Let DHCP assign IP addresses

Windows NT's Dynamic Host Configuration Protocol (DHCP) service is less complicated than you might think. If you've been manually assigning IP addresses to computers in your network because DHCP seems too complex, you'll be interested to know that spending only a couple of hours learning about DHCP can save you a lot of time and trouble in the long run. For more information about DHCP, see Mark Minasi, Inside Out: "DHCP Recovery," March 1999, and "DHCP and Assigning IP Addresses," August 1996.

What Is DHCP?
DHCP is a TCP/IP protocol that provides automatic IP address assignment. (The name Automatic IP Address Assignment might have been more meaningful than DHCP, but AIAA sounds less like an acronym and more like a network administrator's distress call.) To use TCP/IP on the network, an administrator must provide at least three pieces of data for each computer: the IP address, the subnet mask, and the default gateway's IP address. Each computer needs a unique IP address to use TCP/IP. The assigned addresses must be in the correct subnet. You might wonder how to determine which subnet you're connecting to in a large network. However, DHCP knows which subnet the request for an IP address came from, so DHCP has no problems assigning an appropriate address. If the network uses Windows Internet Naming Service (WINS) and Domain Name System (DNS), the administrator must also configure the client computers with the WINS and DNS servers' IP addresses.

The network administrator can configure each system manually. Alternatively, the administrator can supply the correct values and ask users to configure their systems. However, the latter method is risky. The easiest and safest procedure is to configure one or more DHCP servers to automatically assign IP addresses and other necessary information to each computer on the network. This process involves configuring the server, telling it what range of addresses to use, setting up some additional parameters, and monitoring the server periodically.

Installing the DHCP Service
DHCP runs in the background, as other NT services do. Although you must install DHCP on an NT server, you can administer it from a workstation. DHCP servers must have fixed (i.e., static) IP addresses, because they can't assign addresses to themselves. A Backup Domain Controller (BDC) is often a good candidate for a DHCP server.

To install the DHCP service, open the Network applet from Control Panel. (Alternatively, you can right-click the Network Neighborhood icon, and select Properties.) Select the Services tab, and click Add. Choose Microsoft DHCP Server from the list of Network Services, and click OK. Then, reboot your server.

Configuring a DHCP Server
After you install the DHCP service, you must configure the server. Open the DHCP Manager tool from the Administrative Tools group. Screen 1, page 174, shows the DHCP Manager dialog box.

The key component in DHCP setup is the scope. A scope is a range of IP addresses. You can have one scope per subnet. Thus, one scope specification must cover a subnet's entire range of addresses. Suppose you have available addresses 10.0.0.2 through 10.0.0.100. But your network components (e.g., routers, printers, the DHCP server) are scattered throughout this range, with a printer at 10.0.0.57. You wouldn't configure one scope for addresses 10.0.0.2 through 10.0.0.56 and another scope for 10.0.0.58 through 10.0.0.100. Instead, DCHP lets you specify IP addresses, or ranges of addresses, that the DHCP server doesn't assign.

From the DHCP Manager menu, select Scope, Create. Screen 2, page 174, shows the Create Scope dialog box that opens. You need to enter the starting and ending IP addresses for the scope, and you must provide the scope's subnet mask. Then, enter the IP addresses to exclude. You can enter a range of addresses or just one address (e.g., an address that a printer or other non-DHCP-aware network component is using). Finally, specify the duration of the lease. (I discuss leases in a later section.) You can also name the scope and attach a comment. You might want to use these options if you have multiple subnets with separate scopes.

When you click OK to close the Create Scope dialog box, you must specify whether you want to activate the scope immediately. In most cases, you'll answer yes. However, you might prefer to set up all the scopes over a weekend, then activate them all at once.

When you exit the Create Scope dialog box, you might receive the error message No more data is available. You can ignore this message. You'll see the new scope in the DHCP Manager window. If you activated the scope, the lightbulb icon next to the scope is yellow. Don't worry if you entered a scope of 131.107.2.100 through 131.107.2.199 and you see a scope of 131.107.2.0. DHCP simply shows the last octet as a zero.

You might think that having multiple DHCP servers for redundancy is a good idea. However, DHCP servers don't interact with one another in NT 4.0. Thus, you can't configure multiple servers with the same scope because they'll assign the same IP addresses. I hope this problem won't occur in future releases. An administrator with two servers that each support part of the network sometimes splits the IP addresses between the servers. Thus, if one server is down, at least some users can receive IP addresses.

Configuring TCP/IP Clients
Client configuration is easy. When you set up a client computer and install TCP/IP, the install process asks you for the IP address settings. You must select the check box that says the DHCP server will supply the IP address. If you want to see the assigned address, go to a command prompt on an NT computer and type

ipconfig/all

You'll see the client's IP address, the DHCP server's IP address, and the WINS and DNS servers. If you need only the IP address, type

ipconfig

On a Windows 98 or Win95 system, run winipcfg.exe to see IP address information, which displays in a graphical window.

When a DHCP client system comes online for the first time, it sends out a broadcast looking for a DHCP server. The client must broadcast because it doesn't have an IP address and doesn't know any other addresses. The DHCP servers reply, also with a broadcast, offering an IP address. The DHCP servers broadcast because the client doesn't yet have an IP address. The client accepts one of the offers and replies with a broadcast. The client could send a message directly to the DHCP server it chooses because it now has an IP address and knows the server's address. However, the broadcast message informs the other DHCP servers that a server has met the client's request. The DHCP server then sends the client a confirmation of the address assignment.

