You are on page 1of 71

LOGO

TRNG TRUNG CP KINH T K THUT TY BC KHOA CNG NGH THNG TIN

CC DCH V MNG

Gio vin bin son: T Thanh Tr Email: thanhtri_it@yahoo.com

GV: T Thanh Tr

LOGO

DHCP Dynamic Host Configuration Protocol

1. Gii thiu dch v DHCP


Thng thng mt m hnh mng, Admin c th cu hnh IP cho cc my client theo 2 cch l: cu hnh th cng (static) v cu hnh t ng (dynamic) dng DHCP cp pht IP ng. 1. Static: Khai bo a ch IP dng tnh trn tng my client theo cch th cng. Ch nn dng cch ny cp pht a ch IP cho cc client khi : - Mt my ch hoc mt my trm (client) ang chy mt ng dng i hi phi c IP tnh. - Trong mng khng c DHCP Server. - Quy m mng nh (di 20 my).

1. Gii thiu dch v DHCP


2. Dynamic : a ch IP ng l mt a ch s thay i trong khon thi gian xc nh. Ngi qun tr dng dch v DHCP cp pht a ch IP ng ny cho cc my trm trong mng. Ph hp vi vic cp pht a ch cho mt mng ln, v vic cp pht IP ng dng ny c qun l tp trung thng qua DHCP Server.

So snh Dynamic v Static


- Khc phc c tnh trng ng a ch IP v gim chi ph qun tr cho h thng mng. - Gip cho cc nh cung cp dch v (ISP) tit kim c s lng a ch IP tht(public IP). - Ph hp vi cc my tnh thng xuyn di chuyn qua li gia cc mng. - Kt hp vi h thng mng khng dy (Wireless) cung cp cc im Hostpot nh: nh ga, sn bay, trng hc,

2. C ch hot ng ca DHCP
Giao thc DHCP lm vic theo m hnh client/server. Theo , qu trnh tng tc gia DHCP client v server din ra theo 4 bc sau y : a. IP lease request b. IP lease offer c. IP lease selection d. IP lease acknowledgement

2. C ch hot ng ca DHCP
1. IP Lease Request u tin, client s broadcast mt message tn l DHCPDISCOVER. Do client lc ny cha c a ch IP cho nn n s dng mt a ch source(ngun) l 0.0.0.0 v cng v client khng bit a ch ca DHCP server nn n s gi n mt a ch broadcast l 255.255.255.255. Lc ny gi tin DHCPDISCOVER ny s broadcast ln ton mng.

2. C ch hot ng ca DHCP
2. IP Lease Offer Nu c mt DHCP hp l (ngha l n c th cp a ch IP cho mt client) Nhn c gi tin DHCPDISCOVER ca client th n s tr li li bng mt gi tin DHCPOFFER. Gi tin ny i km theo nhng thng tin sau: + MAC address ca client + Mt IP address cp cho (offer IP address) + Mt subnet mask + Thi gian thu (mc nh l 8 ngy) + a ch IP ca DHCP cp IP cho client ny

2. C ch hot ng ca DHCP
3. IP Lease Selection DHCP client nhn c gi tin DHCPOFFER th n s phn hi broadcast li mt gi DHCPREQUEST chp nhn ci offer . DHCPREQUEST bao gm thng tin v DHCP server cp a ch cho n. Sau , tc c DHCP server khc s rt li cc offer (trng hp ny l trong mng c nhiu hn 1 DHCP server) v s gi li IP address cho cc yu cu xin IP address khc.

2. C ch hot ng ca DHCP
. IP Lease Acknowledgement HCP server nhn c DHCPREQUEST s gi tr li DHCP client mt DHCPACK cho bit l chp nhn cho DHCP client thu IP address . i tin ny bao gm a ch IP v cc thng tin cu hnh khc (DNS server, WINS server... ) hi DHCP client nhn c DHCPACK th cng c ngha l kt thc qu trnh "tm kim v xin s " c a mnh. h : (Tc c vic trao i thng tin gia mt DHCP

3. C ch t ng refresh li thi gian ng k (lease time)


Theo mc nh ca DHCP server th mi IP lease ch c c 8 ngy. DHCP client sau mt khong thi gian l 50% (tc l 4 ngy) n s t ng xin li IP address vi DHCP m n xin ban u. DHCP client lc ny s gi mt s gi mt DHCPREQUEST trc tip (unicast) n DHCP server m n xin ban u.

