Apply Your Knowledge
In this chapter, you have learned what DHCP is and how it works to make IP address assignment easier, quicker, and more accurate. In the following exercises, you will practice some of the concepts and methods discussed in this chapter.
Exercises
2.1 Creating a DHCP Scope
This exercise guides you through the process of creating a standard DHCP scope. This exercise requires you to have a Windows Server 2003 computer with the DHCP service installed.
Estimated time: 20 minutes
- Open the DHCP console by selecting Start, Programs, Administrative Tools, DHCP.
- Right-click the DHCP server and select New Scope from the context menu.
- Click Next to dismiss the opening page of the New Scope Wizard.
- On the Scope Name page, enter the name SCOPE1 and an appropriate description for the new scope. Click Next to continue.
- On the IP Address Range page, enter the IP address range 10.0.0.2-10.0.0.100, and the subnet mask 255.255.255.0. Click Next to continue.
- On the Add Exclusions page, enter the IP address ranges 10.0.0.5-10.0.0.10 and 10.0.0.15-10.0.0.20 as exclusions. Click Next to continue.
- On the Lease Duration page, you can leave the default setting of eight days. Click Next to continue.
- Select to configure advanced options and click Next to continue.
- On the Router (Default Gateway) page, enter the default gateway IP address 10.0.0.1. Click Next to continue.
- On the Domain Name and DNS Servers page, enter the IP addresses 10.0.0.250 and 10.0.0.251 for the DNS servers. Specify the parent domain as testlab.local. Click Next to continue.
- On the WINS Servers page, enter the IP addresses of the WINS servers if you have legacy clients that still need WINS services. Enter the IP addresses 10.0.0.250 and 10.0.0.251 for the WINS servers. Click Next to continue.
- Opt to activate the scope now and click Finish to complete the wizard.
2.2 Creating a Superscope
This exercise shows you how to manage multiple scopes by creating a superscope. You need to have completed Exercise 2.1 in order for this exercise to work.
Estimated time: 20 minutes
- Open the DHCP console by selecting Start, Programs, Administrative Tools, DHCP.
- Right-click the DHCP server and select New Scope from the context menu.
- Create a second scope, using the IP address range 10.0.0.102-10.0.0.200, using the same default gateway, DNS servers, and WINS servers as detailed in Exercise 2.1, with no exclusions. Name the scope SCOPE2.
- Right-click the DHCP server and select New Superscope from the context menu.
- Click Next to dismiss the opening page of the New Superscope Wizard.
- On the Superscope Name page, enter SUPERSCOPE1 and click Next to continue.
- On the Select Scopes page, select SCOPE1 and SCOPE2 by holding down the Ctrl key and clicking both scopes. Click Next to continue.
- Verify your configuration on the Completing the New Superscope Wizard page. Click Next to complete the superscope creation process.
- The Completing the New Superscope Wizard dialog box gives you a summary of the selections you made throughout the wizard. Click Finish to create the superscope.
2.3 Configuring a DHCP Relay Agent
This exercise walks you through the process of creating and configuring a DHCP relay agent for a network.
Estimated time: 15 minutes
- Open the Routing and Remote Access console.
- Expand the console nodes so that you can access the IP Routing, General node.
- Right-click the General node and select New Routing Protocol.
- Select the DHCP relay agent.
- Right-click the DHCP Relay Agent node and select New Interface from the context menu to select the interface to be used for the DHCP relay agent.
- Configure your required values for hop-count threshold and boot threshold.
- Right-click the DHCP Relay Agent node and select Properties. Enter one or more remote DHCP servers into the list and click OK to confirm your settings.
2.4 Authorizing a DHCP Server in Active Directory
This exercise walks you through authorizing a DHCP server in Active Directory. This exercise requires that you have an Active Directory environment with an installed DHCP server.
Estimated time: 5 minutes
- Open the DHCP console by selecting Start, Programs, Administrative Tools, DHCP.
- Right-click the DHCP server and select Authorize from the context menu.
- The authorization process may take some time, depending on network conditions. Refresh the DHCP console by pressing F5. The DHCP server status is shown as Active when the authorization is complete. The server is then ready to issue addresses when it receives DHCP requests.
