Windows 2000 Server includes an enhanced implementation of DHCP. DHCP is an open industry standard that reduces the complexity of administering networks based on TCP/IP. Each host computer connected to a TCP/IP network must be assigned a unique IP address. DHCP frees network administrators from having to configure all of the computers by hand. DHCP can automatically configure a host while it’s booting on a TCP/IP network, as well as change settings while the host is attached. All available IP addresses are stored in a central database along with associated configuration information, such as the subnet mask, gateways, and addresses of DNS servers. Without the dynamic assignment of IP configuration information, clients have to be configured one by one. IP addresses must be managed to avoid duplicate use. Changes must be applied to clients by hand. Configuration information isn’t centralized; and it’s difficult to get a view of all client configurations. This lesson provides an overview of DHCP and the DHCP lease process. The lesson also provides information on how to set up DHCP to be fault tolerant in order to enhance system availability.
DHCP was derived from the Internet standard Bootstrap Protocol (BOOTP), which allowed dynamic assignment of IP addresses (as well as remote booting of diskless work stations). In addition to supporting dynamic assignment of IP addresses, DHCP supplies all configuration data required by TCP/IP, plus additional data required for specific servers. Administrators can manually configure just one machine—the DHCP server. Whenever a new host is plugged into the network segment that’s served by the DHCP server or an existing host is turned back on, the machine asks for a unique IP address.
When a DHCP server receives a request for an IP address, it selects the address from a pool of addresses defined in its database and offers the address—along with other IP configuration information—to the DHCP client. If the client accepts the offer, the DHCP server leases the IP addressing information to the client for a specified period.
The DHCP service allocates IP addressing information to client computers. The allocation of IP addressing information is called a DHCP lease. The DHCP lease process occurs when one of the following events occurs:
DHCP uses a four-phase process (DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, and DHCPACK) to lease IP addressing information to a DHCP client for a specific period, as shown in Figure 2.12.
Figure 2.12 - The DHCP lease process
The first step in the DHCP lease process is DHCPDISCOVER. To begin the DHCP lease process, a client initializes a limited version of TCP/IP and broadcasts a DHCPDISCOVER message requesting the location of a DHCP server and IP addressing information. Because the client doesn’t know the IP address of a DHCP server, the client uses 0.0.0.0 as the source address and 255.255.255.255 as the destination address. The DHCPDISCOVER message contains the client’s hardware address and computer name so that the DHCP servers can determine which client sent the request.
The second step in the DHCP lease process is DHCPOFFER. All DHCP servers that receive the IP lease request and that have a valid client configuration broadcast a DHCPOFFER message that includes the following information:
The DHCP servers send a broadcasted message because the client doesn’t yet have an IP address. The DHCP client selects the IP address from the first offer that it receives. The DHCP server issuing the IP address reserves the address so that it can’t be offered to another DHCP client.
The third step in the DHCP lease process occurs after the client receives a DHCPOFFER from at least one DHCP server and selects an IP address. The client broadcasts a DHCPREQUEST message to all DHCP servers, indicating that it has accepted an offer. The DHCPREQUEST message includes the server identifier (IP address) of the server whose offer it accepted. All other DHCP servers then retract their offers and retain their IP addresses for the next IP lease request.
The final step in a successful DHCP lease process occurs when the DHCP server issuing the accepted offer broadcasts a successful acknowledgment to the client in the form of a DHCPACK message. This message contains a valid lease for an IP address and possibly other configuration information.
When the DHCP client receives the acknowledgment, TCP/IP is completely initialized and the client is considered a bound DHCP client. Once bound, the client can use TCP/IP to communicate on the network.
If the DHCPREQUEST isn’t successful, the DHCP server broadcasts a negative acknowledgement (DHCPNACK). A DHCP server broadcasts a DHCPNACK if one of the following conditions is met:
When the client receives an unsuccessful acknowledgment, it autoconfigures its IP address by using Automatic Private IP Addressing (APIPA) and its class B subnet mask. Once it autoconfigures itself, it will continue to check for DHCP servers every 5 minutes until it finds one. Once that happens, the client releases the autoconfigured information and uses the IP addressing information issued by the DHCP server.
