Configuring DHCP and DNS in Windows server 2008

DHCP
The Dynamic Host Configuration Protocol (DHCP) is responsible for allocating IP
addresses to machines on the network. Not every machine should have a
dynamically allocated IP address, however. Any server that is accessed consistently
by clients and that would be hampered if its IP address changed should have a
static IP address.

After DHCP is running on a network, configure clients to obtain IP addresses via

DHCP and they automatically request an IP address upon The address is assigned
from a group of IP addresses known as a scope. Chapter 6 shows how to enable static
IP addresses.

So how does this work; do we tell the client a DHCP server to ask for an address?
This would not be very portable if computers move between networks and would
still require manual configuration. The way DHCP works is when the client starts
it sends out a broadcast on the network requesting an IP address from
“someone,”

The IP address given to the clients is not permanent and is for a spec- iced period of
time, thus the term lease. The actual amount of time can be configured, but do not
make the lease term too short or continual lease renewal will increase network
traffic. If the lease is too long, clients might be removed from the system but their
IP addresses are not freed up and the DHCP server might run out of available
addresses.

IP address for its entire lifetime The renewal process is a basic DHCP request
from the client directly to the DHCP server that leased the address originally
and then an acknowledgement (ACK) from the DHCP server that confirms the
options that relate to the address.

Page | 1
 Configuring DHCP and DNS in Windows server 2008

The alternate configuration provides a method to configure IP properties when a DHCP

server cannot be found, which might better suit your environment.

Installing and Performing DHCP Initial Configuration

1. Select the Add Roles link within the Roles section of the tool
(either ICT or Server Manager), as shown in Figure 2

Figure 2. The Add Roles option is also available via the ICT environment.

2. The Add Roles wizard is displayed and gives warnings that

Page | 2
 Configuring DHCP and DNS in Windows server 2008

you should ensure the Administrator has a strong password, a

static IP address, and the latest updates. Click Next
3. A list of all roles is displayed. Select DHCP Server and click Next
(see Figure 7-5).
4. The wizard now guides you through the basic configuration of
DHCP with seven steps. Click Next.

Page | 3
 FIGURE 3 The role-based method is far more attractive than the old style Add/Remove
Windows Components in previous versions.

5. The first step is determining which network connections are

bound for the DHCP server. All connections with a static IP
address are listed. Confirm that the bindings are correct and
click Next
6. The DNS information that is given to clients, including the
DNS domain of the client parent, the primary DNS server, and
the sec- ondary DNS server (if available), is configured. Click
Next. This configuration is set at the global level and so
applies to all scopes created on the DHCP server.

Page | 4
 7.
AD
VA
NC
ED
NE
TW
OR
KIN
G
SER
VIC

FIGURE Selecting the network connections with which the DHCP server provides service.

Page | 5
 FIGURE 4 Configuring the DNS domain and servers for the DHCP server.

7. The next screen configures WINS (if required). If any of

your applications still use NetBIOS names, configure the
WINS servers. Click Next.
8. DHCP scopes can be configured by clicking the Add button,
which opens up the scope properties. Configure the name, its
default gateway, subnet mask, and starting and ending IP
address. You can also select the type of subnet (see Figure 7-8).
If it’s wireless, this generally assumes devices are connected for
less time and so have a lease of only eight hours. Wired devices
are normally more per- manent fixtures in the environment and
therefore have a lease of six days. Check the Activate the Scope
option and click OK. Click Next after scopes have been defined.

Page | 6
 7.
AD
VA
NC
ED
NE
TW
OR
KIN
G
SER
VIC

FIGURE 5 Configuring scope options.

9. The option to enable DHCPv6 protocol on the server is displayed.

It is set to Yes, so click Next. If you are not using IPv6, disable
this setting for now. You can enable it in the future.

10. The DNS settings for IPv6 DNS must be configured if you
select- ed to enable DHCPv6. After the configuration is done,
click Next.
11. Finally, the DHCP server must be authorized with the
current credentials or an alternate set of credentials. You
can also decide to skip the authorization. Make a choice and
click Next (see Figure 7-9).