2.5 Configuring DHCP for DNS Integration
This exercise walks you through configuring a DHCP server for DNS integration. This exercise requires that you have an Active Directory environment with an installed DHCP server and DNS server. To complete this exercise, you need to have completed Exercise 2.4.
Estimated time: 15 minutes
- Open the DHCP console by selecting Start, Programs, Administrative Tools, DHCP.
- Right-click the DHCP server and select Properties from the context menu. Switch to the DNS tab of the DHCP Server Properties dialog box.
- To enable DHCP integration with DNS, ensure that the Enable Dynamic DNS Updates According to the Settings Below check box is selected.
- Select to either have the DHCP server update A and PTR records when requested or to always update A and PTR records.
- To help keep your DNS database clean and consistent, you should allow the DHCP server to cause expired leases to lead to A and PTR record deletion.
- If you have legacy clients on the network, ensure that dynamic updating is configured for them as well.
- If you are using secure dynamic updates, you should consider configuring a dedicated network user account for the dynamic updating. You can enter the account credentials by switching to the Advanced tab.
- Click the Credentials button on the Advanced tab to open the DNS Dynamic Update Credentials dialog box.
- Enter the domain user account name, domain, and password.
Exam Questions
-
You are the systems administrator for Wild Widgets, Inc. You are training a new employee on the use of the DHCP service in Windows Server 2003. She asks you how the client computer requests and receives an address from the server. Which of the following answers is correct?
A.
The client computer broadcasts a DHCPDISCOVER message. The DHCP server offers an IP address. The client computer accepts the address and uses it to communicate on the network.
B.
The client computer broadcasts a DHCPDISCOVER message. The DHCP server offers an IP address. The client computer accepts the address and sends a request to use that address back to the DHCP server. The client computer uses the address to communicate on the network.
C.
The client computer broadcasts a DHCPDISCOVER message. The DHCP server offers an IP address. The client computer accepts the address and sends a request to use that address back to the DHCP server. The DHCP server acknowledges the request and grants the client computer a lease to use the address. The client computer uses the address to connect to the network.
D.
The client computer broadcasts a DHCPDISCOVER message. The DHCP server offers an IP address. The client computer accepts the address and sends a request to use that address back to the DHCP server. The DHCP server acknowledges the request and grants the client computer a lease to use the address. The client computer responds with an acknowledgement of the lease and uses the address to connect to the network.
-
You are the system administrator for Phil's Phill-up Stations, a chain of gas stations. As part of the network, you maintain a Windows Server 2003 DHCP server to dynamically assign addresses. You have three superscopes set up, and within each superscope are four scopes. One day, you start experiencing problems with one of the scopes issuing bad addresses. You check the server and suspect that there is a database problem. How can you verify that the database is intact?
A.
Open the DHCP console. Select the scope in question and select Action, Reconcile Scope.
B.
Open the DHCP console. Select the superscope that contains the scope in question and then select Action, Reconcile All Scopes.
C.
Open the DHCP console. Select the DHCP server that contains the scope in question and then select Action, Reconcile All Scopes.
D.
Open the DHCP console. Select the DHCP server that contains the scope in question and then select Action, Reconcile DHCP Database.
-
You are the LAN administrator for Get Stuffed Taxidermy, and you are responsible for maintaining the company's Windows Server 2003 DHCP server. While doing your daily system checks, you notice that the number of DHCPDISCOVER packets spiked at 9:00 this morning. What could cause the Discovers/Sec counter to spike at 9:00 a.m.?
A.
A network problem
B.
The DHCP service being restarted
C.
A large number of computers entering the network at approximately the same time
D.
A rogue DHCP server issuing duplicate addresses
-
You are the systems administrator for Hank's Harmonicas, Ltd. Your Active Directory-based network consists of all Windows Server 2003 server computers and Windows 98, Windows 2000 Professional, and Windows XP Professional client computers. This morning one of the users of a Windows 98 computer called you and said that she could no longer connect to network resources. Upon further investigation, you discover that several other Windows 98 clients are experiencing the same problem. You determine that the cause of the problem is due to an incorrectly configured DHCP lease. What is the most likely reason that only your Windows 98 clients are exhibiting this problem?
