dynamic host configuration protocol setup with demos

1. Dynamic Host
Configuration
Protocol
BY kinish kumar
www.kinishcybersec.blogspot.in
https://www.facebook.com/kinishkumar

2. Objectives
• Outline the benefits of using DHCP
• Describe the DHCP lease and renewal process
• Install and authorize the DHCP service
• Configure DHCP scopes
• Create DHCP reservations for client computers
• Configure DHCP options
• Understand and describe the purpose of a DHCP
relay
• Install and configure a DHCP relay

3. DHCP Overview
• Used to automatically deliver IP addressing
• Reduces the amount of time you spend configuring
computers on your network
• Used by default unless you specify otherwise
• The ipconfig /all command will indicate whether
the configuration came from a DHCP server
computer

4. DHCP Overview (continued)
TCP/IP Properties

5. DHCP Overview (continued)
The ipconfig /all command

6. Leasing an IP Address
• An IP address is leased during the boot process
• The overall process is composed of four broadcast
packets:
– DHCPDISCOVER
– DHCPOFFER
– DHCPREQUEST
– DHCPACK

7. Leasing an IP Address (continued)
• Any DHCP server that receives the DHCPDISCOVER
packet responds with a DHCPOFFER packet
• The DHCP client responds to the DHCPOFFER packet it
receives with a DHCPREQUEST packet
• A DHCPACK packet indicates confirmation that the
client can use the lease
• Once DHCPACK is received, the client can start using
the IP address and options in the lease

8. Leasing an IP Address (continued)
The four packets in the DHCP lease process

9. Renewing an IP Address
• The IP address can either be permanent or timed
• A permanent address is never reused for another
client
• Timed leases expire after a certain amount of time
• Windows clients attempt to renew their lease after
50% of the lease time has expired
• A DHCP server may either honor or reject a renew
request

10. Renewing an IP Address (continued)
The DHCP lease renewable process

11. Installing and Authorizing the DHCP Service
• A DHCP service must be authorized after
installation

12. Installing the DHCP Service
• DHCP is a standard service
• It is included in Windows Server 2003
• It is not installed as part of a default installation

13. Installing the DHCP Service (continued)
Installing DHCP

14. Installing DHCP
• Objective: Install DHCP on Windows Server 2003
• Make sure your network connection is statically
configured
• Install the service using the Add/Remove Windows
Components utility

15. Authorizing the DHCP Service
• Unauthorized DHCP servers can hand out bad
information
• DHCP will not start unless authorized
• If Active Directory is used, authorization takes place
in Active Directory
• DHCP servers are automatically authorized under
certain conditions

16. Authorizing the DHCP Service (continued)
The DHCP management snap-in
Unauthorized DHCP server error in Event Viewer

17. Authorizing the DHCP Service (continued)
Authorized DHCP server information in Event Viewer

18. Starting an Authorized DHCP Server
• Objective: View the results of starting a DHCP server
that does not participate in an Active Directory
domain
• Check to make sure the service is running
• Check out any relevant events using the System Log

19. Installing the Active Directory Service
• Objective: Install the Active Directory service on your
computer and participate in an Active Directory
domain
• Use the dcpromo utility
• Select “domain controller for a new domain”
• Select “domain in a new forest”
• Continue through the resulting dialogs

20. Starting an Unauthorized DHCP Server
• Objective: View the results of starting an
unauthorized DHCP server
• View the System Log to see the result of starting an
unauthorized DHCP server

21. Authorizing a DHCP Server
• Objective: Authorize a DHCP server in Active
Directory
• Go to the DHCP snap-in and choose the activate
option

22. Configuring DHCP Scopes
• Scope defines a range of IP addresses
• Each scope is configured with:
– Description
– Starting IP address
– Ending IP address
– Subnet mask
– Exclusions
– Lease duration
• Two strategies exist for defining the starting and
ending IP addresses
– Allow all and exempt the few static addresses
– Use only the addresses not already in use

23. Configuring DHCP Scopes (continued)
Scope Settings

24. Configuring DHCP Scopes (continued)
• Exclusions are used to prevent some IP addresses
from being handed out dynamically
• Lease duration defines how long client computers
are allowed to use an IP address
• Default lease duration is eight days
• A scope must be activated before the DHCP service
can begin using it

25. Creating a Scope
• Objective: Create a scope to distribute IP addresses
to client computers
• Manually enter the IP configuration settings as
directed by the text
• Create a new scope using the configuration settings
provided

26. Activating and Testing a Scope
• Objective: Activate a DHCP scope, and then test it
with a partner
• One person will activate the scope created in the
previous activity
• Another person will try to obtain an automatic IP
address from the server

27. Superscopes
• Used to combine multiple scopes into a single
logical scope
• Allows multiple scopes to be treated as a single
scope
• If a superscope is used, then the DHCP server offers
only one lease as opposed to multiple leases