Page | 7
 FIGURE 6 Selecting credentials for authorizing a DHCP server.

12. A summary of the configuration is displayed, which can be

output to an HTML file and opened in Internet Explorer (see
Figure
7-10). Click Install to start the DHCP installation. After the
install is complete, a summary is displayed. Click Close.

Page | 8
 FIGURE 7 DHCP server role installation progress display.

The following is an example of the output given in the summary sec- tion when
creating a new scope:

DHCP administration
Setting Scope o ptions

1. Right-click Server Options and select Configure Options (see

Figure 8

FIGURE 8 Notice the options at a scope level. Domain Name is already configured at
the server level.

2. A list of options is displayed (for example, 006 for the DNS

Server). Check the box to enable and enter the IP addresses of
the DNS servers or type in the fully qualified domain name of
the server. Click Resolve, and then click Add

Page | 9
 7
SER
VIC
ES

FIGURE 9 Setting DHCP server options.

3. The Advanced tab allows you to view specific classes of

options, standard DHCP options, and Microsoft-specific ones.
After all options are configured, click OK.
Managing Scopes
Let’s look at the rest of the capabilities and management tasks. If you right- click the
main scope and select Display Statistics, you get a quick display of the usage of the
scope, including the total number of addresses, the number in use, and the number
available (see Figure 7-16).

Page | 10
 FIGURE 10 The options you defined for the server option have a picture with a server in
the icon (006 and 015). The scope-specific router option has two cogs (003).

FIGURE 11 This gives a useful quick view of the state of the DHCP and lets you know if
you need to add more addresses if you are getting near the limit.

A reconcile option is used to check for inconsistencies between the detailed IP and
the quick summary information stored in the DHCP data- base. Clicking Reconcile
compares these two sets of data and any differ- ences are fixed.
The Properties context menu option brings up the main configuration of the scope
with four tabs.

Page | 11
 FIGURE 11 The main General tab allows you to change the start and end of the DHCP
lease and the lease duration.

The General tab allows configuration of IP addresses given to clients and the lease
time. The DNS tab controls dynamic update for DHCP clients (see Figure 7-18).
Dynamic DNS allows clients to register their hostname to IP address mappings.
By default, the DHCP server registers the pointer (PTR) record on behalf of the
computer. The PTR record is of the IP address pointing to the hostname (used by a
reverse lookup). The host (A) record (used by the normal lookup record) is
dynamically updat- ed to the client. This is the default only because this is what the
client com- puters ask the DHCP server to do; for example, Windows 2000 or
later computers request the DHCP server to register the PTR record on their
behalf.
This behavior can be changed so that the DHCP server also registers the host
records or only registers them for clients that don’t understand dynamic update,
such as Windows NT 4.0 clients. How does the DHCP server know if the
client understands dynamic update? Dynamic DNS–aware DHCP clients send
option 81 to the DHCP server as part of the DHCP request. This tells the DHCP
server how it wants record registering handled.

Page | 12
The scope has four child items: Address Pool, Address Leases, Reservations,
and Scope Options (scope-specific versions of the Server Options).

Page | 13
The Address Pool leaf shows the addresses that are part of the lease. Add an
Exclusion Range (right-click on Address Pool and select New Exclusions Range).
Exclusions are addresses that fall within the IP address range of the scope but that
you don’t want to give out to clients, such as a server’s IP address.

The Address Leases leaf shows the leases that have been given, their status, and
when the lease expires. If you know a com- puter no longer requires the lease,
right-click on a particular lease and select Delete from its context menu.

A computer icon means it’s an active lease, an icon with an I in a circle means it’s an
expired lease, and an icon with a pen over it means it has a DNS dynamic update
pending. This update is whatever updates for which the DHCP server is responsible.
By default, a DHCP server is just responsible for the PTR records. If you have the
pen icon, your DNS server might not have a reverse lookup zone defined for the
subnet so the DHCP server cannot write the entries.

