Module 4: Configuring

and Troubleshooting
DHCP
Module 4: Configuring and Troubleshooting DHCP
• Overview of the DHCP Server Role

• Configuring DHCP Scopes and Options

• Managing a DHCP Database

• Monitoring and Troubleshooting DHCP

• Securing DHCP
Lesson 1: Overview of the DHCP Server Role
• Benefits of Using DHCP

• New DHCP Features in Windows Server 2008

• How DHCP Allocates IP Addresses

• How DHCP Lease Generation Works

• How DHCP Lease Renewal Works

• DHCP Server Authorization

• Demonstration: Adding the DHCP Server Role

 Benefits of Using DHCP

DHCP reduces the complexity and amount of administrative work

by using automatic TCP/IP configuration

Manual TCP/IP Configuration Automatic TCP/IP Configuration

• IP addresses are entered • IP addresses are supplied

manually
• IP address could be entered
incorrectly
• Communication and network
issues can result
• Frequent computer moves
increase administrative effort
automatically
• Correct configuration
information is ensured
• Client configuration is updated
automatically
• A common source of network
problems is eliminated
New DHCP Features in Windows Server 2008

New DHCP features include:

• Windows Server 2008 Support for DHCPv6

• Support for advanced network security

configuration using NAP

• DHCP on Server Core

How DHCP Allocates IP Addresses

DHCP Client2:
Non-DHCP Client: IP configuration
Static IP from DHCP server
configuration

Lease Renewal

Lease Generation

DHCP Server

DHCP Client1: DHCP

IP configuration Database
from DHCP server
IP Address1: Leased to DHCP Client1
IP Address2: Leased to DHCP Client2
IP Address3: Available to be leased
How DHCP Lease Generation Works

DHCP
Server2

DHCP DHCP
Server1 Client

1 DHCP client broadcasts a DHCPDISCOVER packet

2 DHCP servers broadcast a DHCPOFFER packet

3 DHCP client broadcasts a DHCPREQUEST packet

4 DHCP Server1 broadcasts a DHCPACK packet

How DHCP Lease Renewal Works

DHCP
DHCP
Server2
Server2

DHCP Client
DHCP Client
DHCP
DHCP
Server1
Server1

50%
100%
50% of
oflease
87.5%
of lease
lease
of
duration
lease
duration has
duration
has
expired
has
expired
expired

DHCP Client
11 DHCP client sends a DHCPREQUEST packet
If the client fails to renew it’s
its lease,
lease, after
after 50%
87.5%of of
thethe
lease
lease
duration
has expired,
has then
expired,
the then
DHCPthe lease
DHCP
generation
lease renewal
processprocess
starts will
begin
over DHCPwith
22 again
again
DHCP Server1
after sends
a 87.5%
Server1DHCP a DHCPACK
client
sendsof atheDHCPACK packet
broadcasting
lease duration
a DHCPDISCOVER
packet has expired
 DHCP Server Authorization

DHCP authorization is the process of registering the DHCP Server service

in the Active Directory domain to support DHCP clients

DHCP
If DHCP
Server1
Server1
checks
findswith
its IP
theaddress
domain
controller
on the list,
to obtain
the service
a list of
starts
authorized
and
supports
DHCPDHCP
servers
clients

Domain
Controller DHCP Server1

Authorized
Active Services DHCP
Directory
requests

DHCP Server2
DHCP Client
Unauthorized
Does not service
If DHCP Server2 does
checksnot
with
findthe
its IP DHCP requests
DHCP client receives IP address
address
domain oncontroller
the list, the
to obtain
serviceadoes
list ofnot
from authorized DHCP Server1
start
authorized
and support
DHCPDHCP
servers
clients
Demonstration: Adding the DHCP Server Role

In this demonstration, you will see how to add and

authorize the DHCP Server role
Lesson 2: Configuring DHCP Scopes and Options
• What Are DHCP Scopes?

• What Are Superscopes and Multicast Scopes?

• Demonstration: Configuring DHCP Scopes

• What Are DHCP Options?

• What Are DHCP Class-Level Options?

• What Is a DHCP Reservation?

• DHCP Sizing and Availability

• How DHCP Options Are Applied

• Demonstration: Configuring DHCP Options

What Are DHCP Scopes?

