Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Slides

advertisement 
MCSA Guide to Installing and
Configuring Windows Server
2012/R2, Exam 70-410
Chapter 11
Configuring Dynamic Host Configuration
Protocol
Objectives
•
•
•
•
Describe the DHCP protocol and process
Install and configure a DHCP server
Configure DHCP server settings
Configure a DHCP relay agent
MCSA Guide to Installing and Configuring Windows Server 2012/R2,
Exam 70-410
© Cengage Learning 2015
2
An Overview of Dynamic Host
Configuration Protocol
• Dynamic Host Configuration Protocol (DHCP) is a
component of the TCP/IP protocol suite
– Used to assign an IP address to a host automatically
from a defined pool of addresses
• IP addresses assigned via DHCP are usually
leased, not permanently assigned
• To prevent a disruption in communication, the
client attempts to renew the lease when the lease
interval is 50% expired
• DHCP is based on broadcast packets
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
3
The DHCP Assignment Process
• The request for an IP address between a DHCP
client and a DHCP server is a 4-packet sequence:
– 1) DHCPDISCOVER - client transmits a broadcast
packet via UDP source port 68 and UDP destination
port 67 to the network
– 2) DHCPOFFER - DHCP server received the
DHCPDISCOVER packet and responds with an offer
– 3) DHCPREQUEST - client responds by requesting
the offered address
– 4) DHCPACK - the server acknowledges the
transaction and sends IP parameters to the client
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
4
Figure 11-1 The packet sequence for DHCP address assignment
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
5
DHCP Address Renewal
• A client uses unicast packets rather than broadcast
packets in the lease renewal process
– The client already knows the address of the server
• A successful renewal is a 2-packet sequence:
– 1) DHCPREQUEST - when the lease is 50%
expired, the client sends a unicast packet to request
a renewal
• If server doesn’t respond, client will try 3 more times
– 2) DHCPPACK - if server can honor the renewal
request, will send a unicast packet granting and
acknowledging the renewal request
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
6
DHCP Address Renewal
• The renewal request may fail in these situations:
– The server responds but can’t honor the renewal
• The requested address may have been deleted or
deactivated from the scope
– The server doesn’t respond
• 1) The client keeps its current address until 87.5% of
the lease interval has expired and sends out a
DHCPREQUEST broadcast packet
• 2) Two possible results from the DHCPREQUEST
– A DHCP server responds
– No DHCP server responds and client starts the
process all over again
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
7
DHCP Messages
Table 11-2 DHCP Message Types
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
8
Installing and Configuring a DHCP
Server
• DHCP Server role can be installed by using the
Add Roles and Features Wizard via Server
Manager
• After installing, the DHCP console is available on
the Tools menu in Server Manager
• In a Windows domain, the DHCP server must be
authorized, and a scope must be created before
the server can provide DHCP services
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
9
Figure 11-2 The DHCP console
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
10
DHCP Server Authorization
• DHCP clients have no way of determining whether
a DHCP server is valid
• Reason for authorization:
– A rogue DHCP server could be installed on a
network and incorrect IP address settings could be
configured on client computers
• DHCP server authorization requires Enterprise
Administrator credentials
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
11
DHCP Scopes
• DHCP scope - a pool of IP addresses and other IP
configuration parameters that a DHCP server uses
to lease addresses to DHCP clients
• A scope consists of the following required
parameters:
–
–
–
–
Scope name
Start and end IP addresses
Prefix length or subnet mask
Lease duration - specifies how long a DHCP client
can keep an address
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
12
Exclusion Ranges
• Addresses can be excluded in two ways:
– De facto exclusion - you set the start and end IP
addresses in the scope so that several addresses in
the subnet fall outside the scope’s range
– Create an exclusion range - consists of one or more
addresses in the scope that the DHCP server
doesn’t least to clients
• They can be created when the scope is created with
the New Scope Wizard or afterward by right-clicking
the Address Pool node under the scope and clicking
New Exclusion Range
