DHCP is described by RFC 2131 and RFC 2132 and allows servers to dynamically distribute ip-addresses and configuration-information to clients. At least the following information is distributed :
| IP address |
| Subnet mask (RFC 950, code 1) |
| Default gateway (code 3) |
Other configuration-info can be :
| DNS server (RFC 1035, code 6) |
| DNS Domain name (code 15) |
| WINS server (RFC 1001/1002, code 44) |
| NetBIOS node type (B-,P-,M- en H-node, RFC 1001/1002, code 46) |
| NetBIOS scope id (RFC 1001/1002, code 47) |
| Additional info will not be handled by the client |
Types of DHCP configuration :
| Automatic allocation (permanent random address) |
| Manual allocation (permanent determined address by administrator) |
| Dynamic allocation (temporary leased address) |
Reasons to implement DHCP :
| Moving clients between subnets |
| More clients than ip-address |
| Dial-in users |
|
Large ip network with lots of clients |
You can set the client to use DHCP via the TCP/IP properties or the 'netsh interface ip set address "Local Area Connection" dhcp' command. (See Q257748)
Steps within the DHCP-process :
The client broadcasts from source-address 0.0.0.0 to 255.255.255.255 to discover a DHCP-server by using UDP port 68 on the client and UDP port 68 on the server. In this ip-package the chaddr-field (Client Ethernet address) contains the mac-address of the client’s network card. The packet also contains the computer name.
The DHCP server(s) will answer by sending a DHCPOFFER packet via an UDP
packet send from port 68 to the client's port 67. The source address is the ip-address of the DHCP-server,
the destination address is 255.255.255.255 (broadcast). In this ip-package the
chaddr-field still contains the mac-address of the client requesting the
address. The yiaddr-field (Your ip address) contains the ip-address offered by
the DHCP-server. The DHCP-option-field contains additional info like the subnet
mask and the lease-time. It also contains the ip-address of the
server.
If the DHCP client does not receive DHCP offers, it will retry four times at
intervals of 2, 4, 8 and 16 seconds (plus a random time out). If this also
fails, it retries every five minutes.
After the client received the offer(s), a DHCPREQUEST packet is sent for the ip-address chosen. This is done with source address 0.0.0.0 and destination address 255.255.255.255 so all DHCP servers will be informed about the ip-address chosen.
The DHCP server identifier contains the ip-address of the DHCP-server chosen by the client.
The DHCP-server that offered the chosen ip-address to the client, will acknowledge the given address with a DHCPACK-package. The source-address is the DHCP-server’s ip-address, the target address is 255.255.255.255. The yiaddr-field contains the offered ip-address and the chaddr-field and the DHCP client identifier field contains the mac-address of the client. The DHCP-option section identifies the packet as an acknowledgement. The DHCPAck message also contains the optional configuration parameters line WINS and DNS.
| T1 (Address renewal timer). After
T1, default 50% of the lease-time, the client enters the renewal-phase in
which the client will try to renew it’s ip-address. Sending a DHCPREQUEST
package to the DHCP-server that offered the address via IP-unicast does this. The server will
reply with DHCPACK if the address can be used. This packet will contain any
update configuration info and a new lease time. If the first DHCPREQUEST is
not answered, the client will retry three times at 4,8 and 16 seconds. |
| T2 (Server rebinding timer). If no renewal before T2 (normally at
87.5% percent of the lease-time) was possible, the client will send a
DHCPREQUEST message to all DHCP-servers via a broadcast to continue the lease of the address.
If no DHCPACK follows before the end of the lease-time, the client will stop
using the ip-address and restart the DHCP lease process. If this fails an
error-message will occur. If the client receives a DHCPNACK after a DHCPREQUEST to renew the IP-address, it will restart the lease process. If the first DHCPREQUEST to renew the ip-address is not answered, the client will retry three times at 4,8 and 16 seconds. |
DHCP is installed via the network services. After the installation scopes have to be defined via the DHCP manager. Each scope contains the following items :
| Start Address and End Address. First and last ip-address of scope. (required) |
| Subnet mask. Subnet mask of scope. (required) |
| Exclusion range Start- and End-address. (Addresses that can’t be offered) |
| Lease duration. Unlimited or time address may be leased. (required) |
| Name. Name of scope for administrative purposes. |
| Comment. Additional comments. |
The following options can be set for DHCP scopes :
| Global options. These options are used for all scopes and addresses |
| Scope options. Only clients within the scope get these options. Overrule global options. |
| Client options. Can be used for reserved DHCP address. Overrule scope- and global options. |
DHCP registry info is stored in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DHCP. The database is stored in %systemroot%\system32\dhcp\dhcp.mdb.
