11 managing and monitoring dhcp chapter 2. chapter 2: managing and monitoring dhcp2 managing dhcp:...

11

MANAGING AND MONITORING DHCP

Chapter 2

Chapter 2: MANAGING AND MONITORING DHCP 2

MANAGING DHCP:COMMON DHCP ADMINISTRATIVE TASKS Configure or modify scopes

Configure or modify options

Configure the DHCP relay agent

Back up the DHCP database

Restore the DHCP database

Compact the DHCP database

Reconcile DHCP scopes


DNS DYNAMIC UPDATES

Allows client computers to dynamically update resource records in DNS

Allows DHCP to dynamically update client computer resource records


WHEN TO USE DYNAMIC UPDATES

When the DNS client operating system is not Microsoft Windows 2000, Microsoft Windows XP,or Microsoft Windows Server 2003

When assigning permissions that allow clients to update their own records becomes unmanageable

When allowing individual clients to update records presents a security risk


DYNAMIC UPDATES WITH MICROSOFT WINDOWS 2000 AND LATER CLIENTS


DYNAMIC UPDATES WITH PRE–WINDOWS 2000 CLIENTS


CONFIGURING DHCP FOR DYNAMIC UPDATES


SECURE DYNAMIC UPDATES


TROUBLESHOOTING TIPS FOR DYNAMIC UPDATES

Check the servers’ system Event Log for errors.

Use Ipconfig /registerdns to force a client to renew DNS registration.

Ensure dynamic updates are properly enabled for the zone on the DNS server.

Verify that clients’ preferred DNS server is the primary DNS server for the zone.

Check the resource record access control list (ACL) on the server. The ACL must allow dynamic updates.


TROUBLESHOOTING TIPS FOR DYNAMIC UPDATES (CONT.)

Verify that the system time on the DNS server and the DNS client is synchronized.

Check the client UpdateSecurityLevel registry entry. The registry entry could have been modified to prevent dynamic updates.

Check to see whether the DNS zone is locked, preventing updates.

Ensure that the client has permissions to update the resource records.


MANAGEMENT OF A DHCP DATABASE

Back up and restore the database.

Reconcile the database.

Compact the database.

Enable server-based conflict detection.

Remove the database.


BACKING UP AND RESTORING THEDHCP SERVER Microsoft Windows Server 2003 supports

automatic and manual backups of the DHCP database.

The DHCP database and registry entries are automatically backed up every 60 minutes by default.

If the original database is unable to load, when DHCP starts it will automatically restore a backup copy of the database.

A manual backup can be performed.

Manual backups can be used only with manual restores.


RECONCILING A DHCP DATABASE USING THE RECONCILE ALL SCOPES OPTION


COMPACTING A DHCP DATABASE


REMOVING A DHCP DATABASE


BEST PRACTICES FOR MANAGINGA DHCP DATABASE

Manually back up the DHCP database to a location other than the default location %systemroot%\System32\Dhcp\Backup\Jet\New.

Maintain an offline copy of the backup.


MONITORING A DHCP DATABASE

Establish a baseline.

Gather DHCP data from the following locations: DHCP console

DHCP audit log

Event Viewer

Performance console


USING DHCP STATISTICS TO MONITORA DHCP SERVER


MONITORING DHCP USING THE AUDITLOG FILES


USING THE PERFORMANCE CONSOLETO MONITOR DHCP


BEST PRACTICES FOR MONITORING DHCP

Create a baseline.

Check the standard counters for server performance.

Monitor the counter for DHCP performance.


AUTOMATIC PRIVATE IP ADDRESSING

When to disable Automatic Private IP Addressing (APIPA)

Troubleshooting APIPA


CHAPTER SUMMARY

DHCP can dynamically update DNS.

Dynamic updates can be secure.

You must monitor and manage DHCP.

11 managing and monitoring dhcp chapter 2. chapter 2: managing and monitoring dhcp2 managing dhcp:...

Documents