Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 3: DHCP As a Solution for IP Configuration.

Published byColeen Flynn Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 3: DHCP As a Solution for IP Configuration."— Presentation transcript:

1 Module 3: DHCP As a Solution for IP Configuration

2 The increasing complexity of network infrastructures demonstrates the need for an automated and centrally managed Internet Protocol (IP) configuration scheme. The DHCP service in Microsoft® Windows® 2000 provides an automated IP addressing service and centralized management of Transmission Control Protocol/Internet Protocol (TCP/IP) configuration parameters.

3 At the end of this module, you will be able to: Recognize DHCP as a solution for the IP configuration needs of an organization. Evaluate and create a DHCP solution for nonrouted networks, routed networks, and various client types. Select the appropriate strategies to secure a DHCP solution. Select the appropriate strategies to improve the availability of a DHCP design. Select the appropriate strategies to improve the performance of a DHCP design.

4 Overview Introducing DHCP Designing a Functional DHCP Solution Securing a DHCP Solution Enhancing a DHCP Design for Availability Enhancing a DHCP Design for Performance

5 As an IP configuration scheme increases in size and in the number of configuration options used, it becomes increasingly difficult to manage the manual configuration of network hosts. The DHCP service in Windows 2000 provides automation for host IP configuration by supporting multiple subnets with unique configuration options and IP address ranges. The Dynamic Host Configuration Protocol (DHCP) is a message- driven protocol that allows hosts on the network to acquire an IP address and TCP/IP client option information from a DHCP server. There are two components to DHCP in Windows 2000, a DHCP Server service and a DHCP Client. Note: DHCP Server and DHCP Client, with capital S and capital C, respectively, are used throughout the module to indicate a server or client running the DHCP Server service in Windows 2000 or a Microsoft Windows-based DHCP Client.

6 When designing a DHCP solution, the network designer must: Define the requirements for a DHCP solution for the network. Identify the features provided by DHCP and how these features support the design requirements for the DHCP solution. Identify the benefits of integration between DHCP and other Windows 2000 services.

7  Introducing DHCP Design Decisions DHCP Features Integration Benefits

8 Design Decisions Number of Hosts? Number of Subnets? Network Configuration? Segment 1Segment 2 Router

9 To develop a DHCP solution, you must determine the host population, the number of subnets, and the configuration of the network. This information establishes the subnets you must define and the DHCP Client options that must be supplied by the DHCP service to allow successful DHCP Client operation on the IP network. In an IP network that uses DHCP, you must allocate each DHCP Client an IP address and configuration information to enable IP communication. The DHCP Server maintains a database that includes available and allocated IP addresses for defined subnets and the client TCP/IP options.

10 DHCP Features RFC Compliance Scopes Superscopes TCP/IP Options DNS Integration Active Directory Integration Microsoft’s Vendor-Specific Options Microsoft Support for Multicast IP Address Allocation

11 To design an effective DHCP service infrastructure, you must understand the features of the DHCP service and how these features solve the IP configuration requirements of an organization.

12 RFC Compliance The DHCP service in Windows 2000 complies with RFCs 951, 2131, and 2132. The three primary management features that DHCP supports are: Scopes. A range of IP address that are offered on any particular subnet. Superscopes. A collection of scopes being offered for the same physical subnet. Superscopes allow easy extension of the IP address range being offered to a subnet, particularly if the range offered is noncontiguous. TCP/IP options. The additional configuration information that can be passed to the DHCP Client. Note: For each DHCP Server, the TCP/IP options can be defined by using default (global) server options; or for each scope by using scope options, class options, and reserved options.

13 DNS Integration DHCP and DNS integration allows earlier versions of Windows-based clients, and non-Microsoft DHCP clients, to have their records automatically updated in the DNS database by the DHCP Server.

14 Active Directory Integration The integration of the DHCP service with the Active Directory™ directory service allows DHCP Servers to be authorized within Active Directory. Windows 2000-based DHCP Servers do not start unless authorized.

15 Microsoft's Vendor-Specific Options In addition to RFC 2131-compliant DHCP options, Microsoft supports several vendor-specific options. Defined in RFC 2132, these vendor options in the DHCP service in Windows 2000 include: Disable NetBIOS over TCP/IP (NetBT). Used to enable or disable NetBT on Windows 2000 DHCP Clients. Earlier Windows clients require NetBT; therefore, they do not support this option. Release DHCP lease on shutdown. Used to control whether DHCP Server-enabled computers send a release for their current DHCP lease to the DHCP Server when the computer shuts down. Default Router Metric base. If set, the DHCP client uses the value configured here as the base metric for its default gateways. Note: For more information on MADCAP and support for multicast groups, see RFC 2730, Multicast Address Dynamic Client Allocation Protocol (MADCAP).

