DHCP (Dynamic Host Configuration Protocol) provides an alternative to manually assigning IP addresses to computers. DHCP automatically assigns, or leases, IP addresses to hosts from a centrally managed pool.
DHCP is an extension of the BootP protocol defined in RFC 951 and is itself described in RFCs 1531, 1533, 1534, 1541, and 1542. Windows 2000 fully supports this standard. Any Windows 2000 computer can act as a DHCP client, and Windows 2000 Server can be configured to act as a DHCP server.
DHCP provides obvious advantages over manual address assignment: there is less administrative hassle, and new machines can be added to the network without dedicated IP addresses. In situations where all machines on the network are not used at once, DHCP allows a small pool of addresses to serve a larger number of machines.
DHCP is simple to install and practical for use in all but the smallest networks. Its disadvantages include the necessity of managing the address pool, the potential for conflicts between DHCP-assigned and manually assigned addresses, and the lack of a consistent address needed for some client applications.
DHCP clients and servers communicate with various messages, defined by RFC 1531. Communication is via UDP and uses ports 67 and 68. When a DHCP client initializes, the following process occurs:
The client broadcasts a DHCPDISCOVER message, requesting an IP address lease from any DHCP server. This message includes the client’s MAC address and NetBIOS name. If there is no response to the discover message, it is rebroadcast at intervals until a response is received.
Any DHCP servers that receive the message respond with DHCPOFFER messages. These messages include the DHCP server’s IP address, an available IP address, its corresponding subnet mask, and the lease’s duration in hours. DHCP servers reserve the offered addresses for a period of time and await a request.
The client selects one of the offered leases (in NT, always the first one offered) and sends the server a DHCPREQUEST message, which includes the client’s MAC address, the offered IP address, and the server’s IP address.
The DHCP server responds to the request by broadcasting a DHCPACK (acknowledgment) message if the requested address is still available. In this case, the client is now ready to access the network, and the DHCP server marks the address as unavailable to other clients. If the address is no longer available, the server sends a DHCPNAK (negative acknowledgment) message, and the client begins the process again with a DHCPDISCOVER message.
After 50% of the IP address lease duration given in the offer message has expired, the client attempts to renew the lease by sending another DHCPREQUEST message directly to the DHCP server. If there is no response, the renewal request is rebroadcast after 87.5% of the lease has expired, and any available DHCP server can respond.
If the address is still available, the DHCP server responds with DHCPACK, and a new lease period begins. If the address has become unavailable, the server responds with DHCPNAK; in this case, the client restarts the discovery process after the lease period expires.
The DHCP server releases an IP address, making it available to other clients, when the lease duration expires without a renewal, when a renewal request is denied, or when the client sends a DHCPRELEASE message.
Windows NT and Windows 2000 clients store their assigned IP addresses in the registry; other clients use a file for this purpose. When the client reinitializes, it first attempts to request the address stored from a previous session.
Windows 2000 Server includes a DHCP Server service. The following sections describe the process of installing and configuring DHCP Server and other configurations you may need to specify to complete the DHCP configuration on your network.
DHCP Server can be installed during the Windows 2000 Server installation or can be added to the installation later. Perform the following steps to install DHCP Server:
Select Add/Remove Programs from the Control Panel.
Click Add/Remove Windows Components to start the Windows Components Wizard.
Highlight the Networking Services entry in the list and select Details.
Check the box next to Dynamic Host Configuration Protocol (DHCP) and click OK.
Click Next to complete the installation.
After DHCP is installed, you can manage it using the DHCP MMC snap-in. To access this snap-in, select Programs → Administrative Tools → DHCP from the Start menu. This utility is shown in Figure 18-7.
To use DHCP, you must specify at least one scope, or range of IP addresses for assignment to clients. A scope is created by default when you install DHCP Server. To create an additional scope, select New Scope from the Action menu. A wizard displays the following dialogs:
A welcome dialog is displayed. Click Next to continue.
Type a name and description for the scope, then click Next.
Enter the range of IP addresses to be used for the scope and specify the subnet mask. This can be specified in the usual dotted decimal format or as a number of bits.
You can now optionally add one or more exclusions, ranges of IP addresses that will be excluded from the scope. Specify a start and end address and click Add to add an exclusion.