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
13
Reservations
• Reservation - an IP address associated with the
MAC address of a DHCP client to ensure that when
the client requests an IP address, it always gets the
same one
• The IP address in the reservation must fall within
the same subnet and use the same subnet mask
as the scope
• You can force a client to release a reserved
address and get a different address by typing:
– ipconfig /release and then ipconfig
/renew
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
14
Multiple Subnets, Multiple Scopes
• A DHCP scope can service a single subnet
– DHCP is based on broadcasts, which can’t traverse
routers
• Three methods for handling a network with multiple
subnets:
– Configure a DHCP server in each subnet
– Configure a single DHCP server with network
interfaces connected to each subnet and scopes
defined for each subnet
– Configure DHCP relay agents on subnets that don’t
have a DHCP server
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
15
Figure 11-3 A server configured with multiple scopes
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
16
Split Scopes
• Split scope - a fault-tolerant DHCP configuration in
which two DHCP servers share the same scope
information
– Allows both servers to offer services to clients
• Create a split scope by using the wizard as follows:
– 1) Install the DHCP Server role on two servers
– 2) Create a scope on the first server and activate it
• The wizard configures the scope on the second server
– 3) Run the wizard on the first server
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
17
Split Scopes
• Create a split scope by using the wizard as follows
(cont’d):
– 4) The wizard creates the scope on the secondary
server and creates the necessary exclusion range
• According to the split percentage on both servers
– 5) Create reservations on both servers
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
18
Figure 11-4 Setting the percentage of split
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
19
Superscopes
• Superscope - a special type of scope consisting of
one or more member scopes that allow a DHCP
server to service multiple IPv4 subnets on a single
physical network
– Directs the DHCP server to draw addresses from
both scopes
• Useful if the number of computers on a physical
network exceeds the size of the original subnet
• Each scope that’s part of a superscope is referred
to as a “member scope”
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
20
DHCP Options
• DHCP options can be assigned at the following
levels:
– Server options - affect all scopes but can be overridden
by a scope, policy, or reservation option
– Scope options - affect clients that get a lease from the
scope in which the option is configured
– Policy options - allow an administrator to assign IP
address options to clients based on client properties
– Reservation options - based on a computer’s MAC
address
• Take precedence over any conflicting options set at
any other level
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
21
Common DHCP Options
• DHCP options are specified in the format
NNNOptionName
– NNN represents a three-digit number that identifies
the option in the DHCP packet
• Common options:
–
–
–
–
–
003 Router
006 DNS Servers
015 DNS Domain Name
044 WINS/NBNS Servers
046 WINS/NBT node type
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
22
Configuring Options
• Server options are configured by clicking the IPv4
or IPv6 node in the DHCP console
– Right-click Server Options, click Configure Options
• The Server options dialog box has two tabs:
– General - has a list of available options in the upper
pane
– Advanced - has the same list of options as well as a
list box to choose the Vendor Class
• A field in the DHCP packet that is used to identify a
device model or an OS version
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
23
Figure 11-11 The Server Options dialog box
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
24
DHCP Server Configuration
• When performing DHCP server configuration tasks,
right-click the server node and you can choose
from the following tasks:
–
–
–
–
–
–
–
Add/Remove Binding
Backup
Restore
All Tasks
Delete
Refresh
Properties
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
25
Figure 11-12 The Server Bindings Properties dialog box
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
26
DHCP Server Configuration
• Right-click the IPv4 node and you can choose from
the following options:
–
–
–
–
–
–
–
–
–
Display Statistics
New Scope
New Superscope
New Multicast Scope
Configure Failover and Replicate Failover Scopes