A.
The DHCP service in Windows 98 is not as stable as that in Windows 2000 or Windows XP, and this sometimes results in corrupted lease information.
B.
An unauthorized DHCP server has been set up on the network.
C.
A misconfigured DHCP server has been set up on the network.
D.
The Windows 98 clients were unable to renew their DHCP lease and have thus assumed APIPA IP addresses instead.
-
You are the lead systems administrator for Little Faith Enterprises, and a customer has asked you to install the DHCP service on her Windows Server 2003 computer, get one scope configured, and issue addresses. What minimum steps do you need to take in order to accomplish this?
A.
Install the DHCP service from the Windows Components Wizard. After the service is installed, authorize it in Active Directory. Next, create the scope. Finally, configure the DNS integration.
B.
Install the DHCP service from the Windows Components Wizard. After the service is installed, create the scope and then configure the DNS integration.
C.
Install the DHCP service from the Windows Components Wizard. After the service is installed, create the scope. Create a superscope and add the scope to it. Authorize the server in Active Directory.
D.
Install the DHCP service from the Windows Components Wizard. After the service is installed, create the scope. Authorize the server in Active Directory.
-
You are the systems administrator for the Hittem Boxing Glove Corporation. The corporation is running a routed network with a centrally located Windows Server 2003 DHCP server. The server is able to issue addresses to users on the local segment but cannot issue addresses to any of the sites that are across a router. What is the most probable cause of this problem?
A.
The DHCP forwarder service is not enabled on the DHCP server.
B.
The BOOTP forwarder service is not enabled on the DHCP server.
C.
The DHCP forwarder service is not enabled on the routers.
D.
The BOOTP forwarder service is not enabled on the routers.
-
You manage the Windows Server 2003 DHCP servers for the Really Big Screwdriver Corporation. You are running in a purely Windows Server 2003 environment with all Windows XP Professional clients, and you need to make sure that workstations are registered properly in DNS for Active Directory integration. How should you configure DNS integration?
A.
Set DNS integration to automatically update DHCP client information in DNS.
B.
Set DNS integration to discard A and PTR records when a lease is deleted.
C.
Set DNS integration to enable updates for DNS clients that do not support dynamic updates.
D.
Set DNS integration to enable DNS keepalives.
-
You are the systems administrator for UR Write publishing, a bookseller. Your Windows Server 2003 DHCP server issues a block of 40 addresses to 120 salespeople on the Sales network. These users are frequently in and out of the office, so no more than 40 users are ever on the network at one time. What do you need to do to ensure that users get addresses when needed?
A.
Set the DHCP lease duration to 60 minutes.
B.
Set the DHCP lease duration to 5 days.
C.
Configure a reservation for each user.
D.
Configure an exclusion for each user.
-
You are the distributed computing administrator for Talk to Me Telephone. The company has Windows Server 2003 installed, with the DHCP service running. Mixed in with the DHCP client computers, the company still has some old workstations on the network with BOOTP chips on their Ethernet cards. You need to add support for BOOTP for these computers. How do you ensure that support?
A.
Add the BOOTP service to the server.
B.
In the Advanced tab of the scope Properties dialog box, configure the server to issue addresses to BOOTP clients.
C.
In the Advanced tab of the server Properties dialog box, configure the server to issue addresses to both DHCP and BOOTP clients.
D.
In the Advanced tab of the scope Properties dialog box, configure the server to issue addresses to both DHCP and BOOTP clients.
-
You manage the Windows Server 2003 DHCP servers for the Really Big Hammer Corporation. It is a mixed environment, with Windows 2000, Windows XP, and Windows 98 workstations. You need to make sure workstations are registered properly in DNS for Active Directory integration. What do you need to do?
A.
Set DNS integration to automatically update DHCP client information in DNS.
B.
Set DNS integration to discard A and PTR records when a lease is deleted.
C.
Set DNS integration to enable updates for DNS clients that do not request dynamic updates.