3. C ch t ng refresh li thi gian ng k (lease time)

3. C ch t ng refresh li thi gian ng k (lease time)


Nu m DHCP server "cn sng", n s tr li bng mt gi DHCPACK renew(cho thu mi li) ti DHCP client Nu DHCP server " cht", th DHCP client ny s tip tc s dng cu hnh hin thi ca n.

3. C ch t ng refresh li thi gian ng k (lease time)

3. C ch t ng refresh li thi gian ng k (lease time)


V nu sau 87.5% (7 ngy) ca thi gian thu hi n thi ca n, n s broadcast mt DHCPDISCOVER update a ch IP ca n. Vo lc ny, n khng kim ti DHCP server ban u cho n thu na m n l s chp nhn bt c mt DHCP server no khc. Nu thi gian ng k ht, th client s ngay lp tc dng li vic s dng IP address ng k . V DHCP client sau s bt u tin trnh thu mt a ch nh ban u. Ch :Khi bn khi ng (restart) li DHCP client th n s t ng renew li IP address m trc khi n shut down.

3. C ch t ng refresh li thi gian ng k (lease time)

3. C ch t ng refresh li thi gian ng k (lease time)


Ta c th renew mt IP lease "bng tay" i vi DHCP client nh sau: Vo Start / run g lnh ipconfig /renew. Khi n s gi mt DHCPREQUEST n DHCP server update thng tin v cu hnh, v th i gian ng k mi. V ngc li, nu ta khng mun ng k ci IP address ny na ta c th lm nh sau: Vo Start / run g lnh ipconfig /release. Lc ny, n s gi n DHCP server mt DHCPRELEASE. Sau lnh ny, client s khng cn lin lc vi network bng TCP/IP na.

3. C ch t ng refresh li thi gian ng k (lease time)

4. DHCP Replay Agent l g?


DHCP Replay Agent l mt my tnh hoc mt Router c cu hnh lng nghe v chuyn tip cc gi tin gia DHCP Client v DHCP Server t subnet ny sang subnet khc.

4. DHCP Replay Agent hot ng ntn?


Dch v Routing & Remote Access ca Windows Server 2003 h tr tnh nng cu hnh nh m t DHCP Relay, ch cn kch hot tnh nng ny trong Routing & Remote Access. Nu mi mng chng ta dng ln 1 DHCP Server th tn km v khng cn thit, vic bo tr cng nh qun l rt kh khn. C th cu hnh Router cc tn hiu Broadcast i qua nhng vic ny s gy nhng rc ri khi h thng mng gp trc trc. Thm na l lu lng cc gi tn Broadcasd qu nhiu s lm tt nghn h thng mng.

5. DHCP Replay Agent hot ng ntn?


1. Client Broadcasts gi tin DHCP Discover trong ni b mng.

5. DHCP Replay Agent hot ng ntn?


2. DHCP Relay Agent trn cng mng vi Client s nhn gi tin v chuyn n DHCP server bng tn hiu Unicast.

5. DHCP Replay Agent hot ng ntn?


3. DHCP server dng tn hiu Unicast gi tr DHCP Relay Agent mt gi DHCP Offer

5. DHCP Replay Agent hot ng ntn?


4. DHCP Relay Agent Broadcasts gi tin DHCP Offer n cc Client

5. DHCP Replay Agent hot ng ntn?


5. Sau khi nhn c gi tin DHCP Offer, client Broadcasts tip gi tin DHCP Request.

5. DHCP Replay Agent hot ng ntn?


6. DHCP Relay Agent nhn gi tin DHCP Request t Client v chuyn n DHCP server cng bng tn hiu Unicast.

5. DHCP Replay Agent hot ng ntn?


7. DHCP server dng tn hiu Unicast gi tr li cho DHCP Relay Agent mt gi DHCP ACK.

5. DHCP Replay Agent hot ng ntn?


8. DHCP Relay Agent Broadcasts gi tin DHCP ACK n Client. n y l hon tt quy trnh tip nhn x l v chuyn tip thng tin ca DHCP Relay Agent.

6. Cp php mt DHCP service


Bn phi cp php (hay cn gi l y quyn) mt DHCP server trc khi n c th thc hin vic cho DHCP client thu a ch IP. Vic yu cu cp php cho cc DHCP server s ngn chn vic cc DHCP server c kh nng cung cp cc a ch IP khng hp l cho cc client (hay cn gi l DHCP gi mo) trong ni b domain ca chng ta. thc hin c vic ny bn phi logon bng user nm trong group Enterprise Admins.

