Through DHCP, a specific IP address can be reserved for a computer or other IP addressable device on a network. Reserving selected IP addresses for special-function devices on a network ensures that DHCP does not duplicate or reassign the address. The following types of devices and computers can use reservations:
Other servers running Windows on a network that require static IP addresses, such as WINS servers.
Any print servers that use TCP/IP print services.
UNIX or other clients that use IP addresses assigned by another TCP/IP configuration method.
Any DNS servers.
Each reservation requires a unique identifier for the address of the reserved device, which corresponds to the media access control (MAC) or physical address for the DHCP client. Ethernet addresses, made up of a unique sequence of hexadecimal numbers, identify the network adapter hardware for each network-connected device.
Note: To obtain MAC addresses on Windows NT–based clients, type ipconfig /all at the command prompt and view the Physical Address field. For Windows 9x–based clients, run Winipcfg.exe, and view the Adapter Address field.
Using BOOTP Tables
The DHCP Server service offers BOOTP support in the form of pointer records contained in the BOOTP table. BOOTP, which preceded DHCP, enables diskless clients to obtain their own IP addresses and other boot information needed for network startup. Many Windows NT–based installations do not require BOOTP, so the BOOTP table does not need to be configured.
BOOTP allows diskless clients to use User Datagram Protocol (UDP) packets to request and retrieve an IP address and a small boot image file from a Trivial File Transfer Protocol (TFTP) server.
Data stored in the BOOTP table is returned to any BOOTP network clients that broadcast a BOOTP request message. If a BOOTP record exists in the BOOTP table, the DHCP server returns a BOOTP message to the requesting BOOTP client. If no BOOTP records are configured, the DHCP Server service silently drops BOOTP request messages.
The reply message returned by the DHCP Server service indicates the name and location of a TFTP server on the network, which the client can contact to retrieve its boot image file. Each record in the BOOTP table contains the following three fields, which in turn contain the information returned to the BOOTP client:
The Boot Image field identifies the generic file name of the boot file requested based on the BOOTP client’s computer type.
The File Name field identifies the full path of the boot file returned by TFTP by the BOOTP server to the client.
The File Server field identifies the TFTP server used to source the boot file.
You can use the DHCP snap-in to add, remove, and edit records in the BOOTP table.
Although both BOOTP and DHCP allocate IP addresses to clients during startup, they use different methods of allocation. BOOTP typically provides fixed allocation of a single IP address for each client, permanently reserving this address in the BOOTP server database. DHCP typically provides dynamic, leased allocation of available IP addresses, reserving each DHCP client address temporarily in the DHCP server database.
Best Practices
Best practices optimize the functionality and performance of the DHCP service in Windows Server 2003. These are described below.
Set Appropriate Lease Durations
Because lease renewal processes can affect the performance of DHCP clients and the network, selecting a different lease duration can improve overall network performance. The following guidelines will help administrators determine the best configuration for their network.
Lengthening Lease Duration for Large, Fixed Networks
It’s a good practice to increase scope lease length for large, stable, fixed networks that have plentiful scope address space. Increasing the lease duration lowers the frequency of lease renewal queries between clients and the DHCP server, thus reducing associated network traffic. Most useful for larger routed networks, lengthening the default lease period from seven to perhaps 21 days reduces DHCP-related network broadcast traffic, particularly if client computers generally remain in fixed locations and scope addresses remain plentiful, such as with less than 80 percent in use.
Shortening Lease Duration for Variable Networks with Fewer IP Addresses
By contrast, for networks that have fewer IP addresses available and either client configurations or network locations that change, it’s best to reduce the lease duration, which increases the rate at which addresses return to the available address pool for reassignment to new clients by the DHCP server. A sales organization, for example, which might issue laptop computers to traveling employees, might find this practice especially beneficial. When the Routing and Remote Access service supports dial-up clients on the network, adjust lease time on scopes that serve these clients to less than the default of eight days.
Most network configurations require a mixture of lease durations. With a single segment where laptops come and go, shortening the lease on that scope might improve performance, while other parts of a network with a stable body of clients could set the lease duration somewhat higher.
