In this video, we will talk about DHCP Services but first we need to install DHCP server so it can be able to create and configure the scopes. So for that we need to go to:
- Click “Manage”
- Click “Add Roles and Features”
- Then choose “Role-based or feature-based installation”
- Click “Next”
- Then select “DHCP Server”
- Click “Add Features”
- Click “Next”
- Next again
- And then “Install”
And once the installation is completed we need to go to “Tools” and then choose “DHCP”. And if you want to add another server over here, you can just right click on “DHCP” and then choose “Add Server”. Now let’s first configure IPV6 since there’s really not much to configure in IPV6 except if you want to configure a DNS server, now to do that:
- Right click on “Server Options” under IPV6
- Choose “Configure Options”
- Select “DNS Recursive Name Server IPv6 Address” (if this is unchecked, the clients would still get the IP Address configures automatically but they would not get a DNS server without this option.)
- And then choose a DNS server address
- And click on “Add”
And then this checks if the DNS server does exist, if it doesn’t, it will give you a message and you can add it if you want to. Now let’s move to IPv4 and configure the scope. To configure IPV4 you can just:
- Right click on IPv4
- Choose “New Scope”
- Click “Next”
- Name your network
- And then Click “next”
Also note that I have several IP Addresses, servers with static addresses, and etc. And as for your IP address range you can make exclusions and reservations for something in that range. And if I don’t want to use those addresses I will just start from a higher level but still keep in mind is that you can’t go up to 255 because that’s the broadcast address.
So just the IP range, and then the subnet mask. And then we can add exclusions over here and the IP addresses that we put here won’t be included in the address pool that the DHCP server uses. Then just click “add”, then in the lower right corner you can see the subnet delay in milliseconds. You can use this if you have another preferred DHCP server. In that way, the other DHCP server will automatically give out most of the addresses, because it will be faster than this current one. But for now let’s just leave it blank. Then Click on Next.
Then in the Lease Duration, this is very useful if you are limited on IP Addresses and then you have people going off the network and they are not using IP Addresses then the DHCP server will assign the IP Address to another client but that is of course after the limited number of days. So in this example, I’m just gonna make this zero days and change it to 2 minutes just for demonstration purposes. Just so that I can allow some of my IP addresses to expire. So that I can show you on how certain things, such as failover, will work. Then click on Next.
You should choose to configure the options now there will be things like default gateway and DNS server. This will be the most common things that you’ll configure. Click on Next, then just type in your default gateway, click “Add” then click on “Next”. Usually the default gateway is the first IP Address or the last one and then here you type in the parent domain for the DNS server and right here below you can type in your server name. Then click on “Resolve”, then click next.
And since I don’t have a WIN server, I’m just gonna click that off. After that activate the scope and you can also activate the server active directory. Then click “Finish”. And if you want to be in the production you can just right click on it and choose “Authorized”. And with that you have now a DHCP server that is ready to provide you services for DHCP but this is not applied to all. For example if your client is not Microsoft based. And after you hit refresh everything should be just working out just fine.
And to know if someone leases from you, you just need to:
- Click on “Scope”
- Then choose “Address Pool”. This shows the available addresses which you can see on the top. And also this identifies the exclusion which you can see at the bottom.
- Then choose “Address Leases”. This will show everyone who leases on your network.
Now let’s move on to Reservation, if you have a computer or server that you would like to have the same IP Address but don’t want to configure static IP information, Reservation is what you need. You can actually manually enter the IP Address, DNS server, default gateway, etc. So in order for you to do the reservation you just need to “Right click on the IP Address” and then choose “Add to reservation”. So with that, that device will get the same IP address from the DHCP server. And it will also get the changed DNS servers, changed default gateways, and all of those other kinds of options. And if you click the “Reservation”, you will noticed that it is inheriting its DNS domain name, its DNS server, and the router configuration. This will give you the advantage because you can use all the benefits of DHCP and this will automatically update if there are changes. Also, you can have the advantage of a static IP address and this will inherit the options on your scope.
And if you want to override the IP Address that you used in one of this routers you just need to:
- Right click on the “reservation”
- Choose “Configure options”
- Check the router that you want to change
- Configure the IP Address
- Click “Add”
- Click “ok”
As you can see, the icon change and also it’s no longer inherited.
Now let’s move on to PXE boot configuration, “pixie” means Preboot eXecution Environment. If you have a computer that has no operating system to boot. And you don’t want to install the operating system on every machine with a DVD/ CD, what you need to do is to set up Windows Deployment Server, or WDS in your environment.
When the computer with no operating system first boots up, it needs to contact a DHCP server so that it can download an operating system from the Windows Deployment Server (WDS). WDS can be configured to have many operating systems. So since the computer doesn’t have any operating system here, when it boots it will need IP address from DHCP server.
