Professional Documents
Culture Documents
DHCP
DHCP
Uploaded by
colreg0 ratings0% found this document useful (0 votes)
19 views56 pagesHuong dan cau hinh DHCP
Original Title
dhcp
Copyright
© © All Rights Reserved
Available Formats
PDF or read online from Scribd
Share this document
Did you find this document useful?
Is this content inappropriate?
Report this DocumentHuong dan cau hinh DHCP
Copyright:
© All Rights Reserved
Available Formats
Download as PDF or read online from Scribd
0 ratings0% found this document useful (0 votes)
19 views56 pagesDHCP
DHCP
Uploaded by
colregHuong dan cau hinh DHCP
Copyright:
© All Rights Reserved
Available Formats
Download as PDF or read online from Scribd
You are on page 1of 56
Mang miy tinh (Nhom 8) ~ DHCP
Phan 1 — Mé dau
PHAN I: MO DAU
L1. Gi6i thigu dé tai
Ngay nay, sy phat trién cong nghé thong tin dang dién ra manh mé, cdc may
tinh cang can thiét phai két néi véi nhau dé thyc hign cdc céng vige noi b6, cing
nhu lién két cde co quan, xi nghiép, cOng déng ngudi lai véi nhau, phyc vu doi
séng cua con ngudi higu qua cao, Ma hign nay b6 giao thife TCP/IP 1a mét b6 cdc
giao this truyén thong cai dat chéng giao thire ma Internet va hau hét cdc mang
may tinh thuong mai dang chay trén d6. Cac mdy tinh trong mang nhan ra nhau
nhé vio dia chi IP ma trade d6 ngudi quin tri mang phai gan cho timg mdy tinh
mét. Mdi thiét bi trén mang co sé TCP/IP phai cé mét dia chi IP duy nhat dé truy
cp mang va sir dung cac tai nguyén.
DHCP tip trung vige quan ly dia chi IP & cae may tinh trung tim chay
chuong trinh DHCP, Mic dui cé thé gan dia chi IP vinh vién cho bat cir may tinh
nao trén mang, DHCP cho phép gan ty ddng. Dé khach cé thé nhan dia chi IP tir
may chi DHCP, ta khai bo edu hinh dé khdch "nhin dia chi ty déng tir mgt may
chi", Tuy chon nay xuat hién trong ving Khai bao cu hinh TCP/IP cita da s hé
digu hanh. MGt khi tiy chon nay duge thiét lap, khach co thé "thué" mét dia chi IP
tir may chii DHCP bat cir Itic ndo. Phai cé it nhat m§t may cht DHCP trén mang.
Sau khi cai dit DHCP, ta tgo mét pham vi DHCP (scope), la ving chita cdc dia chi
IP trén may chi, va may chit cung cp dia chi IP trong ving nay.
DHCP 1a mét thuan 16i rat 1én déi véi ngudi digu hanh mang. No lam yén
tam vé cde vin dé ¢6 hiu phat sinh khi phai khai bio cdu hinh thu cong. Hay xem
sut so sinh duéi day dé biét DHCP lam nhe bét céng viée nhw thé nao:
Khéng cé DHCP: Khi cdu hinh thi céng, ta phai gin dja chi cho moi may
tram trén mang, Ngudi ding phai goi dén ta dé biét dia chi IP vi ta khong muén
phy thuge vio ho dé cu hinh dia chi IP. Céu hinh nhiéu dia chi IP o6 kha ning dn
i, i an én thong trén mang, Cudi cing ta sé
mang con nao dé hode d6i véi toan mang néu ta khéng quan
than cdc dia chi IP 43 cdp phat, Ta phai thay d6i dia chi IP 6 may tram néu
1né chuyén sang mang con khdc. Ngwoi ding di d6ng di tir noi nay dén noi kha, c6
nhu cdu thay d6i dia chi IP néu ho néi véi mang con khie trén mang.
GVHD: TS Lé Anh Ng@c 1
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
Cé DHCP: May chi: DHCP ty dong cho ngudi ding thué dja chi IP khi ho
vio mang. Ta chi cin dc t& pham vi cdc dja chi cé thé cho thué tai miy chit
DHCP. Ta sé khong bi ai qudy ray vé nhu cau biét dia chi IP.
DHCP ty dong quan ly cdc dia chi IP va loai bo duge cdc Ii c6 thé lam mat
lign lac. N6 ty dOng gin lai cdc dia chi chua duge sit dung. DHCP cho thué dia chi
trong mét khoang théi gian, cé nghia 1a nhimg dia chi nay sé cén ding durge cho
cdc hé thong khac, Ta hiém khi bi hét dia chi. DHCP ty d6ng gan dia chi IP thich
hgp v6i mang con chifa may tram nay. Ciing vay, DHCP ty déng gan dia chi cho
ngudi ding di déng tai mang con ho két néi.
‘Trinh ty thué Dia chi IP DHCP 1a mét giao thie Internet co nguén géc &
BOOTP (bootstrap protocol), duge ding dé c4u hinh céc tram khéng dia, DHCP
Khai thac wu diém ctia giao thite truyén tin va cdc ky thudt khai bao edu hinh duge
dinh nghia trong BOOTP, trong dé cé kha nang gan dja chi, Sy tuong ty niy cing
cho phép céc bé dinh tuyén hién nay chuyén tiép cdc théng digp BOOTP giita céc
mang con cing o6 thé chuyén tiép cde théng dip DHCP. Vi thé, may chit DHCP
6 thé danh dja chi IP cho nhiéu mang con,
Voi su cin thiét cia DHCP nhu trén, dé tai DHCP server sé lim sing t6 y
nghia cua viéc ding DHCP server va cdc vin a8 cua dich vy DHCP server, co ché
hoat dng, cdch cai dat cing nhw sao hru phuc hdi hay bao mat dich vu DHCP.
Ching em xin chan thinh cdm on qué trinh huéng din, giing day, gidp do
nhi¢t tinh cua tién si Lé Anh Ngoc da gitip ching em hoan thinh dé tai nay.
Do kién thie con han ché nén dé tai khong tranh khdi sai sét, day di vé dich
vu DHCP server. Ching em hi vong qua dé tai nay ching em sé hiéu 1 vé mang
méy tinh néi chung va dich vy DHCP ndi riéng.
GVHD: TS Lé Anh Ng@c 2
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
1.2. Cau trie bao cio
+ Co ché hoat déng ctia DHCP.
- IL. Cai dat va cau hinh DACP
+ Cdu hinh ede thong sé cho DIICP Server.
+ Cai dat va cdu hinh DHCP Relay Agent.
- TIL Quan ly va gidm sat DHCP:
+ Quan ly Database ctia DHCP Server.
+ Sao leu va phuc héi trong DHCP.
+ Gidm sat hoat déng cha DHCP.
1.3. Phan cong cng vige
DHCP Server.
Thye hom 8 lép 47K-tin
Céc thanh vién:
V6 Trong Trung (Nhém triéng)
Tran Thi H. Nhung
Phan Thanh Thing
Nguyén Thanh Luan
°
°
°
°
GVHD: TS Lé Anh Ng@c
Mang miy tinh (Nhom 8) ~ DHCP
PHAN II: NOI DUNG CHIT!
1. Gidi thigu v DHCP
1.1.DHCP la gi?
1.1.a. Khai niém
DHCP (viét tit cita tir Dynamic Host Configuration Protocol): i giao thie
cdu hinh Host déng, duge thiét ké nhim lam gidm thai gian chinh cdu hinh cho
mang TCP/IP bing cdch ty dong gin dja chi IP cho cdc may khach (client) khi
tham gia yao mang.
DHCP duge phat trién bé
—16 chire chuyén nghién ctru vé
chic IETF (Internet Engineering Task Force)
ic giao thire duge sir dung trén Internet
L.1.b. ¥nghia ctia vige sit dung dich vu DHCP:
- Ty d6ng cap phat dia chi IP pha hop cho may tram khi vao mang, ty dong
quan ly cdc dja chi IP va logi bo duge cac 16i Lim mat lién lac nhw tinh trang nham
lan hay tring lap dia chi IP, déng thoi giam thiéu chi phi quan tri cho hé thong
mang. .
