DHCP

Dynamic Host Configuration Protocol (DHCP)

Port: 67 Server and 68 client. Both UDP.

DHCP DORA – Discover, Offer, Request and Acknowledge.

DHCP DORA

Reservation: A reservation ensures a DHCP client is always assigned the same IP address. We add reservation post DHCP installation.

Exclusion: Exclusions are address which we can add an IP or set of IP addresses.

DHCP lease through conditional MAC:

DHCP can distribute IP address lease based on MAC address.

DHCP console -> Double click DHCP server -> Right click IP v4 and select properties

To configure, IP v4 -> Filters -> Right click Allow or deny -> New filter  and type MAC address

https://technet.microsoft.com/en-us/library/dd759190.aspx

Automatic Private IP Addressing [ APIPA ]

169.254.1.1 to 169.254.255.254

For APIPA, clients will be assigned with Class B subnet mask [255.255.0.0]. If a client has APIPA address it will check for DHCP server every 5 minutes. If available it will get a DHCP IP address.

APIPA is assigned the client itself. In order not to get duplicate APIPA, clients will broadcast itself (IP address etc) in the network.

DHCP relay agent:

A relay agent is a program that relays DHCP / BOOTP messages between clients and servers on different subnets.

DHCP relay agent

Lease duration:

Default: 8 days

Min: 15 minutes

Max: 1000 days

BOOTP DHCP
Bootstrap protocol Dynamic Host configuration protocol
Assigns IP v4 address to clients Assigns IPv4 and IP v6 address to clients
BOOTP clients needs to be restarted to bind or renew configuration Restart not required
No IP leasing feature Has IP leasing feature

———————-

Reservation:

A Reservation ensures a DHCP client always assigned the same IP address.

Reservation can be done once DHCP is installed.

Exclusion:

Exclusion can be made to an IP address or a range of addresses. These address(es) will not be distributed by DHCP server to clients.

Exclusion is configured during DHCP scope creation / DHCP installation.

—————-

Distributing DHCP based on MAC address:

DHCP console -> Double click the DHCP server -> Right-click IPv4 and select properties -> Click Filters and select Enable allow list

To configure,

IPv4 -> Filters -> Right click allow or deny -> New filter and type MAC address

—————-

DHCP Scope

A scope contains scope name, Range of IP, Subnet mask and lease duration values.

Superscope

A Superscope is a group of multiple scopes. A superscopes is used in the following situations:

  • If the available IP pool is depleted
  • Clients need to be migrated over a new network

DHCP Scope options

DHCP scope options

—————-

DHCP lease process

Before a lease expire, a DHCP client must renew the lease or obtain a new lease. Once the lease is expired, in Windows 2008, lease DB retain the expired system details for 4 hours. After that the entry will be removed.

DHCP DB Cleanup occurs every one hour.

—————–

DHCP IP address conflict detection

Once a client receive an IP from the DHCP server it will send an ARP request to the address in the Network. If a reply to the ARP request is received, the client has received a conflict and sends a DHCP decline message to the DHCP server.

The client then begins the DORA process again. DHCP server marks that IP as BAD address. Old systems don’t have conflict detection. We need to enable this at the server end.

—————–

DHCP in Windows 2008 and above server:

Supports IPv6, Stateful and Stateless configuration.

 

Stateless configuration:

Client gets IPv6 address through Router – Router

How it works?

  1. When a client is connected to IPv6 DHCP network, it will first check for discovering the network.
  2. Router in the IPv6 network provides network prefix to the client.
  3. Client then inturn combines the Network prefix with the client ID to form a complete IP address.
  4. Then the client checks with the DHCP server for other configuration data such as DHCP server etc

Note: Stateless configuration needs IPv6 compatible version router. If the Router does not support then we need to use Stateful configuration.

Network Access Protection

Windows 2008 DHCP server would not allow client if it does not compliant with internal security policies, Windows update or if it does not have Anti-virus installed

Windows 2008 supports Server Core DHCP server

—————————-

Configuring DHCP in Windows server 2008

  • Two sections in DHCP console – IPv4 and IPv6.
  • We can authorize or unauthorize the DHCP server. If unauthorized, the DHCP server would not give IP to clients.
  • After creating a scope, it needs to be activated. Otherwise the DHCP server would not issue IP address that is configured in that scope.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s