Chapter 18. Running DHCP Clients and Servers

In this chapter:

Understanding DHCP

Installing a DHCP Server

Configuring DHCP Servers

Managing DHCP Scopes

Managing the Address Pool, Leases, and Reservations

Backing Up and Restoring the DHCP Database

You can use Dynamic Host Configuration Protocol (DHCP) to simplify administration of Active Directory directory service domains, and in this chapter you’ll learn how to do that. You use DHCP to dynamically assign Transmission Control Protocol/Internet Protocol (TCP/IP) configuration information to network clients. This not only saves time during system configuration but also provides a centralized mechanism for updating the configuration. To enable DHCP on the network, you need to install and configure a DHCP server. This server is responsible for assigning the necessary network information.

Understanding DHCP

DHCP gives you centralized control over Internet Protocol (IP) addressing and more. If the network has a DHCP server, you can assign a dynamic IP address to any of the network interface cards (NICs) on a computer. Once DHCP is installed, you rely on the DHCP server to supply the basic information necessary for TCP/IP networking, which can include the following: IP address, subnet mask, and default gateway; primary and secondary Domain Name System (DNS) servers; primary and secondary Windows Internet Name Service (WINS) servers; and the DNS domain name.

Using Dynamic Addressing

A computer that uses dynamic addressing is called a DHCP client. When you boot a DHCP client, an IP address is retrieved from a pool of IP addresses defined for the network’s DHCP server and assigned for a specified time period known as a lease. When the lease is approximately 50 percent expired, the client tries to renew it. If the client can’t renew the lease, it’ll try again before the lease expires. If this attempt fails, the client will try to contact a new DHCP server. IP addresses that aren’t renewed are returned to the address pool. If the client is able to contact the DHCP server but the current IP address can’t be reassigned, the DHCP server assigns a new IP address to the client.

The availability of a DHCP server doesn’t affect startup or logon (in most cases). DHCP clients can start and users can log on to the local machine even if a DHCP server isn’t available.

During startup, the client looks for a DHCP server. If a DHCP server is available, the client gets its configuration information from the server. If a DHCP server isn’t available and the client’s previous lease is still valid, the client pings the default gateway listed in the lease. A successful ping tells the client that it’s probably on the same network it was on when it was issued the lease, and the client will continue to use the lease as described previously. A failed ping tells the client that it might be on a different network. In this case the client uses IP autoconfiguration. The client also uses IP autoconfiguration if a DHCP server isn’t available and the previous lease has expired.

IP autoconfiguration works like this:

  1. The client computer selects an IP address from the Microsoft-reserved class B subnet 169.254.0.0 and uses the subnet mask 255.255.0.0. Before using the IP address, the client performs an Address Resolution Protocol (ARP) test to make sure that no other client is using this IP address.

  2. If the IP address is in use, the client repeats Step 1, testing up to 10 IP addresses before reporting failure.

    Note

    When a client is disconnected from the network, the ARP test always succeeds. As a result, the client uses the first IP address it selects.

  3. If the IP address is available, the client configures the NIC with this address. The client then attempts to contact a DHCP server, sending out a broadcast every five minutes to the network. When the client successfully contacts a server, the client obtains a lease and reconfigures the network interface.

Checking IP Address Assignment

You can use Ipconfig to check the currently assigned IP address and other configuration information. To obtain information for all network adapters on the computer, type the command ipconfig /all at the command prompt. If the IP address has been assigned automatically, you’ll see an entry for Autoconfiguration IP Address. In this example, the autoconfiguration IP address is 169.254.98.59:

Windows IP Configuration
     Host Name .................: DELTA
     Primary DNS Suffix ........: microsoft.com
     Node Type .................: Hybrid
     IP Routing Enabled.........: No
     WINS Proxy Enabled.........: No
     DNS Suffix Search List.....: microsoft.com
Ethernet adapter Local Area Connection:
     Connection-specific DNS Suffix...:
     Description ................: NDC ND5300 PnP Ethernet Adapter
     Physical Address............: 23-17-C6-F8-FD-67
     DHCP Enabled................: Yes
     Autoconfiguration Enabled...: Yes
     Autoconfiguration IP Address: 169.254.98.59
     Subnet Mask ................: 255.255.0.0
     Default Gateway ............:
     DNS Servers ................:

Understanding Scopes

Scopes are pools of IP addresses that you can assign to clients through leases and reservations. A reservation differs from a lease in that an IP address is assigned to a particular computer until you remove the reservation. This allows you to set semipermanent addresses for a limited number of DHCP clients.

You’ll create scopes to specify IP address ranges that are available for DHCP clients. For example, you could assign the IP address range 192.168.12.2 – 192.168.12.250 to a scope called Enterprise Primary. Scopes can use public or private IP addresses on:

  • Class A networks. IP addresses from 1.0.0.0 to 126.255.255.255

  • Class B networks. IP addresses from 128.0.0.0 to 191.255.255.255

  • Class C networks. IP addresses from 192.0.0.0 to 223.255.255.255

  • Class D networks. IP addresses from 224.0.0.0 to 239.255.255.255

Note

The IP address 127.0.0.1 is used for local loopback.

A single DHCP server can manage multiple scopes. Three types of scopes are available:

  • Normal scopes. Used to assign IP address pools for class A, B, and C networks.

  • Multicast scopes. Used to assign IP address pools for class D networks. Computers use multicast IP addresses as secondary IP addresses in addition to a standard IP address assigned from a class A, B, or C network.

  • Superscopes. These are containers for other scopes and are used to simplify management of multiple scopes.