- Phi hgp cho cdc may tinh thuéng xuyén di chuyén qua lai gitta cc mang.
- Gitp cho cée nha cung cdp dich vy (ISP) tiét kigm duge so lugng dia chi IP
thit (Public IP).
- Két hgp véi hé théng mang khéng day (Wireless) cung c4p cdc diém
Hotspot nhw: nha ga, san bay, truéng hoc...
1.2. Mét s6 thudt ngit thong dimg trong DHCP:
* DHCP Client - May tram DHCP: 1a mét thiét bj ndi vao mang va st: dung giao
thitc DHCP dé lay cae théng tin cu hinh nhw 1a dia chi mang, dia chi may chit
DNS.
+ DHCP Server - May chit DHCP: 1a mét thiét bi néi vao mang cé chire nang tra vé
cdc thong tin cn thiét cho may tram DHCP Khi c6 yéu cau,
* DHCP Replay Agent: 1a m6t my tinh hoic mét Router duge cau hinh dé ling
nghe va chuyén tiép cdc gi tin gitta DHCP Client va DHCP Server tir subnet nay
sang subnet khéc.
+ DHCP Scope: la m@t khodng IP hgp 1¢ ma ta da xac dinh trén DHCP Server,
ding 4é cung cap cho cdc client ¢6 yéu cau thué dia chi.
GVHD: TS Lé Anh Ng@c 4
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
+ Scope Options:
sung thém vao théng tin di cig véi dia chi IP cho thué. "Ching han, ching ta cd
thé cau hinh mét scope dé cung cap lim Default gateway.
ent Reservations: la cdc IP dat truée mi DHCP Server thuéng xuyén cung cap
dén mét may cy thé nao 46, Vi dy nhu, ching ta git la
m@t may va may nay cn c6 mét dia chi IP 6 dinh (nhu li DNS Server hode 1a
Print Server ching han, lic nay céc may khac sé cu hinh dé connect t6i DNS
server bing dia chi ciia DNS server nay),
1.3. Co ché hogt déng ctia DHCP
DHCP 1a mét giao thie cé nguén géc tir BOOTP (Bootstrap Protocol), duge
u hinh cho cae may tram khéi dong ma khéng can dia cig. BOOTP thi
“ong vige sau:
+ Tim kiém dia chi IP cho chinh né.
+ Tim IP cua BOOTP server.
m(t file khéi dng tir server vo b6 nhé.
+ Bat dau khoi dong.
DHCP khai thic uu diém cua giao thite truyén tin va cdc ky thuat khai bao edu
hinh duge dinh nghia trong BOOTP, trong a6 cé kha nang tim kiém va gan dia chi
IP cho nhiéu mang con. Giao thite DHCP lam vige theo mé hinh client/server.
Theo dé, qué trinh tong téc gitta DHCP client va server dién ra théng qua cdc goi
tin:
- DHCP Discover.
- DHCP Offer.
- DHCP Request.
- DHCP Acknowledgement.
GVHD: TS Lé Anh Ng@c 5
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
FGA er Ge eke dete Snes Tete Tet
OweeMlieaxeaisevoFr2 BE QQQn BABK DS
Se
«root ag oxo cnc)
Monten tamer eine Ome
relay agent ze aktesss 010.00 (00,0003
(Sie tac aaerevss tneeleorias0e:3? Cooctcicos2-cat30)
Ene harstare sasress passing: vooououani
seer se aerate
tole
Ta 6 thé néi ngin gon co ché hoat dong cia DHCP 1a: Khi mot DHCP
client khdi dng sé gti cho server | théng digp, DHCP server sé tim | IP con réi
trong day IP dé cip cho client, sau 46 dua ra 1 thong diép thong bio trén toin
mang vé dia chi IP cia client d6,
Cy thé nhur sau:
DHCP Discover:
Dau tién may client sé giri di 1 g6i tin quang ba tén la DHCP Discover,
nhim yéu edu cho viée lay cdc théng tin cau hinh nhu IP Address, Subnet Mask,
Defaut Getway, Preferred DNS,... Lic nay, vi client chua ¢6 dia chi IP cho nén né
sé ding m6t dia chi source (nguén) 13.0,0.0,0, déng thoi né cing khong biét dia chi
ciia DHCP server nén client sé giri dén mét dia chi broadcast la 255.255.255.255
va sau d6 g6i tin DACP Discover niy sé quang ba di toan mang. G6i tin may chita
mt dia chi MAC (Media Access Control) (la dja chi mi méi mt network
adapter (card mang) duge nha san xuat cp cho va 1a ma sé dé phan biét cac card
mang véi nhau). Ngoai ra né con chita tén cua may client dé server c6 thé biét
dugc client ndo 43 goi yéu cau dén.
GVHD: TS Lé Anh Ng@c 6
Mang miy tinh (Nhom 8) ~ DHCP
DHCP
Server
Pcot
DHCP | {
Servert
DHCP client broadcasts a DHCPDISC!
DHCP Offer:
Sau khi nhjn duge géi tin DHCP Discover cua client, néu ¢6 mt DHCP
Server hgp 16 (nghia la né ¢6 kha ning cung cép dja chi IP cho client) thi né sé tri
lai lai bing m6t géi tin DACP Offer, g6i tin nay chira mt dia chi IP dé nghi cho
thué trong mot khodng théi gian nhdt dinh (mac dinh 1a 8 ngay, sau mot khoang
thoi gian 14 50% (tiie 18 4 ngay) né sé ty dong thu héi IP address 43 cdp néu nur
client khong sir dung), kém theo 14 dja chi MAC clia client duge cp, m6t subnet
mask va dja chi IP ca DHCP Server 44 cp phat. Trong théi gian nay server sé
khéng cp phat dia chi IP vita d8 nghj cho mét client ndo khac.
GVHD: TS Lé Anh Ng@c 7
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
DHCP }{—
Server2 || ©
Servert
4]| DHCP client broadcasts a DHCPDISCOVER pacl
2| DHCP servers broadcast a DHCPO
DHCP Request:
May client sau khi nhin duge nhiing loi 4é nghj 1a cdc géi tin DHCP Offer
trén mang (truéng hop trong mang cé nhiéu hon | DHCP server) sé tién hinh chon
Jge mét géi tin phi hgp va sau dé phin di Iai bing m@t goi tin 1 DACP Request
(bao gém thong tin vé DHCP Server e4p phat dia chi cho né) dé chdp nhin loi dé
nghj 46, Diéu nay giip cho vige cde géi tin con Iai khong duge chap nhjn sé duge
cdc Server rit lai va ding dé cap phat cho Client khac.
GVHD: TS Lé Anh Ng@c
Mang miy tinh (Nhom 8) ~ DHCP
1| DHCP client broadcasts a DHCPDISCOVER packet | =
2 DHCP servers broadcast a DHCPOFFER packet
3} DHCP client broadcasts a DHCPREQUEST packet
DHCP Acknowledgement:
Khi DHCP Server nhin duge géi tin DHCP Request, né sé tra 1di lai DHCP.
client bang mét géi tin la DHCP Ack nhim myc dich théng bdo 14 da chdp nhan
cho DHCP client dé thué dia chi IP. Goi tin nay bao gém dja chi IP va cde thong
tin cdu hinh khac (DNS Server, WINS Server,...). Cudi cing client nhin duge g6i
tin DHCP Ack thi ciing cé nghia 1a két thc qua trinh thué va cdp phat dia chi IP.
Va dia chi IP nay chinh thite duge client sir dung.
Luu ¥: Tat ca vige trao déi théng tin gitta m6t DHCP server va DHCP client
s€ sit dung giao thire UDP dé truyén cae goi tin (User Datagram Protocol) tai 2
céng li 67 va 68 danh cho vige truyén dit ligu dén server va client.
GVHD: TS Lé Anh Ng@c 9
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
4) DHCP Servert broadcasts a
1.4. Co ché ne déng refresh lai thai gian dang kj (lease time)
Bay gig ta coi nhw 1a DHCP client da dang ky duge mgt IP address ri. Theo
mic dinh ciia DHCP server thi méi IP lease chi duge cd 8 ngiy. Néu theo nhu mac
dinh (8 ngay) thi mét DHCP client sau mot khoang théi gian 1a 50% (tite 1a 4 ngay)
né sé ty dong xin lai IP address voi DHCP ma né da xin ban dau. No DHCP client
Mic nay sé géi mot sé gsi mt DHCPREQUEST true tiép (unicast) dén DHCP
server ma né di xin ban dau.
