Partager via


DHCP server role: Configuring a DHCP server

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

DHCP server role: Configuring a DHCP server

DHCP servers centrally manage IP addresses and related information and provide it to clients automatically. This allows you to configure client network settings at a server, instead of configuring them on each client computer. If you want this computer to distribute IP addresses to clients, then configure this computer as a DHCP server.

This topic explains the basic steps that you must follow to configure a DHCP server. When you have finished setting up a basic DHCP server, you can complete additional configuration tasks, depending on how you want to use the DHCP server.

This topic covers:

Before you begin

Configuring your DHCP server

Next steps: Completing additional tasks

Before you begin

Before you configure your computer as a DHCP server, verify that:

  • You are familiar with DHCP concepts such as scopes, leases, and options. For more information, see DHCP terminology.

  • The operating system is configured correctly. In the Windows Server 2003 family, DHCP depends on the appropriate configuration of the operating system and its services. If you have a new installation of a Windows Server 2003 operating system, then you can use the default service settings. No further action is necessary. If you upgraded to a Windows Server 2003 operating system, or if you want to confirm that your services are configured correctly for best performance and security, then verify your service settings using the table in Default settings for services.

  • This computer has a static IP address. For more information, see Configure TCP/IP for static addressing.

  • All existing disk volumes use the NTFS file system. FAT32 volumes are not secure, and they do not support file and folder compression, disk quotas, file encryption, or individual file permissions.

  • Windows Firewall is enabled. For more information, see Enable Windows Firewall with no exceptions.

  • The Security Configuration Wizard is installed and enabled. For information about the Security Configuration wizard, see Security Configuration Wizard Overview.

When you add the DHCP server role, you create one scope that defines the range of IP addresses that the DHCP server allocates to the clients on one subnet. You need to create one scope for each subnet that has clients that you want to manage using DHCP. The following table lists the information that you need to know before you add the DHCP server role, so that you can create the first scope. You need to collect the same information for each additional scope.

Before adding a DHCP server role Comments

Review DHCP security issues.

Security issues might affect the way you deploy DHCP servers. For more information about DHCP security best practices, see Security information for DHCP.

Identify the range of IP addresses that the DHCP server should allocate to the clients.

Use the entire range of consecutive IP addresses that make up the local IP subnet. In many cases, a private address range is the best choice. For more information and a list of all the IP address ranges approved for use on private networks, see RFC 1918, "Address Allocation for Private Internets", at the Internet Engineering Task Force Web site. Web addresses can change, so you might be unable to connect to the Web site or sites mentioned here.

Determine the correct subnet mask for the clients.

When the DHCP server leases an IP address to a client, the server can specify additional configuration information, including the subnet mask.

Identify any IP addresses that the DHCP server should not allocate to clients.

For example, a server or a network-connected printer often has a static IP address, and the DHCP server must not offer this IP address to clients.

Decide the duration of the lease of the IP addresses.

The default is eight days. In general, the duration of the lease should be equal to the average time that the clients on this subnet are active. For example, the ideal duration may be longer than eight days if the clients are desktop computers that are rarely turned off, or it may be shorter than eight days if the clients are mobile devices that frequently leave the network or are moved between subnets.

(Optional) Identify the IP address of the router (default gateway) that the clients should use to communicate with clients on other subnets.

When the DHCP server leases an IP address to a client, the server can specify additional configuration information, including the IP address of the router.

(Optional) Identify the name of the DNS domain of the clients.

When the DHCP server leases an IP address to a client, the server can specify additional configuration information, including the name of the DNS domain to which the clients belong.

(Optional) Identify the IP address of the DNS server that the clients should use.

When the DHCP server leases an IP address to a client, the server can specify additional configuration information, including the IP address of the DNS server that the clients should contact to resolve the name of another computer.

(Optional) Identify the IP address of the WINS server that the clients should use.

When the DHCP server leases an IP address to a client, the server can specify additional configuration information, including the IP address of the WINS server that the clients should contact to resolve the NetBIOS name of another computer.

Configuring your DHCP server

To configure a DHCP server, start the Configure Your Server Wizard by doing either of the following:

  • From Manage Your Server, click Add or remove a role. By default, Manage Your Server starts automatically when you log on. To open Manage Your Server, click Start, click Control Panel, double-click Administrative Tools, and then double-click Manage Your Server.

  • To open the Configure Your Server Wizard, click Start, click Control Panel, double-click Administrative Tools, and then double-click Configure Your Server Wizard.

On the Server Role page, click DHCP server, and then click Next.