Tip

Although you can create scopes on multiple network segments, you’ll usually want these segments to be in the same network class, such as all class C IP addresses. Don’t forget that you must configure DHCP relays to relay DHCP broadcast requests between network segments. You can configure relay agents with the Routing and Remote Access Service (RRAS) and the DHCP Relay Agent Service. You can also configure some routers as relay agents.

Installing a DHCP Server

Dynamic IP addressing is available only if a DHCP server is installed on the network. You install the DHCP components through the Windows Components Wizard, and then you use the DHCP console to start and authorize the server in Active Directory. Only authorized DHCP servers can provide dynamic IP addresses to clients.

Installing DHCP Components

On a server running Microsoft Windows Server 2003, you complete the following steps to allow it to function as a DHCP server:

  1. Click Start, choose Programs or All Programs, Administrative Tools, and then select Configure Your Server Wizard.

  2. Click Next twice. The server’s current roles are shown. Select DHCP Server and then click Next.

  3. On the Summary Of Selections page, click Next to begin the installation.

  4. The wizard installs DHCP and begins configuring the server. When this task is finished, the wizard launches the New Scope Wizard. If you want to create the initial scope for the DHCP server, click Next and follow the steps outlined in the section of this chapter entitled "Creating and Managing Scopes." Otherwise, click Cancel and create the necessary DHCP scope(s) later.

  5. Click Finish. To use the server, you must authorize the server in the domain as described in the section of this chapter entitled "Authorizing a DHCP Server in Active Directory." Next, you must create and activate any DHCP scopes that the server will use, as discussed in section of this chapter entitled "Creating and Managing Scopes."

Starting and Using the DHCP Console

After you’ve installed a DHCP server, you use the DHCP console to configure and manage dynamic IP addressing. To start the DHCP console, click Start, choose Programs or All Programs, as appropriate, then Administrative Tools, and then click DHCP. The main window for the DHCP console is shown in Figure 18-1. As you see, the main window is divided into two panes. The left pane lists the DHCP servers in the domain by IP address as well as the local machine (if it’s a DHCP server). You can expand the listing to show the scopes and options defined for each DHCP server by double-clicking an entry. The right pane shows the expanded view of the current selection.

Use the DHCP console to create and manage DHCP server configurations.

Figure 18-1. Use the DHCP console to create and manage DHCP server configurations.

Icons on the server and scope nodes show their current status. For servers, icons you might see are the following:

  • A green up arrow indicates that the DHCP service is running and the server is active.

  • A red X indicates that the console can’t connect to the server. The DHCP service has been stopped or the server is inaccessible.

  • A red down arrow indicates that the DHCP server hasn’t been authorized.

  • A blue warning icon indicates that the server’s state has changed or a warning has been issued.

For scopes, icons you might see are the following:

  • A red down arrow indicates that the scope hasn’t been activated.

  • A blue warning icon indicates that the scope’s state has changed or a warning has been issued.

Connecting to Remote DHCP Servers

When you start the DHCP console, you’ll be connected directly to a local DHCP server but you won’t see entries for remote DHCP servers. You can connect to remote servers by completing the following steps:

  1. Right-click DHCP in the console tree, and then select Add Server. This opens the dialog box shown in Figure 18-2.

    If your DHCP server isn’t listed, you’ll need to use the Add Server dialog box to add it to the DHCP console.

    Figure 18-2. If your DHCP server isn’t listed, you’ll need to use the Add Server dialog box to add it to the DHCP console.

  2. Select This Server, and then type the IP address or computer name of the DHCP server you want to manage. If you want to manage authorized DHCP servers only, select This Authorized DHCP Server, and then click the server you want to add. Keep in mind that you can manage only DHCP servers in trusted domains.

  3. Click OK. An entry for the DHCP server is added to the console tree.

Note

You can also manage local and remote DHCP servers through Computer Management. Start Computer Management, and then connect to the server you want to manage. Afterward, expand Services And Applications, and then select DHCP.

Tip

When you work with remote servers, you might find that you can’t select certain options. A simple refresh of the server information might resolve this. Right-click the server node and then select Refresh.

Starting and Stopping a DHCP Server

You manage DHCP servers through the DHCP Server service. Like any other service, you can start, stop, pause, and resume the DHCP Server service in the Services node of Computer Management or from the command line. You can also manage the DHCP service in the DHCP console. Right-click the server you want to manage in the DHCP console, choose All Tasks, and then select Start, Stop, Pause, Resume, or Restart, as appropriate.

Note

To start and stop a DHCP server using Computer Management, expand DHCP, right-click the server, choose All Tasks, and then select Start, Stop, Pause, Resume, or Restart, as appropriate.

Authorizing a DHCP Server in Active Directory

Before you can use a DHCP server in the domain, you must authorize it in Active Directory. By authorizing the server, you specify that the server is authorized to provide dynamic IP addressing in the domain. Windows Server 2003 requires authorization to prevent unauthorized DHCP servers from serving domain clients. This in turn ensures that network operations can run smoothly.

In the DHCP console, you authorize a DHCP server by right-clicking the server entry in the tree view and then selecting Authorize. To remove the authorization, right-click the server and then select Unauthorize.

Note

To authorize a DHCP server using Computer Management, expand DHCP, right-click the server, and then select Authorize. The authorization process can take several minutes, so be patient. Press F5 to refresh the view. When the DHCP server is authorized, the scope status should change to active and you should see a green up arrow in the console tree. To remove the authorization, expand DHCP, right-click the server, and then select Unauthorize.

Tip

You might need to log on or remotely connect to a domain controller in order to authorize the DHCP server in Active Directory. Once you access the domain controller, start the DHCP console, and connect to the server you want to authorize. Afterward, right-click the server and then select Authorize.