GVHD: TS Lé Anh Ng@c 10
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
=D»
| DHCP << \
| Servert =4
DHCP Client
DHCP Client sends a DHC!
ae
Néu ma DHCP server 46 "con sng", né sé tra loi bing mot goi DHCPACK
4é renew (cho thué méi lai) t6i DHCP client, goi niy bao gom thong cde thong 86
cdu hinh méi cAp nhgt nhat trén DHCP server. Néu DHCP server "
DHCP client nay sé tiép tue str dung cdu hinh hign thoi eda nd.
GVHD: TS Lé Anh Ng@c 1
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Va néu sau 87.5% (7 ngay) ciia thi gian thué hign thi cia nd, n6 sé
broadcast mgt DHCPDISCOVER dé update dia chi IP cua né, Vio Itic nay, né
khong kiém t6i DHCP server ban diu cho né thué nifa mi né 1d s€ chip nhan bat
cis mgt DHCP server nao khae.
Néu théi gian ding ky da hét, thi client sé ngay lap tire dimg lai vige sir dung
IP address di ding ky do. Va DHCP client sau dé sé bat dau tién trinh thué mot dia
chi nhu ban dau.
Chi y: khi ching ta khéi dng (restart) lai DHCP client thi né sé ty dong
renew lai IP address ma truée khi né shut down.
GVHD: TS Lé Anh Ng@c 12
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
29D,
Vay néu khi ta c6 mot sy thay ddi vé cdu hinh trén DHCP server ma ta muén
né c6 téc dung dén cac client ngay lap tite thi ta c6 thé renew mét IP lease "bing
tay" d6i véi DHCP client nhu sau: vao run, danh command --> danh lénh 1a
ipconfig /renew. Khi dé né sé goi mét DHCPREQUEST dén DHCP server dé
update théng tin vé cdu hinh, va thdi gian dang ky méi. Va nguge lai, néu ta khong
muén dang ky cai IP address nay nifa ta c6 thé dinh Ignh ipconfig /release. Luc
nay, né sé gdi dén DHCP server mot DHCPRELEASE. Sau lénh nay, client sé
Khéng con lién lac véi network bing TCP/IP nita,
GVHD: TS Lé Anh Ng@c 13
Bao cdo dé tai Mang miy tinh (Nhém 8) - DHCP
ere eee
ears
1.5.DHCP Replay Agent
1.5.1.DHCP Replay Agent la gi?
DHCP Replay Agent 14 mgt mdy tinh hoac mt Router duge cdu hinh dé
lang nghe va chuyén tiép cdc géi tin gitta DHCP Client vi DHCP Server tir
subnet nay sang subnet khic.
- DHCP Relay Agent la b6 trung chuyén DHCP Discover (hode DHCP
Request) dén DHCP Server. DHCP Relay Agent cho phép forward cdc truy
van cla DHCP Client dén DHCP server va tra lai IP cho Clients (lim nhigm
vu nhu Proxy)
Trong trudng hop DHCP Client va DHCP Server khéng nim ciing subnet vi
due két néi qua b6 dinh tuyén (router) thi cin phai c6 gidi phap cho phép
truy vin tir DHCP Client vurgt qua router dé dén DHCP Server. DHCP Relay
Agent (tic nhin chuyén titp DHCP) duge ding cho myc dich niy, DHCP
Relay Agent li mét thye thé trung gian cho phép chuyén tiép (relay) cdc
GVHD: TS Lé Anh Ng@c 14
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
DHCP Discover (hodc DHCP Request), ma throng bi chin 6 ngay router, tir
DHCP Client dén DHCP Server.
DHCP Bob hood DHCP Server
Broadcast
\ SubnetA
Broadcast
SubnetB )
[Poot [ Poo2 [Pco3 | Poo4
Dich vy Routing & Remote Access ciia Windows Server 2003 hé trg tinh ning cdu
hinh nhu mt DHCP Relay Agent nén ching ta khéng can cai thém chuong trinh
khdc, ma chi cdn kich hoat tinh nang nay trong Routing & Remote Access. Dé hiéu
ly do phai sir dung DHCP Relay Agent Microsoft dua ra cae chién lige sau:
éu mi mang ching ta dyng lén 1 DHCP Server thi ton kém va khéng can thiét,
vigc bao tri cling nhu quan ly rat kho khan,
hinh Router dé cdc tin higu Broadcast di qua nhung vige nay sé gay
nhimg i khi hé théng mang gap truc trac. Thém nifa 1a hu lugng cdc goi tin
Broadcasd qua nhiéu sé lam tit nghén hé théng mang,
1.5.2.DHCP Relay Agent hoat déng nue thé nao?
Client Broadcasts géi tin DHCP Discover trong ndi bd mang.
GVHD: TS Lé Anh Ng@c 15
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
DHCP Relay Agent
DHCP Relay Agent trén cimg mang v6i Client sé nhan goi tin dé va chuyén dén
DHCP server bang tin higu Unicast.
DHCP Relay Agent ———ie
DHCP server ding tin higu Unicast géi tri DHCP Relay Agent mét goi DHCP
Offer
GVHD: TS Lé Anh Ng@c 16
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
DHGP Relay Agent | DHCP Server
DHCP Relay Agent Broadcasts géi tin DHCP Offer dé dén cc Client
DHCP Relay Agent | “
Sau khi nh§n duge géi tin DHCP Offer, client Broadcasts tiép goi tin DHCP
Request.
GVHD: TS Lé Anh Ng@c 17
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
DHCP Relay Agent
DHCP Server
.geto the DHCP eorver
P rel =
DHCP Relay Agent ni
server cling bing tin
DHCP server ding tin higu Unicast géi tra Idi cho DHCP Relay Agent mét géi
DHCP ACK.
GVHD: TS Lé Anh Ng@c 18
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
DHCP Relay Agent Broadcasts géi tin DHCP ACK dén Client. Dén day la hoan tat
quy trinh tiép nhan xtr ly va chuyén tigp théng tin ciia DHCP Relay Agent,
GVHD: TS Lé Anh Ng@c 19
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
2. Cai dit vA quan ly dich vy DACP
2.1. Cai dat va cdp phép cho DHCP Server:
‘Tac c4 cdc phién bin Windows Server tir 2000 tré Ién déu c6 thé Lim mot DHCP
server, Truée khi tién hanh cai dat dich vy DHCP, ta phai bio dam mét vai yéu cau
sau day:
+ Server cai dat DHCP Service phai cé IP cé dinh (static IP) ddng thai co
subnet mask va defaut gateway tong img.
+ Sir dung User account cé quyén céu hinh trén DHCP Server.
+ M6t range (day) cdc dia chi IP hgp Ié dé cho client thué (lease).
DHCP service duge cdi dat nhu sau:
Vio Control Panel chon mye Add/Remove Programs —> chon tab Add/Remove
Windows Components — Networking Services > nhip vao nit Details... hoe
GVHD: TS Lé Anh Ng@c 20
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
nhin t6 hyp phim ALT+D — trong h§p thoai hién ra, dinh dau & mye Dynamic
Host Configuration Protocol (DHCP) va chon OK — nhin Next dé bat dau cai dat
(qué trinh cai dat s€ yéu cau trd dén source cia bg cai Windows Server).