A scope is a range of IP addresses that are available to be

leased

DHCP Server

LAN A LAN B

Scope A Scope B

Scope Properties

• Network ID • Lease duration • Scope name

• Subnet mask • Network IP • Exclusion range

address range
What Are Superscopes and Multicast Scopes?

DHCP Server

LAN A LAN B
Scope A and Scope B

DHCP Server

LAN A LAN B

Scope A Scope B
Demonstration: Configuring DHCP Scopes
In this demonstration, you will see how to:
• Create and authorize a DHCP scope

• Configure a DHCP superscope

What Are DHCP Options?

DHCP options are values for common configuration data that

applies to the server, scopes, reservations, and
class options

Common scope options are:

• DNS Servers

• DNS Name

• Default Gateway
• WINS Servers
• WINS Servers
What Are DHCP Class-Level Options?

DHCP class-level options are scope options that apply to a

specific type of device

DHCP class-level Description

option
Vendor-class Configured by vendors such as
Microsoft, HP, and Sun
User-class Set and viewed by the user
What Is a DHCP Reservation?

A reservation is a specific IP address, within a scope, that is

reserved permanently for lease to a specific DHCP client

Workstation 1 File and Print

Server

Subnet A Subnet B

DHCP Server
Workstation 2

IP Address1: Leased to Workstation 1

IP Address2: Leased to Workstation 2
IP Address3: Reserved for File and Print
Server
DHCP Sizing and Availability
DHCP
Clients

DHCP
Server1
192.168.1.2

DHCP
Clients
DHCP DHCP Server1 has 20% of addresses as follows:
Server2
192.168.1.1 • Scope range: 192.168.1.10-192.168.1.254
• Excluded addresses: 192.168.1.10-192.168.1.205

DHCP Server2 has 80% of addresses as follows:

• Scope range: 192.168.1.10-192.168.1.254
• Excluded addresses: 192.168.1.26-192.168.1.254
How DHCP Options Are Applied

DHCP options can be applied at various levels:

• Server

• Scope

• Class

• Reserved client
Demonstration: Configuring DHCP Options

In this demonstration, you will see how to configure DHCP

server, scope, and class options
Lesson 3: Managing a DHCP Database
• Overview of DHCP Management Scenarios

• What Is a DHCP Database?

• How a DHCP Database Is Backed Up and Restored

• How a DHCP Database Is Reconciled

• Moving a DHCP Database

• DHCP Server Configuration Options

• Demonstration: Managing a DHCP Database

Overview of DHCP Management Scenarios

The DHCP service needs to be managed to respond to network

changes

Scenarios for managing DHCP:

• Managing DHCP database growth

• Protecting the DHCP database

• Ensuring DHCP database consistency

• Adding clients

• Adding new network service servers

• Adding new subnets

 What Is a DHCP Database?

The DHCP database is a dynamic database that contains configuration

information

• The DHCP database contains DHCP configuration data such as:

• Scopes
• Address leases
• Reservations

• Windows Server 2003 stores the DHCP database in the

%Systemroot%\System32\Dhcp folder

• The DHCP database files include:

• Dhcp.mdb
• Tmp.edb
• J50.log and J50*.log
• Res*.log
• J50.chk
How a DHCP Database Is Backed Up and Restored

DHCP Offline
Server Storage
Restore

DHCP

Back up Restore

DHCP Back up

In the
If the original
event that
database
the server
is unable
hardware
to load,
fails,
thethe
DHCP service
The administrator
DHCP service automatically
moves a copy backsof the up
backed
the DHCP
up DHCP
automatically restores
administrator can restore
from only
thefrom
backup
the directory
offline storage
on the
database to an theoffline
backup storage
directory
location
on the local drive
local drive
location
How a DHCP Database Is Reconciled

DHCP Detailed IP
Database address lease Compares and
information reconciles
inconsistencies in the
Registry Summary IP DHCP Database
address lease
information

DHCP Server

Example

Registry DHCP Database After Reconciliation

Client has IP address IP address 192.168.1.34 Lease entry is created in

192.168.1.34 is available DHCP Database
Moving a DHCP Database

DHCP
Database

Backup
Media

DHCP
Database
Old DHCP
Server

New DHCP
Server
DHCP Server Configuration Options
Demonstration: Managing a DHCP Database

In this demonstration, you will see how to manage a DHCP

database
Lesson 4: Monitoring and Troubleshooting DHCP
• Overview of Monitoring DHCP

• Common DHCP Issues

• What Are DHCP Statistics?