Configuring DHCP Servers

When you install a new DHCP server, configuration options are automatically optimized for the network environment. You don’t normally need to change these settings unless you have performance problems that you need to resolve or you have options that you’d like to add or remove. With DHCP server, you change configuration options through the Properties dialog box shown in Figure 18-3. In the DHCP console, you access this dialog box by right-clicking the server in the console tree and then selecting Properties. To configure DHCP servers using Computer Management, expand DHCP, right-click the server, and then select Properties.

You can control statistics, auditing, DNS integration, and other options through the DHCP server Properties dialog box.

Figure 18-3. You can control statistics, auditing, DNS integration, and other options through the DHCP server Properties dialog box.

Binding a DHCP Server with Multiple Network Interface Cards to a Specific IP Address

A server with multiple NICs has multiple local area network (LANs) connections and can provide DHCP services on any of these network connections. Unfortunately, you might not want DHCP to be served over all available connections. For example, if the server has both a 10 megabit per second (Mbps) connection and a 100 Mbps connection, you might want all DHCP traffic to go over the 100 Mbps connection.

To bind DHCP to a specific network connection, follow these steps:

  1. Start the DHCP console. Click Start, choose Programs or All Programs as appropriate, choose Administrative Tools, and then select DHCP.

  2. In the DHCP console, right-click the server with which you want to work and then select Properties.

  3. In the Advanced tab of the Properties dialog box, click Bindings.

  4. The Bindings dialog box displays a list of available network connections for the DHCP server. If you want the DHCP Server service to use a connection to service clients, select the check box for the connection. If you don’t want the service to use a connection, clear the related check box. Click OK when you’re finished.

Updating DHCP Statistics

The DHCP console provides statistics concerning IP address availability and usage. By default, these statistics are updated only when you start the DHCP console or when you select the server and then click the Refresh button on the toolbar. If you monitor DHCP routinely, you might want these statistics to update automatically. To do that, follow these steps:

  1. In the DHCP console, right-click the server with which you want to work and then select Properties.

  2. In the General tab, select Automatically Update Statistics Every and then enter an update interval in hours and minutes. Click OK.

DHCP Auditing and Troubleshooting

Windows Server 2003 is configured to audit DHCP processes by default. Auditing tracks DHCP processes and requests in log files.

Understanding DHCP Auditing

You can use audit logs to help you troubleshoot problems with a DHCP server. The default location for DHCP logs is %SystemRoot%system32DHCP. In this directory, you’ll find a different log file for each day of the week. The log file for Monday is named DhcpSrvLog-Mon.log. The log file for Tuesday is named DhcpSrvLog-Tue.log, and so on.

When you start the DHCP server or a new day arrives, a header message is written to the log file. This header provides a summary of DHCP events and their meanings. Stopping and starting the DHCP Server service doesn’t necessarily clear out a log file. Log data is cleared only when a log hasn’t been written to in the last 24 hours. You don’t have to monitor space usage by DHCP Server. DHCP Server is configured to monitor itself and restricts disk space usage by default.

Enabling or Disabling DHCP Auditing

You can enable or disable DHCP auditing by completing the following steps:

  1. In the DHCP console, right-click the server you want to work with and then select Properties.

  2. In the General tab, select or clear the Enable DHCP Audit Logging check box. Click OK.

Changing the Location of DHCP Auditing Logs

By default, DHCP logs are stored in %SystemRoot%system32DHCP. You can change the location of DHCP logs by completing the following steps:

  1. In the DHCP console, right-click the server with which you want to work with, and then select Properties.

  2. Click the Advanced tab. The Audit Log File Path field shows the current folder location for log files. Enter a new folder location or click Browse to find a new location.

  3. Click OK. Windows Server 2003 will need to restart the DHCP Server service. When prompted to confirm that this is OK, click Yes. The service will be stopped and then started.

Changing the Log Usage

DHCP Server has a self-monitoring system that checks disk space usage. By default, the maximum size of all DHCP server logs is 70 MB, with each individual log being limited to one-seventh of this space. If the server reaches the 70 MB limit or an individual log grows beyond the allocated space, logging of DHCP activity stops until log files are cleared out or space is otherwise made available. Normally, this happens when a new day is reached and the server clears out the previous week’s log file.

Registry keys that control the log usage and other DHCP settings are located in the folder HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDHCPServerParameters.

The following keys control the logging:

  • DhcpLogFilesMaxSize. Sets the maximum file size for all logs. The default is 70 MB.

  • DhcpLogDiskSpaceCheckInterval. Determines how often DHCP checks disk space usage. The default interval is 50 minutes.

  • DhcpLogMinSpaceOnDisk. Sets the free space threshold for writing to the log. If the disk has less free space than the value specified, logging is temporarily disabled. The default value is 20 MB.

Only DhcpLogFilesMaxSize is created automatically. So, if you want to control logging, you’ll need to create additional keys as necessary and set appropriate values for your network.

Integrating DHCP and DNS

DNS is used to resolve computer names in Active Directory domains and on the Internet. Thanks to the DNS dynamic update protocol, you don’t need to register DHCP clients in DNS manually. The protocol allows either the client or the DHCP server to register the necessary forward lookup and reverse lookup records in DNS, as necessary. When configured using the default setup for DHCP, Windows Server 2003 DHCP clients automatically update their own DNS records after receiving an IP address lease, and DHCP server updates records for pre-Windows Server 2003 clients after issuing a lease.

Tip

Microsoft Windows NT 4.0 DNS servers don’t support the dynamic update protocol, and records aren’t updated automatically. One workaround is to enable WINS lookup for DHCP clients that use NetBIOS. This allows the client to find other computers through WINS. A better long-term solution is to upgrade older DNS servers to Windows Server 2003.