Windows Components
"Yeu can ade erove congonets of Winns
“To add eemave a cenpcnan, lek ho choccbos A chsded baxmesra tht oly oat
Gite conporent wile ndaled To see phalsneided na compere. cick Lets,
To nd or rerove aconconert lh the checkbox
galalte consents rted Toate vba
ea Sever O0Me
cree 1) Rense Access Quake Senice aN
Bleed Sei Cotoa | hae ona TE Py cave
12> Manzeit an) Moning Tob LE See TOP A Sevens aoe —
1 Bl windows Inert Name Serie HANS) oame =I
83 0berNeaak Fle ard Pra Seve
Pearinastaln Spr Dovecfon Set sp 2DNOF seve a! ssomsi ani encoy IP
Sito: nce comanes nti sansa,
Descibtir Conta a vay c spaced, rene
Toei dk pace cutest saM0 Ee
Toad de space equi: A4NB—Spacevaiatlean dic 47200 MB
Space avaibieondsk: 47200 M8 Cane
dock [Het Corel i
Cap phép (authorize) mét DHCP service:
Ching ta phai cdp phép (hay con goi la uy quyén) mét DHCP server truée khi né
6 thé thyc hign vige cho DHCP client thué dia chi IP. Vige yéu cau cép phép cho
cdc DHCP server sé ngin chin vige cic DHCP server cé kha ning cung cap cdc
dia chi IP khong hgp Ié cho cdc client (hay cdn goi li DHCP gié mao) trong ndi bo
domain ciia ching ta, Dé thyc hign duge vige niy ching ta phai logon bang user
nim trong group Enterprise Admins.
aie
| Domain |
Controller |_DHCPServert |
GVHD: TS Lé Anh Ng@c 21
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Theo mé hinh trén, gid sir ching ta c6 2 Server ching chay dich vu DHCP (tam goi
46 1 DHCP Server! va DHCP Server2) trong ngi b6 domain cla minh, Nhung chi
£6 duy nhat DHCP Server! la duge cap phép chay dich vu nay. Dau tién khi dich
vu DHCP trén Server! duge kich hoat (start) thi Server! sé kiém tra xem dich vu
DHCP cia minh 6 duge Domain Controller cap phép host déng hay khéng? Bing
cach giri mt yéu cdu dén may chi: Domain Controller nh kiém tra diim minh ¢6
duge phép cap IP dng cho ndi bo domain hay khong?
ICP Server kiém tra danh
Domain DHcPServert |
| DHCPServer2
Sau khi nhin duge yéu cau kiém tra nay tt phia DHCP Serverl, Domain
Controller sé tién hinh kiém tra xem Server! cé duge cdp phép hoat dong dich
DHCP hay khéng?
are reer tim thay
ia chi cua chinh DHCP
serverl trong danh sach dé
Roan
Controller |[- DHCP Servert
Authorized
«= J Services DHCP
Ss requests:
DHCPServer2
DHCP Client
GVHD: TS Lé Anh Ng@c 22
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
Vi Server! di duge c4p phép hoat déng dich vu DHCP nén Serverl duge phép
cung cap dja chi IP d6ng cho céc DHCP client trong ngi b6 domain.
Neguge lai véi Serverl, Server2 sau khi khéi d6ng dich vu DHCP ciing tién hanh
nhg Domain Controller kiém tra. Do khong duge cap phép hoat déng dich vy, cho
nén mic dit dich vu da duge start nhung Server2 van khong duge phép cung cép
dia chi IP d6ng cho ngi b6 domain.
(es i
Contrellor | DHCPServert
v/ Authorized
= ‘Services DHCP
requests
| DHcPServer2
SY Unauthorized
Does not service
DHCP requests
DHCP Client
ae ver? khong tim thay dia chi
inh tronh danh each duoc
cap phép ctia AD
Néu DHCP server la khéng duge authorize thi DHCP service sé log (ghi lai) mot
error trong system log (ching ta cé the tim thay trong Administrative Tools/Event
log). Cudi citing DHCP Client xin duge IP tit DHCP Serverl.
alr __bHcPSerert |
| Contreller ‘ Chon Add Snap in DHCP:
P 2x
Wises Copsion
MeciatCopetion
Wise Copesion
ices Copesion
Meu Capeon
ices Cop Feu.
ices nd VERTS
Meu Copetion
ise Coparsion
Wise Copsion of
Connect to va g6 dia chi IP cua DHCP Server:
GVHD: TS Lé Anh Ng@c 24
‘Néu ta dang ngéi tén may
Local, thi khong cin go IP cita
a Local vao. Viée lam nay nhim
S--°* [E =| tao thoi quen lim cdc cong
ee eee vige Admin trén mét may tir
i ere ==) xa, Néu séu hon nita, 6 day
= | chiing ta sé phai sir dung mot
User thurdng, va sau dé phai
Run as... véi quyén Admin va
cdu hinh DHCP.
x _ ect
segs
Hla Matias Scop.
hp.
Restore,
pe, onthe econ mer, ck New Seape,
on abut setengup a CHCP server, 22 one He,
Reconce Al seopes..
Hép thoai New Scope Wizard hién ra, dién nhimg thong sé
Wizard:
‘Type name and dercipton for his scope, This inlormation helps you uch) eri
‘tht scope Ie tobe ured on your neath
tos [Fete Sep
Rescintis [Mat chao nanaSeopd
—tarea_|
GVHD: TS Lé Anh Ng@c 25
Mang miy tinh (Nhom 8) ~ DHCP
IP Address Range ~ khoang IP ding dé cap cho mang LAN, méi Scope o6 m6t IP
Range khdc nhau, day li phan chinh, khong thé thiéu trong m@t Scope:
O day ching ta go
192.168.1.10 — 192,168,100,
Khoang IP nay sé cap cho toan
b6 cae may tinh c6 trong mang
i oe |
Exlusion — khoang logi trir. Trong khoang IP tir 192.168.1,10 — 192,168,100 ching
ta sé cap cho cdc may con, trong dé ciing co nhimg IP cé dinh, thong thuong dat
inh nay nim trong khodng 10-100 nén sé mat thoi
ian dé Client kiém tra va cap nhat thong tin lén DHCP ring sé IP duge é
tai trén mang roi.
Server cua ching ta sir dung khoang IP tir 50-60, nén ta sé dua vio 1 khoang logi
trir 192, 168,1.10 — 192,168.1,60 — Click Add
seek ee] et
Buse tiép theo, céu hinh Leased Duration. Phin nay ta nén dé mic dinh, Leased
Duration quy dinh vé khoang thdi gian t6i da Client c6 thé thué s6 IP, Sau khoang
thai gian nay nén Client khéng tuong tac duge véi DHCP Server, sé IP dé sé
khéng con tac dung. Khi DHCP cap IP cho Client, DHCP Server sé hru lai thong
tin trong phan Address Leases ring IP dé da cap cho Client tén PCName va MAC
Address xx xx xx xx xx xx, S6 IP nay sé khéng cp cho ai khac trong suét thoi
gian Leased Duration.
GVHD: TS Lé Anh Ng@c 26
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
Luu y: Néu ching ta chon Leased Duration 1d Unlimited thi chuyén gi sé xdy ra?
Ligu IP Range cia Scope cé bj qué tai hay khong?
rnesie tatee tone se re able neon tok carat ain
i cece a sae
Seer
Bove Haws Mrwtor:
am
Hign tai, ching ta chi méi cau hinh phan chinh cia cdu hinh IP, tife 1a dia chi IP,
Subnet Mask. Tiép theo, cdu hinh théng sé Default Gateway, DNS, WINS cap cho
DHCP Client, Nhitng théng sé nay goi la DHCP Options. Chon cau hinh DHCP
Options:
Sésjenses atoutersgefout aakenal DRS servers ans WANS sotinas Toot
The eng you echt me the ope anc evi ating: confxted nthe
Doyen wero configu the DHEP ops oti score mo?
© Na. it corte hese options iter
fella) a
Preerverad com[192.168.168.1] lot auberked
Reconce ll Scopes.
authorize
Defi User Classes
Define Veror Classes.
Set Predefined Options
al sis »
Date
Refresh
Properties
eb
CAU HINH CHO CLIENT SU DUNG IP DONG:
GVHD: TS Lé Anh Ng@c 30
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
‘M@ Properties ctia Network connection — Properties cia Internet Protocol
(TCP/IP) — xuat hign hGp thogi, chon tab General — click chon Obtain an IP
address automatically. Néu ching ta muén cdp mét dia chi DNS server bing
DHCP thi click chon Obtain DNS server address automatically:
senera | aterate conignation |
‘You can get IP settings enigd eutomaticly if your network aupponts
hs capabley. Otherwise, you need to ack your network aarunistator
For the oprreprits Ip setings
(© obtain Ons server address automaticaly
Trén Client, cdu hinh Obtain IP xong, ching ta thyc hign nhanh bang céch sir dung
Ignh ipconfig /renew trong emd dé xin cu hinh IP méi. Clients phai mat mét
Khoang théi gian dé tim va xin IP tir DCP Server. Cudi ciing , dé kiém tra lai cdu
hinh IP sau khi durge cdp phat ta str dung Iénh ipconfig /all.
