Windows Server 2008 : DHCP/WINS/Domain Controllers - Exploring the Dynamic Host Configuration Protocol (DHCP)

2/17/2011 8:57:28 AM
Amazingly little is known about the DHCP service, although it is used in virtually all organizations and networks. The service itself has simple beginnings but has evolved to become an important component in a network environment. If you have ever connected a computer to a network, such as a Wi-Fi hot spot at the local café, the computer was given a network address from a DHCP service running on that network.

Detailing the Need for DHCP

Aside from just assigning a network device a unique IP address on the network, there needs to be a network architecture that manages how network devices communicate, and, particularly, which devices can communicate and when. This network communication management is provided by the TCP/IP networking protocol. TCP/IP is too complex and not necessary to define in this article but one thing that is certain is that each device connected to a TCP/IP network requires a unique address. This unique address defines the node’s network affiliation and provides for a means of sending and receiving network information between itself and the destination network device(s). This address, or IP address, must be assigned to each device on the network to allow for communication using TCP/IP. In the past, many IP addresses were manually distributed as new clients were added to a network. This required a large amount of administrative overhead to maintain, and often resulted in problems in configuration caused by simple typographical errors and basic human error. Also, manually adding IP addresses to devices, without a well-managed and up-to-date address table or database, resulted in multiple machines on the network using the same address. When multiple devices were configured with the same IP address on a single network, the result usually included failed networking on both devices. As an example of this, if two people in the same household picked up different phones to dial simultaneously, they would both hear the dial tone but when they dialed the number, most likely an incorrect number would be dialed that did not match either of the desired numbers.

Aside from building in checks to deal with duplicate IP addressed devices on a single TCP/IP network, administrators quickly realized that automating address distribution was the way to go. The search for such a system led to the predecessors of DHCP: RARP and BOOTP.

Outlining DHCP Predecessors: RARP and BOOTP

The need for dynamic allocation of IP addresses to clients was first addressed by the Reverse Address Resolution Protocol (RARP). RARP simply allocated an IP address to a client after that client requested it through a network broadcast. This protocol was quickly discovered to be ineffective for communicating between different networks.

The successor to RARP was the Bootstrap Protocol (BOOTP), which improved the dynamic assignment of IP addresses by allowing for routing through different networks and used a concept called a magic cookie, a 64-byte portion of the BOOTP packet that contained configuration information such as subnet mask, DNS server designations, and so on. This protocol was a drastic improvement over RARP but was still limited in a few functional areas—namely, the fact that the database was not dynamic and was stored in a static text file, which limited its usability. BOOTP is still used today to deliver IP addresses to systems that need to connect to a network to locate the necessary files to load an application or operating system, such as is the case in a diskless computer.

Exploring the DHCP Server Service

DHCP was developed as an improvement to BOOTP. In fact, a DHCP packet is almost identical to a BOOTP packet, except for the modification of the magic cookie portion of a packet, which was expanded in size to accommodate additional options such as DNS server, WINS server, and so on.

The DHCP process is straightforward. A client boots up, and a broadcast request is sent out to all nodes on the network to which the client is connected. If a DHCP service is active and listening for these broadcasts, it will respond to the client request by issuing an available IP address from a predefined range or pool, as illustrated in Figure 1.

Figure 1. The DHCP IP request process.

In addition to an IP address, all options that are defined on the server scope are issued to a client. This includes DNS servers, WINS servers, gateways, subnet masks, and many other settings. If these options are issued automatically, the chance for errors is lessened and the entire IP address assignment becomes automated, decreasing administrative overhead.

Examining the DHCP Client Service

The server portion of DHCP is only half of the equation in a DHCP transaction. The request for an IP address comes from a specific interface known as the DHCP client. The DHCP Client service is included in all versions of TCP/IP deployed with Microsoft Windows, but on some of the older clients, TCP/IP would need to be installed separately.

The DHCP client, as previously mentioned, interacts with the DHCP Server service, in terms of requesting, accepting, and releasing IP addresses. Each version of the Windows TCP/IP protocol included with each operating system includes a different DHCP client, and there are slight variations in the functionality of each of them. However, the overall function—to apply for and receive an IP address from a DHCP server—remains the same in each.

Understanding Automatic Private IP Addressing (APIPA)

The TCP/IP DHCP Client/Server service was updated with the release of Windows 2000 to enable Windows clients to automatically assign themselves an IP address if no BOOTP or DHCP server was available; it does so through a process called Automatic Private IP Addressing (APIPA). APIPA clients automatically assign themselves an IP address in the range in this situation, which allows them to have basic TCP/IP connectivity in small networks. So, in essence, a small workgroup network can be built with Windows 2000, XP, Vista, or Windows 7 workstations, and without too much work, these systems would be able to communicate with each other using addresses self-assigned by the APIPA service.