16 Microsoft Support for Multicast IP Address Allocation The DHCP service in Windows 2000 supports the Multicast Address Dynamic Client Allocation Protocol (MADCAP), in addition to DHCP. These protocols are supported independently by the DHCP service. MADCAP is used to enable multicast clients to join multicast groups. The DHCP service in Windows 2000 supports multicast scopes independently of the DHCP scopes.

17 Valid addresses for a multicast scope are in the following ranges: 239.255.0.0 to 239.255.255.255 239.254.0.0 to 239.254.255.255 239.253.0.0 to 239.253.255.255 Note: For more information on MADCAP and support for multicast groups, see the IETF draft: "Multicast Address Dynamic Client Allocation Protocol (MADCAP)", dated May 24, 1999, or the latest revision, which is available at ftp://www.ietf.org/internet-drafts/draft-ietf-malloc- madcap-07.txt ftp://www.ietf.org/internet-drafts/draft-ietf-malloc- madcap-07.txt

18 Integration Benefits DNS Server IP Address Server Authorization Name Registration DHCP Server Active Directory Routing and Remote Access Server Routing and Remote Access DNS Active Directory

19 To extend service capabilities and reduce network management, the DHCP service integrates with other Windows 2000 networking services.

20 Routing and Remote Access Integration The integration of Routing and Remote Access and DHCP allows a remote access server to obtain IP address leases from DHCP. These address leases are then assigned to remote access clients connecting to the server. Upon initialization, the remote access server contacts the DHCP Server and requests IP addresses-one used internally and ten for issue to clients. As the number of simultaneous access clients increases, remote the server requests additional IP addresses from the DHCP Server in blocks of ten. If the remote access server is configured to use the DHCP Relay Agent, all DHCP configuration information is provided to the remote access clients. If the DHCP Relay Agent is not configured on the remote access server, the remote access clients receive only the IP address and subnet mask provided by the DHCP Server.

21 DNS Integration For clients with dynamically allocated IP addresses, you cannot manually update the client name information in DNS. The integration of DHCP with DNS allows you to configure the DHCP Server to update the client records in DNS when an IP address is leased. DHCP and DNS integration allows non-Active Directory, previous versions of Windows-based clients, and non- Microsoft DHCP clients, to have their records automatically updated in the DNS database by the DHCP Server. Windows 2000-based DHCP Clients automatically update their own records in DNS, but you must enable the DHCP Server to update the DNS database for other clients, if required.

22 Active Directory Integration Non-authorized DHCP servers have the potential to disrupt network operation by issuing incorrect IP addresses or option information to clients. The integration of the DHCP service with Active Directory allows DHCP Servers to be authorized within Active Directory. Non-authorized Windows 2000-based DHCP Servers will not start, which eliminates the potential for disruption of IP address leases on a network. Note: The authorization of DHCP servers in Active Directory functions only with Windows 2000-based DHCP Servers. At least one DHCP Server must be installed on an Active Directory domain controller, or server, to allow authorization to work.

23  Designing a Functional DHCP Solution Designing a DHCP Service for a LAN Designing a DHCP Service for a Routed Network Providing DHCP Service to Non-Microsoft Hosts Discussion: Evaluating DHCP Functional Requirements

24 You can design an IP configuration service by using DHCP to support various types of hosts in simple, routed, and dial-up networks. You can design the DHCP service to integrate with other Windows 2000 services, such as DNS, to simplify the name registration of hosts that have dynamically allocated IP addresses.

25 In this lesson you will learn about the following topics: Designing a DHCP service for a LAN Designing a DHCP service for a routed network Providing DHCP service to non-Microsoft Hosts

26 Designing a DHCP Service for a LAN SuperScope 1 DHCP 1 Scope A Active Scope B Active SuperScope 2 DHCP 2 Scope X Active Scope Y Active Configuration for 2 DHCP Servers Reserved Class Scope Global TCP/IP Options “Portable” Reserved Class Scope Global “Desktop” Server Placement LAN TCP/IP Options

27 Designing a DHCP Service for a LAN A single DHCP Server can potentially support the DHCP service for several thousand DHCP clients in a nonrouted local area network (LAN). Many small to medium-sized LANs are built by using ISO layer 2 switches, thereby allowing large client counts on a single logical subnet. Caution: A DHCP service for switched environments with multiple broadcast domains may require DHCP Relay Agents even though the network is not routed.