AU HINH DHCP OPTIONS, SCOPE OPTIONS VA RESERVATION:
Cdu hinh DHCP Reservations bing cach lay dia chi MAC cia mét vai Clients, tao
Reservations méi, Reservations phyc vu cho mye dich Iya chon IP va cdp IP c6
dinh cho mt Client nao d6. Vi du nhan vién 1 trong céng ty sir dung LAPTOP c6
dia chi MAC Address 00002F |ABF6D va Admin muon nhan vién nay moi khi
xin IP tir DHCP Server déu mang duy nhat dia chi IP 192.168.1.99 vi cé DNS
Server chi dinh tryc tiép ra ISP 210.245.31.130. Muén thye hién chic nang nay
trén mét may don Ié, Admin 6 thé str dung Reservation trén DHCP Server
Console,
GVHD: TS Lé Anh Ng@c 31
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
| Ble Aton Yon Fawkes window
2? Bm|xXe ase
By Aatreee Fool |
Gh Aires Leacee
Cu hinh cde tham sé trong cita s6 Reservation
‘en lx
Provide efcmation fra teserved Ser
esevaion mane Tal cho Reservaion
IBeddiess: 192.168. 1. 89
MAC aces ‘ABFED
Devotion
Suppated boos:
© toh
© DHCP ony
© BOOTP ow
Chi y phai dién ding dia chi MAC Address cia Client can cp Reservation, Dia
chi MAC Address duge viét lign tue khéng ¢6 khong tring hoc dau ngang (-)
Buse tiép theo, Admin phai cdu hinh cho PC Reservation nay chi dinh try tiép ra
DNS cia ISP 210.245.31.130 tire 1a cdu hinh Reservation Options ciia riéng PC
nay.
GVHD: TS Lé Anh Ng@c 32
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
(Pusrase
(Poianscevee
(Gasorstarnane
tunes we
[Pow unsner ie
RSL)
PEETE
Reservation Options néu khéng céu hinh, PC duge cdp Reservation sé sir dung
Scope va DHCP Options,
Chon cae Option
muon cau hinh riéng
bigt cho Client nay,
va dién thong sé cho
Options do. G day,
theo yéu cau dira ra,
Admin chi can cdu
hinh DNS chi dinh
vé 210.245.31.130
GVHD: TS Lé Anh Ng@c
Quan sat ky trong phan
OPTIONS cita
Reservation sé thay
DNS Server da déi,
biéu tugng cing d6i
nhung nhimg thinh
phan khac nhu Router,
DNS Domain Name
vin khong d6i? Nhimg
OPTIONS nio khong
cau hinh Reservation sé
duge lay tir Scope
Options dua xuong,
33
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Option Ne Need [vee css
Bed geese eda =
BB ences) [Pons tater Serdei 190358. ere
EGlseeel SIMON Ppccnmntne Seed hne.an =
ices UGreangeccnes —arded ms =
Sim [Gowen send os wee
[tne Ta
Bop opus
(serie cpr
Quan sat qua Scope Options ching ta sé thay rd hon
eT Scope Options sit dung
= “a chung cho tit ca cdc
= eT Client trong Scope. Nhur
Parag \gactone ‘add RUD tm | Vay Reservation
Seeereinignane gute ell Bai = | Options va Scope
Sir Gece Saey in tm | Option edi ndo durge wu
oBrenen cee i "| én hon? Cau hoi nhd
Stesimnn é ;
ania nay cho Admin ty tri
oe lei.
Kiém chimg lai qu trinh cdu hinh Reservation bing céch RELEASE vi RENEW
xin IP méi trén may tinh mang dia chi MAC Address 00002F LABF6D. Néu cdu
hinh IP xin duge 192.168.1.99 va DNS chi dinh ra ISP 210.245.31,130 i ding
Tao
hinh
0)
Dé bit dau cdu hinh mét New Scope wizard, mé DHCP tir Administrative Tools,
right click vao tén ciia DHCP server mi chting ta mudn tao ra New Scope va click
New Scope, Ta sé co mé ti bing théng sé khi ching ta tao mOt new scope bing
New Scope Wizard nhw sau:
+ Name: Tén cila scope.
+ Description: sy mé ti hay 1d néi r6 vé cai scope ching ta dinh tao
+ Start IP address va End IP address: xéc dinh mét range ciia cdc dia chi mi DHCP
server 6 thé cp cho tir scope nay. Dé ngan chin cac van dé duplicate (tring) dia
chi IP, khong nén dimg cing m6t dia chi IP trong hon mot scope. (vi dy: Start IP
address: 192,168.1.1, End IP address: 192.168.1.254)
GVHD: TS Lé Anh Ng@c 34
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
+ Length hode Subnet mask: subnet mask a
théng sd nay, nhap vao sé bit ma né lim subnet mask, hoje 14 IP address ciia
subnet mask (vi dy: img véi Start IP address bén trén thi Length 14 24, hodc subnet
mask la: 255,255,255.0)
+ Exclussion address range (optional): ching ta cé thé xd¢ dinh mot hode nhié
hon cdc range dé loai ra tir scope. Nhiing dia chi IP loai trir nay 1a khong duge cdp
cho cdc DHCP client va ding dé tranh vige tring IP address clia cic may déng vai
trd nhu 1d mét print server.
+ Lease duration: nhu da dé cap & truée dé 1a khoang théi gian mi DHCP client
duge thué trong khoang thai gian la ngay, gid, phut. Gid tri mac dinh cua né 1a 8
ngay. Dé cé thé sita lai duge khoang théi gian cho thué Li unlimited (v6 thai han),
chang ta phai cdu hinh scope properties sau khi da tao ra new scope bai vi wizard
khong cung cp option dé cdu hinh mét unlimited scope.
(chi y: sau khi tao scope, ching ta khéng thé thay déi subnet mask ma ching ta da
dinh, Dé thay di théng tin scope, ching ta phai delete scope va tgo lai scope méi
vai théng tin chinh xc)
Cac thudn lgi va tré ngai cua viée thay déi mét khoang théi gian thué mic dinh (8
ngay)
+ Gidm bét théi gian thué (< 8 ngay ching han): vige lim giam théi gian thué nay
ing c6 cai hay 1a ching ta sé cp nhat duge thong tin cdu hinh mét khi c6 st thay
446i mét cach thudng xuyén, Nhung bén canh dé, né cing phat sinh ra van dé nhw
sau, dé 1a sé dé dan téi su network traffic, va néu DHCP server nay "chét tam théi"
r0i thi sé ra sao, khéng duge cap IP khde cho né chit sao nita,
+ Tang thdi gian thué(>8 ngay ching han): né sé nguge lai véi vige giam théi gian
thué, c6 nghia 1a né sé lam gidm network traffic, sé tiép tye hoat déng néu DHCP
server "chét" trong khoang thdi gian dai (down xuéng dé stra chita ching han),
Nhung viée nay sé lim cho vige cap nhat sy thay déi cdc théng tin sé khéng
thuéng xuyén,
+ Khéng giéi han thdi gian thué (unlimited): viéc unlimited sé gitp cho mang ciia
ta chi bj network traffic ngay khi may khéi dong va eding cé nghia li né chi cap
nhat théng tin cdu hinh lai m6i khi n6 duge khéi dong lai ma théi,
Kich hoat n
ope (Ac
Sau khi ching ta tao mOt scope, né van chua hoat dong (chua thé cdp IP address)
chiing ta phai kich hoat né. Dé kich hogt mét scope, trong DHCP, right click vio
cdi scope ma ching ta vita méi tao va click Activate,
(chi y: 48 chic ring tic cd cdc mAy client nhin diing théng tin cdu hinh, ching ta
phai thiét lap cdc scope option cho ding true khi kich hoat nd),
GVHD: TS Lé Anh Ng@c 35
Mang miy tinh (Nhom 8) ~ DHCP
Cau hinh mét scope véi cac option:
Ching ta cé thé céu hinh mét scope dé cung cdp cde dang théng tin cho DHCP
lease, Vi dy nhy li cdu hinh m6t DHCP server va cung c4p cho né dia chi cua
router dé cho phép cdc client lién lac duge véi nhau théng qua mét subnet, Nhw
bén trén, khi tao m6t New Scope Wizard sé c6 cde option dé chon nhw 1a router
(Default Gateway), Domain name, DNS va WINS server.