APIPA might be problematic in larger networks because it forces clients to assign themselves addresses in a range that is normally not part of a local company subnet. If a DHCP server is down, clients that are attempting to renew a lease or obtain a new IP address from a DHCP server will fail and automatically assign themselves an APIPA address. When the server comes back online, these clients will not immediately get a legitimate IP address from the DHCP server because they are no longer broadcasting for an IP address, and will essentially remain cut off from the network. In a case like this, the client workstation will need to initiate a new DHCP address request by rebooting the system or forcing a manual address request using a command such as Ipconfig /renew from a command prompt. This can be quite troublesome for corporate network administrators and help desk support staff if the DHCP services on their network are slow to respond or fail often. In certain situations, network administrators might want to disable the APIPA functionality, and Microsoft supplies a Registry key that will perform this function for Windows 2000 and later systems. A Registry key can be manually created on the systems in the following location:


You can create this key by following these steps on the client:

Open Registry Editor (choose Start, Run, and then enter regedit).

Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\_Interfaces\<AdapterName> (where AdapterName is the hexadecimal representation of the network adapter in question).

Right-click on the <AdapterName> key and choose New, DWORD Value.

Enter IPAutoconfigurationEnabled to rename the DWORD value.

Double-click the new value and ensure that 0 is entered as the value data.

Click OK and close the Registry Editor.

To validate that APIPA is disabled, an administrator should run IPCONFIG /ALL from the command prompt and then check that the Autoconfiguration Enabled option is set to No.


APIPA can also be effectively disabled in Windows XP clients through an alternate IP configuration, which allows for the designation of a static IP address if DHCP is unavailable.

Detailing DHCP Relay Agents

Because DHCP clients use network broadcasts to seek out DHCP servers, it is important that there is a DHCP server on each network. To send and receive network traffic between separate networks, a device known as a network router is used. By default, network routers do not forward any broadcast network traffic between networks. On complex networks that include network routers, if network clients on each network require the automatic IP address assignment functionality of a DHCP service, there will either need to be a DHCP server on each network or a service known as a DHCP Relay Agent must be deployed. DHCP Relay Agents can be servers, a service hosted by a network router, or, in some cases, a network switch. DHCP agents will listen for DHCP broadcast requests and forward them to previously designated DHCP servers on another network. As an example of this, Cisco routers provide a service called ip-helper, which is defined with the DHCP server to forward broadcast requests to. If this type of router configuration is not utilized, a Windows server running the Routing and Remote Access Service must be configured as a DHCP Relay Agent, as illustrated in Figure 2.

Figure 2. DHCP broadcast packet routing.


In most real-world implementations of DHCP, the routers between network segments are configured to forward client DHCP broadcast packets directly to the DHCP server. Therefore, in large organizations, it is important to include the network architecture team in any discussions on DHCP design.

Examining DHCP and Dynamic DNS

Using the DNS service in Windows Server 2008 R2, clients can automatically register themselves in the DNS database through a mechanism called Dynamic DNS (DDNS).

DHCP in Windows Server 2008 R2 integrates directly with DDNS to provide for automatic registration of clients into DNS. By default, all Windows 2000 or higher clients will perform this function by themselves, but DHCP servers can perform Dynamic DNS registration for DHCP clients that are not able to register themselves. Also, DHCP servers can be configured to always register the Dynamic DNS entry on behalf of the client. In many cases, this is ideal because the DHCP service will own the record and can remove it from the DNS zone when the lease expires. These settings can be configured at the DHCP server level and within each DHCP scope properties, through the DHCP administrative console. A DHCP scope is a set of included and excluded IP addresses and networking options that define the configuration that DHCP clients will be sent. How to plan and configure DHCP scopes is detailed in the next section.

Installing DHCP and Creating New Scopes

DHCP installation historically has been two parts: Install the service and then later configure the service. In Windows Server 2008 R2, DHCP Server role installation has been streamlined through the use of the Add Roles Wizard. This wizard installs the DHCP Server service and automatically invokes the New Scope Wizard, which can be used to establish and configure DHCP scopes. To install and configure a Windows Server 2008 R2 system as a DHCP server, follow these steps:

Click Start, click All Programs, click Administrative Tools, and select Server Manager. If prompted for User Account Control verification, click Continue to confirm the action.

In Server Manager, click the Roles node in the left pane to display the Roles Summary information in the right pane. Then click the Add Roles link in the right pane to initiate the Add Roles Wizard.

After reading the Before You Begin information, click Next to continue.

On the Select Server Roles page, select the check box next to DHCP Server, and then click Next to continue.

On the Introduction to DHCP Server page, helpful information is displayed to learn more about the DHCP server. Click on any of the informative links as desired and after reading the information, click Next to continue the installation.

On the Select Network Connection Bindings page, check the box next to the desired network connections that will host the DHCP Server service, as illustrated in Figure 3, and click Next to continue.