6. Cp php mt DHCP service


Gi s chng ta c 2 Server cng chy dch v DHCP(tm gi l DHCP Server1 v DHCP Server2) trong ni b domain ca mnh. Nhng ch c duy nht DHCP Server1 l c cp php chy dch v ny. u tin khi dch v DHCP trn Server1 c kch hot (start) th Server1 s kim tra xem dch v DHCP ca mnh c c Domain Controller cp php hot ng hay khng? Bng cch gi mt yu cu n my ch Domain Controller nh kim tra dm mnh c c php cp IP ng cho ni b domain hay khng?

6. Cp php mt DHCP service

6. Cp php mt DHCP service


Sau khi nhn c yu cu kim tra ny t pha DHCP Server1, Domain Controller s tin hnh kim tra xem Server1 c c cp php hot ng dch v DHCP hay khng?

6. Cp php mt DHCP service


V Server1 c cp php hot ng dch v DHCP nn Server1 c php cung cp a ch IP ng cho cc DHCP client trong ni b domain. Ngc li vi Server1, Server2 sau khi khi ng dch v DHCP cng tin hnh nh Domain Controller kim tra. Do khng c cp php hot ng dch v, cho nn mc d dch v c start nhng Server2 vn khng c php cung cp a ch IP ng cho ni b domain.

6. Cp php mt DHCP service


Nu DHCP server l khng c authorize th DHCP service s log (ghi li) mt error trong system log (cc bn c th tm thy trong Administrative Tools/Event log). Cui cng DHCP Client xin c IP t DHCP Server1.

7. Phn bit s khc nhau gia cc level: server, scope, class v reserved client
Server level : cc option khai bo cp server s c p t ti tt c cc DHCP client ca DHCP Server. y l option c u tin thp nht.

7. Phn bit s khc nhau gia cc level: server, scope, class v reserved client
Scope level : cc option khai bo cp scope s c p t ti tt c cc DHCP client ca ring scope m thi, cc scope khc s khng chu nh hng. y l option c u tin cao hn option cp server level.

7. Phn bit s khc nhau gia cc level: server, scope, class v reserved client
Class level : Cc option khai bo cp class level s c p t ti nhng thnh vin ca class. u tin ca cc option ny cao hn option cp scope level.

7. Phn bit s khc nhau gia cc level: server, scope, class v reserved client
Reversed client level : Cc option cp ny s ch c p t n mt DHCP client m thi. y l option c u tin cao nht. N s ghi tt c cc option khc nu c conflict (xung t level) xy ra.

Ci t

43

Ci t

44

Ci t

45

Ci t

46

Ci t

47

Ci t

48

Ci t

49

Ci t

50

Ci t

51

Ci t

52

Ci t

53

Ci t

54

Ci t

55

Ci t

56

8. Qun l, gim st hot ng DHCP


Ci t cu hnh dch v DHCP l mt phn ca gii php mng. V mi trng lm vic ca dch v DHCP l ng, thay i lin tc. Vy nn vic theo di hot ng ny l cn thit trnh nhng s c c th xy ra trong h thng mng. Cu hnh mc nh ca Windows Server 2003 c s d liu ca DHCP c lu theo ng dn : %SystemRoot% \ System32 \ DHCP

8. Qun l, gim st hot ng DHCP


Sao lu phc hi d liu i vi dch v DHCP cng quan trng khng km, tng kh nng chu li ca DHCP Server khi gp s c v phn cng hoc phc hi trong trng hp c bit. Mc nh dch v DHCP t ng sao lu trong mi 60 pht theo ng dn %SystemRoot% \ System32 \ DHCP \ Backup. Trong cc trng hp dch v DHCP khng th np d liu th n t ng khi phc li theo ng dn mc nh trn. Lu : Khi bn thay i ng dn sao lu th qu trnh sao lu v phc hi bn phi thao tc bng tay(Manual)

8. Qun l, gim st hot ng DHCP


ng b d liu: khi c mt s thay i v thng tin trong h thng mng hoc sau khi phc hi d liu ca DHCP th s ng b din ra cha kp thi nn gy ra nhng sai st. khc phc ta tin hnh ng b trn h thng. Khi i tin hnh ng b d liu dch v DHCP s tng hp 2 thng tin t Registry v trong c s d liu tng hp chnh xc cc thng s cu hnh hin ti. Ta c th thy trong Console qun l.

