Module 2

Configuring and
Troubleshooting DHCP
Module Overview
• Overview of the DHCP Server Role

• Configuring DHCP Scopes

• Configuring DHCP Options

• Managing a DHCP Database

• Monitoring and Troubleshooting DHCP

• Configuring DHCP Security

Lesson 1: Overview of the DHCP Server Role
• Benefits of Using DHCP

• How DHCP Allocates IP Addresses

• How DHCP Lease Generation Works

• How DHCP Lease Renewal Works

• DHCP Server Authorization

• Demonstration: How to Add the DHCP Server Role

Benefits of Using DHCP

DHCP reduces the complexity and amount of administrative

work by using automatic TCP/IP configuration

Manual TCP/IP Configuration Automatic TCP/IP Configuration

• IP addresses are entered • IP addresses are supplied

manually
• IP address could be entered
incorrectly
• Communication and network
issues can result
• Frequent computer moves
increase administrative effort
automatically
• Correct configuration
information is ensured
• Client configuration is updated
automatically
• A common source of network
problems is eliminated
How DHCP Allocates IP Addresses

DHCP Client2:
Non-DHCP Client: IP configuration
Static IP from DHCP server
configuration

Lease Renewal

Lease Generation

DHCP Server

DHCP Client1: DHCP

IP configuration Database
from DHCP server
IP Address1: Leased to DHCP Client1
IP Address2: Leased to DHCP Client2
IP Address3: Available to be leased
How DHCP Lease Generation Works

DHCP
Server2

DHCP DHCP
Server1 Client

DHCP client broadcasts a DHCPDISCOVER

1 packet

2 DHCP servers broadcast a DHCPOFFER packet

3 DHCP client broadcasts a DHCPREQUEST packet

4 DHCP Server1 broadcasts a DHCPACK packet

How DHCP Lease Renewal Works

DHCP
Server2

DHCP Client
DHCP Client
DHCP
Server1

100% of
87.5% of
50%
lease of lease
50% of lease
duration
duration has
duration has
has
expired
expired
expired

If11 DHCP
theDHCP client
clientClient sends
sends
fails to renewa DHCPREQUEST
a DHCPREQUEST
its lease,
it’s packet
afterpacket
lease,after 50%
87.5%of of
thethe
lease has
duration
expired,
has then
expired,
the DHCP
then the
lease
DHCP
generation
lease renewal
process starts
will begin
overagain
againafter
with87.5%
a DHCPofclient
the lease
DHCP Server1
22 DHCP Server1 sends
sends aa DHCPACK
DHCPACK packet
packet
duration
broadcasting
has expired
a DHCPDISCOVER
DHCP Server Authorization

DHCP authorization is the process of registering the DHCP Server

service in the Active Directory domain to support DHCP clients

If DHCP
DHCP Server1
Server1
checks
finds with
its IPthe
domain controller
address on the list,tothe
obtain
service
a list
of authorized
starts and supports
DHCP servers
DHCP clients

Domain
Controller DHCP Server1

Authorized
Active Services DHCP
Directory requests

DHCP Server2
DHCP Client
Unauthorized
Does not service
If DHCP
DHCP Server2
Server2
checks
does with
not find
the its IP DHCP requests
DHCP client receives IP address
domain controller
address on the list,tothe
obtain
service
a list
does
of
from authorized DHCP Server1
authorized
not start and
DHCP
support
servers
DHCP clients
Demonstration: How to Add the DHCP Server Role
This demonstration shows how to:
• Install and authorize the DHCP server role
Lesson 2: Configuring DHCP Scopes
• What Are DHCP Scopes?

• What Are Superscopes and Multicast Scopes?

• Demonstration: How To Configure DHCP Scopes

• What Is a DHCP Reservation?

• DHCP Sizing and Availability

What Are DHCP Scopes?

A scope is a range of IP addresses that are available

to be leased

DHCP Server

LAN A LAN B

Scope A Scope B

Scope Properties

• Network ID • Lease duration • Scope name

• Subnet mask • Network IP • Exclusion range

address range
What Are Superscopes and Multicast Scopes?

