Section 3.2: Configuring Automatic IP Addressing
In Windows Server 2003 client computer can obtain automatically obtain an IP address from a DHCP server or through Automatic Private IP Addressing.
3.2.1: DHCP Addressing
An IP address is a logical 32-bit address that identifies a TCP/IP host. Each network adapter card in a computer running TCP/IP must have a unique IP address, which has two parts: a network ID that identifies all hosts on the same physical network, and a host ID that identifies a host on the network. An IP Address of 192.168.1.66 indicates that the network ID is 192.168.1, and that the host ID is 66.
If the network has a server running the Dynamic Host Configuration Protocol (DHCP Service, it can automatically assign TCP/IP configuration information to the client computers if the client computers are configured as DHCP clients. You can then configure any client running Windows Server 2003, Windows 2000, Windows XP Professional, Windows 98, and Windows 95 to obtain TCP/IP configuration information automatically from the DHCP Service.
This can simplify administration and ensure correct configuration information.
3.2.2: Automatic Private IP Addressing
Subnet mask is used to subnets that divide a large network into multiple physical networks connected with routers. A subnet mask blocks out part of the IP address so that TCP/IP can distinguish the network ID from the host ID. When TCP/IP hosts try to communicate, the subnet mask determines whether the destination host is on a local or remote network. To communicate on a network, the computers must have the same subnet mask.
Windows Server 2003 supports a new mechanism for automatic address assignment of IP addresses for simple LAN-based network configurations called Automatic Private IP Addressing (APIPA). This mechanism is an extension of dynamic IP addressing and enables the configuration of IP addresses without using static IP address assignment or installing the DHCP Service.
On a computer running Windows Server 2003 you must configure a network LAN adapter for TCP/IP and click Obtain an IP Address Automatically in the Internet Protocol (TCP/IP) Properties dialog box for the Automatic Private IP Addressing feature to function properly.
The default gateway is a device on a local network that stores network IDs of other networks in the enterprise or Internet. To communicate with a host on another network you must configure an IP address for the default gateway. TCP/IP sends packets for remote networks to the default gateway, which forwards the packets to other gateways until the packet is delivered to a gateway connected to the specified destination.
APIPA can be used to set up IP configuration to allow network communication on a single subnet and is also used when the client computer cannot contact the DHCP server for IP address configuration. APIPA uses an addressing range from 169.254.0.1
through 169.254.255.254 and a subnet mask of 255.255.0.0.
When you use DHCP to automatically configure TCP/IP information, the DHCP server supplies the necessary configuration information to the DHCP clients and ensures that the clients use the correct configuration information. Then, DCHP automatically updates client configuration information to reflect changes in network structure and the relocation of users to other physical networks, without manually reconfiguring client IP addresses.
Every time a DHCP client starts, it requests an IP address from a DHCP server. Once the DHCP server receives the request, it selects an IP address from a predefined range of addresses in its database and offers this address to the DHCP client. If the client accepts the offer, the DHCP server leases the IP address to the client for a specified period of time. The default duration of an IP address lease is eight days. The client then uses the IP address to access the network.
The IP addressing information sent by the DHCP server to the DHCP client includes:
• An IP address;
• A subnet mask; and
• Optional values, such as:
• A default gateway address
• The IP addresses of Domain Name System (DNS) servers
• The IP addresses of Windows Internet Name Service (WINS) servers
• Domain name
3.2.3: The DHCP Lease Process
The DHCP client waits one second for an offer. If it does not receive an offer, it rebroadcasts the request four times at 2, 4, 8, and 16 second intervals. If the client does not receive an offer after four requests, it uses an IP address in the reserved range from 169.254.0.1 through 169.254.255.254. This ensures that clients on a subnet without a DHCP server can communicate with each other. The DHCP client continues in an attempt to find a DHCP server every five minutes. When a DHCP server becomes available, clients receive valid IP addresses, allowing them to communicate with hosts both on and off their subnet.
DHCP uses a four-step process to lease IP addressing information to DCHP clients. This process is also referred to as DORA: Discovery, Offer, Request, and Acknowledgment
• IP Lease Discovery
When a client computer either starts or initializes TCP/IP for the first time, it initializes a limited version of TCP/IP and broadcasts a DHCP discovery (DHCPDISCOVER) message for IP addressing information. At this stage the client does not have an IP address. It therefore uses 0.0.0.0 as its IP address. The client also does not know the IP address of a DHCP server, and therefore uses 255.255.255.255 as the destination address. The DHCPDISCOVER message is broadcast to the entire subnet and contains the hardware address of the client's network adapter, which is known as the media access control (MAC) address; and the client's computer name so that DHCP servers can determine which client sent the DHCPDISCOVER message.
• IP Lease Offer
The second stage in the DHCP lease process is the IP lease offer. All DHCP servers that have an IP address that is valid for the network segment to which the client is connected respond with a DHCP offer (DHCPOFFER) message. This message includes:
• The client's hardware address
• An offered IP address
• A subnet mask
• The length of the lease
• The IP address of the offering DHCP server
Each responding DHCP server reserves the offered IP address so that it does not offer it to another DHCP client before the requesting client accepts the address.
• IP Lease Request
The third stage is the IP Least Request. During this stage the DHCP client responds to the first offer that it receives by broadcasting a DHCP request (DHCPREQUEST) message to accept the offer. The DHCPREQUEST message includes the server identification of the server whose offer it accepted. All other DHCP servers then retract their offers and retain their IP addresses for other IP lease requests.