• What Is a DHCP Audit Log File?

• Monitoring DHCP Server Performance

• Demonstration: Monitoring DHCP

Overview of Monitoring DHCP

Why monitor DHCP?

• To observe the dynamic DHCP environment

• To determine DHCP server performance
• To facilitate planning for current and future needs

DHCP data includes:

• DHCP statistics
• DHCP events
• DHCP performance data
Common DHCP Issues

• Address conflicts

• Failure to obtain a DHCP address

• Address obtained from incorrect scope

• DHCP database suffered data corruption or loss

• DHCP server has exhausted its IP address pool

What Are DHCP Statistics?

DHCP statistics are collected at either the server level or scope

level

DHCP Server
What Is a DHCP Audit Log File?

A DHCP audit log is a log of service-related events

Monitoring DHCP Server Performance

Performance What to look for after a

counters baseline is established
• Create a DHCP performance baseline
Packets Monitor for sudden increases or decreases, which
received/second could reflect network problems
• Check the standard counters for
server performance
Requests/second Monitor for sudden increases or decreases, which
couldserver
• Review DHCP reflectcounters
network for
problems
significant
changes in DHCP traffic
Active queue Monitor for both sudden and gradual increases,
length which could reflect increased load or decreased
server capacity
Duplicates Monitor for any activity that could indicate that
dropped/second more than one request is being transmitted on
behalf of clients
Demonstration: Monitoring DHCP

In this demonstration, you will see how to monitor DHCP

statistics and performance
Lesson 5: Securing DHCP
• Securing DHCP

• Preventing an Unauthorized User from Obtaining a Lease

• Restricting Unauthorized, Non-Microsoft DHCP Servers

from Leasing IP Addresses
• Restricting DHCP Administration
Securing DHCP

Reasons for securing DHCP include:

• Preventing an unauthorized user from

obtaining a lease

• Restricting unauthorized, non-Microsoft DHCP

servers from leasing IP addresses

• Restricting DHCP administration

Preventing an Unauthorized User from Obtaining
a Lease

To prevent an unauthorized user from obtaining

a lease:

• Ensure that unauthorized persons do not have

physical or wireless access to your network

• Enable audit logging for every DHCP server

on your network

• Regularly check and monitor audit log files

• Use 802.1X-enabled LAN switches or wireless

access points to access the network

• Configure NAP to validate users and security policy

compliance
Restricting Unauthorized, Non-Microsoft DHCP
Servers from Leasing IP Addresses

DHCP authorization

• Available on Windows 2000 and

Windows Server 2003

• Authorization not required on other

DHCP implementations

To restrict an unauthorized, non-Microsoft DHCP server

from leasing IP addresses, ensure that unauthorized
persons do not have physical or wireless access to your
network
Restricting DHCP Administration

To restrict who can administer the DHCP service:

• Limit the members of the DHCP Administrators group

• Add users needing read-only access to the

DHCP Users group

Account Permissions
DHCP Administrators group Can view and modify any data about the
DHCP server
DHCP Users group Has read-only DHCP console access to the
server
Lab: Configuring and Troubleshooting the DHCP
Server Role
• Exercise 1: Installing and Authorizing the DHCP Server
Role
• Exercise 2: Configuring a DHCP Scope

• Exercise 3: Troubleshooting Common DHCP Issues

Logon information
Virtual machine NYC-DC1, NYC-CL1

User name Administrator

Password Pa$$w0rd

Estimated time: 30 minutes

Lab Review
• What kind of account is necessary to authorize a DHCP
server?
• Why is it important to define an exclusion range when
configuring the DHCP scope?
• What is the consequence of not providing a default
gateway when configuring DHCP scope options?
Module Review and Takeaways
• Review Questions

• Common Issues and Troubleshooting Tips

• Best Practices

• Tools
Notes Page Over-flow Slide. Do Not Print Slide.
See Notes pane.
Notes Page Over-flow Slide. Do Not Print Slide.
See Notes pane.
Notes Page Over-flow Slide. Do Not Print Slide.
See Notes pane.