FIGURE 13 Single address exclusions can be added by entering the same address for
both the start and end. Notice in the picture the full range is shown first and then the
exclusions have a red cross, showing they are not available.

Page | 14
 FIGURE 14 An easy view of the current leases.
The Reservations leaf is where you configure an IP address from the scope to be
given to a particular machine (see Figure 7-23). To associate the IP address with a
machine, give the MAC address of the client who receives the IP address. This
chapter talked earlier about certain servers needing a static IP address. It might be
possible to reserve IP addresses for certain machines so they also receive the same
IP address, such as your SQL servers. You just need to ensure the services
support receiving IP configuration via DHCP.

FIGURE 15 Configure an IP address to a client with a specific MAC address. This means

Page | 15
 you know the IP address the client can be contacted with, but you still get the
advantages of IP configuration from the DHCP server, such as changing the DNS and
WINS configuration.

Creating a New Scope

To create new scopes on a server, right-click on IPv4, select New Scope from the
displayed context menu, and follow the prompts, which are the same as the ones
during the installation of the DHCP server:

1. Click Next at the New Scope wizard screen.

2. Enter a name for the scope and a description.
3. Enter the starting address and the ending address for the
scope along with the subnet mask (see Figure 7-24).
4. An Exclusions screen is displayed to add any exclusions.
5. The duration of the lease is requested, which can be configured
in a combination of days, hours, or minutes

FIGURE 16 Creating a new scope.

Page | 16
 FIGURE 17 Setting lease duration.

6. Configure scope options and if selected, the gateway, DNS, and

WINS options.
7. Select to enable or disable the scope.
8. Click Finish to create.

Domain Name System

Installing DNS
Installing DNS is done the same as installing DHCP via Server Manager or Initial
Configuration Tasks and choosing the DNS Server role (see Figure 7-34).

Page | 17
FIGURE 2.1Adding the DNS role.

Unlike DHCP, no questions are asked during DNS installation (in part because in
many instance DNS is automatically installed when you create a server as a domain
controller). All that is displayed is an overview screen. Click Next and continue the
normal role installation.
Managing DNS
After DNS server is installed, you administer the server via the DNS MMC snap-in. If
the DNS server is also a domain controller, you notice certain zones already exist
under Forward Lookup Zones, which are the normal zones for finding IP addresses
from hostnames.

Page | 18
 FIGURE 2.3 Links to useful information on DNS, which mostly center on its cohabitation
with AD.

Before you start creating records, let’s first discuss how the DNS serv- er responds to
DNS clients and how DNS information can be structured.
Creating New Domains
You can also create other domains under an existing domain, creating a deeper
hierarchy. For example, right-click on savtech.net and select New Domain (DNS
Domain, not Active Directory Domain) and enter a name. Then create records in
that zone.

Page | 19
 FIGURE 2.3 When a new domain is created, it shows in the DNS hierarchy and is treated
in the same way as any other. It can have records or child domains of its own.

Creating DNS Zones

Zones are boundaries of storage for DNS information. Right-click on the
DNS server and select New Zone to start the New Zone wizard.

Page | 20
 FIGURE 3. 4 Creating a new zone.

The first question asks for the type of zone (see Figure 7-40). It also asks if it’s
primary or a stub zone, and if you want to store in the AD (which is useful if you
want to enable secure updating of records). You cannot store a secondary zone in
AD.

FIGURE 3.5 Three types of zone.

FIGURE 2.6 Forward lookup zones and reverse lookup zones behave in different ways

Page | 21
 and so the type must be specified during zone creation.

FIGURE 2.7 Setting the name of the new zone.

FIGURE 2.8 Disable dynamic update so all records must be manually created, or enable in
a secure or nonsecure form.

Page | 22
 FIGURE 2.9 Confirmation of new zone configuration.

Page | 23