28 Placement of DHCP Servers With a single DHCP Server, DHCP Client requests are allocated from a single scope. This single scope defines all addresses and TCP/IP options offered for the LAN. With multiple DHCP Servers, it is unknown which server will answer a DHCP Client broadcast first. In this case, share the IP address range equally between the DHCP scopes. For each server, define a superscope that includes all scopes for the subnet. Scopes are enabled only in the server issuing IP addresses from that scope.

29 Selecting TCP/IP Options for a LAN In a nonrouted LAN configuration where the computer population is stable or invariant, the following options reduce and control the DHCP traffic: Set DHCP leases to extended times. Tip: If your network is subject to frequent reconfiguration, you may need to reduce the lease time. DHCP Clients renew their lease at startup and 50 percent of lease time, so this is the shortest time to update TCP/IP options. Use DHCP classes to customize DHCP scope options, and use names such as "Portable" and "Desktop" to describe the collections of options used for a particular scope.

30 Designing a DHCP Service for a Routed Network DHCP Client DHCP Client With BOOTP Forwarding No BOOTP Forwarding DHCP Relay Agent DHCP Server Non-DHCP Client Subnet 1 Subnet 2 Subnet 3 DHCP Clients DHCP Relay Agent DHCP Server Placement Router

31 In a routed network, the broadcast domains are restricted. As such, any DHCP solution must allow the broadcast traffic from the DHCP Clients on the subnets to reach a DHCP Server. Windows 2000 provides a DHCP Relay Agent to forward client requests to a DHCP Server. You can place the DHCP Relay Agent in a subnet anywhere in the routed network. DHCP Clients and Servers initially establish DHCP leases by using media access control and IP broadcast packets. However, in most networking environments, broadcast packets do not propagate through routers, thus limiting the effective range of a DHCP Server to the subnet to which it is connected. To provide IP configuration to clients on multiple subnets, you must install a relay agent for DHCP or configure IP routers to support DHCP/Bootstrap Protocol (BOOTP) forwarding.

32 DHCP Relay Agent The RFC 1542-compliant DHCP Relay Agent provided with Windows 2000 acts as an intermediary between DHCP Clients and DHCP Servers located across routers. The DHCP Client communicates with the relay agent by using the dynamic host configuration protocol. The DHCP Relay Agent uses unicast packets to communicate with a DHCP Server. The DHCP Relay Agent is transparent to a DHCP Client. Caution: The DHCP service and DHCP Relay Agent use the same User Datagram Protocol (UDP) ports. Neither service works reliably if you install them both on the same computer.

33 For a routed network, use DHCP Relay Agents on each subnet if: There is no DHCP Server with an interface on the subnet. There are computers available to use as DHCP Relay Agents. There are no routers that support DHCP/BOOTP forwarding. Note: You can design a solution that does not require DHCP Relay Agents by turning on BOOTP/DHCP forwarding on the network routers.

34 Designing a DHCP Service for a Routed Network You can configure the DHCP Relay Agent to delay forwarding requests to a DHCP Server so that local DHCP Servers can respond to the request. You can also configure the DHCP Relay Agent to forward requests to multiple DHCP Servers. To prevent multiple requests from flooding the DHCP Servers, configure the forwarding delay if using multiple DHCP Relay Agents, or if including relay agents on a subnet with a DHCP Server.

35 DHCP Server Placement DHCP Servers need to be placed in a way that provides the best client performance and service availability. The decision to use single or multiple server solutions depends on the routing configuration, the network configuration, and the server hardware architecture.

36 Single Server DHCP Solution You must place a single server on the subnet with the largest client population. All other subnets will use either DHCP Relay Agents, or have BOOTP/DHCP forwarding activated on the routers. A mutilhomed DHCP Server will reduce or eliminate the requirement for DHCP Relay Agents or BOOTP/DHCP forwarding. The following table lists the considerations and requirements for a single server solution.

37 When considering A single server solution requires Routing configurationRelay agents or routers forwarding subnet broadcasts to support a routed network. Network configurationHigh-speed, persistent connections. Server hardware architecture A single server if the hardware can support the client count. A single server can support many thousands of clients, but hardware architecture limitations can limit the client count.

