Configure Dynamic Host Configuration Protocol on Windows 2000 Server
Preparation
The DHCP service must first be installed on the server. (It is in the same location as the installation of the DNS and WINS services). Once this is done then the configuration procedures below may be undertaken. This tutorial is an integral component of the installation of a single standalone Windows 2000 Domain Controller as the first server of a new network. This series of tutorials will take the student through the process from start to finish:
Understanding DHCP
DHCP evolved out of the BOOTP protocol used to boot up diskless workstations and also issue them TCP/IP configuration information automatically as they started up (See Installation of 3rd party PXE Services on Windows 2000 Server for details on how to setup a PXE server and diskless workstation). It was found that the network administrator would configure a BOOTP server one time and then workstations could come and go from then on and function on the TCP/IP network with no additional configuration required. Yet on "diskfull" stations the network administrator would have to manually configure TCP/IP on each client; an endless task in huge fast growing or changing networks. In order to automate the TCP/IP configuration of regular network clients the BOOTP technology was used as the basis for this new technology: DHCP. As such DHCP still uses UDP Ports 67 and 68 just like the BOOTP protocol. This means that the network cannot have both a BOOTP and a DHCP server running at the same time and in fact it simply should not have both types of server. This is one of the reasons that Windows 2000 Server products do not natively include BOOTP. The Windows 2000 DHCP service does support functioning as a BOOTP Forwarding Agent. However, if this is activated the DHCP server will no longer function as a DHCP server. Again due to the fact that both technologies use the same UDP ports to communicate over the network. When a workstation starts up and has been configured to use DHCP, then that system does not have any TCP/IP configuration information: it does not have an IP address, subnet mask or default gateway (amongst the many other configurable parameters of the TCP/IP protocol on the workstation, but these are critical to basic functionality). It therefore cannot use TCP/IP yet, but it must still locate a DHCP server and request the TCP/IP configuration parameters from that server and receive them. Furthermore, since the server is sending out IP addresses to be used by workstations, called leases, it must also be able to receive DHCP server location attempts by the workstation and be able to communicate the configuration information to that workstation. The DHCP server must also record the IP addresses that it has already leased out to prevent IP address duplication on the network which will cause one or both workstations TCP/IP connectivity to fail (this is designed into the workstation TCP/IP protocol suite stack drivers). The workstation transmits a DHCPDISCOVER packet to initiate a lease dialog with the DHCP server which will ultimately end up configuring the workstation to use TCP/IP on the network. The DHCPDISCOVER packet is a simple Ethernet frame containing a very simple IP packet. The Ethernet frame contains the source MAC address of the workstation (obtained from the physical NIC drivers) and the destination MAC address is FF-FF-FF-FF-FF-FF which in Ethernet frames means "This is a broadcast" and all machines on the network that receive the frame will accept it (though non-DHCP servers will not understand it and throw it away). The source IP address in the IP packet carried by the Ethernet frame is 0.0.0.0 (since the workstation does not have an IP address yet) and the destination IP address of the IP packet is 255.255.255.255 which in IP packets means: "This is a broadcast" The transaction ID of the packet is unique to DHCPDISCOVER packets which is how the packet will ultimately end up being discarded by non-DHCP servers who do not know what the packet is for. DHCP servers will recognize the packet and will respond with a DHCPOFFER. The DHCPOFFER packet is an Ethernet frame transmitted by the server in response to the DHCPDISCOVER packet. The packet contains the Ethernet source MAC address of the DHCP server. The destination MAC address is the workstation's MAC address which the DHCP server got from the original DHCPDISCOVER packet transmitted by the workstation. This is how the DHCPOFFER can be directed at this PC only and is not an Ethernet broadcast. The source IP address of the IP packet that the DHCPOFFER Ethernet frame carries is the IP address of the DHCP server (since it already has one) and the destination IP address of the packet is 255.255.255.255: a broadcast. This must be done because the workstation does not have its own unique IP address yet. At this point the workstation will transmit a DHCPREQUEST packet back to the DHCP server. The Ethernet source MAC is the workstation's and the destination MAC is still a broadcast. The IP source address is still 0.0.0.0 because now the workstation is actually requesting the IP address that the server just offered in the DHCPOFFER packet. The IP destination address is still 255.255.255.255 also. This is done for two reasons: 1) The original broadcast made it to the DHCP server so in all likelihood this packet will make it to the server as well, 2) if there is a second DHCP server on the network it will immediately see that the workstation has made the request to the other DHCP server which means that the workstation has rejected its offer and it can lease that IP address to the next requesting PC. So the fact that the workstation broadcasts back to the server even though it knows its MAC and IP addresses is done for reliability of the transmission and to inform other DHCP server's that their requests were rejected. Upon receipt of the DHCPREQUEST the DHCP server will transmit a DHCPACK (ACKnowledge) packet. The Ethernet frame source MAC is the server's, the destination MAC is the workstation's (directed, also called unicast) The IP packet the frame carries has the source IP address of the server and the destination IP is 255.255.255.255: a broadcast. This is done because the workstation does not know that the server has accepted the request yet, so it cannot assume that the IP address belongs to it until after it receives and interprets this packet. The contents of this packet contain all of the TCP/IP configuration information including the IP address, subnet mask, and default gateway and any other parameters that have been configured for the workstations to use. At this point the TCP/IP protocol stack of the workstation loads these values and begins full operation on the network. Making a Windows 2000 server into a DHCP server is simply a matter of installing the DHCP service which is not an operating system default, and then configuring the server by informing it what IP address pool it is allowed to lease and what subnet mask and default gateway and other TCP/IP paramaters it is supposed to give to the workstations. The procedures below outline the most basic DHCP configuration so that it will work with the workstations in the lab. DHCP can be incredibly complex and difficult to configure in some environments; in these situations a much stronger knowledge of the operating system will be needed: an MCSE. Procedures
Copyright©2000-2004 Brian Robinson ALL RIGHTS RESERVED |