D.
Set DNS integration to enable DNS keepalives.
-
You are the systems administrator for BT Editing Unlimited. You have a 50-host network and are running a Windows Server 2003 DHCP server to assign IP addresses. You also have five IP-based printers with static IP addresses. Your assistant administrator has been working on the DHCP server and has made some changes. Now, your users cannot print to one of the printers. What is most likely the problem?
A.
The scope from which the printers were receiving their IP addresses has been deleted.
B.
The existing scope has been modified so that it overlaps the addresses reserved for the printers.
C.
The existing scope has been modified so that it overlaps the addresses reserved for the printers, and a workstation has been assigned the same address as one of the printers.
D.
The DHCP service was inadvertently stopped.
-
You are the systems administrator for the Little Faith Department Store. You are responsible for maintaining the company's Windows Server 2003 DHCP server. The company recently added a new router and routed a segment to the network. Now that segment must be added to the DHCP server. The address of the router port is 10.10.25.1, and the router is subnetted with a Class C subnet mask. You need to provide 40 addresses, starting at 10.10.25.20. What needs to occur for you to get DHCP working on that segment?
A.
You need to install and configure an additional DHCP server on that segment to provide DHCP services.
B.
You need to add to the DHCP server a scope that contains the addresses from 10.10.25.20 through 10.10.25.59. The scope needs a subnet mask of 255.255.255.0. You need to configure the BOOTP forwarder for the new segment's router, using the address of the DHCP server. You need to activate the scope.
C.
You need to add to the DHCP server a scope that contains the addresses from 10.10.25.20 through 10.10.25.60. The scope needs a subnet mask of 255.255.255.0. You need to configure the BOOTP forwarder for the new segment's router, using the address of the DHCP server. You need to activate the scope.
D.
You need to add to the DHCP server a scope that contains the addresses from 10.10.25.20 through 10.10.25.60. The scope needs a subnet mask of 255.255.255.0. You need to configure the BOOTP forwarder for the new segment's router, using the address of the DHCP server. You do not need to activate the scope because that happens automatically when the scope is created.
-
You are the network manager for IntCo Manufacturing. You are running in a mixed environment, and you are using a Windows Server 2003 DHCP service to support three network segments. Your client computers consist of Windows 2000 Professional, Windows NT Workstation, and Windows 98 SE workstations. What do you need to do to ensure that all the client computers can receive DHCP addresses?
A.
Configure a scope for each network segment. Configure each client computer to receive IP addresses dynamically. Configure the DHCP service for backward compatibility.
B.
Configure a scope for each network segment. Configure each client computer to receive IP addresses dynamically. For the Windows NT Workstation client computers, ensure that the DHCP update from Service Pack 6 has been installed.
C.
Configure a scope for each network segment. Configure each client computer to receive IP addresses dynamically. Configure the DHCP service for mixed mode.
D.
Configure a scope for each network segment. Configure each client computer to receive IP addresses dynamically.
-
You are the systems administrator for BT Editing, and you are running a purely Windows Server 2003 network using Active Directory and the Windows Server 2003 DHCP service. A user in another department has installed a DHCP server on a Unix server. How do you prevent your client computers from receiving DHCP addresses from that server?
A.
Disable the unauthorized server in Active Directory.
B.
Make sure all your domain client computers are running Windows 2000 or higher.
C.
Reconfigure BOOTP on the router.
D.
Go to each client computer and enter the address of the production DHCP server in the Internet Protocol (TCP/IP) Properties dialog box.
-
You are the systems administrator for Area 51 Partners, a consulting firm that is not involved in any way, shape, or form with alien activity in Nevada. You have a customer who would like to ensure that only authorized DHCP servers can make dynamic updates to the DNS database. What will you configure for the customer in order to make this happen? (Choose all that apply.)
A.
Create a new domain user account called DNSDYNUPD.
B.
Enter the credentials for the DNSDYNUPD account in the scope options for your DHCP server.
C.
Enter the credentials for the DNSDYNUPD account in the DNS Dynamic Update Credentials dialog box for your DHCP server.
D.