You can view and change the DNS integration settings by completing the following steps:

  1. In the DHCP console, right-click the server with which you want to work and then select Properties.

  2. Click the DNS tab. Figure 18-4 shows the default DNS integration settings for DHCP. Because these settings are configured by default, you usually don’t need to modify the configuration.

The DNS tab shows the default settings for DNS integration with DHCP.

Figure 18-4. The DNS tab shows the default settings for DNS integration with DHCP.

Avoiding IP Address Conflicts

IP address conflicts are a common cause of problems with DHCP. No two computers on the network can have the same unicast IP address. If a computer is assigned the same unicast IP address as another, one or both of the computers might become disconnected from the network. To better detect and avoid potential conflicts, you might want to enable IP address conflict detection by completing the following steps:

  1. In the DHCP console, right-click the server with which you want to work, and then select Properties.

  2. In the Advanced tab, set Conflict Detection Attempts to a value other than zero. The value you enter determines the number of times DHCP server checks an IP address before leasing it to a client. DHCP server checks IP addresses by sending a ping request over the network.

Real World

A unicast IP address is a standard IP address for class A, B, and C networks. When a DHCP client requests a lease, a DHCP server checks its pool of available addresses and assigns the client a lease on an available IP address. By default, the server checks only the list of current leases to determine if an address is available. It doesn’t actually query the network to see if an address is in use. Unfortunately, in a busy network environment, an administrator might have assigned this IP address to another computer or an offline computer might have been brought online with a lease that it believes hasn’t expired, even though the DHCP server believes the lease has expired. Either way, you have an address conflict that will cause problems on the network. To reduce these types of conflicts, set the conflict detection to a value greater than zero.

Saving and Restoring the DHCP Configuration

After you configure all the necessary DHCP settings, you might want to save the DHCP configuration so that you can restore it on the DHCP server. To save the configuration, enter the following command at the command prompt:

netsh dump dchp >dhcpconfig.dmp

In this example, dhcpconfig.dmp is the name of the configuration script you want to create. Once you create this script, you can restore the configuration by entering the following command at the command prompt:

netsh exec dhcpconfig.dmp

Tip

You can also use this technique to set up another DHCP server with the same configuration. Simply copy the configuration script to a folder on the destination computer and then execute it.

Managing DHCP Scopes

After you install a DHCP server, you need to configure the scopes that the DHCP server will use. Scopes are pools of IP addresses that you can lease to clients. As explained earlier in this chapter in the section entitled "Understanding Scopes," you can create three types of scopes: superscopes, normal scopes, and multicast scopes.

Creating and Managing Superscopes

A superscope is a container for scopes in much the same way that an organizational unit is a container for Active Directory objects. Superscopes help you manage scopes available on the network. With a superscope you can activate or deactivate multiple scopes through a single action. You can also view statistics for all scopes in the superscope rather than having to check statistics for each scope.

Creating Superscopes

After you’ve created at least one normal or multicast scope, you can create a superscope by completing the following steps:

  1. In the DHCP console, right-click the server with which you want to work and then select New Superscope. This starts the New Superscope Wizard. Click Next.

  2. Type a name for the superscope and then click Next.

  3. Select scopes to add to the superscope. Select individual scopes by clicking their entry in the Available Scopes list box. Select multiple scopes by clicking while holding down Shift or Ctrl.

  4. Click Next and then click Finish.

Adding Scopes to a Superscope

You can add scopes to a superscope when you create it or you can do it later. To add a scope to an existing superscope, follow these steps:

  1. Right-click the scope you want to add to an existing superscope and then select Add To Superscope.

  2. In the Add Scope ... To A Superscope dialog box, select a superscope.

  3. Click OK. The scope is then added to the superscope.

Removing Scopes from a Superscope

To remove a scope from a superscope, follow these steps:

  1. Right-click the scope you want to remove from a superscope and then select Remove From Superscope.

  2. Confirm the action by clicking Yes when prompted. If this is the last scope in the superscope, the superscope is deleted automatically.

Activating and Deactivating a Superscope

When you activate or deactivate a superscope, you make all the scopes within the superscope active or inactive. To activate a superscope, right-click the superscope and then select Activate. To deactivate a superscope, right-click the superscope and then select Deactivate.

Deleting a Superscope

Deleting a superscope removes the superscope container but doesn’t delete the scopes it contains. If you want to delete the member scopes, you’ll need to do this after deleting the superscope. To delete a superscope, right-click the superscope and then select Delete. When prompted, click Yes to confirm the action.

Creating and Managing Scopes

Scopes provide a pool of IP addresses for DHCP clients. A normal scope is a scope with class A, B, or C network addresses. A multicast scope is a scope with class D network addresses. Although you create normal scopes and multicast scopes differently, you manage them in much the same way. The key differences are that multicast scopes can’t use reservations and you can’t set additional options for WINS, DNS, routing, and so forth.

Creating Normal Scopes

You can create a normal scope by completing the following steps:

  1. In the DHCP console, right-click the server on which you want to create the scope. If you want to add the new scope to an existing superscope automatically, right-click the superscope instead.

  2. From the shortcut menu, select New Scope. This starts the New Scope Wizard. Click Next.

  3. Type a name and description for the scope, and then click Next.

  4. The Start IP Address and End IP Address fields define the valid IP address range for the scope. Enter a start address and an end address in these fields.

    Note

    Generally, the scope doesn’t include the x.x.x.0 and x.x.x.255 addresses, which are usually reserved for network addresses and broadcast messages, respectively. Accordingly, you would use a range of 192.168.10.1 to 192.168.10.254 rather than 192.168.10.0 to 192.168.10.255.

