DHCPTasks |
The following procedures are performed using the DHCP console, which is opened by either:
Start Programs Administrative Tools DHCP
Start Run dhcpmgmt.msc
Note that this console is available only if you have installed the optional DHCP component using Add or Remove Programs or added the DHCP Server role to your machine using Manage Your Server. You can also manage many aspects of DHCP servers from the command line using the netsh (Netshell) command (see Chapter 5 for more information).
If a DHCP server belongs to a domain, it must be authorized in Active Directory before it can be used. If you install the DHCP Server service on a domain controller, it should authorize itself automatically. If this doesn't occur or if the machine is a member server, authorize it manually as follows :
Right-click on DHCP server node Authorize
After a minute or two, press F5 to refresh and see if authorization was successful. Note that you must be a member of the Enterprise Admins group to authorize a DHCP server. Unauthorizing a DHCP server causes it to ignore all lease and renewal requests from DHCP clients until it is reauthorized.
To connect to authorized DHCP servers and manage them or change their authorization status, do this:
Right-click root node Manage authorized servers
A DHCP server belonging to a domain must be authorized before you can create a scope. After creating a scope, you must activate it before clients can lease addresses from the DHCP server. To create an ordinary scope, do this:
Right-click on server node New Scope specify friendly name for scope specify start and end IP addresses specify subnet mask specify individual addresses or blocks of addresses to exclude from scope specify duration of lease specify scope options such as default gateway address, DNS domain name, addresses of DNS servers, and addresses of WINS servers on your network
To reconfigure basic settings for your scope, do this:
Right-click on scope Properties General
Note that you can increase the range of IP addresses in a scope, but you can't decrease it. If you want to change the IP address range of the scope to a different subnet, you must first remove all exclusions and options that conflict with the new subnet. Otherwise, you will receive the error message "The specified range either overlaps an existing range or is not valid." An easier solution is usually to delete the scope entirely and create a new one. Be aware that you have to release and renew IP addresses from your DHCP clients afterward. It's essential to plan the DHCP configuration carefully before implementing it on your network.
To exclude additional IP addresses from an existing scope, do this:
Select scope right-click on Address Pool New Exclusion Range
Note that you can't exclude addresses that are actively leased to clients. To remove an existing exclusion, do this:
Select Address Pool right-click on an exclusion Delete
You can configure scope options at several levels:
(Server level) Right-click on Server Options Configure Options General
(Scope level) Select scope Right-click on Scope Options Configure Options General
(Reserved client level) Select scope Select Reservations right-click on reservation Configure Options General
The usual options to configure in Microsoft networks are 003, 006, and 015. If you are using WINS, configure 044 and 046 also. Each option requires you to specify information related to that option, as summarized in Table 4-7. For options involving IP addresses, you can optionally enter the name of the computer and click Resolve to determine its IP address. If you configure 044, then 046 must be configured as well. For 046, the typical choice is 0x8 if a WINS server is present on the network.
Option | Information |
---|---|
003 Router | IP addresses of default gateways |
006 DNS Servers | IP addresses of DNS servers |
015 DNS Domain Name | DNS name of local domain |
044 WINS/NBNS Servers | IP addresses of WINS servers |
046 WINS/NBT Node Type | 0x1 = B-node (broadcast) 0x2 = P-node (peer) 0x4 = M-node (mixed) 0x8 = H-node (hybrid) |
Check the configuration of your new scope carefully before activating it, then do this:
Right-click on scope Activate
Only an activated scope responds to DHCP lease and renewal requests from client computers. Activation allows you to selectively control which scopes are available on a DHCP server.
If you create a scope and later want to delete it (to create a new one), first deactivate the scope and leave it in that condition until half the configured lease time elapses. Otherwise, you have to manually release and renew IP addresses on each client using ipconfig once your new scope is created. Don't deactivate a scope unless you intend to retire it and remove it permanently from the server. A DHCP server whose scope is deactivated sends out DHCPNAK packets to clients who attempt to contact it, which commences a recall of DHCP addresses in the subnet.