The DHCP database is a Exchange Server Storage engine 4.0 database stored in the &systemroot%\system32\dhcp folder. This folder contains the following files :
| dhcp.mdb. The DHCP service database containing the ip-addresses - Owner-id table and Name - IP address mapping table. |
| dhcptmp.mdb. A temporary file used as a swap file during index maintenance. |
| resx.log. This log file is reserved for emergency cases e.g. when the server is out of diskspace. |
| j50x.log. Transaction log files used to store data before it is put in the database. When a log file is full, a new log file is created with a new number. When the DHCP database has been backup successfully, the log files are removed. |
| j50x.chk. A checkpoint file that contains information about the location of the last data that was successfully written into the DHCP database. |
By default Windows 2000 backs up the DHCP database every 60 minutes. The files are stored into the \systemroot\system32\dhcp\backup\jet directory. A copy of the registry is stored as \systemroot\system32\dhcp\backup\dhcpcfg. The backup interval can be changed at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DHCPServer\Parameters\BackupInterval. (after this, restart the DHCP service)
By default Windows 2000 will restore a corrupt database automatically when restarting the DHCP service. If you want to do this manually set the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DHCPServer\Parameters\RestoreFlag to 1 and restart the DHCP service. The database can also be restored by copying the files of the ..\dhcp\backup\jet directory into the ..\dhcp directory while the DHCP service is stopped. In this case also remove the j50.log, j50xxxxx.log and dhcp.tmp files. After this, restart the DHCP service. (See Q173396)
You can compress the DHCP database via the command 'jetpack dhcp.mdb tmp.mdb' after the DHCP service is stopped. When the DHCP service runs, it also compacts the database during idle times but this is not as effective as an offline compaction. (See Q145881)
You can move a DHCP database with the dhcpexim tool or by moving HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DhcpServer\Configuration and %systemroot%\system32\dhcp\dhcp.mdb to the new server. This while the DHCP services on both systems are stopped. After this reconcile the scopes. (See Q130642)
In a network with various subnets, a DHCP proxy has to be enabled in the
router if no DHCP server is available on the network (RFC 1542 compatible
routers, set dhcp relay
x.x.x.x) This proxy will add the network address of the client to the request,
so the DHCP server knows which scope to use. The proxy in the router is also
called a Bootp relay agent.
If the router does not provide this functionality you can install a RRAS server
on the subnets without a DHCP server. This RRAS server should be installed as a
DHCP relay agent. Do not install this DHCP relay agent on a DHCP server.
DHCP servers do not communicate. To provide redundancy, two DHCP servers have to defined. Each server should serve a part of the DHCP address pool and exclude the addresses the other DHCP server offers. The main disadvantage is that reservations for clients have to be made on both DHCP servers.
In Windows 2000 DHCP and DNS can be integrated to create DDNS (Dynamic DNS) by activating the option 'Automatically update DHCP client information in DNS'. When activated, you can set the following options :
| Update DNS only if DNS client requests. When using this option the DHCP
server will register the PTR record on request of 98/ME and 2000 clients.