• IP Lease Acknowledgement
The final stage is IP Lease Acknowledgement during which the DHCP server that issues the accepted offer broadcasts a DHCP acknowledgement (DHCPACK) message to acknowledge the successful lease. This message contains a valid lease for the IP address and other configuration information. When the DHCP client receives the acknowledgment, TCP/IP initializes by using the configuration information that the DHCP server provides. The client also binds the TCP/IP protocol to the network services and network adapter, permitting the client to communicate on the network.
220.127.116.11: Automatic Lease Renewal
You can configure a scope so that the DHCP server always provides the same IP address to a computer that requires a permanent IP address, such as a DNS server. This is called client reservations.
At specific intervals, a DHCP client attempts to renew its lease to ensure that it has up-to-date configuration information. A DHCP client attempts to renew its lease when 50 percent of the lease duration has expired. The DHCP client sends a DHCPREQUEST message to the DHCP server from which it obtained the lease. If the DHCP server is available, it renews the lease and sends the client a DHCPACK message with the new lease duration and any updated configuration parameters. The client updates its configuration when it receives the acknowledgment. If the DHCP server is unavailable, the client continues to use its current configuration parameters and a DHCP client cannot renew its lease at the 50 percent interval, the client continues to use its current configuration parameters. It then broadcasts a DHCPDISCOVER message to update its address lease at regular intervals and accepts a lease that is issued by any DHCP server.
18.104.22.168: Manual Lease Renewal
You can use the iPConfig command with the /renew switch to manually renew an IP lease if you need to update DHCP configuration information immediately if you want DHCP clients to immediately obtain the address of a newly installed router from a DHCP server, renew the lease from the client to change this configuration. Windows 3.51, Windows NT 4.0, Windows 2000, Windows XP and Windows Server 2003 clients can use the iPConfig command with the /release switch to release a lease while Windows 95 and Windows 98 clients must use the winipcfg command. These commands send a DHCPRELEASE message to the DHCP server to release a client lease. After you issue this command, the client can no longer communicate on the network by using TCP/IP.
Note: You must authorize a DHCP server before the server can issue leases to DHCP clients. This prevents unauthorized DHCP servers from offering incorrect IP configurations to clients. However, only DHCP servers running Windows Server 2003 check for authorization. Other DHCP servers can still operate even though they are not authorized. You must be a member of the Enterprise Administrators group to authorize a DHCP server as you need network-wide administrative privileges to authorize a DHCP server.
The DHCP server must be configured and scoped with IP addresses for all subnets it intends to support. If a server receives a request from a subnet other than its pool of addresses, it will not lease an appropriate IP address to the client. A DHCP server can be configured to support multiple logical IP networks within one physical subnet. In order to support multiple IP network ranges on the same Ethernet segment, a scope must be created for each network and then all scopes must be grouped under one superscope. The superscope allows one or more scopes to be applied to the local network. Also, when DHCP relays or BOOTP relays are supported, their corresponding requests will be forwarded through IP layer switches and routers. Because the DHCP server will receive requests from other networks, superscopes must be configured.
To create a superscope, do the following:
• Click on the START button
• Point to PROGRAMS
• Click on ADMINISTARTIVE TOOLS
• The click on DHCP to open the DHCP snap-in
• In the DHCP snap-in, right-click the DHCP server node
• On the pop-up menu, select new superscope to start the New Superscope Wizard
• In the New Superscope Wizard, click next
• Enter a name for the new superscope
• Then click NEXT
• Select the scopes to include in the new superscope from the Available Scopes field
• To select more than one scope, hold down the shift key and click multiple scopes
• Then click NEXT
• Finally, click finish to complete the wizard
3.2.4: DHCP and BOOTP Relay Agents
The BOOTP protocol allows diskless clients to obtain IP addresses and boot image locations to download software for operation. The BOOTP sequence is performed only when the client is rebooted. Windows Server 2003 supports dynamic BOOTP address assignment. To enable this feature, right-click a previously created scope node and select Properties. Select the Advanced tab and then either BOOTP only or Both to enable dynamic IP address assignment for both protocols. A separate lease period available for BOOTP clients is configurable under Lease duration for BOOTP clients.
Both DHCP and BOOTP clients use broadcast addressing to initiate contact with their corresponding server. Routers do not normally permit this broadcast traffic to traverse networks by default, which means that a DHCP/BOOTP server must be allocated for every network in the enterprise, unless routers are configured as DHCP/BOOTP relay agents. Another option is to configure a dual-homed Windows Server with the DHCP relay agent. This server will then forward DHCP and BOOTP requests between the two networks. The DHCP relay agent must also be configured for dial-in/remote access clients.
3.2.5: DHCP Backup and Fault Tolerance
DHCP fault tolerance can be accomplished by configuring two DHCP servers to lease IP addresses on a given network. One server is configured with 20 percent of the address range; the other is configured with the remaining 80 percent. If one of the servers were to fail, the other could renew and issue leases for the network. Another option is to configure a second, standby server the same way that you have configured the active server. The scopes on the secondary server would remain inactive until the primary server failed. Then they could be activated manually to handle client requests.
If the active DHCP server were to crash, many IP addresses would still be leased out to network clients. DHCP server backup is paramount to smooth operation and will help prevent duplicate address leases. You can use the Windows Server 2003 Backup and Restore options or the netsh set databaserestore flag to load a copy of the DHCP database from the default backup directory.