Managing DHCP
The DHCP snap-in helps network administrators configure and monitor DHCP servers. Network administrators can define global and scope-specific configuration settings to identify routers and set DHCP client configurations.
A computer running Windows Server 2003 and TCP/IP automatically creates a DHCP server database upon installation of the DHCP Server service. After installation, changing the parameters associated with the terms in Table 3 can further customize the service.
Table 3. Terminology Associated with Customizing DHCP Parameters
Term
|
Description
|
Scope
|
A scope is the full consecutive range of possible IP addresses for a network. Scopes typically define a single physical subnet on your network to which DHCP services are offered. Scopes also provide the primary way for the server to manage distribution and assignment of IP addresses and any related configuration parameters to clients on the network.
|
Superscope
|
A superscope is an administrative grouping of scopes that can be used to support multiple logical IP subnets on the same physical subnet. Superscopes contain only a list of member scopes or child scopes that can be activated together. Superscopes are not used to configure other details about scope usage. For configuring most properties used within a superscope, you need to configure member scope properties individually.
|
Exclusion range
|
An exclusion range is a limited sequence of IP addresses within a scope, excluded from DHCP service offerings. Exclusion ranges assure that any addresses in these ranges are not offered by the server to DHCP clients on your network.
|
Address pool
|
After you define a DHCP scope and apply exclusion ranges, the remaining addresses form the available address pool within the scope. Pooled addresses are eligible for dynamic assignment by the server to DHCP clients on your network.
|
Lease
|
A lease is a length of time that a DHCP server specifies, during which a client computer can use an assigned IP address. When a lease is made to a client, the lease is active. Before the lease expires, the client typically needs to renew its address lease assignment with the server. A lease becomes inactive when it expires or is deleted at the server. The duration for a lease determines when it will expire and how often the client needs to renew it with the server.
|
Reservation
|
You use a reservation to create a permanent address lease assignment by the DHCP server. Reservations assure that a specified hardware device on the subnet can always use the same IP address.
|
Option types
|
Option types are other client configuration parameters a DHCP server can assign when providing leases to DHCP clients. For example, some commonly used options include IP addresses for default gateways (routers), WINS servers, and DNS servers. Typically, these option types are enabled and configured for each scope. The DHCP console also permits you to configure default option types that are used by all scopes added and configured at the server. Most options are predefined through RFC 2132, but you can use the DHCP console to define and add custom option types if needed.
|
Options class
|
An options class is a way for a server to further manage option types provided to clients. When an options class is added to a server, clients of that class can be provided class-specific option types for their configuration. For Windows 2000 and Windows XP, client computers can also specify a class ID when communicating with the server. For earlier DHCP clients that do not support class IDs, the server can be configured with default classes to use instead when placing clients in a class. Options classes can be one of two types: Vendor classes and user classes.
|
DHCP Deployment
DHCP has become such an important element of efficient network design that network administrators want to ensure proper DHCP deployment. Basic considerations of DHCP deployment include:
Determining the number of DHCP servers to use.
Determining and configuring scopes.
Using superscopes.
Reserving IP addresses.
Using BOOTP tables.
Determining the Number of DHCP Servers to Use
One active DHCP server and one backup DHCP server can support a large number of clients, depending on hardware configurations and other issues. However, when deciding on the number of DHCP servers required, consider the location of routers on the network and whether each subnet requires a DHCP server. In addition, be sure to account for slower WAN links or dial-up links between segments utilizing the DHCP service. Network administrators typically deploy a DHCP server on both sides of these links to serve clients locally.
A network can have practical size constraints based on the size of a broadcast IP address class, such as the 254-node limit of class C networks. In addition, server configuration issues, such as disk capacity and CPU speed, can affect performance.
Defining and Configuring Scopes
Administrators create an administrative grouping of computers called a scope for each physical subnet. Administrators plan scopes based on the needs of specific groups of users, with appropriate lease durations defined for the related scopes. A scope has the following properties:
A range of possible IP addresses from which to include or exclude addresses used in DHCP service lease offerings.
A unique subnet mask to determine the subnet related to a given IP address.
A scope name assigned when the scope is created.
Lease duration values to be assigned to DHCP clients that receive dynamically allocated IP addresses.
Reservations.
Options.