DHCP Server

LAN A LAN B
Scope A and Scope B

DHCP Server

LAN A LAN B

Scope A Scope B
Demonstration: How To Configure DHCP Scopes
This demonstration shows how to:
• Create an IPv4 scope
What Is a DHCP Reservation?

A reservation is a specific IP address, within a scope, that

is reserved permanently for lease to a specific DHCP client

Workstation 1 File and Print

Server

Subnet A Subnet B

DHCP Server
Workstation 2

IP Address1: Leased to Workstation 1

IP Address2: Leased to Workstation 2
IP Address3: Reserved for File and
Print Server
DHCP Sizing and Availability
DHCP
Clients

DHCP
Server1
192.168.0.1

DHCP
Clients
DHCP
DHCP Server1 has 80% of addresses as follows:
Server2
192.168.1.1 • Scope range: 192.168.0.2-192.168.0.254
• Excluded addresses: 192.168.0.200-192.168.0.254

DHCP Server2 has 20% of addresses as follows:

• Scope range: 192.168.0.2-192.168.0.254
• Excluded addresses: 192.168.0.2-192.168.0.199
Lesson 3: Configuring DHCP Options
• What Are DHCP Options?

• What Are DHCP Class-Level Options?

• How DHCP Options Are Applied

• Demonstration: How to Configure DHCP Options

What Are DHCP Options?

DHCP options are values for common configuration data

that applies to the server, scopes, reservations, and
class options

Common scope options are:

• DNS Servers

• DNS Name

• Default Gateway
• WINS Servers
• WINS Servers
What Are DHCP Class-Level Options?

DHCP class-level options are scope options that apply to a

specific type of device

DHCP class-level
Description
option
Configured by vendors such as
Vendor-class
Microsoft, HP, and Sun

User-class Set and viewed by the user

How DHCP Options Are Applied

DHCP options can be applied at various levels:

• Server

• Scope

• Class

• Reserved client
Demonstration: How to Configure DHCP Options
This demonstration shows how to:
• Configure scope options

• Configure server options

• Create a user class for options

• Enable scope and configure client computer user class

Lesson 4: Managing a DHCP Database
• Overview of DHCP Management Scenarios

• DHCP Server Configuration Options

• What Is a DHCP Database?

• How a DHCP Database Is Backed Up and Restored

• How a DHCP Database Is Reconciled

• Moving a DHCP Database

• Demonstration: How to Manage a DHCP Database

Overview of DHCP Management Scenarios

The DHCP service needs to be managed to respond to

network changes

Scenarios for managing DHCP:

• Managing DHCP database growth

• Protecting the DHCP database

• Ensuring DHCP database consistency

• Adding clients

• Adding new network service servers

• Adding new subnets

DHCP Server Configuration Options
 What Is a DHCP Database?

The DHCP database is a dynamic database that contains

configuration information

• The DHCP database contains DHCP configuration data such as:

• Scopes
• Address leases
• Reservations

• Windows Server 2008 stores the DHCP database in the

%Systemroot%\System32\Dhcp folder

• The DHCP database files include:

• Dhcp.mdb
• Dhcp.tmp
• J50.log and J50*.log
• Res*.log
• J50.chk
How a DHCP Database Is Backed Up and Restored

DHCP Offline
Server Storage
Restore

DHCP

Back up Restore

DHCP Back up

In the
If the original
event that
database
the server
is unable
hardware
to load,
fails,
thethe
DHCP
The administrator
DHCP service automatically
moves a copy backs
of the up
backed
the DHCP
up
service automatically
administrator can restore
restores
only from
from the
the backup
offline
database
DHCP database
to the to
backup
an offline
directory
storage
on location
the local drive
directorylocation
storage on the local drive
How a DHCP Database Is Reconciled

DHCP Detailed IP
Database address lease Compares and
information reconciles
inconsistencies in
Registry Summary IP the DHCP Database
address lease
information

DHCP Server

Example

Registry DHCP Database After Reconciliation

Client has IP address IP address 192.168.1.34 Lease entry is created in

192.168.1.34 is available DHCP Database
Moving a DHCP Database

DHCP
Database

Backup
Media

DHCP
Database
Old DHCP
Server

New DHCP
Server
Demonstration: How To Manage a DHCP Database
This demonstration shows how to:
• Examine the backup interval

• Back up the DHCP database

• Reconcile the scope data

Lesson 5: Monitoring and Troubleshooting DHCP
• Overview of Monitoring DHCP

• Discussion: Common DHCP Issues

• What Are DHCP Statistics?

