Module 6

Implementing Dynamic Host

Configuration Protocol
Module Overview

• Overview of the DHCP Server Role

• Configuring DHCP Scopes
• Managing a DHCP Database
• Securing and Monitoring DHCP
Lesson 1: Overview of the DHCP Server Role

• Benefits of Using DHCP

• How DHCP Allocates IP Addresses
• How DHCP Lease Generation Works
• How DHCP Lease Renewal Works
• Demonstration: Installing the DHCP Server Role
• How DHCP Interacts with DNS
• What Is a DHCP Relay Agent?
• DHCP Server Authorization
Benefits of Using DHCP

DHCP reduces the complexity and amount of administrative

work by using automatic IP configuration

Automatic IP Configuration Manual IP Configuration

IP addresses are supplied

IP addresses are entered manually
automatically
Correct configuration information IP address could be entered
is ensured incorrectly
Client configuration is updated Communication and network
automatically issues can result
A common source of network Frequent computer moves
problems is eliminated increase administrative effort
How DHCP Allocates IP Addresses

DHCP Client2:
Non-DHCP Client: IP configuration
Static IP configuration from DHCP server

Lease Lease
renewal
generation
DHCP server
DHCP Client1:
IP configuration from
DHCP database
DHCP server

IP Address1: Leased to DHCP Client1

IP Address2: Leased to DHCP Client2
IP Address3: Available for lease
How DHCP Lease Generation Works

DHCP Server2

DHCP Server1 DHCP client

1. DHCP client broadcasts a DHCPDISCOVER packet

2. DHCP servers broadcast a DHCPOFFER packet
3. DHCP client broadcasts a DHCPREQUEST packet
4. DHCP Server1 broadcasts a DHCPACK packet
How DHCP Lease Renewal Works

DHCP
DHCP Server2 clients

87.5%
100%
50% of
of
oflease
lease
lease
duration has
DHCP Server1 expired

1. DHCP client sends a DHCPREQUEST packet

2. DHCP Server1 sends a DHCPACK packet
3. If the client fails to renew its lease after 50% of the lease duration has
expired, the DHCP lease renewal process begins again after 87.5% of the
lease duration has expired
4. If the client fails to renew its lease after 87.5% of the lease has expired,
the DHCP lease generation process starts over again with a DHCP client
broadcasting a DHCPDISCOVER
Demonstration: Installing the DHCP Server Role

In this demonstration, you will see how to:

• Install the DHCP server role
• Authorize the DHCP server
How DHCP Interacts with DNS

DHCP can:
• Register client records into DNS zones
• Use DNS dynamic update protocol

To use secure DNS dynamic updates, add DHCP

servers to the AD DS DnsUpdateProxy global group
DHCP policies:
• Automatically assign settings based on FQDN
• Register workgroup computers with guest DNS suffix
• Disable PTR registrations without disabling host record
registration
What Is a DHCP Relay Agent?
A DHCP relay agent listens for DHCP broadcasts from DHCP
clients and then relays them to DHCP servers in different subnets

DHCP DHCP
relay Unicast
Unicast server
agent

DHCP
broadcast Routers
(non–RFC 1542
compliant)

DHCP clients DHCP clients

Subnet A Subnet B
DHCP Server Authorization

DHCP authorization registers the DHCP Server service in the

Active Directory domain to support DHCP clients

If DHCP Server2 does not find its IP address on

DHCP
If DHCP
DHCP Server2
Server1
Server1
client checks
receivesfinds withIPthe
its not
IP address domain
address controller
onsupport
the list,
the list, the service does start and
to
theobtain
from
DHCPservice a starts
list DHCP
authorized
clients of and
authorized
supports
Server1 DHCP
DHCPservers
clients

Domain DHCP Server1

controller
Authorized
Services DHCP
requests
AD DS

DHCP Server2
DHCP client Unauthorized
Does not service
DHCP requests
Lesson 2: Configuring DHCP Scopes

• What Are DHCP Scopes?

• What Is a DHCP Reservation?
• What Are DHCP Options?
• How DHCP Applies Options
• Demonstration: Creating and Configuring a DHCP
Scope
What Are DHCP Scopes?

A DHCP scope is a range of IP

DHCP Server
addresses that are available to be
leased

DHCP scope properties include:

• Network ID
• Lease duration
• Scope name LAN A LAN B

• Subnet mask
• Network IP address range
• Exclusion range
Scope A Scope B
What Is a DHCP Reservation?

A DHCP reservation occurs when an IP address within a

scope is set aside for use with a specific DHCP client

Subnet A Subnet B

DHCP File and print

server server

Workstation 1 Workstation 2

IP Address1: Leased to Workstation 1

IP Address2: Leased to Workstation 2
IP Address3: Reserved for file and print server
What Are DHCP Options?

DHCP options:
• Are values for common configuration data
• Apply to the server, scopes, reservations, and class
options

Common scope options are:

• Router(Default Gateway)
• DNS Name
• DNS Servers
• WINS Servers
How DHCP Applies Options

You can apply DHCP options at various levels:

• Server

• Scope

• Class

• Reserved client
Typically, you do not apply the class or reserved
client options
Demonstration: Creating and Configuring a
DHCP Scope

In this demonstration, you will see how to

configure scope and scope options in DHCP
Lesson 3: Managing a DHCP Database

• What Is a DHCP Database?