Specify the lease duration for IP addresses in the scope as a number of days, hours, and minutes. The default is eight days.
Choose whether to specify DHCP options. If you choose Yes, you are further prompted for Default Gateway, DNS, and WINS Server addresses to send to clients. These options can also be set manually, as described later in this section.
A final screen is displayed. Click Finish to create the scope.
After a scope is created, it must be activated before its addresses will be available to clients. If you specified options while creating the scope, you are prompted to activate it immediately. If not, you can right-click on a scope in the list and select Activate to make the scope active.
Before Windows 2000 clients can access a DHCP server, it must be authorized in Active Directory. This prevents unauthorized DHCP servers from gaining access to the network. To authorize servers, highlight the DHCP entry in the DHCP snap-in’s left pane and select Manage Authorized Servers from the Action menu. From this dialog you can authorize or unauthorize servers.
DHCP reservations are reserved IP addresses. This feature is useful for computers that must have consistent IP addresses, such as WINS servers. To add reservations, highlight the Reservations item within a scope and select New Reservation from the Add menu. The reservation requires the following options:
- Reservation name
A name for the reservation, to be displayed in the Reservations window.
- IP address
The IP address to be assigned to the client. This address must be part of the scope, must not be excluded, and must not be currently leased.
- MAC address
- Description
An optional description to be displayed in the Reservations window.
- Supported types
Specify whether DHCP, BootP, or both are allowed for this reservation. (BootP is typically used for diskless workstations.)
DHCP options allow the DHCP server to send clients additional information, such as router, DNS server, or WINS server addresses. Many options are available.
You can set options for a scope using the Scope Options entry in the scope, or you can set global options with the Server Options entry in the DHCP console. You can also set options for a reserved client. Right-click on any of these and choose Configure Options to set option values.
Highlight an option in this dialog, check its corresponding box, and set a value to use the option. Although you can set values for the full list of DHCP options and even define your own options, a limited set of options is recognized by Windows clients. These are described in Table 18-11.
Table 18-11. Common Numeric DHCP Options
|
Option Number |
Option Name |
Value type |
Description |
|---|---|---|---|
|
003 |
Router |
Array of IP addresses |
Preferred routers (gateways), in order of preference |
|
006 |
DNS Servers |
Array of IP addresses |
Available DNS servers, in order of preference |
|
044 |
WINS/NBNS Servers |
Array of IP addresses |
Available WINS servers, in order of preference |
|
046 |
WINS/NBT Node Type |
Byte |
WINS node type; see Section 18.6 |
|
047 |
NetBIOS Scope ID |
String |
Identifier for NetBIOS over TCP/IP |
DHCP requests do not normally pass through a router, unless it is specifically configured for DHCP (or BootP) forwarding. You can enable DHCP forwarding on a Windows 2000 computer as part of the IP routing configuration.
To add the DHCP relay service, choose Programs → Administrative Tools → Routing and Remote Access from the Start menu. Select the General item under IP Routing and then select New Routing Protocol from the Action menu. Choose DHCP Relay Agent from the list and click OK.
After the installation, a DHCP Relay Agent item will appear in the server tree. To enable the relay agent, highlight this entry, select New Interface from the Action menu, and add the Local Area Connection interface or the interface you wish to use. After an interface is added, you can modify its settings by selecting Properties from the Action menu. The following options are available:
- Relay DHCP packets
If this option is enabled, DHCP forwarding is enabled.
- Hop-count threshold
Specify the maximum number of hops a request can travel via relay agents.
- Boot threshold (seconds)
If a value is specified, the agent will not relay DHCP requests until the specified number of seconds. This allows the relay to act as a backup for a local DHCP server when it fails to respond in the allotted time.
Normally DNS cannot be used with computers that obtain IP addresses via DHCP, because their IP address may be different at each boot. Windows 2000’s DHCP service provides a way around this. The DHCP server can contact the DNS server and update its information using the dynamic DNS updates feature.
Windows 2000 clients can contact the DNS server directly to update their DNS records when their IP address changes. For older clients, the DHCP server can provide this feature. To enable this feature, select the Enable Updates for DNS Clients that Do Not Support Dynamic Update option in the DNS zone Properties dialog.