38 Multiple Server DHCP Solutions Include multiple DHCP Servers if the number of clients exceeds the capabilities of a single server, if you anticipate increases in DHCP Server-based traffic across subnets, or if your DHCP solution includes wide area network (WAN) links or nonpersistent connections between locations. Use multiple servers if your solution must accommodate expansion and increased availability. The following table lists the configurations required to provide a multiple server solution.

39 When considering A multiple server solution Routing configurationRequires relay agents or routers forwarding broadcasts to provide total coverage, as determined by the number of servers and subnets. Network configurationPermits a DHCP Server at each location. This allows you to service DHCP Clients locally if you have slower WAN links, dial-up links, or a geographically dispersed network. Server hardware architecture Allows you to scale the design to support any number of clients and subnets.

40 Providing DHCP Service to Non-Microsoft Hosts Non-Microsoft DHCP Clients BOOTP Clients Non-DHCP Clients Non-DHCP Client DHCP Server Non-Microsoft DHCP Client Diskless Workstation BOOTP Client DHCP Database IP Address1 IP Address2 IP Address3 IP Address1 IP Address2 IP Address1 IP Address2

41 A heterogeneous network may include non-Windows- based hosts that require dynamically allocated IP address and option information. DHCP supports both non-Microsoft DHCP clients and BOOTP clients. When IP addresses are issued, DHCP Clients retain the address for a lease period. BOOTP clients, as used in many diskless workstations, do not support IP address leases. Note: The DHCP service in Windows 2000 supports any clients that are compliant with RFCs 951, 2131, and 2132.

42 Non-Microsoft DHCP Clients Always test the support required by non-Microsoft clients to ensure that the clients are compatible with the DHCP service in Windows 2000. These clients may require support for non-mandatory features or for vendor-specific options. In addition, these clients may not support Microsoft-specific vendor extensions that are implemented on the DHCP Server. For example, non- Microsoft DHCP clients may not recognize the base cost provided for the default gateways ( Default Router Metric base ) TCP/IP option.

43 BOOTP Clients The BOOTP client requests an address each time it starts because it does not recognize an IP lease. BOOTP client support in previous implementations of DHCP required an explicit client reservation to be made for each BOOTP client. This IP allocation was marked as an infinite lease or reserved IP address in the DHCP Server scope. You could not reclaim these addresses, which created IP address management problems. The DHCP service in Windows 2000 supports RFC 951-compliant BOOTP clients and can be configured to reclaim the IP addresses when you remove clients from the network or turn them off. BOOTP clients are assigned dynamic IP addresses from a pool of addresses designated specifically for BOOTP clients. The DHCP Server reclaims these addresses after the lease time has elapsed and it has verified that the address is not still in use by the BOOTP client.

44 Non-DHCP Clients You configure IP addresses for non-DHCP clients manually. You can document these addresses in the DHCP scope by manually entering them as reserved addresses. DHCP does not issue or reclaim these reserved addresses.

45 Discussion: Evaluating DHCP Functional Requirements Subnet A1 Proxy Server Subnet A2 Subnet B1 Router A1Router A2 Router A3 Link to Internet Subnet A3 Firewall

46 To provide a functional DHCP-based solution for IP configuration, you must decide how many servers are required, whether or not relay agents are needed, and the necessary number of scopes and superscopes. The following scenario describes an organization's current network configuration. Instructions: Read the scenario and answer the questions that follow.

47 Scenario An organization has decided to restructure an existing network to include DHCP services. You are assigned the task of evaluating how DHCP can provide an automated solution for host IP configuration. The current network configuration provides: Intranet access to all shared folders and Web-based applications at all locations. Access to the Internet from all locations. Support for the existing infrastructure by using the manual allocation of host IP addresses. DHCP/ BOOTP forwarding enabled on all routers. Support for a mission-critical Web-based application that requires 24-hours-a-day, 7-days-a-week operation. Isolation of the organization's network from the Internet by using a firewall and proxy server.

48  Securing a DHCP Solution Securing the DHCP Service Preventing Unauthorized DHCP Servers Using DHCP in Screened Subnets

49 To prevent disruptions in DHCP service, it is essential to ensure that only authorized servers are started, and that only authorized personnel can alter server configurations. To secure the administration and authorization of the DHCP Servers, and to limit access to the service by unauthorized hosts, you can: Secure the DHCP service. Prevent unauthorized servers on your network. Include a DHCP Server in a screened subnet.