If a computer has multiple network adapters bound to TCP/IP, the DHCP process occurs separately over each adapter. The DHCP service assigns a unique and valid IP address to each adapter in the computer bound to TCP/IP, if that adapter is configured as a DHCP client.
All DHCP clients attempt to renew their lease when 50 percent of the lease time has expired. To renew its lease, a DHCP client sends a DHCPREQUEST message directly to the DHCP server from which it obtained the lease. If the DHCP server is available, it renews the lease and sends the client a DHCPACK message with the new lease time and any updated configuration parameters. The client updates its configuration when it receives the acknowledgment.
Each time a DHCP client restarts, it attempts to lease the same IP address from the original DHCP server. If the lease request is unsuccessful and lease time is still available, the DHCP client continues to use the same IP address until the next attempt to renew the lease.
If a DHCP client can’t renew its lease with the original DHCP server at the 50 percent interval, the client broadcasts a DHCPREQUEST to contact any available DHCP server when 87.5 percent of the lease time has expired. Any DHCP server can respond with a DHCPACK message (renewing the lease) or a DHCPNACK message (forcing the DHCP client to obtain a lease for a different IP address).
If the lease expires or a DHCPNACK message is received, the DHCP client must immediately discontinue using that IP address. The DHCP client then begins the DHCP lease process to lease a new IP address.
You must define and activate a scope before DHCP clients can use the DHCP server for dynamic TCP/IP configurations. A DHCP scope is an administrative collection of IP addresses and TCP/IP configuration parameters that are available for lease to DHCP clients. The network administrator creates a scope for each logical or physical subnet.
A scope has the following properties:
Each subnet can have a single DHCP scope with a single continuous range of IP addresses. To use several address ranges within a single scope or subnet, you must first define the scope and then set exclusion ranges.
A superscope allows a DHCP server to provide leases from more than one scope to clients on a single physical network. Before you can create a superscope, you must use DHCP Manager to define all the scopes you want to include in the superscope. Scopes added to a superscope are called member scopes. Superscopes can resolve DHCP service issues in various situations, including the following:
DHCP Manager allows you to reserve a specific IP address for a computer or for other IP addressable devices on the network. Reserving selected IP addresses for special-function devices on the network ensures that DHCP doesn’t duplicate or reassign the address. Reservations can be useful for the following types of devices and computers:
Each reservation requires a unique identifier for the device for which an address is reserved, which is the same as the MAC or physical address for the DHCP client. In the case of Ethernet, this address is a unique sequence of hexadecimal byte numbers that identifies the network adapter hardware for each network- connected device.
You can obtain MAC addresses on Windows 2000 clients by typing ipconfig /all at the command prompt of the client computer and viewing the Physical Address field. For Windows 95–based clients, you can run the WINIPCFG.EXE command prompt utility and view the Adapter Address field.
BOOTP and DHCP rely on network broadcasts to communicate. Routers in normal routed environments don’t automatically forward broadcasts from one interface to another, so a relay agent is needed to pass along this communication. A BOOTP/DHCP relay agent is either a router or a host computer configured to listen for BOOTP and DHCP broadcast messages and direct them to a specific DHCP server. Using relay agents eliminates the need to have a DHCP server on each physical network segment. Relay agents not only direct local DHCP client requests to remote DHCP servers but also return remote DHCP server responses to the DHCP clients.
RFC 2131–compliant routers (which supersede RFC 1542) contain relay agents that allow them to forward DHCP packets. Windows 2000 Server also comes with a DHCP relay agent that you can install and configure as a service.
One online DHCP server and one backup DHCP server can support a large number of clients, depending on hardware configurations and other issues. However, when you decide how many DHCP servers are necessary, you need to consider the location of routers on the network and whether you want a DHCP server in each subnet. You should also consider the transmission speed between each segment for which DHCP service is to be provided. With slower WAN links or dial-up links, you typically deploy a DHCP server on both sides of these links to service clients locally.