  5. When you enter an IP address range, the bit length and subnet mask are filled in for you automatically (see Figure 18-5). Unless you use subnets, you should use the default values.

    In the New Scope Wizard, enter the IP address range for the scope.

    Figure 18-5. In the New Scope Wizard, enter the IP address range for the scope.

  6. Click Next. If the IP address range you entered is on multiple networks, you’ll have the opportunity to create a superscope that contains separate scopes for each network. Select the Yes option button to continue and then click Next. If you made a mistake, click Back and modify the IP address range you entered.

  7. Use the Start IP Address and End IP Address fields on the Add Exclusions page to define IP address ranges that are to be excluded from the scope. You can exclude multiple address ranges as follows:

    1. To define an exclusion range, type a start address and an end address in the Exclusion Range’s Start IP Address and End IP Address fields, respectively, and then click Add. To exclude a single IP address, use that address as both the start IP address and the end IP address.

    2. To track which address ranges are excluded, use the Excluded Address Range list box.

    3. To delete an exclusion range, select the range in the Excluded Address Range list box and click Remove.

  8. Click Next. Specify the duration of leases for the scope using the Day(s), Hour(s), and Minute(s) fields. The default duration is eight days.

    Best Practices

    Take a few minutes to plan the lease duration you want to use. A lease duration that’s set too long can reduce the effectiveness of DHCP and might eventually cause you to run out of available IP addresses, especially on networks with mobile users or other types of computers that aren’t fixed members of the network. A good lease duration for most networks is from one to three days.

  9. You have the opportunity to set common DHCP options for DNS, WINS, gateways, and more. If you want to set these options now, select Yes, I Want To Configure These Options Now. Otherwise, select No, I Will Configure These Options Later and skip Steps 10–14.

  10. Click Next. The first option you can configure is the default gateway. In the IP Address field, enter the IP address of the primary default gateway. Click Add. Repeat this process for other default gateways.

  11. The first gateway listed is the one clients try to use first. If the gateway isn’t available, clients try to use the next gateway, and so on. Use the Up and Down buttons to change the order of the gateways, as necessary.

  12. Click Next, and then, as shown in Figure 18-6, configure default DNS settings for DHCP clients. Enter the name of the parent domain to use for DNS resolution of computer names that aren’t fully qualified.

    Use the Domain Name And DNS Servers page to configure default DNS settings for DHCP clients.

    Figure 18-6. Use the Domain Name And DNS Servers page to configure default DNS settings for DHCP clients.

  13. In the IP Address field, enter the IP address of the primary DNS. Click Add. Repeat this process to specify additional DNS servers. Again, the order of the entries determines which IP address is used first. Change the order as necessary using the Up and Down buttons. Click Next.

    Tip

    If you know the name of a server instead of its IP address, enter the name in the Server Name field and then click Resolve. The IP address is then entered in the IP Address field, if possible. Add the server by clicking Add.

  14. Configure default WINS settings for the DHCP clients. The techniques you use are the same as those previously described. Click Next.

  15. If you want to activate the scope, select Yes, I Want To Activate This Scope Now and then click Next. Otherwise, select No, I Will Activate This Scope Later and then click Next.

  16. Complete the process by clicking Finish.

Creating Multicast Scopes

To create a multicast scope, follow these steps:

  1. In the DHCP console, right-click the server on which you want to create the scope. If you want to add the new scope to an existing superscope, right-click the superscope instead.

  2. From the shortcut menu, select New Multicast Scope. This starts the New Multicast Scope Wizard. Click Next.

  3. Enter a name and description for the scope and then click Next.

  4. The Start IP Address and End IP Address fields define the valid IP address range for the scope. Enter a start address and an end address in these fields. Multicast scopes must be defined using Class D IP addresses. This means the valid IP address range is 224.0.0.0 to 239.255.255.255.

  5. Messages sent by computers using multicast IP addresses have a specific Time to Live (TTL) value. The TTL value specifies the maximum number of routers the message can go through. The default value is 32, which is sufficient on most networks. If you have a large network, you might need to increase this value to reflect the actual number of routers that might be used.

  6. Click Next. If you made a mistake, click Back and modify the IP address range you entered.

  7. Use the Exclusion Range fields to define IP address ranges that are to be excluded from the scope. You can exclude multiple address ranges. To define an exclusion range, enter a start address and an end address in the Exclusion Range’s Start IP Address and End IP Address fields, respectively, and then click Add.

    1. To track which address ranges are excluded, use the Excluded Addresses list box.

    2. To delete an exclusion range, select the range in the Excluded Addresses list box and then click Remove.

  8. Click Next. Specify the duration of leases for the scope using the Day(s), Hour(s), and Minute(s) fields. The default duration is 30 days. Click Next.

    Tip

    If you haven’t worked a lot with multicast, you shouldn’t change the default value. Multicast leases aren’t used in the same way as normal leases. Multiple computers can use a multicast IP address, and all of these computers can have a lease on the IP address. A good multicast lease duration for most networks is from 30 to 60 days.

  9. If you want to activate the scope, select Yes and then click Next. Otherwise, select No and then click Next. Complete the process by clicking Finish.

Setting Scope Options

Scope options allow you to precisely control a scope’s functioning and to set default TCP/IP settings for clients that use the scope. For example, you can use scope options to enable clients to automatically find DNS servers on the network. You can also define settings for default gateways, WINS, and more. Scope options only apply to normal scopes, not to multicast scopes.