50 Securing the DHCP Service DHCPServer Object Authorized List Active Directory Servers Running Windows 2000 DHCP Server ADSI Authorized List Authorize DHCP Servers in Active Directory Using Windows 2000 Groups to Secure Management

51 The security of the DHCP service in Windows 2000 is achieved through the integration of the DHCP service with Active Directory. The DHCP service is secured by: Authorizing DHCP Servers in Active Directory. Using Windows 2000 groups to control access to DHCP Server configuration.

52 Authorizing DHCP Servers in Active Directory Implementing DHCP Server authorization mandates the use of all Windows 2000- based DHCP Servers. At least one Active Directory- enabled DHCP Server must exist to allow access to the server authorization list, which is stored within Active Directory in the DHCP Server object. For example, if a network is using non-Windows 2000-based DHCP servers, these servers do not request the authorized list of servers, and they start whether authorized or not.

53 Using Windows 2000 Groups to Secure Management DHCP in Windows 2000 supports a secure management strategy. Only accounts with membership in special Windows 2000 groups can reconfigure or view a DHCP Server configuration. DHCP Administrators is a Domain Local Group with permissions to administer the DHCP Server; DHCP Users is a special local group that permits read-only access. Membership in these groups provides administrative or read-only access to DHCP configuration information. Although this group membership allows an authorized user to view information and properties on a specific DHCP Server, it can prevent unauthorized changes to the DHCP configuration.

54 Preventing Unauthorized DHCP Servers Active Directory Not in authorized list (Shut down) In authorized list (Start up) Unauthorized Windows 2000 DHCP Server DHCPINFORM Authorized Windows 2000 DHCP Server DHCP Service Using DHCP Servers in Windows 2000 Authorizing DHCP Servers in Active Directory DHCPServer Object Authorized List

55 Network functionality may be lost if an unauthorized DHCP Server is introduced into the network, because clients may be issued incorrect IP addresses and configuration information. The implementation of the DHCP service in Windows 2000 supports server authorization, and the service shuts down if not authorized.

56 The DHCP service requests access to the authorized server list: When the service is starting. Every five minutes when the service is running. When designing a DHCP service that supports server authorization, you must: Use only DHCP Servers in Windows 2000 Authorize DHCP Servers in Active Directory

57 Using DHCP Servers in Windows 2000 The DHCP service in Windows 2000 can access Active Directory by using Active Directory Service Interfaces (ADSI), which enables Active Directory to support DHCP Server authorization. Other implementations of DHCP might not support this feature. Note: For more information on DHCP Server authorization, see RFC 2131.

58 Authorizing DHCP Servers in Active Directory DHCP Servers in Windows 2000 must be included in the DHCP Server object authorized server list in Active Directory to allow the server to start. When a DHCP Server is starting, or, periodically while it is running, the server queries Active Directory for a list of authorized DHCP Servers. The server's IP address is compared with the list of authorized servers. If a match is not found, the server either does not start or is automatically shut down.

59 If your solution includes multiple DHCP Servers, and you plan to use server authorization, the first DHCP Server must be installed on a Windows 2000 domain controller or member server. DHCP Servers in Windows 2000 communicate by using broadcast-based DHCPINFORM messages. These messages include the information required to access the authorized server list in Active Directory, and as long as one DHCP Server can access the Active Directory DHCP Server object, the authorized list is available. Important: Your design requires DHCP Relay Agents to allow the DHCPINFORM messages between DHCP Servers on separate subnets, if the servers are not installed on domain controllers or member servers.

60 Using DHCP in Screened Subnets Shared Resource Server Screened Subnet Private Network Internal Firewall External Firewall DHCP Server Web and Shared Resource Server DHCP Server Internet

61 Making DHCP-allocated addresses available in a screened subnet or outside of a single firewall poses security risks. If a valid IP address is allocated to an unauthorized client, access to your network resources without authorization might occur.

62 If a DHCP Server is installed in a screened subnet or outside of your firewall, you can minimize the security risks by: Manually reserving IP addresses in the scope. This allows the IP address to be mapped directly to the media access control address of the client, thereby decreasing the likelihood of an unauthorized host being allocated the address. Setting extended lease times. This decreases the likelihood of an unauthorized host capturing the IP address by reducing the number of lease requests made. Minimizing the address range available. This allows only enough addresses in the scope to meet the needs for the screened subnet.