• What Is a DHCP Audit Log File?

• Monitoring DHCP Server Performance

• Demonstration: How to Monitor DHCP

Overview of Monitoring DHCP

Why monitor DHCP?

• To observe the dynamic DHCP environment

• To determine DHCP server performance
• To facilitate planning for current and future needs

DHCP data includes:

• DHCP statistics
• DHCP events
• DHCP performance data
Discussion: Common DHCP Issues

• Address conflicts

• Failure to obtain a DHCP address

• Address obtained from incorrect scope

• DHCP database suffered data corruption or loss

• DHCP server has exhausted its IP address pool

10 minutes
What Are DHCP Statistics?

DHCP statistics are collected at either the server level or

scope level

DHCP Server
What Is a DHCP Audit Log File?

A DHCP audit log is a log of service-related events

Monitoring DHCP Server Performance

Performance What to look for after a

counters baseline is established
• Create a DHCP performance baseline
Packets Monitor for sudden increases or decreases, which
• Check the
received/second standard
could reflect counters for
network problems
server performance
Monitor for sudden increases or decreases, which
Requests/second
• Review DHCP servernetwork
counters for significant
could reflect problems
changes in DHCP traffic
Monitor for sudden and gradual increases, which
Active queue
could reflect increased load or decreased server
length
capacity
Monitor for any activity that could indicate that
Duplicates
more than one request is being transmitted on
dropped/second
behalf of clients
Demonstration: How to Monitor DHCP
This demonstration shows how to:
• View server statistics

• View the log files

• Use Network Monitor to monitor DHCP

Lesson 6: Configuring DHCP Security
• Preventing an Unauthorized Computer from Obtaining a
Lease
• Restricting Unauthorized, Non-Microsoft DHCP Servers
from Leasing IP Addresses
• Restricting DHCP Administration
Preventing an Unauthorized Computer from
Obtaining a Lease

To prevent an unauthorized computer from

obtaining a lease:

• Ensure that unauthorized persons do not have

physical or wireless access to your network

• Enable audit logging for every DHCP server

on your network

• Regularly check and monitor audit log files

• Use 802.1X-enabled LAN switches or wireless

access points to access the network

• Configure NAP to validate users and security

policy compliance
Restricting Unauthorized, Non-Microsoft DHCP
Servers from Leasing IP Addresses

DHCP
Clients

Rogue DHCP
server

DHCP
Clients
Legitimate
DHCP
server

To eliminate an unauthorized DHCP server, you must locate

and disable it from communicating on the network either
physically or by disabling the DHCP service
Restricting DHCP Administration

To restrict who can administer the DHCP service:

• Limit the members of the DHCP Administrators group

• Add users needing read-only access to the

DHCP Users group

Account Permissions
Can view and modify any data about the
DHCP Administrators group
DHCP server
Has read-only DHCP console access to
DHCP Users group
the server
Lab: Configuring and Troubleshooting the DHCP
Server Role
• Exercise 1: Selecting a Suitable DHCP Configuration

• Exercise 2: Implementing DHCP

• Exercise 3: Reconfiguring DHCP in the Head Office

• Exercise 4: Testing the Configuration

• Exercise 5: Troubleshooting DHCP Issues

Logon information
6421B-NYC-DC1
6421B-NYC-RTR
Virtual machines
6421B-NYC-SVR2
6421B-NYC-CL2
User name Contoso\Administrator
Password Pa$$w0rd

Estimated time: 75 minutes

Lab Scenario

Contoso is deploying DHCP to their branch offices. Fault

tolerance is important, and you are tasked with configuring
the DHCP services in the head office and branch offices to
support the requirements.
Lab Review
• In the lab, you configured the router with the DHCP Relay
agent. What does the agent do?
• In the lab, you configured a scope for the branch office
computers on each of two DHCP servers to provide for
fault tolerance. What would happen to clients that
renewed when both DHCP servers were unavailable?
Module Review and Takeaways
• Review Questions

• Tools