A network can have practical size constraints, based on the IP address class, such as the 254-node limit of Class C networks. In addition, server configuration issues, such as disk capacity and CPU speed, are critical. Before you install a DHCP server, identify the following information:
When setting up DHCP in your network, in most cases you should use the physical characteristics of your LAN or WAN infrastructure and not the logical groupings defined by Windows 2000 domains and your Active Directory service structure. When subnets are connected by routers that support BOOTP relay agents, you don’t need DHCP servers on every subnet. Also, you can administer DHCP servers remotely from a computer running Windows 2000 and DHCP Manager.
When you set up DHCP, you’ll probably install more than one DHCP server so that the failure of any individual server doesn’t prevent DHCP clients from starting. However, DHCP doesn’t provide a way for DHCP servers to cooperate in ensuring that assigned addresses are unique. Therefore, you must divide the available address pool among the DHCP servers carefully to prevent duplicate address assignment.
For balancing DHCP server usage, use the 80/20 rule to divide scope addresses between DHCP servers. Figure 2.13 is an example of the 80/20 rule.
Figure 2.13 - 80/20 rule model
DHCP Server 1 is configured to lease most (about 80 percent) of the available addresses. DHCP Server 2 is configured to lease the remaining addresses (about 20 percent).
This scenario allows the local DHCP server (DHCP Server 1) to respond to requests from local DHCP clients most of the time. The remote or backup DHCP server (DHCP Server 2) assigns addresses to clients on the other subnet only when the local server isn’t available or is out of addresses. You can use this same rule in a multiple-subnet scenario to ensure the availability of a DHCP server when a client requests a lease.
By default, Windows 2000 backs up the DHCP database every 60 minutes. Windows 2000 stores the backup copies of the file in the %systemroot%\ System32\Dhcp\Backup\Jet\New folder.
You can change the default backup interval by changing the value (the number of minutes between backups) of the BackupInterval entry located in the registry under the following key:
By default, the DHCP service restores a corrupt DHCP database automatically when you restart the DHCP service. But you can manually restore the DHCP database file by editing the registry. First set the value for the RestoreFlag entry to 1, and then restart the DHCP service. The RestoreFlag entry is located in the registry under the following subkey:
After the DHCP service restores the database, the server automatically changes the RestoreFlag parameter to the default value of 0.
You can also restore the DHCP database file manually by copying the con- tents of the %systemroot%\System32\Dhcp\Backup\Jet folder to the %systemroot%\System32\Dhcp folder and then restarting the DHCP service.
The Cluster service in Windows 2000 Advanced Server allows you to manage two servers as a single system. In Windows 2000 Datacenter Server, the Cluster service allows you to manage four servers as a single system. You can use the Cluster service for DHCP servers to provide higher availability, easier manageability, and greater scalability.
The Cluster service can automatically detect the failure of an application or server and quickly restart it on a surviving server with users experiencing only a short pause in service. With the Cluster service, administrators can quickly inspect the status of all cluster resources and easily move workloads around onto different servers within the cluster. This is useful for static load balancing and for performing rolling upgrades on the servers without taking important data and applications offline.
The Cluster service provides a virtual DHCP server so that if one of the clustered nodes crashes, the namespace and all the services are transparently reconstituted to the second node. This means no changes are visible to the client, which sees the same IP address for the clustered DHCP servers.
Without clustering, network administrators might split scopes between servers so that if one server goes down, a percentage of the available addresses remains available. However, clustering uses IP addresses more efficiently by eliminating the need to split scopes. A database stored on a remote disk tracks address assignment and other activity so that if the active cluster node goes down, the second node becomes the DHCP server and has complete knowledge of what’s been assigned and access to the complete scope of addresses. Only one node at a time runs as a DHCP server, with the Windows 2000 clustering database providing transparent transition when needed.
Use the 80/20 rule when implementing clustered DHCP servers to provide additionally enhanced failover services. The combination of clustering DHCP servers and using the 80/20 rule to manage scopes between the clustered servers gives you an enhanced failover solution.