63  Enhancing a DHCP Design for Availability Using Distributed Scopes Using Windows Clustering Discussion: Evaluating DHCP Availability Requirements Cluster-based DHCP Server DHCP Server Cluster IP Address Cluster Single Computer DHCP Server Single Computer DHCP Server Distributed Scopes

64 Enhancing DHCP Availability with Windows Clustering Using a Windows Clustering solution increases the availability of an individual DHCP Server. The DHCP Server is a cluster-aware service that you can install on a cluster to provide immediate recovery in the event of hardware or service failure. Windows Clustering provides a higher level of availability for individual servers; however, you must consider that this solution generally requires more computing resources than multiple DHCP Servers with distributed scopes.

65 By configuring DHCP with Windows Clustering, you can: Provide automatic failover and restart in the event of a failure. Restore failed servers sooner, because a single DHCP database is used. Eliminate the need for distributed scopes, which reduces management overhead. Note: Windows Clustering provides a solution that is appropriate for solving availability issues associated with a single DHCP Server. Windows 2000-based servers that belong to the same cluster require persistent, high-speed connections between all servers in the cluster.

66 Enhancing DHCP Availability with Distributed Scopes DHCP Server Scope for 172.81.X.X/20 defined in both DHCP Servers Active Addresses Reserved Addresses

67 To increase DHCP service availability for a subnet, you can use multiple DHCP Servers to provide IP addresses to the subnet. Using distributed scopes to share the available address range for a subnet that is between multiple servers enhances DHCP service availability. Multiple servers with distributed scopes provide DHCP Server redundancy and share the DHCP Client load. You must distribute the address range between the servers based on their network location. If multiple DHCP Servers provide service to a network segment, or if all subnets use DHCP Relay Agents, you can allocate equal portions of the address range for the subnet to each server.

68 For example, if you have two DHCP Servers, one on the subnet and the other using a DHCP Relay Agent, allocate between 50 and 80 percent of the IP address range to the DHCP Server on the subnet, and the remaining addresses to the other server. Because one DHCP Server resides directly on the network segment, allocating the majority of addresses to that server reduces DHCP traffic across the subnets. If either server fails, the remaining server continues to respond to DHCP requests.

69 Enhancing DHCP Availability with Windows Clustering Single Logical DHCP Server DHCP Server Cluster IP Address Cluster Multiple Physical Computers

70 Enhancing DHCP Availability with Windows Clustering Using a Windows Clustering solution increases the availability of an individual DHCP Server. The DHCP Server is a cluster-aware service that you can install on a cluster to provide immediate recovery in the event of hardware or service failure. Windows Clustering provides a higher level of availability for individual servers; however, you must consider that this solution generally requires more computing resources than multiple DHCP Servers with distributed scopes.

71 By configuring DHCP with Windows Clustering, you can: Provide automatic failover and restart in the event of a failure. Restore failed servers sooner, because a single DHCP database is used. Eliminate the need for distributed scopes, which reduces management overhead. Note: Windows Clustering provides a solution that is appropriate for solving availability issues associated with a single DHCP Server. Windows 2000-based servers that belong to the same cluster require persistent, high-speed connections between all servers in the cluster.

72 Discussion: Evaluating DHCP Availability Requirements Subnet A1 Proxy Server Subnet A2 Subnet B1 Router A1Router A2 Router A3 Link to Internet Subnet A3 Proxy Server DHCP Server with 4 scopes

73 To enhance the availability of a DHCP solution, you must decide how many servers are required, whether to use relay agents, and how many scopes and superscopes you need. The following scenario describes an organization's current network configuration. Instructions: Read the scenario and answer the questions that follow.

74 Scenario An organization has decided to restructure an existing DHCP-based network. You are assigned the task of evaluating how to enhance the availability of the DHCP service. The current network configuration provides: Intranet access to all shared folders and Web-based applications at all locations. Access to the Internet from all locations. Support for the existing infrastructure as shown in the preceding diagram. DHCP/BOOTP forwarding enabled on all routers. Support for a mission-critical Web-based application that requires 24-hours-a-day, 7-days-a-week operation. Isolation of the organization's network from the Internet by using a firewall and proxy server.