This section covers:

Summary of Selections

Using the New Scope Wizard

Completing the Configure Your Server Wizard

Removing the DHCP server role

Summary of Selections

On the Summary of Selections page, view and confirm the options that you have selected. If you selected DHCP Server on the previous page, the following appears:

  • Install DHCP Server

  • Run the New Scope Wizard to configure a new DHCP scope

To apply the selections shown on the Summary of Selections page, click Next. After you click Next, the Configuring Components page of the Windows Components Wizard appears, and then closes automatically. You cannot click Back or Next on this page.

Using the New Scope Wizard

After you click Next, the Configure Your Server Wizard installs the DHCP Server service, and then starts the New Scope Wizard to collect information and add the DHCP server role. If you cancel the New Scope Wizard, the DHCP Server service remains installed, but it cannot distribute IP addresses to clients until you create a scope. If you choose to create a scope later, you can do so using the DHCP console.

This section describes the following steps in the New Scope Wizard:

Scope Name

IP Address Range

Add Exclusions

Lease Duration

Configure DHCP Options

Router (Default Gateway)

Domain Name and DNS Servers

WINS Servers

Activate Scope

Completing the New Scope Wizard

Scope Name

On the Scope Name page, in Name, type a name for the scope that you are creating. In Description, type a description (this is optional). Most networks have several subnets, and each subnet requires its own scope, so a DHCP server usually manages multiple scopes. Choose a name and description that help you distinguish between the various scopes.

After you finish, click Next.

IP Address Range

On the IP Address Range page, define the range of IP addresses in this scope by typing the IP addresses at the start and the end of that range. The wizard uses the IP addresses that you type to determine the correct subnet mask. The correct subnet mask automatically appears in Subnet mask.

In the unusual case where the clients on this subnet need to use a subnet mask other than the one that the wizard provides, you must type it in Subnet mask, or type the number of bits of the subnet mask in Length.

After you finish, click Next.

Add Exclusions

On the Add Exclusions page, you can define the IP addresses that the DHCP server should not allocate to clients. For example, the DHCP server itself has a static IP address that must not be allocated to clients. The same is true of the default gateway and of various network devices, such as network-connected printers. You must exclude these IP addresses so that the DHCP server does not allocate them to clients.

It is recommended that you exclude more IP addresses than you currently need because it is easier to truncate an exclusion range than it is to expand it. Exclude IP addresses from the beginning or the end of the range of possible IP addresses, not from the middle. For example, if the range of IP addresses on this subnet is from 10.0.0.1 to 10.0.0.255, and you want to exclude ten IP addresses, then define the exclusion range as either of the following:

  • 10.0.0.1 to 10.0.0.10

  • 10.0.0.245 to 10.0.0.255

For each range of IP addresses that you want to exclude, type the IP address at the beginning of the range in Start IP address, type the IP address at the end of the range in End IP address, and then click Add.

This step eases client administration, but it is optional. If you leave all fields of this page blank and click Next, clients will still be able to obtain IP addresses from the DHCP server.

After you finish, click Next.

Lease Duration

On the Lease Duration page, you can define how long a client can use an IP address from this scope.

The DHCP server leases IP addresses to its clients. Each lease has an expiration date and time. The client must renew the lease if it is going to continue to use that IP address. The default duration of the lease is eight days.

This step eases client administration, but it is optional. If you leave all fields of this page blank and click Next, clients will still be able to obtain IP addresses from the DHCP server.

After you finish, click Next.

Configure DHCP Options

On the Configure DHCP Options page, you can specify whether to configure DHCP options.

It is recommended that you accept the default, Yes, I want to configure these options now, and click Next, even if you do not want to configure the options. If you choose No, I will configure these options later, then the following occurs:

  • The New Scope Wizard creates the scope but does not activate it, and you must use the DHCP console to activate the scope in order for clients to receive IP addresses from this scope. For information about how to activate a scope using the DHCP console, see Activate a scope.

  • You will not see the next four wizard pages described below. Continue reading at Completing the New Scope Wizard.

Router (Default Gateway)

On the Router (Default Gateway) page, you can specify the routers (also known as default gateways) that clients should use. You can add as many IP addresses as there are routers on this subnet.

This step eases client administration, but it is optional. If you leave all fields of this page blank and click Next, clients will still be able to obtain IP addresses from the DHCP server.

After you finish, click Next.

Domain Name and DNS Servers

On the Domain Name and DNS Servers page, you can specify the name of the domain that clients on this subnet should use when they resolve DNS names.