You can set scope options in any of the following ways:

  • Globally, for all scopes, by setting default server options

  • On a per scope basis, by setting scope options

  • On a per client basis, by setting reservation options

  • On a client class basis, by configuring user-specific or vendor-specific classes

Scope options use a hierarchy to determine when certain options apply. This hierarchy’s order is as shown in the previous list. Basically, this means that:

  • Per scope options override global options.

  • Per client options override per scope and global options.

  • Client class options override all other options.

Viewing and Assigning Server Options

Server options are applied to all scopes configured on a particular DHCP server. You can view and assign server options by completing the following steps:

  1. Start the DHCP console, and then double-click the server with which you want to work to expand its folder in the tree view.

  2. To view current settings, select Server Options. Currently configured options are displayed in the right pane.

  3. To assign new settings, right-click Server Options and then select Configure Options. This opens the Server Options dialog box. Under Available Options, select the check box for the first option you want to configure. Then, with the option selected, enter any required information in the fields of the Data Entry panel. Repeat this step to configure other options. Click OK to save your changes.

Viewing and Assigning Scope Options

Scope options are specific to an individual scope and override the default server options. You can view and assign scope options by completing the following steps:

  1. Expand the entry for the scope you want to work with in the DHCP console.

  2. To view current settings, select Scope Options. Currently configured options are displayed in the right pane.

  3. To assign new settings, right-click Scope Options and then select Configure Options. This opens the Scope Options dialog box. Under Available Options, select the check box for the first option you want to configure. Then, with the option selected, enter any required information in the fields of the Data Entry panel, as shown in Figure 18-7. Repeat this step to configure other options. Click OK.

Each scope option has different settings. Use the Scope Options dialog box to select the option you want to configure and then enter the required information using the fields of the Data Entry panel.

Figure 18-7. Each scope option has different settings. Use the Scope Options dialog box to select the option you want to configure and then enter the required information using the fields of the Data Entry panel.

Viewing and Assigning Reservation Options. You can assign reservation options to a client that has a reserved IP address. These options are specific to an individual client and override server-specific and scope-specific options. To view and assign reservation options, complete the following steps:

  1. Expand the entry for the scope with which you want to work in the DHCP console.

  2. Double-click the Reservations folder for the scope.

  3. To view current settings, click the reservation you want to examine. Currently configured options are displayed in the right pane.

  4. To assign new settings, right-click the reservation and then select Configure Options. This opens the Reservation Options dialog box. Under Available Options, select the check box for the first option you want to configure. Then, with the option selected, enter any required information in the fields of the Data Entry panel. Repeat this step to configure other options.

Modifying Scopes

You can modify an existing scope by doing the following:

  1. Start the DHCP console and then double-click the entry for the DHCP server you want to configure. This should display the currently configured scopes for the server.

  2. Right-click the scope you want to modify and then choose Properties.

  3. When you modify normal scopes, you have the option of setting an unlimited lease expiration time. If you do, you create permanent leases that reduce the effectiveness of pooling IP addresses with DHCP. Permanent leases aren’t released unless you physically release them or deactivate the scope. As a result, you might eventually run out of addresses, especially as your network grows. A better alternative to unlimited leases is to use address reservations–and then only for specific clients that need fixed IP addresses.

  4. When you modify multicast scopes, you have the option of setting a lifetime for the scope. The scope lifetime determines the amount of time the scope is valid. By default, multicast scopes are valid as long as they’re activated. To change this setting, click the Lifetime tab, select Multicast Scope Expires On, and then set an expiration date.

  5. Finish modifying the scope as necessary, and then close the Scope Properties dialog box by clicking OK. The changes are saved in the DHCP console.

Activating and Deactivating Scopes

In the DHCP console, inactive scopes are displayed with an icon showing a red arrow pointing down. Active scopes display a normal folder icon.

Activating a Scope. You can activate an inactive scope by right-clicking it in the DHCP console and then selecting Activate.

Deactivating a Scope. You can deactivate an active scope by right-clicking it in the DHCP console and then selecting Deactivate.

Tip

Deactivating turns off a scope but doesn’t terminate current client leases. If you want to terminate leases, follow the instructions in the section of this chapter entitled "Releasing Addresses and Leases."

Enabling the Bootstrap Protocol

Bootstrap Protocol (BOOTP) is a dynamic IP addressing protocol that predates DHCP. Normal scopes don’t support BOOTP. To enable a scope to support BOOTP, follow these steps:

  1. Right-click the scope you want to modify, and then choose Properties.

  2. In the Advanced tab, click Both to support DHCP and BOOTP clients.

  3. As necessary, set a lease duration for BOOTP clients, and then click OK.

Removing a Scope

Removing a scope permanently deletes the scope from the DHCP server. To remove a scope, follow these steps:

  1. Right-click the scope you want to remove in the DHCP console and then choose Delete.

  2. When prompted to confirm that you want to delete the scope, click Yes.

Configuring Multiple Scopes on a Network

You can configure multiple scopes on a single network. A single DHCP server or multiple DHCP servers can serve these scopes. However, anytime you work with multiple scopes, it’s extremely important that the address ranges used by different scopes don’t overlap. Each scope must have its own unique address range. If it doesn’t, the same IP address might be assigned to different DHCP clients, which can cause severe problems on the network.

To understand how you can use multiple scopes, consider the following scenario, in which each server has its respective DHCP scope IP address ranges on the same subnet.

 

DHCP Scope IP Address Range

Server A

192.168.10.1 to 192.168.10.99

Server B

192.168.10.100 to 192.168.10.199

Server C

192.168.10.200 to 192.168.10.254

Each of these servers will respond to DHCP discovery messages, and any of them can assign IP addresses to clients. If one of the servers fails, the other servers can continue to provide DHCP services to the network.