Reserve Addresses with Reservations
It’s a best practice to use a client reservation to ensure that a DHCP client computer always receives the same IP address lease at startup. If you have more than one DHCP server that is can be reached by a reserved client, add the reservation at each of your other DHCP servers. This practice allows the other DHCP servers to honor the client IP address reservation made for the reserved client. Although the DHCP server will act upon the client reservation when the reserved address is part of the available address pool, having the same reservation for the same client on multiple servers will not usually cause any problems.
Integrate DHCP with Other Services
Both WINS and DNS can register dynamic name-to-address mappings on a network. Operating DHCP with other name resolution services requires careful planning, and network administrators implementing DHCP should also develop a strategy for implementing DNS and WINS.
Use Default Client Preference Settings for DNS Dynamic Updates
DHCP in Windows Server 2003 can perform DNS dynamic updates for DHCP clients based on how clients request these updates. This setting provides the best use of the DHCP service to perform dynamic updates on behalf of its clients as follows:
DHCP client computers running Windows 2000, Windows XP, or a Windows server operating system explicitly request that the DHCP server update only pointer (PTR) resource records used in DNS for the reverse lookup and resolution of a client's IP address to its name. These clients update their address (A) resource records for themselves.
Clients running earlier versions of Windows cannot make an explicit request for DNS dynamic update protocol preference. When configured to do so, the DHCP Server service updates both the PTR and A resource records on behalf of the clients.
Keep Audit Logging Enabled for Use in Troubleshooting
By default, the DHCP Server service enables audit logging of service-related events. Audit logging provides a long-term service monitoring tool that makes limited use of server disk resources.
Use the Backup command in the Action menu of the DHCP console to perform full backup of the DHCP service at an interval that helps protects you from significant data loss. The manual backup method includes all DHCP server data in the backup, including all scope information, log files, registry keys, and DHCP server configuration information (except DNS dynamic update credentials). Do not store these backups on the same hard drive on which the DHCP Server service resides, and make sure that the access control list (ACL) for the backup folder contains only the Administrators and DHCP Administrator groups as members.
In addition to performing manual backups, back up to other locations, such as a tape drive, and make sure unauthorized persons do not have access to your backup copies. You can use the Windows Backup feature for this purpose. For more information, see “Best Practices for Backup” in the Windows 2003 Server Help and Support Center1.
When restoring the DHCP service, you can use a backup created with either the Windows Backup feature or a copy of the database created with synchronous backup, which is available with the DHCP service. In addition, you can use the Restore command on the Action menu in the DHCP snap-in to restore a server running DHCP.
Prevent Undesired Forwarding and Relay of BOOTP and DHCP Message Traffic.
For routed networks, you can either use relay agents or set appropriate timers to prevent undesired forwarding and relay of BOOTP and DHCP message traffic. If you have multiple physical networks connected through routers, and you do not have a DHCP server on each network segment, the routers must be capable of relaying BOOTP and DHCP traffic. If you do not have such routers, you can set up the DHCP Relay Agent component on at least one server running Windows in each routed subnet. The relay agent sends DHCP and BOOTP message traffic among the DHCP-enabled clients on a local physical network and a remote DHCP server located on another physical network. When using relay agents, make sure to set the initial time delay in seconds so that relay agents wait before sending messages to remote servers.
Use the Appropriate Ratio of Servers to Clients
It is important to carefully determine how many DHCP servers are needed to serve all DHCP-enabled clients on a network. In a small LAN, such as one physical subnet without routers, a single DHCP server might serve all DHCP-enabled clients. However, routed networks might require several DHCP servers.
Theoretically, there is no limit to the maximum number of clients that can be served by a single DHCP server; however, there are practical constraints based on the IP address class of a network and server configuration issues, such as disk capacity and CPU speed.
Transmission speed between each segment for which DHCP service is provided is an important factor. With slower WAN links or dial-up links, a DHCP server is typically needed on both sides of these links to serve clients locally. Another factor is whether DHCP service is used in all or only selected physical networks. When deploying multiple DHCP servers for an environment, it is advisable to place them on different network segments for the case where a network segment becomes unreachable. DHCP Relay agents turn the broadcast into a unicast packet.
Before installing the DHCP server, it is necessary to determine the following:
The hardware and storage requirements for the DHCP server.
The computers that can be configured immediately as DHCP clients for dynamic TCP/IP configuration and which must be manually configured with static TCP/IP configuration parameters, such as static IP addresses.
The DHCP option types and their values to be predefined for DHCP clients.
The DHCP Relay Agent configuration for your network.
|
