Dynamic Host Configuration Protocol DHCP

1
Dynamic Host Configuration Protocol (DHCP)
2
DHCP and BOOTP

• DHCP is an extension of Boot Protocol (BOOTP).
• Allows diskless clients to configure TCP/IP
  automatically.
• Centralizes and manages the allocation of TCP/IP.
• Automatically assigns addresses ( other IP
  config settings)

IP config is set manually
DHCP clients get IP config settings from DHCP
server
3
Problems with configuring TCP/IP manually

• Administrative overhead
• Need to keep track of all IP assignments
• Need to manually enter IP settings
• Bad or duplicate IP addresses
• Mistakes will happen!
• Moving between subnets
• Need to manually change IP settings

4
ConfiguringTCP/IP with DHCP

• Benefits of DHCP
• Centralized management
• Automatic supply of address information to
  clients
• Easier to troubleshoot
• Example settings that DHCP can provide
• IP address for network adapter
• Subnet masks
• Default gateways
• Additional parameters DNS, WINS, others

5
Four Phases of DHCP Client Configuration

• IP lease discover
• client initializes limited version of TCP/IP and
  broadcasts a request for the location of a DHCP
  server and IP addressing information
• IP lease offer
• all DHCP servers that have valid IP addressing
  info. for the client send an offer to the client
• IP lease request
• the client selects the IP addressing info. From
  the 1st offer broadcasts a message requesting a
  lease on the IP address ( other IP settings) in
  the offer
• IP lease acknowledgement
• The DHCP server that made the offer responds and
  an ACK the client can then bind the protocol
  start using the IP settings in the lease. All
  other DHCP servers withdraw their offers.

6
IP Lease Discover and Offer
7
Sending a DHCPOFFER Message
At this point, client has no IP address, knows
nothing of what network its on (thus the
broadcast 255.255.255.255)
131.107.3.24 On subnet 131.107.3.0
Routers can use the Offered IP Address to route
the DHCPOFFER to the correct subnet
subnet 131.107.8.0
8
When No DHCP Servers Online

• Client waits 1 second.
• Client rebroadcasts at 9, 13, 16 seconds and then
  at random intervals.
• Client retries every 5 minutes.

9
Automatic Private IP Addressing (APIPA)

• APIPA occurs when client attempts request, and no
  DHCP server responds
• Autoconfiguration of a Class B address.
• 169.254.0.0, with subnet mask 255.255.0.0.
• APIPA generates a valid IP address on this
  network
• Clients tests for conflicts (i.e. IP address
  already in use)
• If theres a conflict, repeat last step until no
  conflicts
• Client rechecks for a DHCP server every 5
  minutes.
• Useful only when you have a single, non-routed
  LAN
• Purpose allows small LANs to be put together by
  novices (NetBEUI served a similar purpose in
  Windows 3.11, and NT prior to NT 4)

10
IP Lease Request

• Client broadcasts DHCPREQUEST message.
• Broadcast can be forwarded to all DHCP servers
• Other DHCP servers retract offers.

11
DHCPACK, DHCPNACK

• DHCP server that originally made the offer
  normally sends DHCPACK to DHCP client that sent
  the DHCPREQUEST
• Client becomes a bound DHCP client.
• DHCPNACK (negative acknowledgement) can occur
  when a client is trying to lease its previous IP
  address.
• The IP address is no longer available.
• The client has been moved to a different subnet.
• If a DHCPNACK is received, the client returns to
  the process of requesting an IP lease.

12
Before Installing DHCP

• Hardware and storage requirements
• Will routers support DHCP forwarding?
• How many DHCP servers needed?
• On which subnets will they located?
• Which computers to configure via DHCP
• Most client computers
• Which computers to configure manually
• Most servers use static IP addresses
• DHCP options and values to be predefined

13
Options that Determine Configuration

• IP address and Mask are always part of the IP
  config
• Other options include
• Default gateway
• Domain Name System (DNS) server
• Windows Internet Name Service (WINS) server
• NetBIOS over TCP/IP name resolution
• In what order is it done, which components
• e.g. broadcast then WINS, or WINS then broadcast
• Is broadcast name resolution allowed.

14
Ipconfig options

• /? Display help message
• /all Display full configuration
  information.
• /release Release the IP address for the
  specified adapter.
• /renew Renew the IP address for the
  specified adapter.
• /flushdns Purges the DNS Resolver cache.
• /registerdns Refreshes all DHCP leases and
  re-registers DNS names
• /displaydns Display the contents of the DNS
  Resolver Cache.