Managing the Address Pool, Leases, and Reservations

Scopes have separate folders for address pools, leases, and reservations. By accessing these folders, you can view current statistics for the related data and manage existing entries.

Viewing Scope Statistics

Scope statistics provide summary information on the address pool for the current scope or superscope. To view statistics, right-click the scope or superscope and then select Display Statistics.

The primary fields of this dialog box are used as follows:

  • Total Scopes. Shows the number of scopes in a superscope.

  • Total Addresses. Shows the total number of IP addresses assigned to the scope.

  • In UseShows the total number of addresses being used, as a numerical value and as a percentage of the total available addresses. If the total reaches 85 percent or more, you might want to consider assigning additional addresses or freeing up addresses for use.

  • Available. Shows the total number of addresses available for use, as a numerical value and as a percentage of the total available addresses.

Setting a New Exclusion Range

You can exclude IP addresses from a scope by defining an exclusion range. Scopes can have multiple exclusion ranges. To define an exclusion range, follow these steps:

  1. In the DHCP console, expand the scope you want to work with, and then right-click the Address Pool folder. On the shortcut menu, select New Exclusion Range.

  2. Enter a start address and an end address in the Exclusion Range’s Start IP Address and End IP Address fields, respectively, and then click Add. The range specified must be a subset of the range set for the current scope and must not be currently in use. Repeat this step to add other exclusion ranges. Click Close when you’re finished.

Deleting an Exclusion Range

If you don’t need an exclusion any more, you can delete it. Right-click the exclusion, select Delete, and then click Yes in response to the confirmation message.

Reserving DHCP Addresses

DHCP provides several ways to assign permanent addresses to clients. One way is to use the Unlimited setting in the Scope dialog box to assign permanent addresses to all clients that use the scope. Another way is to reserve DHCP addresses on a per client basis. When you reserve a DHCP address, the DHCP server always assigns the client the same IP address, and you can do so without sacrificing the centralized management features that make DHCP so attractive.

To reserve a DHCP address for a client, follow these steps:

  1. In the DHCP console, expand the scope with which you want to work and then right-click the Reservations folder. On the shortcut menu, select New Reservation. This opens the dialog box shown in Figure 18-8.

    Use the New Reservation dialog box to reserve an IP address for a client.

    Figure 18-8. Use the New Reservation dialog box to reserve an IP address for a client.

  2. In the Reservation Name field, type a short but descriptive name for the reservation. This field is used only for identification purposes.

  3. In the IP Address field, enter the IP address you want to reserve for the client.

    Note

    Note that this IP address must be within the valid range of addresses for the currently selected scope.

  4. The MAC Address field specifies the Media Access Control (MAC) address for the client computer’s NIC. You can obtain the MAC address by typing the command ipconfig /all at the command prompt on the client computer. The Physical Address entry shows the client’s MAC address. You must type this value exactly for the address reservation to work.

  5. Enter an optional comment in the Description field if you like.

  6. By default, both DHCP and BOOTP clients are supported. This option is fine, and you need to change it only if you want to exclude a particular type of client.

  7. Click Add to create the address reservation.

Releasing Addresses and Leases

When you work with reserved addresses, you should heed a couple of caveats:

  • Reserved addresses aren’t automatically reassigned. So, if the address is already in use, you’ll need to release the address to ensure that the appropriate client can obtain it. You can force a client to release an address by terminating the client’s lease or by logging on to the client and typing the command ipconfig /release at the command prompt.

  • Clients don’t automatically switch to the reserved address. So, if the client is already using a different IP address, you’ll need to force the client to release the current lease and request a new one. You can do this by terminating the client’s lease or by logging on to the client and typing the command ipconfig /renew at the command prompt.

Modifying Reservation Properties

You can modify the properties of reservations by doing the following:

  1. In the DHCP console, expand the scope with which you want to work and then click the Reservations folder.

  2. Right-click a reservation, and then select Properties. You can now modify the reservation properties. You can’t modify fields that are shaded, but you can modify other fields. These fields are the same fields described in the previous section.

Deleting Leases and Reservations

You can delete active leases and reservations by completing the following steps:

  1. In the DHCP console, expand the scope with which you want to work, and then click the Address Leases or Reservations folder, as appropriate.

  2. Right-click the lease or reservation you want to delete and then choose Delete.

  3. Confirm the deletion by clicking Yes.

  4. The lease or reservation is now removed from DHCP. However, the client isn’t forced to release the IP address. To force the client to release the IP address, log on to the client that holds the lease or reservation and type the command ipconfig /release at the command prompt.

Backing Up and Restoring the DHCP Database

DHCP servers store DHCP lease and reservation information in database files. By default, these files are stored in the %SystemRoot%System32dhcp directory. The key files in this directory are used as follows:

  • Dhcp.mdb. Primary database file for the DHCP server

  • J50.log. Transaction log file used to recover incomplete transactions in case of a server malfunction

  • J50.chk. Checkpoint file used in truncating the transaction log for the DHCP server

  • Res1.log. Reserved log file for the DHCP server

  • Res2.log. Reserved log file for the DHCP server

  • Tmp.edb. Temporary working file for the DHCP server

Backing Up the DHCP Database

The backup directory in the %SystemRoot%System32dhcp folder contains backup information for the DHCP configuration and the DHCP database. By default, the DHCP database is backed up every 60 minutes automatically. To manually back up the DHCP database at any time, follow these steps:

  1. In the DHCP console, right-click the server you want to back up and then choose Backup.

  2. In the Browse For Folder dialog box, select the folder that will contain the backup DHCP database and then click OK.

Registry keys that control the location and timing of DHCP backups, as well as other DHCP settings, are located in the folder:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDHCPServerParameters

The following keys control the DHCP database and backup configuration:

  • BackupDatabasePath. Sets the location of the DHCP database. You should set this option through the DHCP Properties dialog box. Click the Advanced tab and then set the Database Path field as appropriate.