Define User Classes and Define Vendor Classes
Reconcile All Scopes
Set Predefined Options
Properties
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
27
Figure 11-13 Server statistics
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
28
Configuring IPv4 Server Properties
• The IPv4 Properties dialog box has six tabs:
– General - specify statistics and logging parameters
– DNS - configure how DHCP interacts with a DNS
server for making updates on behalf of DHCP clients
– Network Access Protection (NAP) - enable or
disable NAP on all scopes
– Filters - configure MAC address filters to allow or
deny DHCP services to computers
– Failover - configure and view failover status
– Advanced - offers many advanced options
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
29
Figure 11-16 The DNS tab
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
30
Figure 11-18 The Advanced tab
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
31
Configuring Scope Properties
• The Scope Properties dialog box has four tabs:
– General - change the scope name and the start and
end IP addresses
– DNS - contains dynamic DNS configuration options
– Network Access Protection - enable or disable NAP
on the scope
– Advanced - configure which type of clients the server
responds to
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
32
Figure 11-20 The Advanced tab for scope properties
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
33
Configuring Filters
• DHCP filters - allow administrators to restrict which
computers on a network are leased IP addresses
• Filters use MAC addresses as the filtering criteria
• Filters are configured under the IPv4 node and are
not available for IPv6 DHCP
• If you create an allow filter, only a device with a
MAC address in the filter can lease an IP address
from the DHCP server
• If you create a deny filter, all devices except those
with a MAC address in the filter can lease an
address
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
34
Configuring Policies
• DHCP policies - give administrators more fine-tuned
control over address lease options
– Contain conditions that specify one or more clients that IP
address settings should be delivered to
• Policy conditions can be created with any combination
of the following:
–
–
–
–
–
–
Vendor Class
User Class
MAC address
Client identifier
Fully qualified domain name
Relay agent information
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
35
Configuring Policies
• Policies can be configured at the server level or the
scope level
• Scope-level policies take precedence over serverlevel policies if both are configured and there’s a
conflict
• Server-level policies are limited to assigning DHCP
options and lease duration to clients matching the
policy conditions
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
36
Configuring Policies
• To create a policy, right-click the Policies node
under the IPv4 node or the scope and click New
Policy to start the DHCP Policy Configuration
Wizard, then follow these steps:
– 1) Give the policy a name and description
– 2) Create one or more conditions that identify
devices
– 3) Configure settings for the policy
– 4) Configure additional settings in the policy’s
Properties dialog box
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
37
DHCP Relay Agents
• DHCP relay agent - a device that listens for
broadcast DHCPDISCOVER and DHCPREQUEST
messages and forwards them to a DHCP server on
another subnet
• You can configure a DHCP relay agent on a subnet
that doesn’t have a DHCP server
– You can still manage DHCP addresses from a
central server without having to configure the DHCP
server with network interfaces in each subnet
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
38
Figure 11-25 DHCP relay agents
MCSA Guide to Installing and Configuring
Windows Server 2012/R2, Exam 70-410
© Cengage Learning 2015
39
DHCP Relay Agents
• DHCP relay process:
– 1. A client on the same subnet as the relay agent
sends a DHCPDISCOVER broadcast
– 2. The relay agent forwards the message to the
DHCP server’s IP address as a unicast
– 3. The DHCP server receives the message and
since the relay agent’s address is in the message,
the server knows to draw an address from the scope
matching the relay agent’s IP address
– 4. The DHCP server sends a unicast DHCPOFFER
to the subnet the message was received from
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
40
DHCP Relay Agents
• DHCP relay process (cont’d):
– 5. The relay agent forwards the DHCPOFFER as a
broadcast to the subnet it was received from
– 6. The DHCP client broadcasts a DHCPREQUEST
– 7. The relay agent forwards it to the DHCP server
