are three basic configurations in which you can set up a DHCP relay agent:

  • The first involves entering the IP address or addresses of the DHCP server(s) into the router itself, instructing it to pass DHCP messages to a specified IP address for action.

  • The second method involves using the Windows Server 2003 Routing and Remote Access (RRAS) component as a router (in place of a hardware-based router) and configuring the DHCP relay agent within it.

  • The third solution is to use a Windows Server 2003 computer located on a subnet without a DHCP server to act as a DHCP relay agent. This option requires the use of the RRAS components, but it does not involve the creation or configuration of a router, as would be the case with the second solution. What's important to understand is that the server providing the DHCP relay agent service does not have to be dedicated to that purpose; it could be a file server, a print server, or any other type of Windows Server 2003 (or Windows 2000 Server) server on that subnet.

You can monitor the following DHCP statistics from the DHCP console:

  • Start Time

  • Up Time

  • Discovers

  • Offers

  • Requests

  • Acks

  • Nacks

  • Declines

  • Releases

  • Total Scopes

  • Total Addresses

  • In Use

  • Available

DHCP server backup and restore is one of the new features found in the DHCP service in Windows Server 2003. Two types of backups from the DHCP console are supported:

  • Synchronous A synchronous backup occurs automatically on the configured interval. The default interval is 60 minutes and can be changed from the registry location HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters\BackupInterval.

  • Asynchronous An asynchronous backup is a manual backup that is performed by using the Backup command from within the DHCP console.

Backups of the DHCP data from the DHCP console include the following items:

  • All scopes

  • All reservations

  • All leases

  • All options, including server options, scope options, reservation options, and class options

  • All registry data in the following registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters




MCSA(s)MCSE 70-291(c) Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure
MCSA/MCSE 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (Exam Prep)
ISBN: 0789736497
EAN: 2147483647
Year: 2006
Pages: 196
Authors: Will Schmied

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net