During the first broadcast of the client computer looking for a DHCP server, it does this through the UDP Port 67 and we call this the Discovery packet. And as the DHCP server receives this, it offers an IP Configuration to the client.
And then the client requests the DHCP server to be allowed to keep the configuration and so that the DHCP server could register to its database that this IP address is being used by this client, avoiding duplicate IP usage. And this part of the process also informs other possible DHCP servers in the network that the client is already using an IP address given by another DHCP server. After that, the DHCP server sends an Acknowledgement packet to the client giving permission to keep the configuration.
After that whole process, it will again broadcast, looking for a WDS server and get an Operating System from that server. But what if you want your WDS and DHCP server to be one and the same? And note that only 1 service can use 1 port at a time. So, this client may be able to contact the DHCP server through the UDP 67, but how about the WDS which also uses the same port? The answer to this is rather simple, because when you install WDS and you already have a DHCP server installed, the computer will prompt you that port 67 is already used and ask you if you would want to use port 60 instead.
Now let me show you how to configure WDS.
- Run WDS
- Right click on your server and choose configure
- Here, you can read an introduction to WDS and its requirements, click next
- Then here, you can choose to have WDS integration with AD or just a Standalone Server. In my case, I just use integrated. Click Next.
- Then, you can choose a directory where you could save the files. You usually put this in another directory, volume or hard drive.
- Now the next wizard is very important, here you can choose to not let WDS listen on DHCP or DHCPv6 ports. And configure it to use another port.
- Next, Here, I’ll just choose respond to and then finish the wizard.
And if you refresh your WDS, you’ll see the changes made. Now in DHCP, you should see port option 60 as you try to configure here in server options. But if you had DHCP open when you configured WDS, then you should close DHCP first and then open it again to see the changes.
Now back here in IPv4 Server Options, now you we can see the option 60 PXE client.
Earlier, we talked about a client broadcasting on the same subnet as the DHCP server to get an address, but what if the client is in a different subnet?
The client will just broadcast and never get an address from the DHCP and just get the APIPA address. And this is where the DHCP Relay Agent come in. It allows the client to broadcast through the router and to the DHCP server. But, you’re gonna need to install Routing and Remote Access to do this.
All you need to do is:
- open Routing and remote access
- go to IPv4
- Right click on general
- then choose new routing protocol
- then choose DHCP Relay Agent
So what happens now is that it’s gonna have the IP address of a DHCP server.
- Right click on DHCP Relay Agent
- Then type the address of the DHCP server you have.
So what happens now is that, every time the server hears a broadcast from a client looking for a DHCP server, it’s gonna forward it to the address in the DHCP Relay Agent. DHCP has also other features, here you can Backup, Restore and Reconcile DHCP Databases. Though, after restoring from a backup DHCP file, you need to authorize the new DHCP server and then reconcile all scopes, especially if you restored it to the same server.
You can also “Filter” the devices that would be allowed to be given Addresses by the DHCP through the Filters. By adding the MAC addresses of the devices here in allow or deny. Then there is DHCP Failover. Here, you could rig 2 DHCP servers in different subnets, connected through a DHCP relay agent, to share some of their scope subnet addresses to each other. So, in case one server fails, the other server can still provide service for broadcasting clients and vice-versa.
Another way for this aside from splitting scopes between servers, is to have the 2 servers share 1 common database. Where 1 computer is Active which is the one who assigns addresses to both subnets and the other is passive who only listens to the other server to check if it’s still active. And if the Active computer goes down, the passive computer could easily take its place using the data from the database. This method is quite effective, the only problem is if the database is the one with the problem. Putting that to DHCP servers in stand still.
Now this is how you do the failover:
- First you need to open DHCP on both servers. or just add the second server to the DHCP list of servers on either computers
- Now in your second DHCP server, right click on the scope and choose configure failover
- Next, you just choose select all and click next.
- Here, you can specify the partner server which is the first computer. Then click on next.
- Then here, you can configure the failover mode, Load Balance between the servers, configure reserved addresses for standby server and lead time.
- And then Finish
And also note that always delete/edit things only from your Primary DHCP server.
Now if you want to remove the failover relationship, you just right click the scope on your primary computer, choose properties, then in the failover tab, click on delete and ok. Then refresh DHCP. You can also click on edit and see additional options like State Switch Interval which is used if one server is down while Lead time insures smooth synchronization between the client and server, avoiding duplicate addresses.
And as for IPv6, there’s not really much you need to because IPv6 pretty much configures everything for you. However, you might want to configure the DNS server that you want to use here in server options. You just need to type in the IPv6 address, apply, then ok. Authorize the server, then refresh DHCP. Then from here, clients can now apply this configuration for IPv6.
And that’s it for DHCP! Thank you for watching, and I hope you learned much in this video.