Configuring Additional Information
If you need to configure WINS and DNS, you must provide the IP address of your WINS and DNS servers. From the DHCP Manager dialog box, select DHCP Options. You can configure options for each scope, but configuring these options globally is more common. For example, even if you have multiple subnets, you typically have only one or two WINS and DNS servers for the entire network. You can reconfigure the default values for each option, as Screen 3 shows. Select the option from the list on the left, and click Add. For many options, such as the WINS server address, you must use the Edit Array option to assign an address. After you configure this option, DHCP supplies the necessary information to the client computers. In Screen 3, I've configured the most common options (using Add to select the options and Values to configure each option). Option 003 is the router or default gateway, option 006 is the DNS server's address, and option 044 is the WINS server. If you specify option 044, you must also specify option 046, which is the WINS node type.

Leases
DHCP leases addresses, meaning it assigns addresses for a limited period. Halfway through the lease period, the client sends a direct message to the DHCP server in an attempt to renew the lease. If the DHCP server is available, it sends the client a lease renewal. Otherwise, the client tries again at one-half of the time remaining on the lease, and so on. For a 3-day lease (72 hours), the client tries to renew at 36 hours, then 54 hours, then 63 hours. Finally, the client tries a broadcast for any DHCP server. If the client doesn't find a server before the lease expires, the computer can no longer run TCP/IP.

As long as a client remains connected or reconnects before the lease expires, the client retains an IP address. But if a client lets the lease expire (i.e., doesn't connect for a period of time), DHCP recovers that address and makes it available for another client to use. The lease-recovery process doesn't happen immediately after lease expiration; it can take several times the lease length. In a fairly stable environment, you might want to set the lease for 3 or 4 days. This length of time lets users turn off their computers over a long weekend without losing their IP addresses, and lets DHCP recover an IP address within a few days if you remove a computer from the network. However, if your sales staff share office space and use their onsite computers only a few hours once a week, you might want to set the lease duration for just 4 or 6 hours. This method lets DHCP release IP addresses for the next day. If you don't move your machines around a lot, you might think you need to assign leases permanently. However, DHCP won't recover an unlimited lease if you remove the computer from the network.

Because the DHCP lease-request process relies on broadcasts and broadcasts don't pass through routers, you might wonder whether you need a DHCP server (which implies an NT server) on every subnet. Fortunately, the answer is no. You can configure an NT workstation as a DHCP relay agent. You need only one workstation per subnet. First, you must add the DHCP relay agent as a network service. Then, you configure it with the DHCP server's IP address. When the relay agent hears a DHCP request, the agent forwards the request directly to the server. Thus, the relay agent acts as a go-between for the client, and the client receives an IP address. The DHCP server knows which subnet the request came from, and the server assigns an address from the correct scope for that subnet.

DHCP lets you easily see who has which IP address. From the DHCP Manager dialog box (which Screen 1 shows), select Scope, Active Leases. To obtain detailed information about each lease, select the lease and click Properties (or double-click the lease). Screen 4 shows a listing from my office network. The Unique Identifier (i.e., 004005000001) is the network card media access control (MAC) address. You can delete a lease if you need to disconnect a client or eliminate a lease for a machine that moved off the network.

Benefits of DHCP
Introducing a DHCP server yields several benefits. A major benefit is saved time because the administrator doesn't have to go to each system to configure it manually. New computers often arrive with the OS installed. If a computer is also configured as a DHCP client, you can connect it to the network and let DHCP assign an IP address immediately. The NT installation process asks the installer whether the system will be a DHCP client, and configures the system appropriately. If you assign IP addresses manually, you must keep track of which addresses you've assigned and which addresses are still available. Administrators often carry this information with them because they need it while they're setting up a computer in a user's office. Coordinating the addresses becomes a chore if you're one of several administrators in your enterprise. DHCP keeps track of which addresses you've assigned to which computers. Administrators no longer have to worry about mistyping IP addresses or creating duplicate IP addresses.

Initial IP address assignment isn't the only area in which administrators save time. DHCP simplifies maintenance tasks. For example, you can easily move a computer from one subnet to another. If you need to reassign computers, you might copy the configuration and files from an old computer to a new one and give the old computer to a new employee. In the past, both computers would have the same IP address. DHCP eliminates this problem and reduces calls to the Help desk.

DHCP also benefits your clients. A client who connects to your network via a laptop computer can't use a hard-coded IP address. However, clients who use DHCP receive a new, valid IP address when they connect to a different subnet.

Finally, DHCP lets users share IP addresses. Suppose you have 50 available IP addresses and a sales staff of 100. Your salespeople are in the office only 1 or 2 days a week; thus, only 30 to 40 of their computers are connected to the network at one time. Each time the sales personnel connect, they receive an IP address. When they disconnect, the system recovers the address to use for the next user.

When several mobile users share a few IP addresses, you might need to reserve IP addresses for high-priority users. Open the DHCP Manager dialog box, and select Scope, Add Reservations. Specifically, you're making a reservation for the network card and setting aside an IP address for a particular computer. Reservations can be a problem if users swap out their PC Card network adapters. A reservation isn't the same as a fixed IP address. A reservation gives a user an IP address to connect to the network from several offices, although the address might change daily depending on location.

Roll Up Your Sleeves
The DHCP service might seem complex, but the time you'll save in simplified network administration will more than make up for the time you spend learning about DHCP. Service Pack 4 (SP4) significantly improves the DHCP service. For information about these improvements, see Darren Mar-Elia, "WINS and DHCP Preventive Maintenance," and Mark Minasi, "Service Pack 4," March 1999.

I know of a company that introduced DHCP and subsequently reassigned an employee whose entire job had been managing IP addresses to a new job. Your time is better spent configuring your software than configuring multiple machines with IP addresses.