Cie option duge hé try boi DHCP:
+ Dia chi IP cua router: dé cung cdp théng tin ny, ta chinh 003 Router véi IP
address cia mt router mac dinh, Router nay thong thudng duge coi 14 mot default
gateway.
chi IP ciia mét hoae nhiéu tén DNS cua cdc server c6 higu lye téi
Dé cung cp théng tin nay, ta cdu hinh 006 DNS Servers véi IP address
hodc nhiéu DNS server.
+ Tén mién cia DNS: mét tén mién DNS dinh nghia mién ma may d6 thudc vé.
Cae may client 6 thé sir dung théng tin nay dé update m@t DNS server. Dé cung
cap théng tin nay, cau hinh 015 DNS Domain Name véi tén mién DNS 46,
+ Dia chi IP cua mét hay nhiéu WINS server c6 higu Iye t6i cae client: cdc client
sir dung mét WINS server cho vige gidi ten NETBIOS (Network Baic Input/Ouput
System). Dé cung cdp théng sé nay, cdu hinh 044 WINS/NBNS Servers voi mot
dia chi IP ciia mét hay nhiéu WINS server.
+ Sy gidi tén tir NetBIOS qua TCP/IP: dé dua ra théng tin niy, cdu hinh 046
WINS/NBT node type véi kiéu NetBIOS thich hgp. Kiéu giai tén xac dinh yéu cau
ciia céc client sir dung cdc server tén NetBIOS va sé broadcast dé giai tén tir tén
NetBIOS sang IP address.
client.
iia mot
Cdu hinh vigc thém vao mét scope option:
+ Mé DHCP tir Administrative Tools. Trong console tree, click yao tén cla DHCP.
server ma ching ta muén thém vo scope options.
+ Trong phin mé rong cia console tree, click vio Scope Options, va click
Configure Options,
+ Trong hép thoai Scope Options, trén General tab, trong hép Available Options,
chon check box dén bén trai option ma ching ta muén.
+ Trong hép Data entry, xac dinh thong tin cdu hinh thich hgp cho option.
cho mét client:
GVHD: TS Lé Anh Ng@c 36
Mang miy tinh (Nhom 8) ~ DHCP
Tai sao cin phai c6 dinh mot IP address cho mot client? Digu nay la can thiét?
c client dé gitr lai mét dia chi x4c
dinh cho mét may DHCP client dé mi cde may clien thudng xuyén c6 cing mot
dia chi, Vi dy, ching ta muén cé dinh mét IP address cho mt may 1am Printer
server hay ki ching han,
(cha y: néu ma trong m6 hinh mang cua minh co nhiéu hon mot DHCP server thi
ching ta phai cdu hinh dia chi ¢6 dinh 46 cho DHCP client 46 6 mi DHCP server.
Diéu nay ngin chin vige client nhin duge dja chi IP khae tir mt DHCP server
khic.)
Cau hinh nhu sau:
+ Mo DHCP tir Administrative Tools menu. Trong nhanh console, mé réng server
ma ching ta muén config, mé rong scope ma ching ta muén thém vao dé mét dia
chi cé dinh va sau dé click va Reservations
+ Right click vio Reservation vi click vaoNew Reservation. Trong hép
thoai New Reservation, trong Reservatopm name, nhap tén dé xc nhin client 43
(tén gi ciing dugc, nhatrangriver chang han).
+ Trong h6p IP address. danh vao dja chi IP ma ching ta muén gitt lai cho mot
client. (vi dy: 192.168.1.111 chang han)
+ Trong hép MAC address, dinh vio dia chi MAC (Media Access Control) ciia
card mang cia client ma minh muén git lai IP cho client 6. (cdi nay minh da dé
cap trong phan 2 rdi, nhung nhé 1a bé may dau "-" di, vi dy dia chi MAC 1a:
00a024e2b01a, va nhé danh chinh xéc MAC address néu muén gitt lai IP address
cho duing client)
+ Trong h6p Comment, danh mt léi chi thich cho client 46 (vi dy: This is Web
server)
+ Trong hp Supported types, click chon phuong phap ma client sir dyng, va sau
6 click vao Add. (6 day BOOTP duge ding khi cdc client khéng thude vé dong
hé diéu hanh cia Microsoft, vi du nh khi chang ta muén Remote Installation
Services (RIS) (cai dat cde dich vy tir xa) thi ching ta sé phai str dung BOOTP
thay vi DHCP).
iu hinh DHCP Relay Agent:
DHCP Relay Agent trong hé théng mang cé 2 subnet :
M6 hinh: Hé théng mang bao go
GVHD: TS Lé Anh Ng@c 37
Mang miy tinh (Nhom 8) ~ DHCP
+ Mot DHCP Server, o6 IP 1i 192.168.1.1, néi vi Switch 1. C6 nhigm vy cép IP
d6ng cho 2 subnet A va B, Quan ly 2 scope la 192.168. 1.x va 10,10, 10x
+ Céc client & subnet A duge cap IP trong day 192.168.1.x
+ Mt DHCP Relay, ¢6 2 card mang, card mang thir | c6 IP i 192.
Switch | (néi véi subnet A). Card mang thi 2 ¢6 IP 13 10.10.10.1 n
(néi vi subnet B).
+ Céc client & subnet B duge cap IP trong day 10.10.10.x
1.2 néi vi
i Switch 2
intemet
DHCP Server
Subnet B
t0.10:10%
Cau hinh
* Trén DHCP Server
- Ta chi cin cu hinh 2 scope.
- Trong phan Scope option cita Scope dinh cho subnet A ta cdu hinh myc thém
003Router li 192.168.1.2 ( dia chi ctia DHCP Relay).
GVHD: TS Lé Anh Ng@c 38
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Fle Action View Helo
Scope Options
[5 B sertizacet.a)
{GD Scone [10.0,0.0) Scope cho subnet B
cess Pool
(G3 Address Leases
i# Ga Reservauens
‘9: Scope (192, 165.1.0] Soe co Subnet &
sever cpton
* Trén DHCP Relay Agent :
- Ta cin Enable Routing and Remote Access :
+ Starl/ Program/ Administrator Tool/ Rounting and Remote AccessClick phai vao
tén may, chon Configure and Enable Routing and Remote Access
+ Chon Next, chon Custom Configuration, chon tiép LAN Routing. Chon Next liam
cdc buéc tigp theo, sau dé click Finish dé hoan thanh
Custom Configuration
‘When tis wizaid closes, you can configure the selected seizes inthe Fiouting
ard Rennie Access consele
Select the services thet you nani to enable en this server
Sei.
F Diatup access
7 Denand-al eonrestios (usedifer ranch aff roving}
7 NAP and basis fewal
FF LAN routing
«flank Nae | __ Corea
Chon IP Routing / General/ Click phai chon New Routing Protocol/
GVHD: TS Lé Anh Ng@c 39
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
1 Routing and Remote Access
esol eAB|
oo |
Sareea Interface ~
A se toe ie
Bicmiietas ROR?
LEP Routing
LAN
see er
Boer teu rioface
Bonar
= pene; SNOW TCPIP Infornatcn.
mete Sow muticastForwerdng Table
Show Mulicact statics
Trong New Routing Protocol chon DHCP Relay Agent
Sie
Click the routing pretocal that you wan te add, than efck OK.
outing prctocels
| IGMP Router aid Prony
|'F Open Shoriect Path First (OSPF)
| RIP Yerson 2 for Internet Protocol
Cancel
- Chon DHCP Relay Agent/ Click phai chon New Interface
GVHD: TS Lé Anh Ng@c 40
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Fle Betion View
5 IP
e > |Gim|xsaR @
[Ei foutng end Remote Access | DHCP Relay Ag
Server Satis Beas
ER (oss) lvl ew
By Network interfaces er ‘
SE eoutra
Hy concn
Bi static routes
a
Bnaifiaschre New inlerce
tn BY Rencte Access Pal
tb Ga Rencte access Lec
yew ,
Delete
Refresh
Export Lt.