The Cluster service is discussed in more detail in Chapter 4, "Microsoft Windows 2000 Cluster Service."
When designing a DHCP structure for your network environment, you can use three fault-tolerant strategies to ensure high availability: clustering, splitting scopes, and backing up the database. These strategies are outlined in Table 2.4.
Table 2.4 Designing a DHCP Structure
The Cluster service allows you to manage two servers or four servers as a single system. You can use the Cluster service for DHCP servers to provide higher availability, easier manageability, and greater scalability. The Cluster service can automatically detect the failure of an application or server and quickly restart it on a surviving server; users would only experience a short pause in service. With the Cluster service, administrators can quickly inspect the status of all cluster resources and easily move workload around onto different servers within the cluster. This is useful for manual load balancing and for performing rolling updates on the servers without taking important data and applications offline. The Cluster service provides a virtual DHCP server so that if one of the clustered nodes fails, the namespace and all the services are transparently reconstituted to the second node. This means no changes for the client, which sees the same IP address for the clustered DHCP server.
Using more than one DHCP server on the same subnet and splitting scopes provides increased fault tolerance for servicing DHCP clients located on the subnet. With two DHCP servers, if one server goes down, the other server can be made to take its place and continue to lease new addresses or renew existing clients. However, clustering uses IP addresses more efficiently than splitting scopes. For the greatest degree of fault tolerance, you can use the 80/20 rule in addition to clustering to enable an enhanced failover solution.
Backing up the database
By default, Windows 2000 backs up the DHCP database every 60 minutes. If Windows 2000 detects a corrupt database when you restart the DHCP Server, the database is automatically restored from the copy that’s been backed up. You can change the default backup interval by changing the value in the registry.
When designing a fault-tolerant DHCP structure for your network environment, you should use the Cluster service for the DHCP servers. You should also use the 80/20 rule along with clustering to provide an enhanced failover solution. In addition, you might choose to change the interval of how often the DHCP database is backed up, depending on network usage and DHCP configuration requirements.
Figure 2.14 is a generic example of clustered DHCP servers. DHCP Server 1 is the active DHCP server, and DHCP Server 2 is the backup DHCP server.
Figure 2.14 - Clustered DHCP servers
The following information provides details about the DHCP configuration shown in Figure 2.14:
To facilitate clustering and the sharing of resources, the DHCP servers are connected to an external disk system that holds the DHCP database and log files. This allows DHCP Server 2 to access the DHCP database files if it needs to take over as the active DHCP server. The clustering service installed on each DHCP server prevents one server from trying to exclusively claim the external disk and prevent sharing of the disk system between the DHCP servers.
The cluster itself has a unique name and IP address so DHCP clients can use the cluster name and IP address to connect to the cluster and request DHCP services. This process prevents rejected DHCP client requests if one of the DHCP servers is turned off. For example, if the client is configured with a specific DHCP server name and IP address instead of the cluster address, the client won’t receive DHCP services.
DHCP can automatically assign IP addressing information to a DHCP client. The allocation of IP addressing information is called a DHCP lease. DHCP uses a four-phase process (DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, and DHCPACK) to lease IP addressing information to a DHCP client for a specific period. All DHCP clients attempt to renew their lease when 50 percent of the lease time has expired. A scope must be defined and activated before DHCP clients can use the DHCP server for dynamic TCP/IP configuration. DHCP Manager allows you to reserve a specific IP address for a computer or other IP addressable devices on the network. Depending on hardware configurations and other issues, one online DHCP server and one backup DHCP server can support a large number of clients. You must carefully divide the available address pool among the DHCP servers to prevent duplicate address assignment. For balancing DHCP server usage, use the 80/20 rule to divide scope addresses between DHCP servers. By default, Windows 2000 backs up the DHCP database every 60 minutes. The Cluster service allows you to manage either two or four servers as a single system. You can use the Cluster service for DHCP servers to provide higher availability, easier manageability, and greater scalability. When designing a fault-tolerant DHCP structure for your network environment, you should use clustering for the DHCP servers and the 80/20 rule in conjunction with clustering to provide an enhanced failover solution.