Introduction
Dynamic
host configuration protocol (DHCP) is one of the most commonly implemented
network services in today’s network environments. In this article I will review
the deployment and configuration of the DHCP server role in Windows Server
2012. We will revise the DHCP leasing process, DHCP options, DHCPv4 and DHCPv6
scopes, and auto configuration.
The
process of leasing TCP/IP configuration from the Dynamic Host Configuration
Protocol (DHCP) server includes four steps as listed below.
1.
First, DHCP client (PC in this case) broadcasts a DHCP discover message on the
network containing its MAC address destined for UDP port 68. This first message
is known as a DHCPDISCOVER message, which is a request to any DHCP server that
receives the message for configuration information. The DHCPDISCOVER is sent as
a broadcast message.
2. When
a DHCP server receives the DHCP request, it responds with a DHCPOFFER message
as unicast to UDP port 67 to the computer that sent the DHCPDISCOVER message.
The DHCPOFFER includes an offered IP address and subnet mask in the message. If
the DHCP client receives multiple DHCPOFFER, it will accept the first DHCP
offer that arrives.
3. After
accepting the offer, the DHCP client broadcasts a DHCPREQUEST message. The
DHCPREQUEST message requests the selected DHCP server to assign the DHCP client
an IP address and other TCP/IP configuration settings. The reason for this
broadcast message is to allow all other DHCP servers that received the
DHCPDISCOVER broadcast message from the client to reclaim the IP addresses that
they offered to the client.
4. The
DHCP server from which the offer was selected receives the DHCPREQUEST, it
sends a DHCPACK (DHCP ACKNOWLEDGEMENT) message. This message includes an IP
address and subnet mask for the DHCP client. It may include other TCP/IP
configuration information like default gateway, DNS servers etc.
Note: You can learn these steps easily
by remembering the first letter of each step. Four steps here are the name of 4
messages being sent (without the “DHCP” in their names): DISCOVER, OFFER,
REQUEST, ACK -> And their first letters are: DORA, a beautiful word!
What’s new in DHCP in Windows
Server 2012 R2
In
Windows Server 2012 R2, DHCP offers enhanced support in the following areas.
Feature/functionality
|
New or
improved
|
Description
|
DNS registration enhancements
|
New
|
You can use DHCP policies to configure conditions based on
the fully qualified domain name (FQDN) of DHCP clients, and to register
workgroup computers using a guest DNS suffix.
DHCP policies have been extended to allow users to
configure conditions based on the fully qualified domain name (FQDN) of
clients. DHCP policies can also be configured to register DHCP clients using
a specific DNS suffix, overriding the DNS suffix that is configured on the
client.
Using suitable FQDN-based conditions and a DNS suffix,
DHCP policies can be configured to enable full control of DNS registration
for computers and devices on the network, including workgroup computers and
guest devices, or clients with a specific attribute.
|
DNS PTR registration options
|
New
|
You can enable DNS registration of address (A) and pointer
(PTR) records, or just enable registration of A records.
This feature enables you to configure a DHCP server to
register only address (A) resource records of DHCP clients with the DNS
server. This can be helpful when a reverse lookup zone has not been
configured, causing attempts to register pointer (PTR) resource records to
fail. By disabling PTR registration, DHCP servers can be prevented from
repeated failed attempts to register PTR records. PTR registration can be
disabled for all clients of a DHCP server, or only for clients on a specified
subnet or with a specified attribute.
Previously, it was possible to disable DNS registration
for a specified group of DHCP clients. However, it was necessary to disable
both A and PTR registration.
|
Windows PowerShell for DHCP server
|
Improved
|
New Windows PowerShell cmdlets are available.
New Windows PowerShell cmdlets are available in Windows
Server 2012 R2. You can use these cmdlets to perform tasks such as creating
DHCP security groups, setting DNS credentials, managing superscopes, and
managing multicast scopes. Improvements have also been made in existing
Windows PowerShell cmdlets for DHCP server to help perform tasks such as
changing the mode of a failover relationship and configuring DNS settings for
a DHCP policy.
|
In
Windows Server 2012, DHCP offers enhanced support in the following areas.