=
- Chon card mang néi v6i subnet muén cp, 6 day 1a card mang néi voi Switch 2
x
This toutingprotneo) runs on theinteface that you sect below.
Interfaces
2 intemal
83 vivo sich
Tiép theo, click phai vao DHCP Relay Agent, chon Propertives.
GVHD: TS Lé Anh Ng@c 41
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
+ + |SG|x# Pe
Erg and Rene sess CP aay
Server Status ere)
5 Bat to)
Networcneeraces
8 Br rostng
cereal
2 Static Routes:
Bi Naifeasicre: New interface
EY Remcte Access Pol
El Remete acess Loc
Tnieface 1
nal vol site
Yew ,
Delete
Refresh
Export Lis.
- Tai 6 Server address, go IP ctia DHCP Server, Chon OK dé hoan thanh,
GVHD: TS Lé Anh Ng@c
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
EXE!
General |
a3 Dynaris Hos! Configuation Proloee (DHCP) Glcbal
The DHCP ay agent sence eiages tothe seve aces Inte
ee
Sever adders
2.168. 7 7 Add
Eenove
oan en ee
* DHCP Relay Agent trong hé théng mang cé 3 subnet :
‘M6 hinh: Hé théng mang bao
+ M@t DHCP Server, o6 IP 1a 192.168.1.1, ndi véi Switch 1. Cé nhigm vy cdp IP
dong cho 3 subnet A, B va C. Quan ly 3 scope 14 192.168.1.x, 10,10,10x va
172.16.16.x
+ DHCP Relay 1, c6 2 card mang, card mang thit 1 c6 IP la 192.168.1.2 néi voi
Switch | (ndi véi subnet A), Card mang thir 2 c6 IP 1a 10.10.10.1 néi voi Switch 2
(néi voi subnet B).
+ DHCP Relay 2, c6 2 card mang, card mang thir 1 c6 IP la 10.1 néi voi
Switch 2 ( néi véi subnet B), Card mang thir 2 06 IP 14 172.16.16.1 ndi véi Switch
3 (néi véi subnet ),
+ Cac client 6 subnet A duge cap IP trong day 192.168.1.x
client & subnet B duge cap IP trong day 10.10.10.x
client subnet C duge cap IP trong day 172.16.16.x
GVHD: TS Lé Anh Ng@c 43
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
sates
Cau hinh
* Trén DHCP Server
- Ta chi cin cdu hinh 3 scope,
- Trong phan Scope option cia Scope danh cho subnet A ta cdu hinh myc thém
003Router Li 192,168.1.2 ( dja chi ctia DHCP Relay 1).
- Trong phan Scope option cia Scope danh cho subnet B ta cdu hinh myc thém
003Router li 10.10.10.2 ( dia chi ciia DHCP Relay 2) .
le Aclon wew Hep
¢» |eim|/ ae ele
HEP | Scope Options
wy serLis2.168.1.1) Seas
© leap [100.90] ene ho abet boos puter
ia Gy Seape [172.0.0.0] Seape cha cubmat C
(@ fceess Pool
(GQ tedrecs Leaces
te Go Reservatons
‘8G Scope [192, 168.1.0] Scope cho Subnet A
Gy server Options
* Trén DHCP Relay Agent :
GVHD: TS Lé Anh Ng@c 44
Mang miy tinh (Nhom 8) ~ DHCP
ju hinh tén 2 may chay DHCP Relay Agent 1 va DHCP Relay Agent | cing
giéng nh cdch cu hinh DHCP Relay Agent trong hé théng mang cé 2 subnet &
- Bén canh dé, ta can phai cdu hinh trong myc Static Routes.
(outing and Remote Access
ing ard Rewote Access
Server Status
SER local)
Network IncerFacas
Bp actrg
oe
3
B cree neay agent
Bo NATPBasé: Firsval
AY Remote AccessPakies
:CD enote Access Logging
3. Quan ly dich vy DHCP:
3.1. Quan I Database cia DHCP Server:
uw hinh dich vy DHCP 1 mét phan cia gidi php mang. Vi mdi trudng
lich vu DHCP 1a dong, thay ddi lién tuc. Vay nén vige theo doi hoat
dong nay 1a can thiét tranh nhimg sy cé cé thé xay ra trong hé théng mang. Cau
hinh mic dinh ciia Windows Server 2003 thi co sé dit ligu cia DHCP duge hru
theo duéng din : %SystemRoot% \ System32 \ DHCP
Déng bé6 dit ligu: thong thudng khi c6 mdt sé thay déi (hOng tin trong hé théng
mang hoic sau khi phye h6i dir ligu cia DHCP thi sy dong b6 dién ra chia kip thoi
nén gay ra nhiing sai sét. Dé khdc phuc ta tién hanh déng b6 trén hé thong. Khi di
tién hanh dong b6 dit ligu dich vy DHCP sé ting hgp 2 théng tin tir Registry v
trong co sé dif ligu dé tng hgp chinh xac cdc théng so cau hinh hign tai. Ta co thé
thay trong Console quan ly.
3.2. Sao heu va phuc hai dich vu DHCP.
GVHD: TS Lé Anh Ng@c 45
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Backup Database DHCP:
Ngudi thyc hign : Domain Admin, DHCP Admin, Local Admin, Backup Operator.
Vao Start 4 Run g6 Iénh dhepmgmt.mse
Chugt phai vio DHCP Server --> Chon Backup
Ele ation wen Hep
poise, Dishy Stats.
hosess
Bsc hee eos oldiocamy apes Aahe "Rene P122800.4084
Bites en supercon. oiva)dksecaty soe? Ache" Rene P2108 10.024
L@ Scope ¢
SD Scope [102.
{Ba Actress: :
6) sedre¢§
HG Reserve
ees Miele Ga
Dae anda daeee..
Ie __| set redetnes oxen.
(Sade Uo contrat a i
Chi dung dan dé hu tri Database cita DHCP Server
as
Scleck the foldar where the DHCP server should lacctie
Backed up fies.
Gwe
© © sdrinitraton
7B cairont
BD camoctz
EQ atev
Nhin OK dé hoan tat backup.
GVHD: TS Lé Anh Ng@c 46
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Restore Database DHCP:
Nguwdi thye hign : Domain Admin, DHCP Admin, Local Admin, Backup Operator.
Vao Start --> Run gd lénh dhepmgmt.mse
‘Chugt phai vio DHCP Server --> chon Restore
gio
chaps vor 195166. 1.21
Ca server Ontos aay Siti.
en spe.
uscestest cesses asonedto conoutes rexosin 3 dynanic P
aie ardcenfaie astcpe here dynamic I acdeseae an be
Aton ray lk Mew Sop.
ae 1 eltnigup ADCP saver, ze6 canola
pate ene Gre
Sep mecened cptone.
eee Tae EE
Chi dung din dén thu muc di backup dhep tnréc d6 --> OK
aa
‘Select the folder where the HCP server can find the
Backed up fies.
My Computer
By 310 Floppy (as)
& S SERVER 2003 (C:)
= SoaTao)
Be
(Grew
© 20ne0813_111521(E)
Ve tow tle Con
GVHD: TS Lé Anh Ng@c 47
Bao cdo a8 181 Mang miy tinh (Nhém 8) ~ DHCP
Hé théng sé yéu cau stop va sau dé sé restart lai dich vy DHCP --> OK
& a
Inner fr chenges tok effec the service mtb stoned andrestated. Would
yous todo this now?
Refesh lai DHCP, tiép dén chugt phai vio DHCP Server chon Reconcile All
Scopes dé déng bé héa gitta Database va Registry,
168.1 O]ddeieaurey scope Acs Range 1AN2.168.1.064
105.10.0) catsecurty ope 2 Ace" Range Pas2.tea.10.O/24
OB sore
2G spe fie
DB Actes:
1 hashes:
2
eS tote tse ches
tetce Yond Sse
Set Petre Opn
Ok, dén day cong vige khéi phyuc Database én DHCP da hoan thanh
3.3. Gidm sat hoat déng cia DHCP:
Ching ta co thé sir dung céng cy Event Viewer nim trong thu myc
Administrative Tools dé giam sat hoat dng cia DHCP, Event Viewer lyu trit cde
su kién cia system, application va security. Tat cd cdc sy kign gidm sat hoat dong
ciia DHCP duge ghi nhin trong security log. Cac théng tin nay ghi nhin ca hoat
dng cua dich vu DHCP vi DHCP Server, vi du nhu DHCP Server duge start va
stop vio ltic nio, day IP c4p cho client gin can kiét vio lic ndo, database cla
DHCP bij Idi vao lite nao.