You can also specify the DNS server that clients should use to resolve DNS names. You can type the IP address of that DNS server, or you can type its name and click Resolve, and the wizard will determine the IP address for you. You can add several DNS servers.

This step eases client administration, but it is optional. If you leave all fields of this page blank and click Next, clients will still be able to obtain IP addresses from the DHCP server.

After you finish, click Next.

WINS Servers

On the WINS Servers page, you can specify the WINS server that clients should communicate with to register and resolve NetBIOS names. You can type the IP address of that WINS server, or you can type its name and click Resolve, and the wizard will determine the IP address for you. You can add several WINS servers.

This step eases client administration, but it is optional. If you leave all fields of this page blank and click Next, clients will still be able to obtain IP addresses from the DHCP server.

After you finish, click Next.

Activate Scope

On the Activate Scope page, you can activate the scope or choose to activate it later. In most cases, you should accept the default and activate the scope now. If you choose to activate the scope later, you can do so using the DHCP console. You must activate the scope to allow clients on the subnet of this scope to obtain IP addresses from the DHCP server.

After you finish, click Next.

Completing the New Scope Wizard

On the Completing the New Scope Wizard page, you can click Back to change any of the settings. To apply your selections, click Finish.

Completing the Configure Your Server Wizard

After you complete the New Scope Wizard, the Configure Your Server Wizard displays the This Server is Now a DHCP Server page. To review all of the changes made to your server by the Configure Your Server Wizard or to ensure that a new role was installed successfully, click Configure Your Server log. The Configure Your Server Wizard log is located at systemroot\Debug\Configure Your Server.log. To close the Configure Your Server Wizard, click Finish.

To verify that your server is secure and has the most recent updates, do the following:

  1. Run Windows Update. For more information, see Windows Update.

  2. Run the Security Configuration Wizard. For more information, see Security Configuration Wizard Overview.

Removing the DHCP server role

If you need to reconfigure your server for a different role, you can remove existing server roles. If you remove the DHCP server role, you must reconfigure clients to obtain IP addresses from another DHCP server. Also, if you want clients to continue using the IP addresses distributed by this server, you must configure another DHCP server to distribute those addresses.

To remove the DHCP server role, restart the Configure Your Server Wizard by doing either of the following:

  • From Manage Your Server, click Add or remove a role. By default, Manage Your Server starts automatically when you log on. To open Manage Your Server, click Start, click Control Panel, double-click Administrative Tools, and then double-click Manage Your Server.

  • To open the Configure Your Server Wizard, click Start, click Control Panel, double-click Administrative Tools, and then double-click Configure Your Server Wizard.

On the Server Role page, click DHCP server, and then click Next. On the Role Removal Confirmation page, review the items listed under Summary, select the Remove the DHCP server role check box, and then click Next. After you click Next, the Configuring Components page of the Windows Components Wizard appears, and then closes automatically. You cannot click Back or Next on this page. On the DHCP Server Role Removed page, click Finish.

Next steps: Completing additional tasks

After you complete the Configure Your Server Wizard, the computer is ready for use as a basic DHCP server that can manage IP addresses and related information. Up to this point, you have installed the DHCP Server service and created one scope that manages IP addresses and related information for the clients on one subnet. If you want to manage clients on other subnets, you must create additional scopes. If you have not activated the scope, then you must activate the scope to allow clients on the subnet of this scope to obtain IP addresses from the DHCP server.

When you complete the Configure Your Server Wizard, it automatically installs the DHCP console, which you use to manage your DHCP server. To open DHCP, click Start, click Settings, click Control Panel, double-click Administrative Tools, and then double-click DHCP.

The following table lists some of the additional tasks that you might want to perform on your DHCP server.

Task Purpose of task Reference

Activate existing scopes.

To activate scopes that you created with the New Scope Wizard that are not currently active.

Activate a scope

Authorize the DHCP server in Active Directory.

To detect unauthorized DHCP servers and prevent them from starting or running on your network.

Authorizing DHCP servers

Add support for a routed network.

To enable the DHCP server to act as a relay agent, which forwards DHCP messages between subnets.

Configure the DHCP Relay Agent

Assign a server-based scope option.

To simplify administration by setting default values that all new scopes will inherit.

Assign a server-based option

Change or view scope properties.

To change or view the properties of an existing scope.

Change or view scope properties

Create new scopes.

To create scopes that support clients on other subnets.

Create a new scope

Add a client reservation.

To define an IP address that the DHCP server should not allocate to a client because another client is permanently using it.

Add a client reservation

Configure ports to allow remote administration.

To manage the DHCP server from other computers on the network.

Windows Firewall Settings