These clients will have to register the A-records. If the lease expires,
DHCP removes the A- and PTR record. (See Q191290) or |
| Always update DNS. The DHCP server will register the A- and PTR
record. |
| Discard forward (name-to-address) lookups when lease expires. The DHCP server will remove the A-record from DNS when the lease expires, even if it did not register it. |
| Enable updates for DNS clients that do not support dynamic updates. When using this options DHCP will register DNS entries for non Windows ME and Windows 2000 clients. |
Normally the DHCP service will discard all records it registers at DNS when the lease
expires. If it only has registered the PTR record, you can also customize the DHCP server to remove the
A-record when the lease
expires for a record by selecting the option ‘Discard forward
(name-to-address) lookups when leases expire’
Using DHCP for DDNS entry registration can be dangerous if DHCP is installed on
a domain controller running DNS. This because the DHCP service use the domain
controllers computer account. When a client uses DHCP for DNS registration, it
can register any name in a secure active-directory integrated zone. (name
hijacking) This problem is solved in SP1 as DHCP can be configured to
impersonate an account to do the DNS registrations. This active directory
account can be specified with the command 'netsh dhcp server set dnscredentials
username domainname password' After this restart the DHCP service. If you want
to remove the impersonation you can use the command 'netsh dhcp server delete
dnscredentials dhcpfullforce' After this restart the DHCP service. You can view
the current account that DHCP uses for DNS registration via the command 'netsh
dhcp server show dnscredentials' If the impersonation does not work, an error
with event id 1002 appears. (See Q255134)
To prevent rogue DHCP servers on the network, a DHCP server that is member of
a domain, will check in Active Directory if it is authorized. If it is not
authorized or it cannot query Active Directory, it will stop issuing ip
addresses.
If an upcoming DHCP server is a stand alone server, it sends a
DHCPinform message with an vendor extension field on the network. If there is
another DHCP server on the subnet this server will respond by answering with a DHCPack
message containing the domain name. After receiving this domain name, the
initializing DHCP server can check at the domain controller if it is authorized
to start up. If it is not, it will stop the DHCP service. This process is
repeated every five minutes. You can authorize a DHCP server in the DHCP mmc via
the options 'Manage authorized servers' - 'Authorize server'. To be able to do
this, you must be in the Enterprise Admins group.
Windows 2000 offers two types of option classes, user classes and vendor classes, to configure groups of clients with special options.
You can use user classes to set different DHCP options for different types of clients. Standard built in user classes are Unspecified (clients that do not have a user class defined), RRAS.Microsoft (Dial-up networking clients) and Bootp (Bootp clients) You can create a new user class for a client with the command 'ipconfig /setclassid adapter_name class_id', remove a user class id via 'ipconfig /setclassid adapter_name' and query via 'ipconfig /showclassid adapter_name'. (See Q235272)
Vendor classes offer the ability the set different DHCP options for different
kind of products. You cannot add a specific vendor class to a client but Windows
2000 has three build in vendor classes: MSFT5.0 (Windows 2000 DHCP clients),
MSFT98 (Windows 98 and Windows ME DHCP clients), MSFT (All Windows 98, ME and
Windows 2000 DHCP clients)
Vender classes are typically created for the enhancement of vendor-specific
options, user classes for administrative reasons.
On the DHCP server you can define new user- or vendor classes by right-clicking the DHCP server. After the class has been created, you can specify the DHCP option for the class via Scope options - Configure options - Advanced. (See Q240247)
By default, DHCP uses the MAC address to uniquely identify clients for reservations. This can cause problems if the networkcard (=MAC) is changed. When this is done, the client will not get the reserved ip address as the mac address has been changed. This can be solved by using a client identifier instead of the mac address. On a Windows 2000 client this identifier is set at HKLM\System\CurrentControlSet\Services\TcpIp\Parameters\Interfaces\NICGUID\DhcpClientIdentifier. For more info see Q172408.
If DHCP is used to assign ip addresses to RAS clients, the RAS server
allocates groups of 10 ip addresses. When a client connects and the option 'Use
DHCP to assign remote TCP/IP addresses' is selected on the RAS server, the
client will get an ip address from this group. (See Q216805)
In this situation, only the ip
address is send to the clients. The clients will copy other options from the
dial-up connection properties of the RAS
server. The WINS addresses are copied from the RAS server settings, the DNS
entry of the RAS client is the first DNS server address listed in the RAS
server's DNS Service Search Order. The NetBIOS Scope ID is not passed to the
client. The Node Type is also not passed from the DHCP server but based on the
WINS information. If the RAS server has a WINS server, the client becomes a
H-node, otherwise the client stays a B-node. (This does not work on Windows 95
clients)
You can change the number of cached ip addresses at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\IP\InitialAddressPoolSize.