Figure 3. Verifying Binding options for the DHCP install.

At this point, the Add Roles Wizard displays the Specify IPv4 DNS Server Settings page. Enter the name of the parent domain that clients will use for name resolution. Enter the name of the preferred DNS server IPv4 IP address and the alternate DNS server IPv4 IP address. Click the Validate button to check the IP addresses of the preferred and alternate DNS servers. Once the DNS server IP addresses are validated, click Next to continue.

On the Specify IPv4 WINS Server Settings page, click the option button to indicate whether WINS is required on the network. If required, specify the IP addresses for the primary and, if needed, alternate server. Click Next to continue.

On the Add or Edit DHCP Scopes page, click Add and then type a descriptive name for the scope such as Headquarters Network DHCP Scope. Type in the starting IP address and ending IP address. Select whether the subnet is a wired or wireless network, which will set the DHCP address lease duration to either eight days or eight hours. In addition, type in a subnet mask for the subnet in question, and a default gateway if the DHCP client needs to communicate with separate networks, as illustrated in Figure 4. Also if the DHCP server will be used immediately, check the Activate this Scope check box and click OK to complete the creation of the scope. If no additional scopes will be created, click Next to continue.

Figure 4. Defining the address in the Add or Edit DHCP Scopes page of the Add Roles Wizard.

If DHCPv6 is required, select Enable DHCPv6 Stateless Mode for This Server to configure the server for DHCPv6 stateless operation; otherwise, select Disable DHCPv6 Stateless Mode for This Server. If Disable is selected, DHCPv6 can manually be configured later from the DHCP server MMC snap-in. Click Next to continue.

If you enabled DHCPv6 Stateless mode in the preceding step, you must configure the IPV6 DNS Server settings. On the Specify IPv6 DNS Server Settings page, enter the parent domain and the necessary IPv6 addresses into the Preferred DNS and Alternate DNS server information fields and click Next when finished.

On the Authorize DHCP Server page, select whether to use the current or alternate credentials used to authorize the DHCP server in the domain. DHCP servers must be authorized by Active Directory before they can be used to manage and distribute IP addresses. If the account used to install the DHCP Server service has the necessary group membership, select the Use Current Credentials option button and click Next to continue. If you are not sure, click the Skip Authorization of this DHCP Server in AD DS option and click Next to continue. Ask the Active Directory domain administrator to authorize the DHCP server later.

On the Confirm Installation Selections page, review the information for accuracy and click Install to continue the DHCP server installation and configuration process.

The Add Roles Wizard then indicates that the server has successfully become a DHCP server, as indicated in Figure 5. Click Close to close the wizard.

Figure 5. Completion of the Add Roles Wizard for the DHCP server.

Administrators will now be able to see the newly created DHCP server reflected in Server Manager. It will be located beneath the Roles node in the Server Manager tree in the left pane. The Roles Summary section will also reflect the newly created DHCP server in the right pane.

PS4 game trailer XBox One game trailer
WiiU game trailer 3ds game trailer
Top 10 Video Game
-   Minecraft Mods - MAD PACK #10 'NETHER DOOM!' with Vikkstar & Pete (Minecraft Mod - Mad Pack 2)
-   Minecraft Mods - MAD PACK #9 'KING SLIME!' with Vikkstar & Pete (Minecraft Mod - Mad Pack 2)
-   Minecraft Mods - MAD PACK #2 'LAVA LOBBERS!' with Vikkstar & Pete (Minecraft Mod - Mad Pack 2)
-   Minecraft Mods - MAD PACK #3 'OBSIDIAN LONGSWORD!' with Vikkstar & Pete (Minecraft Mod - Mad Pack 2)
-   Total War: Warhammer [PC] Demigryph Trailer
-   Minecraft | MINIONS MOVIE MOD! (Despicable Me, Minions Movie)
-   Minecraft | Crazy Craft 3.0 - Ep 3! "TITANS ATTACK"
-   Minecraft | Crazy Craft 3.0 - Ep 2! "THIEVING FROM THE CRAZIES"
-   Minecraft | MORPH HIDE AND SEEK - Minions Despicable Me Mod
-   Minecraft | Dream Craft - Star Wars Modded Survival Ep 92 "IS JOE DEAD?!"
-   Minecraft | Dream Craft - Star Wars Modded Survival Ep 93 "JEDI STRIKE BACK"
-   Minecraft | Dream Craft - Star Wars Modded Survival Ep 94 "TATOOINE PLANET DESTRUCTION"
-   Minecraft | Dream Craft - Star Wars Modded Survival Ep 95 "TATOOINE CAPTIVES"
-   Hitman [PS4/XOne/PC] Alpha Gameplay Trailer
-   Satellite Reign [PC] Release Date Trailer