  • DatabaseName. Sets the name of the primary DHCP database file. The default value is DHCP.mdb.

  • BackupInterval. Sets the backup interval in minutes. The default value is 60 minutes.

  • DatabaseCleanupInterval. Sets the interval for cleaning entries in the database. The default value is 60 minutes.

Restoring the DHCP Database from Backup

In the case of a server crash and recovery, you might need to restore and then reconcile the DHCP database. To force DHCP to restore the database from backup, follow these steps:

  1. If necessary, restore a good copy of the %SystemRoot%System32 dhcpackup directory from a tape or other archive source. Afterward, start the DHCP console, right-click the server you want to restore, and then choose Restore.

  2. In the Browse For Folder dialog box, select the folder that contains the backup you want to restore and then click OK.

  3. During restoration of the database, the DHCP Server service is stopped. As a result, DHCP clients will temporarily be unable to contact the DHCP server to obtain IP addresses.

Using Backup and Restore to Move the DHCP Database to a New Server

If you need to rebuild a server providing DHCP services you might want to move the DHCP services to another server prior to rebuilding the server. To do this, you need to perform several tasks on the source and destination servers. On the destination server, do the following:

  1. Install the DHCP Server service on the destination server and then restart the server.

  2. Stop the DHCP service in the Services utility.

  3. Delete the contents of the %SystemRoot%System32dhcp folder.

On the source server, do the following:

  1. Stop the DHCP service in the Services utility.

  2. After the DHCP service is stopped, disable the service so that it can no longer be started.

  3. Copy the entire contents of the %SystemRoot%System32dhcp folder to the %SystemRoot%System32dhcp folder on the destination server.

Now all the necessary files are on the destination server. Start the DHCP Server service on the destination server to complete the migration.

Repairing the DHCP Database

Sometimes DHCP databases can become corrupt. When this happens, you’ll see error messages in the System event log. These error messages have DHCPServer as the source and reference JET database errors, such as:

The JET database returned the following Error: -510.

To use the Jetpack.exe utility to detect and repair the database consistency problems, complete the following steps:

  1. Start a command prompt by clicking Start, choosing Programs or All Programs as appropriate, choosing Accessories, and then selecting Command Prompt.

  2. Stop the DHCP Server service by entering net stop dhcpserver at the command prompt.

  3. Afterward, change to the DHCP database directory. By default, this is %SystemRoot%System32dhcp.

  4. Type the following command:

    jetpack dhcp.mdb dhcptemp.mdb

    where dhcp.mdb is the name of the DHCP database and dhcptemp.mdb is the name of a temporary file that the Jetpack utility can use.

  5. The Jetpack utility will do the following:

    1. Examine the database for inconsistencies and other problems.

    2. Fix any consistency errors, writing all changes to the temporary database file.

    3. Compact the database, writing all changes to the temporary database file.

    4. Overwrite the original database file with the temporary file, completing the operation.

  6. On successful completion, restart the DHCP Server service by typing net start dhcpserver. If the Jetpack utility fails to repair the database, you’ll need to restore the database from backup or force the DHCP Server service to recreate the database.

Forcing the DHCP Server Service to Regenerate the DHCP Database

If the DHCP database becomes corrupt, you might be unable to repair the database using the Jetpack.exe program. If this happens, you should attempt to restore the database as described in the section of this chapter entitled "Restoring the DHCP Database from Backup." If this fails or you’d rather start with a fresh copy of the DHCP database, complete these steps:

  1. Stop the DHCP Server service in the Services utility.

  2. Delete the contents of the %SystemRoot%System32dhcp folder. If you want to force a complete regeneration of the database and not allow the server to restore from a previous backup, you should also delete the contents of the backup folder.

    Caution

    Don’t delete DHCP files if the DHCPServer registry keys aren’t intact. These keys must be available to restore the DHCP database.

  3. Restart the DHCP Server service.

  4. No active leases or other information for scopes are displayed in the DHCP console. To regain the active leases for each scope, you must reconcile the server scopes as discussed in the following section of this chapter, "Reconciling Leases and Reservations."

  5. To prevent conflicts with previously assigned leases, you should enable address conflict detection for the next few days, as discussed in the section of this chapter entitled "Avoiding IP Address Conflicts."

Reconciling Leases and Reservations

Reconciling checks the client leases and reservations against the DHCP database on the server. If inconsistencies are found between what is registered in the Windows registry and what is recorded in the DHCP server database, you can select and reconcile any inconsistent entries. Once reconciled, DHCP either restores the IP address to the original owner or creates a temporary reservation for the IP address. When the lease time expires, the address is recovered for future use.

You can reconcile scopes individually or you can reconcile all scopes on a server. To reconcile a scope individually, follow these steps:

  1. In the DHCP console, right-click the scope with which you want to work and then choose Reconcile All Scopes.

  2. In the Reconcile All Scopes dialog box, click Verify.

  3. Inconsistencies found are reported in the status window. Select the displayed addresses and then click Reconcile to repair inconsistencies.

  4. If no inconsistencies are found, click OK.

To reconcile all scopes on a server, follow these steps:

  1. In the DHCP console, right-click the server entry and then choose Reconcile All Scopes.

  2. In the Reconcile All Scopes dialog box, click Verify.

  3. Inconsistencies found are reported in the status window. Select the displayed addresses and then click Reconcile to repair inconsistencies.

  4. If no inconsistencies are found, click OK.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.224.60.220