GVHD: TS Lé Anh Ng@c 48
Bao céo dé 1ai Mang miy tinh (Nhom 8) - DHCP.
Diing céc file log theo déi sy hoat d6ng hang ngay. Cac File Log ghi nhan méi 24
gid
a) Khi DHCP Server vita khdi dong hode qua ngay méi (sau 12h dém) DHCP
Server sé ghi nhin sy kign méi lén File Log. C6 2 trudng hgp c6 thé xay ra :
+ Néu File Log dang c6 ci hon 24h thi DHCP Server sé ghi dé lén dit
(éu File Log ghi nhan sy kign cha qua 24h thi DHCP Server sé ghi ni tiép.
b) Sau khi cde dit ligu bat dau ghi nhan thi ta nén kiém tra xem sy hoat dong cde
File Log cé kich hoat chua, dung lugng cdc file log 6 ting d6t bién hay khong,
kiém tra chinh xac ngay gid hé théng, dung lugng dia cimg cé dii dé Iu File Log
hay khong.
+ O trang thdi mac dinh thi cdc
+ Néu dung long 6 cimng kh6ng di nhu c:
Log dimg lai khéng ghi tiép.
+ Trong Registry ciing quy dinh khong cho céc File Log ghi qua 1/7 dung hrong
tréng trén Server (khéng qua 10MB néu dung luvong tréng trén Server li
70MB).Trong trudng hyp nay DHCP Server sé déng céc File Log dang cé va tir
chéi ghi nhan sy kign tiép theo,
File Log chi Iu 50 sy kign,
16i thigu 14 20 megabytes thi cde File
MGi mét sy kién trong log duge danh mét ma sé (ID number) riéng biét voi
nhau, Sau day 1a mét vai ID sy kign thuong gip trong system log cia DHCP :
Event ID 1037 (Information): cho biét DHCP Server da xéa sach co sé dit ligu.
Event ID 1044 (Information): cho biét DHCP Server duge uy quyén (authorized)
6 c6 thé cung edp dia chi IP cho client.
Event ID 1042 (Warning): cho biét dich vy DHCP dang chay trén hé thong thi phat
hign c6 dich vu DHCP khdc cing durge chay trén mang (tife 1a c6 2 may tinh chay
dich vy DHCP trong hé théng).
Event ID 1056 (Warning): cho biét dich
Domain Controller nhung né khéng duge
DHCP duge chay trén mdy chi
iu hinh dé cip nhat DNS dong.
Event ID 1046 (Error): cho biét dich vu DHCP chay trén Server nay chua duge dy
quyén (authorized) thé cung cdp IP dng cho client.
4, Bio mit trong dich vy DHCP
4.1. Bao mat co ban cho DHCP Server:
GVHD: TS Lé Anh Ng@c 49
mit vat ly cho céc may chi DHCP (physically secure)
Nén sir dung hé théng file NTFS dé lu trit dit ligu hé thong.
- Trién khai va img dung cdc giai phap anti-virus manh cho hé théng,
- Thudng xuyén cp nhit cdc ban va I6i cho cdc phan mém va Windows.
+ Cée dich vy hay ede phan mém khéng sir dung thi nén x6a hoc uninstall di.
- Thye iG¢ quan ly DHCP véi user c6 quyén han t6i thiéu nhat.
- DHCP Server phai duge dat phia sau firewall,
- Déng tat ca cde port khong sir dung dén,
- Dé tang thém tinh bio mat cho DHCP Server, ta cé thé sir dung VPN tunnel
io mat traffic DHCP.
- Sir dung filter MAC Address,
- Gidm sat hoat dong ctia DHCP bing cach xem qua cic file log va xem thong
ng ké cua hé thong trén DHCP Server.
4.2. Ngiin chan mét sé kiéu tén cong déi voi DHCP:
Nhu ching ta da biét, hu hét dich vy DNS va DHCP mie dinh khéng duge
bao mit, Loi dung diéu nay, cac attacker c6 thé tién hanh tn céng cac may chit
chay dich vu DNS va DHCP. Déi véi dich vy DHCP thi cdc kiéu tan céng mi
attacker 06 thé thye hign a6 1a +
Tan céng tir chéi dich vu bang cach “vét can” tat ca cdc gid tri ma DHCP cé thé
cdp cho client
Attacker
Khi DHCP Server nhgn duge mét DHCP request tir client, DHCP Server sé
cung cp cho client d6 mét dja chi IP nam trong day IP ma n6 duge phép cap. Vi
GVHD: TS Lé Anh Ng@c 50
You might also like
- The 7 Habits of Highly Effective PeopleFrom EverandThe 7 Habits of Highly Effective PeopleRating: 4 out of 5 stars4/5 (353)
- The 7 Habits of Highly Effective People Personal WorkbookFrom EverandThe 7 Habits of Highly Effective People Personal WorkbookRating: 4 out of 5 stars4/5 (2515)
- How to Win Friends and Influence People: Updated For the Next Generation of LeadersFrom EverandHow to Win Friends and Influence People: Updated For the Next Generation of LeadersRating: 4 out of 5 stars4/5 (2327)
- The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeFrom EverandThe Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeRating: 4 out of 5 stars4/5 (5813)
- Habit 1 Be Proactive: The Habit of ChoiceFrom EverandHabit 1 Be Proactive: The Habit of ChoiceRating: 4 out of 5 stars4/5 (2559)
- Art of War: The Definitive Interpretation of Sun Tzu's Classic Book of StrategyFrom EverandArt of War: The Definitive Interpretation of Sun Tzu's Classic Book of StrategyRating: 4 out of 5 stars4/5 (3321)
- The Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeFrom EverandThe Subtle Art of Not Giving a F*ck: A Counterintuitive Approach to Living a Good LifeRating: 4.5 out of 5 stars4.5/5 (20099)
- How To Win Friends And Influence PeopleFrom EverandHow To Win Friends And Influence PeopleRating: 4.5 out of 5 stars4.5/5 (6538)
- Influence, New and Expanded: The Psychology of PersuasionFrom EverandInfluence, New and Expanded: The Psychology of PersuasionRating: 4.5 out of 5 stars4.5/5 (730)
- Never Split the Difference: Negotiating As If Your Life Depended On ItFrom EverandNever Split the Difference: Negotiating As If Your Life Depended On ItRating: 4.5 out of 5 stars4.5/5 (3310)
- The 7 Habits of Highly Effective PeopleFrom EverandThe 7 Habits of Highly Effective PeopleRating: 4 out of 5 stars4/5 (2571)
- Anna Karenina: Bestsellers and famous BooksFrom EverandAnna Karenina: Bestsellers and famous BooksRating: 4 out of 5 stars4/5 (7503)
- The Odyssey: (The Stephen Mitchell Translation)From EverandThe Odyssey: (The Stephen Mitchell Translation)Rating: 4 out of 5 stars4/5 (7771)
- The Illustrated Alice in Wonderland (The Golden Age of Illustration Series)From EverandThe Illustrated Alice in Wonderland (The Golden Age of Illustration Series)Rating: 4 out of 5 stars4/5 (4347)
- American Gods: The Tenth Anniversary EditionFrom EverandAmerican Gods: The Tenth Anniversary EditionRating: 4 out of 5 stars4/5 (12955)
- Alice in Wonderland: Down the Rabbit HoleFrom EverandAlice in Wonderland: Down the Rabbit HoleRating: 4 out of 5 stars4/5 (4611)
- Pride and Prejudice: Bestsellers and famous BooksFrom EverandPride and Prejudice: Bestsellers and famous BooksRating: 4.5 out of 5 stars4.5/5 (20479)
- The Wind in the Willows: Classic Tales EditionFrom EverandThe Wind in the Willows: Classic Tales EditionRating: 4 out of 5 stars4/5 (3464)
