Transcript 1 MANAGING AND MONITORING DHCP Chapter 2 2 MANAGING

1
Chapter 2
MANAGING AND
MONITORING DHCP
Chapter 2: MANAGING AND MONITORING DHCP
MANAGING DHCP:
COMMON DHCP ADMINISTRATIVE TASKS
 Configure or modify scopes
 Configure or modify options
 Configure the DHCP relay agent
 Back up the DHCP database
 Restore the DHCP database
 Compact the DHCP database
 Reconcile DHCP scopes
2
Chapter 2: MANAGING AND MONITORING DHCP
3
DNS DYNAMIC UPDATES
 Allows client computers to dynamically update
resource records in DNS
 Allows DHCP to dynamically update client computer
resource records
Chapter 2: MANAGING AND MONITORING DHCP
WHEN TO USE DYNAMIC UPDATES
 When the DNS client operating system is not
Microsoft Windows 2000, Microsoft Windows XP,
or Microsoft Windows Server 2003
 When assigning permissions that allow clients to
update their own records becomes unmanageable
 When allowing individual clients to update records
presents a security risk
4
Chapter 2: MANAGING AND MONITORING DHCP
DYNAMIC UPDATES WITH MICROSOFT
WINDOWS 2000 AND LATER CLIENTS
5
Chapter 2: MANAGING AND MONITORING DHCP
DYNAMIC UPDATES WITH
PRE–WINDOWS 2000 CLIENTS
6
Chapter 2: MANAGING AND MONITORING DHCP
CONFIGURING DHCP FOR DYNAMIC UPDATES
7
Chapter 2: MANAGING AND MONITORING DHCP
SECURE DYNAMIC UPDATES
8
Chapter 2: MANAGING AND MONITORING DHCP
9
TROUBLESHOOTING TIPS FOR DYNAMIC
UPDATES
 Check the servers’ system Event Log for errors.
 Use Ipconfig /registerdns to force a client to renew
DNS registration.
 Ensure dynamic updates are properly enabled for
the zone on the DNS server.
 Verify that clients’ preferred DNS server is the
primary DNS server for the zone.
 Check the resource record access control list (ACL)
on the server. The ACL must allow dynamic updates.
Chapter 2: MANAGING AND MONITORING DHCP
10
TROUBLESHOOTING TIPS FOR DYNAMIC
UPDATES (CONT.)
 Verify that the system time on the DNS server and
the DNS client is synchronized.
 Check the client UpdateSecurityLevel registry entry.
The registry entry could have been modified to
prevent dynamic updates.
 Check to see whether the DNS zone is locked,
preventing updates.
 Ensure that the client has permissions to update the
resource records.
Chapter 2: MANAGING AND MONITORING DHCP
MANAGEMENT OF A DHCP DATABASE
 Back up and restore the database.
 Reconcile the database.
 Compact the database.
 Enable server-based conflict detection.
 Remove the database.
11
Chapter 2: MANAGING AND MONITORING DHCP
12
BACKING UP AND RESTORING THE
DHCP SERVER
 Microsoft Windows Server 2003 supports automatic
and manual backups of the DHCP database.
 The DHCP database and registry entries are
automatically backed up every 60 minutes by
default.
 If the original database is unable to load, when
DHCP starts it will automatically restore a backup
copy of the database.
 A manual backup can be performed.
 Manual backups can be used only with manual
restores.
Chapter 2: MANAGING AND MONITORING DHCP
RECONCILING A DHCP DATABASE USING THE
RECONCILE ALL SCOPES OPTION
13
Chapter 2: MANAGING AND MONITORING DHCP
COMPACTING A DHCP DATABASE
14
Chapter 2: MANAGING AND MONITORING DHCP
REMOVING A DHCP DATABASE
15
Chapter 2: MANAGING AND MONITORING DHCP
16
BEST PRACTICES FOR MANAGING
A DHCP DATABASE
 Manually back up the DHCP database to a location
other than the default location
%systemroot%\System32\Dhcp\Backup\Jet\New.
 Maintain an offline copy of the backup.
Chapter 2: MANAGING AND MONITORING DHCP
MONITORING A DHCP DATABASE
 Establish a baseline.
 Gather DHCP data from the following locations:
 DHCP console
 DHCP audit log
 Event Viewer
 Performance console
17
Chapter 2: MANAGING AND MONITORING DHCP
USING DHCP STATISTICS TO MONITOR
A DHCP SERVER
18
Chapter 2: MANAGING AND MONITORING DHCP
MONITORING DHCP USING THE AUDIT
LOG FILES
19
Chapter 2: MANAGING AND MONITORING DHCP
USING THE PERFORMANCE CONSOLE
TO MONITOR DHCP
20
Chapter 2: MANAGING AND MONITORING DHCP
21
BEST PRACTICES FOR MONITORING DHCP
 Create a baseline.
 Check the standard counters for server performance.
 Monitor the counter for DHCP performance.
Chapter 2: MANAGING AND MONITORING DHCP
AUTOMATIC PRIVATE IP ADDRESSING
 When to disable Automatic Private IP Addressing
(APIPA)
 Troubleshooting APIPA
22
Chapter 2: MANAGING AND MONITORING DHCP
CHAPTER SUMMARY
 DHCP can dynamically update DNS.
 Dynamic updates can be secure.
 You must monitor and manage DHCP.
23