15
DHCP Relay Agent

• DHCP broadcasts may not, by default, be forwarded
  to other subnets by routers.
• Many routers can be configured to pass DHCP/BOOTP
  messages to other segments
• referred to as BOOTP Relay
• Allows for centralization of DHCP services in one
  place or on selected subnets
• Windows NT/2000/2003 can be configured as a DHCP
  Relay Agent
• Forwards DHCP messages between clients and
  servers on subnets, useful when routers wont do
  BOOTP Relay
• If neither of the above, need to set up separate
  DHCP servers for each subnet

16
How DHCP Servers Provide Optional Data

• Default gateways that connect network segments
• IP addresses for DNS servers
• IP addresses for WINS servers
• NetBIOS over TCP/IP settings (Node Type)

17
Installing DHCP

• Install Microsoft DHCP Server service.
• Authorize the DHCP server.
• Configure global settings
• Global (Server) settings those that will be
  applied by default to all scopes.
• Simplifies scope administration if you want
  scopes to have the same settings. Common
  examples
• DNS WINS servers
• NetBIOS over TCP/IP settings (Node Type)
• Configure one or more scopes

18
Authorizing a DHCP Server

• Windows 2003 servers are verified.
• DHCP servers are authorized.
• First server in Active Directory
• Installed as domain controller or member
  servernot stand-alone
• Authorization process depends on server role.
• Domain controller
• Member server
• Stand-alone server

19
Configuring a scope

• A scope corresponds to an IP sub-network
• Defines a pool (a range) of addresses to be
  allocated to hosts on the subnet
• Define range to exclude addresses that are
  statically assigned, two approaches
• Define range endpoints to exclude others for
  static assignment, e.g. On 131.210.2.0 use
  131.210.2.51 through 131.210.2.254 leaves
  131.210.2.1 to 131.210.2.50 for static assignment
• Exclude specific IP address ranges from the
  range, e.g. for range 131.210.2.1 through
  131.210.2.254, exclude 131.210.2.10 through
  131.210.2.25

20
Configuring a scope

• Define other IP settings for the scope.
• If global settings are used, scope settings
  over-ride.
• If no global settings are defined, scope settings
  are the only ones that are used.
• Scope-level settings typically used when settings
  for the subnet differ from other subnets.
• Default gateway is a good example.

21
DHCP Scope

• (At least) One scope for every DHCP server.
• Exclude static IP addresses from scope.
• Multiple scopes will centralize administration.
• One scope to a subnet (on the DHCP server)
• DHCP servers do not share scope information.
• IP addresses must be unique to scope (cant exist
  in other scopes)
• Determine starting and ending addresses.

22
(No Transcript)
23
Scope and IP Address Ranges for Server A and
Server B
24
Registering for DNS Updates

• Windows 2000/2003/XP can register with a DNS
  server.
• Supports DNS Dynamic update protocol for
  automatic record updating.
• DHCP acts as registration proxy.
• DHCP and static DNS are not compatible.
• DHCP servers provide default support for legacy
  DHCP clients in DNS zones.
• The next two slide
• DHCP/DNS update interaction for Windows
  2000/2003/XP hosts
• DHCP/DNS update interaction for pre-Windows 2000
  hosts (Windows NT 4 and below)

25
A DHCP Client Interacting with the DNS Dynamic
Update Protocol
26
DHCP/DNS Interaction with Older Windows Clients
27
Number of DHCP Servers

• Size of network
• Number of DHCP-enabled clients
• Transmission speed between network segments
• Speed of network links
• IP address class of the network
• Isolated or multiple DHCP servers

28
Troubleshooting - Invalid IP Address

• Client does not have IP address, or client has IP
  address of 169.254.x.x.
• Results from client not being able to contact a
  DHCP server.
• Windows could not find a DHCP server and provided
  APIPA IP address.
• Consider disabling APIPA if it isnt used
• Determine whether network hardware failure or
  DHCP server is unavailable.
• Verify that client has valid functioning network
  connection.
• Check hardware.

29
Troubleshooting Missing Configuration Details

• Client is missing DHCP options.
• e.g default gateway, DNS Server, etc.
• Verify that options distribution is configured
  properly on the DHCP servers handling IP
  addresses for the scopes experiencing problems
• Check DHCP option settings.

30
Preventing DHCP Problems

• Use the 80/20 design rule for balancing scope
  distribution of addresses where multiple DHCP
  servers are used to service the same scope.
• When a scope is handled by gt 1 DHCP server, make
  sure address ranges DO NOT OVERLAP!!!!
• Create reservations on all DHCP servers that can
  potentially service the reserved client.
• DHCP is disk-intensive purchase hardware with
  optimal disk performance characteristics.
• Keep audit logging enabled for use in
  troubleshooting.

Thats all folks !