75  Enhancing a DHCP Design for Performance Enhancing DHCP Performance of a Single Server Enhancing DHCP Performance by Using Multiple Servers Improving DHCP Performance by Modifying Lease Length

76 You can enhance the performance of a DHCP service to provide the fastest possible response to DHCP Client requests. You can address the performance of the DHCP service from the following perspectives: Improving the response of a single DHCP Server. Improving the DHCP service response by using multiple servers with DHCP distributed scopes. Modifying DHCP lease lengths.

77 Enhancing DHCP Performance of a Single Server The DHCP Server response time to requests from DHCP Clients is the indicator of server performance. Optimizing the performance of the DHCP Server minimizes the response time for client requests for addresses. DHCP in Windows 2000 enhances performance by supporting: Multiple CPUs that the multithreaded DHCP service can use. An optimized database to provide the best query response times.

78 Multihomed DHCP Server A multihomed DHCP Server can provide high performance IP configuration for multiple network subnets without introducing any additional traffic overhead. A multihomed DHCP Server is configured with multiple network adapters. Each network interface is connected to a different network segment. Note: All interfaces in a Windows 2000-based DHCP Server that are enabled for the DHCP service must use fixed IP addresses.

79 Enhancing DHCP Performance of a Single Server DHCP Server DHCP Client CPUs Memory Disk Network Cards Multihomed DHCP Server Improving DHCP Server Response Times

80 You can improve the performance of a DHCP Server by: Adding multiple CPUs. Providing ample memory to support the DHCP service. Providing high performance disks. Using a high bandwidth network card or multiple network cards.

81 Enhancing DHCP Performance By Using Multiple Servers DHCP Clients Sydney New York DHCP Servers with WAN Connection Multihomed DHCP Server DHCP Clients Distributed Scopes Router

82 If a single DHCP Server does not achieve the DHCP design requirements for performance, additional DHCP Servers are required. When enhancing a DHCP design by adding additional servers, use: Distributed scopes to share the address range between servers. DHCP Servers on subnets with the highest DHCP Client populations. DHCP Servers on both sides of WAN links. Multihomed DHCP Servers to reduce DHCP traffic across subnets.

83 Improving DHCP Performance by Modifying Lease Length As Lease Length Network Traffic IP Addresses Release Later Sooner

84 If you have clients that leave the network for extended periods of time without releasing their IP address, these addresses are unavailable for allocation to other DHCP Clients. The addresses cannot be reused until the lease expires, or the allocation is manually deleted from the DHCP Server database. Modifying the DHCP lease length adjusts the frequency with which a DHCP Client contacts a DHCP Server for lease renewal. Modifying the lease adjusts the time before DHCP automatically makes the IP address available to other DHCP Clients if the original lease is not renewed. For example, decreasing the lease length shortens the elapsed time, but increases network traffic and the load on the DHCP Server.

85 The following table summarizes the effect of DHCP lease length on network traffic and IP address release. As lease length Network traffic IP addresses release IncreasesDecreasesLater DecreasesIncreasesSooner Note: To immediately reclaim DHCP resources, you can configure Windows 2000 DHCP Clients to automatically release their IP address on shutdown. If you do not enable this feature, and DHCP Clients are to be permanently removed from the network, plan procedures to manually release the IP address.

86 Lab A: Designing a DHCP Solution

87 Objectives After completing this lab, you will be able to: Evaluate an existing DHCP-based network infrastructure. Design a DHCP solution for the given scenario.

88 Prerequisites Before working on this lab, you must have: Knowledge of DHCP features and functionality. Knowledge of DHCP strategies for enhancing security, availability, and performance.

89 Exercise 1: Designing a DHCP Solution In this exercise, you are presented with the task of creating a DHCP solution for an organization that wants to restructure its existing network. You will design a DHCP solution that will support the organization's IP configuration requirements. You will record your solution on a Design Worksheet. Review the scenario, diagrams, and design limitations and requirements. Follow the Design Worksheet instructions to complete the Design Worksheet.

90 Scenario An organization has decided to restructure an existing DHCP-based network. As a consultant, you have been retained to redesign the network infrastructure. The current network configuration provides: Intranet access to all shared folders and Web-based applications at all locations. Access to the Internet from all locations. Three locations: LocationA, LocationB, and LocationC. Links exist between LocationA and LocationB, LocationA and LocationC, and LocationA and the Internet. Support for a remote access server at LocationA, which provides VPN access for the Internet. No support on routers for DHCP and BOOTP forwarding. A mission-critical Web-based application available on a 24-hours-a-day, 7- days-a-week scale. No provisions exist for ensuring high availability. Isolation of the organization's network from the Internet with a proxy server and a firewall, both situated at LocationA.

