Configuring a DHCP server on Windows Server

The first task is to again, design our subnet. We will use a similar configuration as Lab 4b, but this time our subnet will be:

10.0.3.0/24

One more item for Windows is to give this a name, called a “scope”.

Again we will use the second network interface (Ethernet1 on Windows, ens37 on Linux) – the one on VMnet2.

On Windows Server, configure the Ethernet1 adapter to use a static address (10.0.3.1) & use this as the default gateway and DNS server.

(Network Connections → Ethernet1 → Properties →Internet Protocol Version 4 (TCP/IPv4) → Properties)

We set up roles via the Server Manager. To configure our Windows Server to be a DHCP server is installing a new “role” in Windows terminology.

1. Go to Server Manager → Local Server and then scroll down to the bottom to “Roles and Features”

2. From the “Tasks” menu beside Roles and Features, choose “Add Roles and Features”

3. The wizard will ask you for: • Role-based or feature-based installation (choose this)

• Server to install on (choose your current/only server)

• Roles to install (choose DHCP – turn on checkbox)

• Whether to install admin tools (yes)

• Features to install (skip this screen – we’re not installing features)

4. In Server Manager, there should now be a new menu item for DHCP. Choose this to configure the server.

You should then also see a warning: “Configuration required for DHCP Server…”. Click “More” and choose to complete the DHCP configuration. You may need to restart the DHCP Service part-way through.

5. In Server Manager, in the DHCP section, right-click on your server name and run “DHCP Manager”.

6. The DHCP Manager starts in the Microsoft Management Console. There should be three columns. In the left column, click on your server name. You should then see options for IPv4 and IPv6. Right-click on IPv4 and choose “New Scope”. A scope in Windows Server is equivalent to a range in Linux. A wizard should guide you through adding a new scope. Enter:

1. Scope Name: A name for the scope (e.g. “winrange”) and optionally a description

2. IP Address Range: from 10.0.3.129 to 10.0.3.254 with the appropriate subnet mask

3. Add Exclusions and Delay: No exclusions (these are IP addresses or ranges not to give out to clients) – leave blank

4. Lease Duration: et to 0 days, 0 hours, 1 minute (just for testing)

5. Configure DHCP Options: yes.

6. Router (Default Gateway): 10.0.3.1 (don’t forget to press “Add” before “Next”

7. Domain Name and DNS Servers: whatever.localdomain and 10.0.3.1 (you may need to remove any extra DNS server address there that you don’t want served to DHCP clients)

8. WINS Servers: none (remove any that are there)

9. Activate Scope: yes

Now in the DHCP Manager, if you click/double-click on the IPv4 option you should be able to browse the options you just set. If you need to edit/fix any, right-click on the scope you created and choose “Properties”.

In the DHCP Manager, you can right-click on IPv4 item and choose “Display Statistics”. This will show you stats about the DHCP traffic on the interface and how many leases are in use / available.

You can find the logs and lease database for the DHCP role in:

C:\WINDOWS\system32\dhcp database (dhcp.mdb) and logs (Dhcp*.log)

We can only view the Dhcp*.log files, the rest are locked...

Check Server Manager → Tools → Event Viewer → Windows Logs → System.

We may need to use the action panel (on the right-hand side) to either “Find” (and search for DHCP) or “Filter Current Log…” and choose Event Sources as “DHCP-Server”.

Essentially remove the config from Lab 4b, i.e.

• Disable and stop the DHCP server (dhcpd) with systemctl, if it is still running/enabled.

• Remove static networking on ens37, i.e. edit/etc/sysconfig/networkscripts/ifcfg-ens37 and set BOOTPROTO=dhcp and comment out any static IP address/netmask/gateway settings.

• Disable/re-enable interface: ifdown / ifup

• You should see a new IP address allocation: diagnostics:

• ifconfig –a: check IP configuration (should see 10.0.3.129)

• Check /var/log/messages

• With NetworkManager, DHCP client lease info stored in /var/lib/NetworkManager

• Check /etc/resolv.conf – this shows the default DNS server(s)

• Check routing table (route or netstat -r)

• Ping the gateway (10.0.3.1 ?) you defined earlier in the Windows Server DHCP server configuration (Note: if ping doesn’t work, you might also need to ensure that you have enabled ICMP echo reply in Windows Defender Firewall as described in an earlier lab).

• On the Windows Server, check:

o “Display Statistics” in DHCP Manager

o The DHCP server log file in C:\WINDOWS\system32\dhcp

Like the Linux lab task, a Windows DHCP server can also reserve IP addresses by MAC addresses.

1. You can determine the hardware address of the Linux server by running ifconfig (and noticing the string next to the word “ether”)

2. On Windows Server, open DHCP Manager again and find our scope. If you expand the scope menu option, there should be a sub-option called “Reservations”.

3. Right-click on Reservations, then add a new reservation for this mac address:

4. set the ip address to 10.0.3.30 PS: the mac address must be entered in the xx-xx-xx-xx-xx format with dashes between each pair of hex digits rather than colons. If you get an error message that “The unique identifier you have entered may not be correct”, then this likely means your MAC address is not in the correct format.

5. Click Add. Note that this screen doesn't give an acknowledgement! Use Close button to continue.

On Linux, you should either wait for a couple of minutes for the changes to update, or restart the interface (ifdown/ifup).

Check that the IP address, DNS, gateway are all correct