Title: Module 2: Managing and Monitoring Dynamic Host Configuration Protocol
1Module 2 Managing and Monitoring Dynamic Host
Configuration Protocol
2Overview
- Managing a DHCP Database
- Monitoring DHCP
- Applying Security Guidelines for DHCP
3Lesson Managing a DHCP Database
- Overview of Managing DHCP
- What Is a DHCP Database?
- How a DHCP Database Is Backed Up and Restored
- How a DHCP Database Is Reconciled
- DHCP Server Configuration Options
- Practice Managing a DHCP Database
4Overview of Managing DHCP
The DHCP service needs to be managed to respond
to changes in the network
Scenarios for managing DHCP
- Managing DHCP database growth
- Protecting the DHCP database
- Ensuring DHCP database consistency
- Adding clients
- Adding new network service servers
- Adding new subnets
5What Is a DHCP Database?
The DHCP database is a dynamic database that
contains configuration information
- The DHCP database contains DHCP configuration
data such as - Scopes
- Address leases
- Reservations
- Windows Server 2003 stores the DHCP database in
the folder Systemroot\System32\Dhcp - The DHCP database files include
- Dhcp.mdb
- Tmp.edb
- J50.log and J50.log
- Res.log
- J50.chk
6How a DHCP Database Is Backed Up and Restored
- The DHCP service automatically backs up the DHCP
database to the backup directory on the local
drive
- If the original database is unable to load, the
DHCP service automatically restores from the
backup directory on the local drive
- The administrator moves a copy of the backed up
DHCP database to an offline storage location
In the event that the server hardware fails, the
administrator can restore only from the offline
storage location
7How a DHCP Database Is Reconciled
Detailed IP address lease information
DHCP Database
Compares and reconciles inconsistencies in the
DHCP Database
Registry
Summary IP address lease information
DHCP Server
8DHCP Server Configuration Options
Additional DHCP server configuration options
include configuring
- The console display options
- DNS integration
- DHCP server file locations
- Conflict detection
- Server connection bindings
The options are configured on the DHCP server
Properties tabs
9Practice Managing a DHCP Database
- In this practice, you will
- Back up the DHCP database
- Restore the DHCP database
- Reconcile the DHCP database
10Lesson Monitoring DHCP
- Overview of Monitoring DHCP
- Multimedia Creating a Performance Baseline
- What Are DHCP Statistics?
- What Is a DHCP Audit Log File?
- How DHCP Audit Logging Works
- Guidelines for Monitoring DHCP Server Performance
- Guidelines for Creating Alerts for a DHCP Server
- Practice Monitoring DHCP
11Overview of Monitoring DHCP
Why monitor DHCP?
- DHCP environment is dynamic
- Determining DHCP server performance
- Monitoring facilitates planning for current and
future needs
DHCP data includes
- DHCP statistics
- DHCP events
- DHCP performance data
12Multimedia Creating a Performance Baseline
(Optional)
- The objective of this presentation is to provide
high-level steps for creating a performance
baseline - After this presentation, you will better
understand - The purpose of a performance baseline
- A performance baseline is the level of system
performance that you find acceptable - Server performance is critical to efficient
network operations
13What Are DHCP Statistics?
DHCP Server
DHCP statistics are collected at either the
server level or scope level
14What Is a DHCP Audit Log File?
A DHCP audit log is a log of service-related
events
15How DHCP Audit Logging Works
Audit logging is the daily collection of DHCP
server events into log files
1200 A.M.
3. DHCP closes daily audit log
1. DHCP opens daily audit log
DhcpSrvLog-Mon.log
DhcpSrvLog-Tue.log
2. DHCP performs disk checks
16Guidelines for Monitoring DHCP Server Performance
- Create a DHCP performance baseline
- Check the standard counters for server performance
- Review DHCP server counters for significant
changes in DHCP traffic
17Guidelines for Creating Alerts for a DHCP Server
- Before creating an alert, define the range of
acceptable performance
- Use scripts with your alerts
18Practice Monitoring DHCP
- In this practice, you will
- Monitor DHCP server performance by using the
Performance console - Create an alert
19Lesson Applying Security Guidelines for DHCP
- Guidelines for Preventing an Unauthorized User
from Obtaining a Lease - Guidelines for Restricting Unauthorized,
Non-Microsoft DHCP Server from Leasing IP
Addresses - Guidelines for Restricting Who Can Administer the
DHCP Service - Guidelines for Securing the DHCP Database
20Guidelines for Preventing an Unauthorized User
from Obtaining a Lease
To prevent an unauthorized user from obtaining a
lease
- Ensure that unauthorized persons do not have
physical or wireless access to your network
- Enable audit logging for every DHCP server on
your network
- Regularly check and monitor audit log files
- Use 802.1X-enabled LAN switches or wireless
access points to access the network
21Guidelines for Restricting Unauthorized,
Non-Microsoft DHCP Servers from Leasing IP
Addresses
DHCP authorization
- Available on Windows 2000 and Windows Server 2003
- Authorization not required on other DHCP
implementations
To restrict an unauthorized, non-Microsoft DHCP
server from leasing IP addresses, ensure that
unauthorized persons do not have physical or
wireless access to your network
22Guidelines for Restricting Who Can Administer the
DHCP Service
To restrict who can administer the DHCP service
- Limit the members of the DHCP Administrators group
- Add users needing read-only access to the DHCP
Users group
23Guidelines for Securing the DHCP Database
To further secure the DHCP database
- Consider changing the default permissions of the
DHCP folder
- Provide only the minimum permissions that users
require to perform their specific tasks
- Provide Read permissions to users responsible for
analyzing DHCP server log files
- Remove Authenticated Users and Power Users to
minimize access to the files in the DHCP folder
24Lab Managing and Monitoring DHCP
- In this lab, you will manage and monitor DHCP