MANAGING AND MONITORING DHCP

1
MANAGING AND MONITORING DHCP

• Chapter 2

2
MANAGING DHCPCOMMON DHCP ADMINISTRATIVE TASKS

• Configure or modify scopes
• Configure or modify options
• Configure the DHCP relay agent
• Back up the DHCP database
• Restore the DHCP database
• Compact the DHCP database
• Reconcile DHCP scopes

3
DNS DYNAMIC UPDATES

• Allows client computers to dynamically update
  resource records in DNS
• Allows DHCP to dynamically update client computer
  resource records

4
WHEN TO USE DYNAMIC UPDATES

• When the DNS client operating system is not
  Microsoft Windows 2000, Microsoft Windows XP,or
  Microsoft Windows Server 2003
• When assigning permissions that allow clients to
  update their own records becomes unmanageable
• When allowing individual clients to update
  records presents a security risk

5
DYNAMIC UPDATES WITH MICROSOFT WINDOWS 2000 AND
LATER CLIENTS
6
DYNAMIC UPDATES WITH PREWINDOWS 2000 CLIENTS
7
CONFIGURING DHCP FOR DYNAMIC UPDATES
8
SECURE DYNAMIC UPDATES
9
TROUBLESHOOTING TIPS FOR DYNAMIC UPDATES

• Check the servers system Event Log for errors.
• Use Ipconfig /registerdns to force a client to
  renew DNS registration.
• Ensure dynamic updates are properly enabled for
  the zone on the DNS server.
• Verify that clients preferred DNS server is the
  primary DNS server for the zone.
• Check the resource record access control list
  (ACL) on the server. The ACL must allow dynamic
  updates.

10
TROUBLESHOOTING TIPS FOR DYNAMIC UPDATES (CONT.)

• Verify that the system time on the DNS server and
  the DNS client is synchronized.
• Check the client UpdateSecurityLevel registry
  entry. The registry entry could have been
  modified to prevent dynamic updates.
• Check to see whether the DNS zone is locked,
  preventing updates.
• Ensure that the client has permissions to update
  the resource records.

11
MANAGEMENT OF A DHCP DATABASE

• Back up and restore the database.
• Reconcile the database.
• Compact the database.
• Enable server-based conflict detection.
• Remove the database.

12
BACKING UP AND RESTORING THEDHCP SERVER

• Microsoft Windows Server 2003 supports automatic
  and manual backups of the DHCP database.
• The DHCP database and registry entries are
  automatically backed up every 60 minutes by
  default.
• If the original database is unable to load, when
  DHCP starts it will automatically restore a
  backup copy of the database.
• A manual backup can be performed.
• Manual backups can be used only with manual
  restores.

13
RECONCILING A DHCP DATABASE USING THE RECONCILE
ALL SCOPES OPTION
14
COMPACTING A DHCP DATABASE
15
REMOVING A DHCP DATABASE
16
BEST PRACTICES FOR MANAGINGA DHCP DATABASE

• Manually back up the DHCP database to a location
  other than the default location
  systemroot\System32\Dhcp\Backup\Jet\New.
• Maintain an offline copy of the backup.

17
MONITORING A DHCP DATABASE

• Establish a baseline.
• Gather DHCP data from the following locations
• DHCP console
• DHCP audit log
• Event Viewer
• Performance console

18
USING DHCP STATISTICS TO MONITORA DHCP SERVER
19
MONITORING DHCP USING THE AUDITLOG FILES
20
USING THE PERFORMANCE CONSOLETO MONITOR DHCP
21
BEST PRACTICES FOR MONITORING DHCP

• Create a baseline.
• Check the standard counters for server
  performance.
• Monitor the counter for DHCP performance.

22
AUTOMATIC PRIVATE IP ADDRESSING

• When to disable Automatic Private IP Addressing
  (APIPA)
• Troubleshooting APIPA

23
CHAPTER SUMMARY

• DHCP can dynamically update DNS.
• Dynamic updates can be secure.
• You must monitor and manage DHCP.