Feature/functionality
|
New or
improved
|
Description
|
DHCP failover
|
New
|
This feature provides the ability to have two DHCP servers
serve IP addresses and option configuration to the same subnet or scope,
providing for continuous availability of DHCP service to clients. The two
DHCP servers replicate lease information between them, allowing one server to
assume responsibility for servicing of clients for the entire subnet when the
other server is unavailable. It is also possible to configure failover in a
load-balancing configuration with client requests distributed between the two
servers in a failover relationship.
|
Policy-based assignment
|
New
|
With policy based assignment, the DHCP the server
evaluates DHCP requests against policies that you define. Policies are
applicable for a specific scope with a defined processing order. Policies
applicable at a scope can be configured at the scope or inherited from server
wide policies. A single client request can match multiple policies, and
policies can be associated with multiple address ranges.
|
Windows PowerShell for DHCP Server
|
New
|
Windows Server 2012 provides task-oriented Windows
PowerShell cmdlets for DHCP server management. The DHCP server configuration
operations are implemented in Windows Server 2012 as Common Information Model
(CIM) based cmdlets. Windows PowerShell uses object pipelining to eliminate
the need for parsing and manipulation of text output. Windows PowerShell for
DHCP Server includes 103 cmdlets, covering multiple aspects of DHCP server configuration
and management.
|
Model Solutions
Deploying the DHCP Server Role
These are the steps necessary to add
the DHCP server role to a Windows Server 2012 computer:
1. In Server Manager, click Add roles and features.
2. In the Add Roles and Features Wizard, click Next.
3. On the Select installation type page, click Next.
4. On Select destination server page, click Next.
5. On the Select server roles page, select the DHCP Server check box.
6. On the Select features page, click Next.
7. On the DHCP Server page, click Next.
8. On the Confirm installation selections page, click Install.
9. On the Installation progress page, wait until the Installation succeeds.
DHCPv4 Scopes
1. After you installed the DHCP Server, you should see the role in the Server Manager. You should also see the warning that you have to complette the DHCP Server configuration. Please click on "More" to open the detail information.
2. On the Description, click Next.
3. In the next step you can authorize the DHCP server to your active directory. You should do this because DHCP will update DNS and AD DS entry's directly after allocating IP to DHCP Client. The credential you choose should have Domain admin rights.
4. After this the DHCP will authorized to AD DS. On the Summary, click Close.
5. Please be adviced in Windows Server 2012 "closed" don't mean the configuration has finished. It only means that configuration will be done in Background. You can see the status by clicking on the Flag in the top of the Server Manager.
6. To configure a DHCP Scope we have to open the DHCP MMC. So please click "Tool" and than "DHCP".
7. In the the DHCP MMC we click right on the DHCP Server and than on first on "Add/Remove Bindings...".
8. Please check if your Binding is set on the right Network Interface if not please change it before you go on.
9. After you checked and changed the settings please click ok and go back in the DHCP MMC. Click right on the DHCP IPv4 stack and select "New Scope".
10. On the Welcome to the New Scope Wizard, click Next.
11. Select your Scope Name and a Description.
12. Now you have to select the IP range and the subnet, that will be managed by your server.
13. Now you can select exclusion from DHCP e.g. static IPs or reservations and the delay.
14. Now you have to set the leasetime. Lease means the time that a DHCP client keeps his IP before he ask the DHCP server again for a renewal. When you have a big IP scope and enough IP's and no special security audits in your company, you could keep 8 days. When you use DHCP for WiFi connections or only a few IP's left, you should set the lease to maximum 2 days.
15. Here you can select if you want to configure the DNS, default gateway and WINS via wizard or later manually. In this guide I will configure the options with wizard. Later I will show you how to configure it manually.
16. At first we configure the default gateway. Normally this is a router or routable switch (Layer 3 Switch).
17. After this we configure the DNS Options that will provided via DHCP. First the Domain name. This should be the name of your DNS Zone that will be handled with this IPs and the DNS Servers. You can have as much DNS Servers as you need but mostly I see that Admins have 2 or 3 redundant DNS Servers.
18. After configuring DNS you can configure WINS. In my case I will leave this point out because I have no application or operating system planned that need WINS. You can configure it manually later at any time, so no worries.
19. We have nearly finished, now you can decide if you want to start the scope now ok later. Please select now.
20. Now click "Finish" and the scope will be installed and activated.
21. The DHCP MMC should look now nearly like this.
22. To check, ower on one of your Clients in this network and check with: ipconfig /all if you get an IP and the settings you have entered in the DHCP Server.
23. Type ipconfig /release to release the IP address for the specified adapter.
24. Type ipconfig /renew to renew the IP address for the specified adapter.
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
► Download this video, lesson for FREE
► PDF link: http://adf.ly/1n4015
▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬▬
No comments:
Post a Comment