In Windows Server 2022, you can create and manage both IPv4 and IPv6 DHCP scopes for your organization. Even though they are managed separately, they have the same capabilities of being able to configure reservations, exclusions, and other DHCP options. Unlike an IPv4 client, a DHCPv6 client uses a device unique identifier (DUID) instead of a MAC address to get an IP address from the DHCP server.
DHCPv6 supports both stateful address configuration and stateless address configuration. An easy way to think of the difference between a stateful configuration and a stateless configuration is that, with a stateful configuration, the DHCPv6 client receives its IPv6 address and its additional DHCP options from the DHCPv6 server. With a stateless configuration, the IPv6 client can automatically assign itself an IPv6 address without ever having to communicate with the DHCPv6 server. The stateless configuration process is also known as DHCPv6 autoconfiguration. Exercise 6.9 will walk you through the process of creating and activating a new DHCPv6 scope.
EXERCISE 6.9
Creating and Activating a New DHCPv6 Scope
- Open the DHCP Management Console.
- Right- click IPv6 and choose the New Scope command. The New Scope Wizard appears. Click the Next button.
- On the Welcome To The New Scope Wizard page, click Next.
- On the Scope Name page, provide a name and description for your new DHCPv6 scope. Click Next.
- On the Scope Prefix page, input the corresponding prefix for your organization’s IPv6 network settings. In the event that you have more than one DHCPv6 server, you can set a preference value that will indicate your server priority. The lower the preference value, the higher the server priority. Click Next.
- On the Add Exclusions page of the wizard, you can configure either a single IP exclusion or a range of IPs to exclude from obtaining an address automatically. Exclusions should include any device or range of devices that have been manually set with a static IP on that particular scope. Click Next.
- Keep the default selections on the Scope Lease page. Click Next.
- Make sure the Activate Scope Now radio button is toggled to Yes. Click Finish to complete the creation and activation of your new DHCPv6 scope.
- Verify that your new scope appears in the DHCP Management Console to complete this exercise.
Configure High Availability for DHCP, Including
DHCP Failover and Split Scopes
DHCP failover provides load balancing and redundancy for DHCP services, enabling you to deploy a highly resilient DHCP service for your organization. The idea is to share your DHCP IPV4 scopes between two Windows Server 2022 servers so that if one of the failover partners goes down, then the other failover partner will continue providing DHCP services throughout the environment. DHCP failover supports large-s cale DHCP deployments without the challenges of a split- scope DHCP environment.
Here are a few of the benefits that DHCP failover provides:
Multisite DHCP failover supports a deployment architecture that includes multiple sites. DHCP failover partner servers do not need to be located at the same physical site.
Flexibility DHCP failover can be configured to provide redundancy in hot standby mode, or with load balancing mode, client requests can be distributed between two DHCP servers.
Seamless DHCP servers share lease information, allowing one server to assume the responsibility for servicing clients if the other server is unavailable. DHCP clients can keep the same IP address when a lease is renewed, even if a different DHCP server issues the lease.
Simplicity A wizard is provided to create DHCP failover relationships between DHCP servers. The wizard automatically replicates scopes and settings from the primary server to the failover partner.
Configuring DHCP Failover
One of the nice things about DHCP failover is that the configured scope is replicated between both clustered DHCP nodes whether or not you are running the cluster in hot standby or load balancing mode. If one server fails, the other can manage the entire pool of IP addresses on behalf of the environment. Exercise 6.10 provides a step- by- step DHCP failover configuration in Windows Server 2022.
EXERCISE 6.10
Configuring DHCP Failover
- Open the DHCP Management Console.
- Right- click IPv4 and choose the Configure Failover command to launch the Configure Failover Wizard. Click Next on the Introduction page.
- On the Specify The Partner Server To Use For Failover page, select your partner DHCP server from the drop- down menu or by browsing the Add Server directory. Click Next.
EXERCISE 6.10 (continued)
4. On the Create A New Failover Relationship page, provide a relationship name, select the Load Balance mode from the drop-d own, and provide a shared secret password that will be used to authenticate the DHCP failover relationship between the two servers in the failover cluster. Click Next.
5. Review your configuration settings and click the Finish button to configure your new DHCP failover configuration. Click Close upon successful completion.
6. After the wizard successfully completes on the primary DHCP server, verify that the new failover scope has been created and activated on the secondary DHCP server in the DHCP Management Console to complete this exercise.
You can always go back in and change the properties of the failover scope if you want. Test both hot standby and load balancing modes to decide which deployment configuration option best suits your organization’s needs. Expect to see exam scenarios discussing both DHCP failover configuration modes and the differences between them.
DHCP Split Scopes
Even though you have the capabilities of DHCP failover in Windows Server 2022, for exam purposes you will need to understand how DHCP split scopes work. Split scopes are configurable only on IPv4 IP addresses and cannot be configured on IPv6 scopes. The idea of DHCP split scopes is to have two stand- alone DHCP servers that are individually responsible for only a percentage of the IP addresses on a particular subnet.
For example, DHCP Server 1 would be responsible for 70 percent of the IP addresses, and DHCP Server 2 would be responsible for the other 30 percent of IP addresses. The two DHCP servers in a split- scope configuration do not share any lease information between one another, and they do not take over for one another in the event that one of the two DHCP servers fails. As you can see, a split-s cope configuration is less fault tolerant than a full DHCP failover configuration. However, a split- scope configuration does split the load of DHCP leases and renewals between two servers, providing a basic level of native load balancing in a Windows Server 2022 environment.
DHCP Allow and Deny Filtering
One of the nice things about DHCP is that you can use allow or deny filtering to control which devices get an IP address and which devices do not on your network. DHCP filtering is controlled by recording a client’s MAC address in a list and then enabling either the Allow or Deny filter. One thing to keep in mind about DHCP filtering is that by enabling the allow list, you automatically deny DHCP addresses to any client computer not on the list. In Exercise 6.11, you will configure DHCP filtering by adding a client machine to the Deny filter by MAC address.
EXERCISE 6.11
Configuring DHCP Filtering
- Open the DHCP Management Console.
- Expand IPv4 until you reach the Deny filter object in your DHCP hierarchy.
- Right- click the Deny filter object and select New Filter.
- Enter the MAC address of the device you want to exclude from your network, provide a description such as Unwanted Device, click Add, and then click Close.
- Right- click the Deny filter and select Enable to complete this exercise.
Leave a Reply