If there is no DHCP server available when a RAS client connects, the RAS server
will assign APIPA addresses to the client. (See Q216805)
To provide a RAS client with options from a DHCP server like WINS, DNS, domain
name, etc. you
have to install DHCP relay agent on the RAS server. This only works if the DHCP
server is not the same server as the RAS server. You can install the DHCP relay
agent via RRAS MMC - IP routing - General - new routing protocol - DHCP relay
agent - New interface - Internal. (See Q232703)
A superscope offers ip address to a physical lan that uses multiple logical ip networks (multinet). You can create a multiscope by first creating scopes f1or each logical ip network (member scopes) and than combine them to a superscope. Superscopes are available on DHCP after Windows NT 4.0 SP1.
DHCP in Windows 2000 support the Multi Address Dynamic Client Allocation Protocol. This protocol is used to provide clients with dynamic multicast ip addresses (range 224.0.0.0 - 239.255.255.255) These addresses are used, at the same time as the normal address, when the client is part of a multicast group. Multicast scopes only provide address configuration and do not support other DHCP assignable options.
| Dhcpcmd.exe This utility from the resource kit can be used to manage DHCP from the command prompt. You can also export DHCP data with it. |
| Dhcploc.exe. This utility (Windows NT 4 resource kit suppl. 4) can be used to determine which DHCP servers are available on a subnet. |
| Dhcpexim.exe. This utility (Windows 2000 resource kit suppl. 1) can be used to move DHCP scopes (Windows NT 4/W2K) between servers. |
| A user within the DHCP Users group will have read-only access to the DHCP database. |
| A user in the local group DHCP Administrators can view and modify all DHCP data. |
APIPA (Automatic Private IP addressing) configures a client with an
ip-address and subnet mask when a DHCP-server is unavailable. The ip-address
will be in the 169.254.0.1 – 169.254.255.254 range with a 255.255.0.0 subnet mask.
To prevent duplicated ip-addresses, the client sends an ARP-message to check if
the address is already in use. If it is, the client will recreate an random
ip-address for a maximum of 10 times.
While using an APIPA-address, the client will search for the DHCP-server every
three minutes. If it occurs, it stops using the APIPA-address and will use a
DHCP-address.
If the client had already a DHCP-address and it can’t find a DHCP-server after a reboot, the client tries to ping the default gateway if the lease is not expired. If there is a default gateway, the client assumes to be on the same network and will reuse the old ip-address until the end of the lease time. If there is no default gateway, the client assumes to be on a different subnet as it was and it will use APIPA to get an ip-address. This happens also if the lease is not expired. (in contradiction to older Windows versions) (See Q220874)
You can disable APIPA on a client per adapter (hkey_local_machine\System\CurrentControlSet\Services\TCPIP\Parameters\Interfaces\adapter name\IPAutoConfigurationEnabled = 0) or for the entire computer (hkey_local_machine\System\CurrentControlSet\Services\TCPIP\Parameters\IPAutoConfigurationEnabled = 0). After the registry change, reboot the machine. See (Q255836)
|
| DHCP backup and restore via GUI (WH0775N101800 and WH0523N020701) |
|
| Classless source routing. This offers the ability to split traffic in a tunnel to transfer data for the internet directly to the internet, while the VPN can be used to access the company network. (WH1252N101800) |
|
| Database netshell migrations. Offers the ability to migrate a database with the NETSH command. (WH1062N020701) |
| Dynamic Host Configuration Protocol for Windows 2000 server (DHCP) |
| Search the Microsoft knowledge base for Windows 2000 articles with DHCP in the subject |
| Custom DHCP client identifiers (Q172408) |
| How to configure DHCP class id on a Windows 2000 DHCP client (Q235272) |
| How to create a new DHCP user or vender class (Q240247) |
| Using WINS and DHCP with the Windows 2000 cluster service (Q226796) |
| Description of PXE intervention among PXE client, DHCP and RIS server (Q244036) |
| PXE clients do not receive ip addresses from DHCP server across a router (Q257579) |
| Automatic Windows 98/ME/ tcp/ip addressing without a dhcp server (apipa) (QQ220874) |
| How to use the NETSH command to change from static IP address to DHCP in Windows 20000 (Q257748) |
| Using NETSH command to authorize DHCP server generates parameter error message (Q255906) |
Last update: 7 May 2002