– 8. The server replies with a DHCPACK to the relay
agent
– 9. The relay agent forwards the DHCPACK to the
client
– 10. Renewal requests are unicast packets, so the
client can communicate directly with the server
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
41
Installing a DHCP Relay Agent
• The DHCP relay agent function is configured as part of
the Routing role service under the Remote Access
server role
• To make a Windows Server 2012/R2 server a DHCP
relay agent, follow these steps:
– 1. Install the Remote Access server role and include the
Routing role service
– 2. In the Routing and Remote Access console, right-click
the server node and click Configure and Enable Routing
and Remote Access
– 3. Click Custom configuration in the Routing and Remote
Access Server Setup Wizard
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
42
Installing a DHCP Relay Agent
• To make a Windows Server 2012/R2 server a DHCP
relay agent, follow these steps (cont’d):
– 4. Click the LAN routing check box, click Next and then
Finish and click Start service when prompted
– 5. In the Routing and Remote Access console, expand
the IPv4 node and right-click General node and click New
Routing Protocol
– 6. In the Routing and Remote Access console, right-click
DHCP Relay Agent and click New Interface
– 7. In the DHCP Relay Properties dialog box, accept the
default settings and click OK
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
43
Installing a DHCP Relay Agent
• To make a Windows Server 2012/R2 server a DHCP
relay agent, follow these steps (cont’d):
– 8. In the Routing and Remote Access console, right-click
the DHCP Relay Agent and click Properties
• Type the address of the DHCP server the relay agent
should forward DHCP messages to and click Add
• You can add more than one address if you’re using load
balancing
• Click OK
MCSA Guide to Installing and Configuring Windows Server
2012/R2, Exam 70-410
© Cengage Learning 2015
44
Summary
• Dynamic Host Configuration Protocol (DHCP) is a
component of the TCP/IP protocol suite that is used to
assign an IP address to a host automatically from a
defined pool of addresses
• The process of a DHCP client requesting an IP
address and a DHCP server fulfilling the request is a
four-packet sequence of broadcasts
• The DHCP service is installed as a server role named
DHCP Server
• A DHCP scope is a pool of IP addresses and other IP
configuration parameters that a DHCP server uses to
lease addresses to DHCP clients
MCSA Guide to Installing and Configuring Windows Server 2012/R2,
Exam 70-410
© Cengage Learning 2015
45
Summary
• A split scope is a fault-tolerant DHCP configuration in
which two DHCP servers share the same scope
information
• Almost every network requires a DNS server’s IP address
for name resolution and a default gateway to communicate
with other subnets and the Internet
• Server options are configured in the DHCP console
• You can perform several DHCP server configuration tasks
in the DHCP console
• The IPv4 server properties include statistics and logging
parameters, dynamic DNS configuration, NAP
configuration, filters, conflict detection, and configuration
of DNS registration credentials
MCSA Guide to Installing and Configuring Windows Server 2012/R2,
Exam 70-410
© Cengage Learning 2015
46
Summary
• DHCP filters allow administrators to restrict which
computers on a network are leased an IP address based
on the client MAC address
• DHCP policies give you more fine-tuned control of address
lease options than you have with server, scope, and
reservation options
• If you’re using Windows Deployment Services to install
Windows OSs on computers, you might need to configure
DHCP to respond to Preboot Execution Environment
network interfaces
• A DHCP relay agent is a device that listens for broadcast
DHCPDISCOVER and DHCPREQUEST messages and
forwards them to a DHCP server on another subnet
MCSA Guide to Installing and Configuring Windows Server 2012/R2,
Exam 70-410
© Cengage Learning 2015
47
Related documents
DHCP Security Analysis
DHCP Security Analysis
Windows 2000 DHCP Installation and Configuration
Windows 2000 DHCP Installation and Configuration
Configuring DHCP Scopes and Options
Configuring DHCP Scopes and Options
Mat/Sta/CMP Department - Nassau Community College
Mat/Sta/CMP Department - Nassau Community College
Setting DHCP Server via Winbox on Mikrotik PC Router
Setting DHCP Server via Winbox on Mikrotik PC Router
Networking in Linux
Networking in Linux
A Practical Guide to Red Hat® Linux® College Edition
A Practical Guide to Red Hat® Linux® College Edition
NOS 231 Course Outline
NOS 231 Course Outline
Download
advertisement