Add the DNSDYNUPD account to the Enterprise Administrators group.
Answers to Exam Questions
- C. The client computer cannot use the address until the DHCP server grants the lease. After the DHCP server acknowledges the DHCP request and grants the lease, the client computer is able to use the address. Before a client computer can actually use an offered address, it must request to do so and receive an acknowledgement from the offering DHCP server; thus Answers A, B, and D are incorrect. No additional step is required in the process. For more information, see the section "DHCP."
- C. You need to reconcile all the scopes on the server. Answer A is almost correct because you can reconcile a single scope, but the correct command is Reconcile, not Reconcile Scope. You cannot reconcile scopes at the Superscope level, as stated in Answer B. The command in Answer D does not exist. For more information, see the section "Reconciling the DHCP Database."
- C. The DHCPDISCOVER packet is sent when a computer first requests an address. The most likely reason for the Discovers/Sec counter to spike would be a large number of concurrent requests occurring, which could happen when a large number of client workstations request addresses at the same time. A network problem would have the opposite effect because no DHCPDISCOVER packets would reach the server; thus Answer A is incorrect. A DHCP service restart or a rogue DHCP server couldn't affect the number of DHCPDISCOVER packets because the packets are generated by client PCs; thus Answers B and D are incorrect. For more information, see the section "Troubleshooting DHCP Server Authorization Problems."
- B. In this scenario, the most likely cause for the problem is that an unauthorized DHCP server has been set up on the network. Windows 2000 and Windows XP clients in an Active Directory domain do not take DHCP leases from DHCP servers that have not been authorized in Active Directory. The DHCP service in Windows 98 would not likely cause this sort of problem; thus Answer A is incorrect. A misconfigured DHCP server that was authorized would give bad DHCP lease information to all clients—not just to Windows 98 clients; thus Answer C is incorrect. In addition, if clients were unable to reach a DHCP server, the Windows 2000 and Windows XP clients would also assign themselves APIPA IP addresses; thus Answer D is incorrect. For more information, see the section "Troubleshooting DHCP Server Authorization Problems."
- D. If the task is to install the DHCP service and get it issuing addresses, you do not need to configure DNS, but you do need to authorize the server in Active Directory; thus Answers A and B are incorrect. Even though you learned how to create a superscope in this chapter, you do not need a superscope for the server to function; thus Answer C is incorrect. For more information, see the section "Configuring and Managing DHCP."
- D. To issue addresses using DHCP across a router, the router needs to have the BOOTP forwarder service enabled and configured; thus Answer C is incorrect. DHCP relay is configured on a router or a Windows Server 2003 computer running Routing and Remote Access; thus Answer A is incorrect. There is no such thing as the BOOTP forwarder server; thus Answer B is incorrect. For more information, see the section "Configuring and Implementing a DHCP Relay Agent."
- A. In a purely Windows 2000, Windows XP, and Windows Server 2003 environment, you need to configure DHCP to automatically update DNS to ensure that the client computers appear on the network correctly. Setting the DNS integration to discard lookups after a lease is deleted also works with a purely Windows 2000 network, but it has nothing to do with the computers registering properly; thus Answer B is incorrect. Windows 2000, Windows XP and Windows Server 2003 all support dynamic updates; thus Answer C is incorrect. Keepalives are associated with HTTP sessions, not DNS; thus Answer D is incorrect. For more information, see the section "Configuring DHCP for DNS Integration."
- A. To ensure that addresses are available, the DHCP lease needs to be set to a short interval; thus Answer B is incorrect. Reservations won't help since you have too few leases already; thus Answer C incorrect. There was no mention of a need for exclusions and thus no need to configure them; therefore Answer D is incorrect. For more information, see the section "Creating a DHCP Scope."
- D. You need to configure the scope to issue addresses to both DHCP and BOOTP clients; thus Answers A, B, and C are incorrect. For more information, see the section "Creating a DHCP Scope."