A DHCP scope consists of a pool of IP addresses on a subnet, such as 10.223.223.1 through 10.223.223.200, which the DHCP server can lease to DHCP clients. Each physical network can have only one DHCP scope or a superscope with one or more ranges of IP addresses.
Larger networks might require the following configuration steps to assign several address ranges within a single scope or subnet for DHCP service:
Define the scope by using the entire range of consecutive IP addresses that make up the local IP subnet.
Set exclusion ranges, which define the IP addresses within the scope that the DHCP server does not lease. For example, to exclude the first 10 addresses in the previous example scope, create an exclusion for 10.223.223.1 through 10.223.223.10. Doing so specifies that no DHCP clients ever receive these addresses for leased configuration.
Depending upon the complexity of your network, a defined scope might require the following additional configuration steps:
Select additional exclusion ranges to further exclude any IP addresses that are not to be leased to DHCP clients. Exclusions should include all devices that cannot use DHCP, such as printers.
Create reservations by reserving some IP addresses for permanent lease assignment to specified computers or devices on a network. Reservations should be made only for devices that use DHCP and have a specialized function on the network, such as special server computers (servers used for DHCP, WINS, or DNS) and routers.
Adjust the duration of leases. Note that the default lease duration of eight days might not require adjustment.
After defining and configuring a scope as outlined above, you must activate the scope before dynamic service begins for DHCP-enabled clients. After you do this, the server can begin processing IP address lease requests and offering leases to DHCP-enabled clients on the network.
Using Superscopes
Superscopes add extra flexibility to complex DHCP service configurations by:
Supporting DHCP clients on a single physical network segment that has multiple logical IP subnets.
Supporting remote DHCP clients located on the far side of BOOTP/DHCP relay agents.
Superscopes offer greater flexibility when:
Adding more computers than originally planned.
Renumbering the network.
Two DHCP servers manage separate logical subnets on the same physical subnet.
Table 4 shows two DHCP servers that can be reached on the same physical subnet and configured with a single scope.
DHCP Server Name
|
Starting IP Address
|
Ending IP Address
|
DHCP-Server A
|
211.111.111.1
|
211.111.111.255
|
DHCP-Server B
|
222.222.222.1
|
222.222.222.255
|
If DHCP-Server A manages a different scope of addresses than DHCP-Server B, and neither has any information about addresses managed by the other, a problem arises if a client previously registered with Server A, for example, releases its name during a shutdown and later reconnects to the network after restarting. The client tries to renew its previously leased IP address.
If DHCP-Server B receives a DHCPRequest message from the client to renew use of an address before Server A does, Server B, being unaware of that IP address, causes it to reject the request and send a DHCPNACK message to the client. The client must then renegotiate a DHCP lease by broadcasting a DHCPDiscover message on the local subnet. Server B can send a DHCPOffer message, offering the client an address. The client can accept the address by returning a DHCPRequest message for that address to Server B for approval. When Server B approves the address assignment, it returns a DHCPACK message to the client.
Several DHCP service problems can occur within this example:
Nothing prevents a client from having its attempt to renew a previous address rejected each time it connects to the network.
The server might, when the client rejects and re-requests an address lease, offer an address that places the client on a subnet requiring an alternate configuration.
These problems can be averted by using the following steps to implement superscopes on both DHCP servers, a solution which enables more predictable and effective address management:
Create a new scope on a server that contains the respective scope information for the other. For example, on DHCP-Server A, create a new scope with the range of 222.222.222.1 through 222.222.222.255. Also create an exclusion range for the new scope for all scope addresses (222.222.222.1 through 222.222.222.255).
Repeat the previous step for the other DHCP server. For example, on DHCP-Server B, create a new scope with the range of 211.111.111.1 through 211.111.111.255, as well as an exclusion range for this new scope for all scope addresses (211.111.111.1 through 211.111.111.255).
Create a superscope on each DHCP server by using the Add Superscope wizard. Add both the old and the new scopes to the superscope.
Activate the new scopes on each server.
By configuring superscopes as described, both DHCP-Server A and DHCP-Server B recognize IP addresses assigned by the other. This procedure prevents either server from negatively acknowledging attempts by DHCP clients to renew their same IP address or to obtain an address from the same logical range of addresses—in other words, a different address within the same logical subnet.
|