28. Superscopes (continued)
A superscope containing two scopes

29. Configuring a Superscope
• Objective: Combine two scopes into a single logical
unit using a superscope
• First, create a second scope in addition to the scope
already created in a previous activity
• Create a superscope to encompass the two scopes
• Use the DHCP snap-in for this activity

30. Deleting a Superscope
• Objective: Delete a superscope, leaving each scope
independent
• Make sure you delete the superscope without
deleting the subscopes

31. Multicast Scopes
• Used to deliver multicast addresses to applications
that require it
• Multicast addresses are used to deliver packets to
groups of computers
• Start and end IP addresses define the range of
addresses that can be handed out by DHCP servers
• TTL defines the number of routers through which a
multicast packet can move

32. Multicast Scopes (continued)
• Exclusions define addresses that should not be
handed out
• Lease duration defines the length of time that an
application can use a multicast address
• Default lease length is 30 days

33. Creating a Multicast Scope
• Objective: Create a multicast scope to deliver
multicast addresses to applications
• Setting up a multicast scope is very similar to
setting up any other scope
• Set the scope configuration to that specified in the
text

34. Deleting a Multicast Scope
• Objective: Delete a multicast scope
• Right click on the scope and issue the delete
command

35. Creating DHCP Reservations
• Reservations are used to hand out a specific IP
address to a particular client
• Useful when delivering IP addresses to devices that
would normally use static addresses
• Can also be beneficial when firewalls are in place
• Reservations are created based on MAC addresses

36. Creating DHCP Reservations (continued)
Creating Reservation

37. Creating and Testing a Reservation
• Objective: Create a DHCP reservation, and test it
with a client
• Configure the server to reserve an IP address for a
client machine
• Test to see if the client machine picks up the
reserved address

38. Configuring DHCP Options
• DHCP can hand out a variety of other IP
configuration options
• It is common that all workstations within an entire
organization use the same DNS servers
• DNS is often configured at the server level

39. Configuring DHCP Options (continued)
Server setting options

40. Configuring DHCP Options (continued)
Settings Scope Options

41. Setting Server Options
• Objective: Set the DNS server option for a DHCP
server
• Check 006 DNS servers option
• Add the IP address x.0.0.250

42. Setting Scope Options
• Objective: Set the default gateway in the scope
options
• Use the DHCP snap-in to complete this activity

43. Testing Server & Scope Options
• Objective: Activate a DHCP scope, and then test it
with a partner to ensure that scope options are
handed out
• Activate a DHCP scope
• Configure a client to access the server
• Check the default gateway and DNS settings to find
out whether or not the configurations entered in
previous activities were done correctly

44. Vendor and User Classes
• Used to differentiate between clients within a
scope
• Vendor classes are based on the operating system
• User classes are defined based on network
connectivity or the administrator
• You can use the ipconfig /setclassid command to set
the DHCP user class ID

45. Vendor and User Classes (continued)
Setting a class ID
Vendor Classes

46. Vendor and User Classes (continued)
User classes

47. Configuring a DHCP Relay
• DHCP packets cannot travel across a router
• A relay agent is necessary in order to have a
single DHCP server handle all leases
• Relay agents receive broadcast DHCP packets
and forward them as unicast packets to a
DHCP server
• The DHCP relay cannot be installed on the
same server as the DHCP service

48. Configuring a DHCP Relay (continued)
Using DHCP relay agents on a routed network

49. Configuring a DHCP Relay (continued)
The Routing and Remote Access tool

50. Configuring a DHCP Relay
• Objective: Uninstall the DHCP service from your
computer and configure it as a DHCP relay
• Uninstall the DHCP service
• Configure the computer as a relay by using the
Routing and Remote Access tool provided in
Windows

51. Summary
• DHCP dynamically assigns IP address information to
clients on a network
• The DHCP lease process is composed of four packets:
– DHCPDISCOVER
– DHCPOFFER
– DHCPREQUEST
– DHCPACK
• A DHCP client attempts to renew its lease at 50%,
87.5%, and 100% of the lease time
• The commands ipconfig /release and ipconfig /renew
can be used to release and renew DHCP leases

52. Summary (continued)
• If the Active Directory service is present on
your network, each DHCP server must be
authorized in Active Directory to lease
addresses to clients
• A scope defines a range of IP addresses that
are leased to clients
• A superscope combines two scopes into a
single logical unit to service network segments
with two subnets

53. Summary (continued)
• An exclusion in a scope can stop a DHCP server from
handing out specific addresses
• A reservation allows you to give a specific
workstation a defined IP address by tying the DHCP
lease to the MAC address of the client
• Vendor and user classes can be used to configure
some client computers with different options,
depending on the class to which they belong
• A DHCP relay agent is required on each network that
requires IP configuration from a DHCP server across
a router