- C. Because the non-Windows 2000 (or non-Windows XP) machines lack the capability to directly update the DNS server themselves, you need the DHCP server to make the updates to DNS. Using DNS integration to enable updates for DNS client computers that do not support dynamic updates enables the DHCP server to perform this service. The options mentioned in Answers A and B do not exist; thus they are incorrect. Keepalives are associated with HTTP sessions, not DNS; thus Answer D is incorrect. For more information, see the section "Configuring DHCP for DNS Integration."
- C. The address from the printer has probably been issued to another computer. Because the printers use static addresses, the only change to the DHCP server that could have affected printing would be another host having the same address. Deleting the scope would cause problems, but not likely right away; thus Answer A is incorrect. Answer B is close, but just creating an overlapping scope is not a problem until the overlapping addresses are assigned. As with deleting the scope, stopping the DHCP service would cause problems, but not unless a client needed a new address; thus Answer D is incorrect. For more information, see the section "Configuring and Managing DHCP."
- B. A single DHCP server can serve multiple segments, so you do not need an additional server. To get 40 addresses, the range must be from 10.10.25.20 to 10.10.25.59, which is an inclusive range. Also, the last step of the New Scope Wizard is to authorize the new scope. The actions listed in Answer A are not enough to perform the required task; thus Answer A is incorrect. Answers C and D each provide 41 addresses; in addition Answer D has you not activating the scope, which you must do this in order to use the scope. Therefore Answers C are D are incorrect. For more information, see the section "Configuring and Managing DHCP."
- D. You do not need to make any special configurations to the DHCP service; it can communicate with non-Windows 2000 or non-Windows XP client computers without problems. Thus Answers A and C are incorrect. You also do not need to update any of the client computers. Windows NT and Windows 98 are capable of utilizing DHCP without needing updates applied; thus Answer B is incorrect. You just need to configure the appropriate scope and configure the client computers to utilize that scope. For more information, see the section "Configuring and Managing DHCP."
- B. Because a Unix server cannot be enabled in Active Directory, Windows 2000 (and Windows XP) client computers do not accept DHCP addresses from the server. Answer A is not correct because you cannot disable a server that isn't joined to the Active Directory domain. Changing the BOOTP configuration on the router might prevent remote users from receiving addresses, but local users would still be vulnerable; thus Answer C is incorrect. In Answer D, there is nowhere to enter the address of the DHCP server. For more information, see the section "Authorizing a DHCP Server in Active Directory."
- A, C. Windows Server 2003 allows you to use a preconfigured domain user account to perform DNS dynamic updates. This ensures that only authorized DHCP servers are performing dynamic updates and that all DHCP servers can update and modify DNS entries. In addition, this prevents problems previously associated with allowing a DHCP server running on a domain controller to perform DNS dynamic updates. The best course of action is to create a dedicated domain user account for this purpose. The account information to be used for dynamic updates is configured at the server level; thus Answer B is incorrect. The account used for dynamic updates does not need to be a member of the Enterprise Administrators group; thus Answer D is incorrect. For more information, see the section "Configuring DHCP for DNS Integration."
Suggested Readings and Resources
- Davies, Joseph, and Lee, Thomas. Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference. Microsoft Press, 2003.
- Stevens, W. Richard. TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley, 1994.
- "Deploying Network Services,"http://technet2.microsoft.com/
WindowsServer/en/Library/119050c9-7c4d-4cbf-8f38-
97c45e4d01ef1033.mspx. - "Technical Overview of Windows Server 2003 Networking and Communications,"www.microsoft.com/windowsserver2003/
techinfo/overview/netcomm.mspx. - "Windows Server 2003 Reviewer's Guide,"www.microsoft.com/windowsserver2003/techinfo/
overview/reviewersguide.mspx. - Windows Server 2003 Online documentation: "Network Services,"www.microsoft.com/technet/prodtechnol/
windowsserver2003/proddocs/entserver/sag_NPStopnode.asp. - "Dynamic Host Configuration Protocol (DHCP) Operations Topics,"http://technet2.microsoft.com/windowsserver/en/
operations/dhcp.mspx. - "Windows Server 2003 Security Guide,"http://www.microsoft.com/technet/security/prodtech/
windowsserver2003/W2003HG/SGCH00.mspx.