• Backing Up and Restoring a DHCP Database
• Reconciling a DHCP Database
• Moving a DHCP Database
What Is a DHCP Database?
The DHCP database is a dynamic database that
contains configuration information such as:
• Scopes • Reservations
• Address leases

Windows Server 2012 stores the DHCP database in

the %Systemroot%\System32\Dhcp folder

The DHCP database files include:

• [Link] • J50Res#####.jrs
• [Link] • [Link]
• [Link] and J50*.log
Backing Up and Restoring a DHCP Database

DHCP Offline
server storage
Restore

DHCP

Back up Restore

Back up
DHCP

In the
If theoriginal
event that
database
the server
is unable
hardware
to load,
fails,the
theDHCP
administrator
service
The administrator
DHCP service moves
automatically
a copy backs
of theup backed
the DHCP
up
automatically
can restore therestores
DHCP database
from the only
backupfromdirectory
an offline
on storage
the
database
DHCP to the to
database backup
an directory
offline on the
storage local drive
location
local drive
location
Reconciling a DHCP Database

Detailed IP
address lease Compares and
DHCP information reconciles
database inconsistencies
Summary IP in the DHCP
address lease database
DHCP
server information
Registry

Example:

Registry DHCP database After reconciliation

Client has IP address IP address [Link] Lease entry is created

[Link] is available in DHCP database
Moving a DHCP Database

DHCP
database
Backup
media

Old DHCP
server DHCP
Database
Steps for moving a DHCP database:
1. Back up the DHCP database on the old server
2. Stop the old DHCP server service
3. Copy the DHCP database to the new server
and, if necessary, install the DHCP server role New DHCP
4. Restore the database Server
5. Start the DHCP Server service
Lesson 4: Securing and Monitoring DHCP

• Preventing an Unauthorized Computer from

Obtaining a Lease
• Restricting Unauthorized, NonMicrosoft DHCP
Servers from Leasing IP Addresses
• Delegating DHCP Administration
• What Are DHCP Statistics?
• What Is DHCP Audit Logging?
• Discussion: Common DHCP Issues
Preventing an Unauthorized Computer from
Obtaining a Lease

To prevent an unauthorized computer from

obtaining a lease:
• Ensure that unauthorized users do not have physical or
wireless access to your network
• Enable audit logging for every DHCP server on your
network
• Regularly check and monitor audit log files
• Use 802.1X-enabled LAN switches or wireless access
points to access the network
• Configure NAP to validate that a client computer is
compliant with system health requirements
Restricting Unauthorized, NonMicrosoft DHCP
Servers from Leasing IP Addresses

DHCP clients

Unauthorized
DHCP server

Legitimate
DHCP server

To eliminate an unauthorized DHCP server, you must locate it and

then either physically disable it or disable the DHCP service, to
prevent it from communicating on the network
Delegating DHCP Administration

To delegate who can administer the DHCP service:

• Limitthe membership of the DHCP Administrators
group
• Add users to the DHCP Users group if they need
read-only access to the DHCP console

Account Permissions
DHCP Administrators group Can view and modify any data about
the DHCP server
DHCP Users group Has read-only DHCP console access
to the server
What Are DHCP Statistics?
DHCP statistics are collected at either the
server level or the scope level

DHCP
Server

Server Statistics window

What Is DHCP Audit Logging?
Discussion: Common DHCP Issues

Common issues that can occur when you do not

configure DHCP properly:
• Address conflicts
• Failure to obtain a DHCP address
• Address obtained from an incorrect scope
• DHCP database suffered data corruption or loss
• DHCP server has exhausted its IP address pool

10 minutes
Lab: Implementing DHCP

• Exercise 1: Implementing DHCP

• Exercise 2: Implementing a DHCP Relay Agent
(Optional Exercise)

Logon Information
Virtual machines 20410D-LON-DC1
20410D-LON-SVR1
20410D-LON-RTR
20410D-LON-CL1
20410D-LON-CL2
User name Adatum\Administrator
Password Pa$$w0rd

Estimated Time: 60 minutes

Lab Scenario

A. Datum Corporation has an IT office and data center in

London, which supports the London location and other
locations as well. A. Datum has recently deployed a
Windows 2012 Server infrastructure with Windows 8
clients.
You have recently accepted a promotion to the server
support team. One of your first assignments is to configure
the infrastructure service for a new branch office. As part
of this assignment, you need to configure a DHCP server
that will provide IP addresses and configuration to client
computers. Servers are configured with static IP addresses
and do not use DHCP.
Lab Review

• What purpose does the DHCP scope have?

• How should you configure a computer to receive
an IP address from the DHCP server?
• Why do you need MAC address for a DHCP server
reservation?
• What information do you need to configure on a
DHCP relay agent?
Module Review and Takeaways

• Review Questions
• Best Practices
• Tools