91 Design Limitations and Requirements Your assessment of the existing network configuration, and your investigation of the future configuration requirements, reveal the design requirements that you must meet in your DHCP solution. The requirements include:

92  Existing configuration information In the existing network: BOOTP/DHCP forwarding is not turned on for any routers. All DHCP clients are equally distributed on segments in each location. No DHCP clients exist on Segment A2A at LocationA. Company policy mandates that client computers are turned off when not in use, but servers and other network-related devices are left on. Each location houses the servers, routers, and cable plant in an equipment room; any required DHCP Servers are installed there. Windows 2000-based computers exist on each segment that can support the DHCP Relay Agent, if this is required.

93  Future configuration requirements The redesigned network must ensure that: All DHCP clients will be able to obtain addresses, even if a single link between locations fails. All DHCP clients will be able to obtain addresses, even if a single DHCP Server fails. All DHCP clients will be automatically configured for network communication across segments, and to allow NetBIOS name registration. All IP addresses on Segment A2A of LocationA will be manually allocated. No DHCP services are required on this segment. Unless equipment or link failures occur, DHCP requests will result in traffic only on the segment where the request is made. Private addressing will be used and each segment is allocated addresses such that no more than 50 percent of the addresses will be required to support current needs. Single-function rack-mount computers will be used for the DHCP Servers. No other network services will be installed on these computers. The DHCP Servers will provide adequate performance for up to 2,500 clients.

94  Design Worksheet Instructions To complete the Design Worksheet found below, you must: Plan the minimum number of DHCP Servers required to meet the requirements, and designate the segment(s) on which they are positioned. Plan the minimum number of DHCP Relay Agents required to meet the requirements, and designate the segments(s) on which they are positioned. Plan the scopes and, if required, superscopes, for each DHCP Server. Designate the minimum number of TCP/IP options required for each scope. Describe the options for increasing the availability of the DHCP services.

95 Entire Network Configuration 1283 Hosts 129 Hosts LocationC LocationA T1 Link 833 Hosts LocationB T1 Link Fractional T1 Link Internet

96 LocationA Network Configuration Segment A1A Link to LocationC Link to LocationB Segment A3A Segment A2A Link to ISP/Internet Router A1 Router A3 Router A2 WINS Server Proxy Server VPN Server File and Print Servers Segment A3B Segment A1B

97 LocationB Network Configuration Link to LocationA Router B1 Segment B1ASegment B1B CD Server File and Print Server

98 LocationC Network Configuration Link to LocationA Segment C1A Router C1 File and Print Server

99 Review Introducing DHCP Designing a Functional DHCP Solution Securing a DHCP Solution Enhancing a DHCP Design for Availability Enhancing a DHCP Design for Performance

Download ppt "Module 3: DHCP As a Solution for IP Configuration."

Similar presentations

Module 4: Configuring Network Connectivity

Module 4: Configuring Network Connectivity
Configuring and Troubleshooting Network Connections

Configuring and Troubleshooting Network Connections
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Module 5: WINS As a Solution for NetBIOS Name Resolution.

Module 5: WINS As a Solution for NetBIOS Name Resolution.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.

Module 1: Microsoft Windows 2000 Networking Services Infrastructure Overview.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 5: Planning, Configuring, And Troubleshooting DHCP.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 5: Planning, Configuring, And Troubleshooting DHCP.
Chapter 8 Administering TCP/IP.

Chapter 8 Administering TCP/IP.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.

Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
Subnetting.

Subnetting.
Lesson 1: Configuring Network Load Balancing

Lesson 1: Configuring Network Load Balancing
Lesson 11: Deploying and Configuring the DHCP Service

Lesson 11: Deploying and Configuring the DHCP Service
CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.

CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 9 Network Services.
Hands-On Microsoft Windows Server 2003 Networking Chapter 5 Dynamic Host Configuration Protocol.

Hands-On Microsoft Windows Server 2003 Networking Chapter 5 Dynamic Host Configuration Protocol.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
Module 6: NAT As a Solution for Internet Connectivity.

Module 6: NAT As a Solution for Internet Connectivity.
1 Chapter Overview Understanding Windows Name Resolution Using WINS.

1 Chapter Overview Understanding Windows Name Resolution Using WINS.
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.

VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.

1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.

Similar presentations

Ads by Google