8. Qun l, gim st hot ng DHCP


Dng cc file log theo di s hot ng hng ngy. Cc File Log ghi nhn mi 24 gi : a) Khi DHCP Server va khi ng hoc qua ngy mi (sau 12h m) DHCP Server s ghi nhn s kin mi ln File Log. C 2 trng hp c th xy ra : + Nu File Log ang c c hn 24h th DHCP Server s ghi ln d liu ny. + Nu File Log ghi nhn s kin cha qu 24h th DHCP Server s ghi ni tip.

8. Qun l, gim st hot ng DHCP


b) Sau khi cc d liu bt u ghi nhn th ta nn kim tra xem s hot ng cc File Log c kch hot cha, dung lng cc file log c tng t bin hay khng, kim tra chnh xc ngy gi h thng, dung lng a cng c lu File Log hay khng. + trng thi mc nh th cc File Log ch lu 50 s kin. + Nu dung lng cng khng nhu cu ti thiu l 20 megabytes th cc File Log dng li khng ghi tip. +Trong Registry cng quy nh khng cho cc File Log ghi qu 1/7 dung lng trng trn Server .

9. Backup Database DHCP


Ton b Database ca DHCP Server nm trong ng dn %systemroot%\system32\dhcp Ngi thc hin : Domain Admin, DHCP Admin, Local Admin, Backup Operator. 1. Vo Start / Run g lnh dhcpmgmt.msc 2. Chut phi vo DHCP Server --> Chn Backup

9. Backup Database DHCP


3. Ch ng dn lu tr Database ca DHCP Server

4. Nhn OK hon tt backup.

10. Restore Database DHCP


Ngi thc hin : Domain Admin, DHCP Admin, Local Admin, Backup Operator. 1. Vo Start --> Run g lnh dhcpmgmt.msc 2. Chut phi vo DHCP Server --> chn Restore

3. Ch ng dn n th mc backup dhcp trc --> OK

4. H thng s yu cu stop v sau s restart li dch v DHCP --> OK

5. Refesh li DHCP, tip n chut phi vo DHCP Server chn Reconcile All Scopes ng b ha gia Database v Registry.

Ok, n y cng vic khi phc Database trn DHCP hon thnh

11. Di chuyn DHCP Server qua mt Server khc


Trong thc t, i lc chng ta cn phi di chuyn mt DHCP Server t server ny qua mt server khc p ng nhu cu cng vic ca cng ty. hin thc vic di chuyn mt DHCP Server chy trn Windows Server 2003, bn cn phi tin hnh cc bc sau: - Xut c s d liu ca DHCP Server ang s dng trn my c ra mt file text. - Ci t mt DHCP Server trn my tnh Windows Server 2003 mi. - Nhp c s d liu ca DHCP Server c t file text vo DHCP Server mi.

1. Log on vo DHCP Server c vi account thuc nhm Administrators 2. Vo Start --> Run g lnh cmd --> OK 3. Nhp vo dng lnh netsh dhcp server export C:\export_dhcp.txt all xut tt c c s d liu ca DHCP Server c ra file text export_dhcp.txt 4. Ci t DHCP Server trn my tnh mi. Ch ci t dch v, khng cn phi cu hnh bt k mt scope no. 5. Trn my DHCP Server mi, copy file export t Server c vo my tnh (copy vo C:\).

6. Trn my DHCP Server mi, vo Start --> Run g lnh cmd --> OK 7. Nhp vo dng lnh netsh dhcp server import C:\export_dhcp.txt nhp file c s d liu t Server c vo Server mi. 8. Khi ng li DHCP Server hon thnh vic di chuyn ny.

12. Bo mt c bn cho DHCP Server


- Bo mt v mt vt l cho cc my ch DHCP (physically secure) - Nn s dng h thng file NTFS lu tr d liu h thng. - Trin khai v ng dng cc gii php anti-virus mnh cho h thng. - Thng xuyn cp nht cc bn v li cho cc phn mm v Windows. - Cc dch v hay cc phn mm khng s dng th nn xa hoc uninstall i.

12. Bo mt c bn cho DHCP Server


- Thc hin vic qun l DHCP vi user c quyn hn ti thiu nht. - DHCP Server phi c t pha sau firewall. - ng tt c cc port khng s dng n. - tng thm tnh bo mt cho DHCP Server, bn c th s dng VPN tunnel bo mt traffic DHCP. - S dng filter MAC Address. - Gim st hot ng ca DHCP bng cch xem qua cc file log v xem thng tin thng k ca h