Select a scope right-click on Reservations New Reservation enter the IP address and MAC address of the client computer for which you want to reserve an IP address.
|
Select a scope Select Address Leases Select a scope
You can right-click on an active lease in the Details pane and delete it if you like. However, the client may request the address again unless you release the address on the client using ipconfig /release .
Right-click on server node Select a scope Display Statistics
This window is manually refreshed by default. To cause it to refresh automatically, do the following:
Right-click on server node Properties General Automatically update statistics
Right-click on Scope node Reconcile Verify
This option lets you fix any inconsistency in the DHCP database by comparing it with information stored in the registry. If everything is fine, you are prompted to click OK. If there are inconsistencies, the inconsistent addresses are displayed; select them and click Reconcile.
The procedure for configuring DHCP clients depends on the version of Windows being used. For example, on WS2003, XP, or W2K, do this:
Control Panel Network Connections Local Area Connection Properties Internet Protocol (TCP/IP) Properties Obtain an IP address automatically Obtain DNS server address automatically
If no DHCP server is available when a DHCP client starts up, a WS2003, XP, or W2K client autoconfigures its own IP address using Automatic Private IP Addressing (APIPA). See TCP/IP later in this chapter for more information.
To configure a DHCP server to update DNS information on behalf of DHCP clients, do this:
Right-click on server node Properties DNS Enable DNS dynamic updates
By default, DHCP servers are configured to perform such updates only when clients request them and to discard DNS information when the client lease expires . WS2003 or XP clients request dynamic updates if they are configured as follows:
Control Panel Network Connections Local Area Connection Properties Internet Protocol (TCP/IP) Properties Advanced DNS Register this connection's suffix in DNS
To have your DHCP server register DNS information for downlevel (NT) or legacy (Windows 95/98) clients, do this:
Right-click on server node Properties DNS Dynamically update DNS A and PTR records for DHCP clients that don't request dynamic updates
If necessary, you can specify credentials for the DHCP server to perform dynamic updates on DNS servers:
Right-click on server node Properties Advanced Credentials
Note that you can also configure dynamic updates at the scope level instead of globally for all scopes. For example:
Right-click on scope Properties DNS
If your DHCP server has multiple LAN or WAN connections, you can specify on which connections the server should service DHCP clients as follows:
Right-click on server node Properties Advanced Bindings
DHCP servers can be configured to record events in a DHCP audit log as follows:
Right-click on server node Properties General Enable DHCP audit logging
These audit logs are named DhcpSrvLog.xxx , where the extension depends on the day of the week. The location of these logs can be configured on the Advanced tab.
You can back up the DHCP database on a DHCP server like this:
Right-click on server node Backup
By default, DHCP database backups are binary files named DhcpCfg that are created in \ System32\dhcp\backup . Note that creating a new backup simply overwrites the old one unless you choose a new location. Use the Restore option to restore a DHCP server database from backup, but note that this temporarily stops the DHCP service. Note that these backups don't include DHCP audit log settings.
|
DHCP relay agents are configured using the Routing and Remote Access Service (RRAS) as follows:
Open RRAS console right-click on server node Enable and configure routing and remote access Custom configuration LAN routing start the service when prompted expand console tree IP Routing node right-click on General New routing protocol DHCP relay agent right-click on DHCP Relay Agent New Interface select interface configure hop count threshold configure boot threshold OK right-click on DHCP relay agent specify IP address of DHCP server to forward DHCP requests to
You enable the relay agent on each network connection or interface on which you want it to operate . If you have several DHCP servers on the network, you should specify which ones can service DHCP clients on the subnet on which your relay agent resides.
The boot threshold is the time in seconds the agent waits between receiving a DHCP client-broadcast request and forwarding it to a DHCP server. This useful feature allows you to provide backup for a local DHCP server. If the client broadcasts a DHCP message and the local DHCP server doesn't respond in the time specified, the message is forwarded by the agent to a DHCP server on a remote subnet. In this way, if the local DHCP server goes down, DHCP can still operate on the subnet.