Sie sind auf Seite 1von 9

Branch Office Infrastructure

Solutions
DHCP Services Guide

Version 3.0

Published: February 2008


Revised: September 2008
For the latest information, please see
microsoft.com/BranchOffice
Copyright © 2008 Microsoft Corporation. All rights reserved. Complying with the applicable copyright laws is
your responsibility. By using or providing feedback on this documentation, you agree to the license agreement
below.

If you are using this documentation solely for non-commercial purposes internally within YOUR company or
organization, then this documentation is licensed to you under the Creative Commons Attribution-
NonCommercial License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc/2.5/ or
send a letter to Creative Commons, 543 Howard Street, 5th Floor, San Francisco, California, 94105, USA.

This documentation is provided to you for informational purposes only, and is provided to you entirely "AS IS".
Your use of the documentation cannot be understood as substituting for customized service and information
that might be developed by Microsoft Corporation for a particular user based upon that user’s particular
environment. To the extent permitted by law, MICROSOFT MAKES NO WARRANTY OF ANY KIND, DISCLAIMS
ALL EXPRESS, IMPLIED AND STATUTORY WARRANTIES, AND ASSUMES NO LIABILITY TO YOU FOR ANY
DAMAGES OF ANY TYPE IN CONNECTION WITH THESE MATERIALS OR ANY INTELLECTUAL PROPERTY IN THEM.

Microsoft may have patents, patent applications, trademarks, or other intellectual property rights covering
subject matter within this documentation. Except as provided in a separate agreement from Microsoft, your
use of this document does not give you any license to these patents, trademarks or other intellectual property.

Information in this document, including URL and other Internet Web site references, is subject to change
without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-
mail addresses, logos, people, places and events depicted herein are fictitious.

Microsoft, Internet Security and Acceleration Server, Windows Server 2000, Windows Server 2003, Windows
Server 2008, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the
United States and/or other countries.

The names of actual companies and products mentioned herein may be the trademarks of their respective
owners.

You have no obligation to give Microsoft any suggestions, comments or other feedback ("Feedback") relating to
the documentation. However, if you do provide any Feedback to Microsoft then you provide to Microsoft,
without charge, the right to use, share and commercialize your Feedback in any way and for any purpose. You
also give to third parties, without charge, any patent rights needed for their products, technologies and services
to use or interface with any specific parts of a Microsoft software or service that includes the Feedback. You will
not give Feedback that is subject to a license that requires Microsoft to license its software or documentation to
third parties because we include your Feedback in them.

Solution Accelerators microsoft.com/technet/SolutionAccelerators


Contents

Solution Accelerators microsoft.com/technet/SolutionAccelerators


iv Guide Title (for single guide/doc accelerator or accelerator title (for multi-guide/doc accelerator)

Solution Accelerators microsoft.com/technet/SolutionAccelerators


DHCP Services
For many years, designing IT infrastructures that are capable of supporting branch sites
has been a challenging task. The complexities introduced by the limitations in available
network bandwidth, performance issues, and geographic separation, have a significant
impact on an organization’s ability to implement an appropriate single IT solution for all of
its sites. As wide area network (WAN) bandwidth and performance grows, client and
server technologies are also introduced (or enhanced) so that they provide better support
for branch operations. However, although the situation will improve, there will always be a
fundamental difference between the design for a geographically distributed IT
infrastructure and the design for a single site. The addition of branch sites introduces a
number of significant constraints that modify the options that are available to solution
designers.
This guide, as part of the Branch Office Infrastructure Solution (BOIS) series, updates the
design that was described in the Network Addressing and Name Resolution section of
Chapter 3 of the “Branch Office Infrastructure Solution for Microsoft Windows Server
2003 Release 2” guide and specifically deals with the changes that are introduced by the
Microsoft Windows® Server® 2008 operating system. Although many of the fundamental
design principles in this guide remain the same, there are some important implementation
details that have changed, especially with the introduction of Windows Server 2008
Server Core installation options and improved virtualization technologies like Hyper-V.
This guide provides the necessary updates needed to ensure that your branch
infrastructure takes advantage of the latest Dynamic Host Configuration Protocol (DHCP)
design approaches.

Goals and Objectives


This guide introduces the design considerations that involve delivering DHCP services to
service-based branch environments using new technologies, including Microsoft
Windows® Server® 2008. The branch environment is typically part of a larger network
that supports an organization's main sites and data centers. However, the addition of
branch sites introduces a number of significant constraints that modify the options that
are available to solution designers. This guide describes how to look at the specific
requirements of branch DHCP services in the larger context of an organization's IT
services.

Audience
The primary audience for this guide is the experienced Infrastructure Architect or IT
professional who is responsible for designing DHCP services for a branch site
infrastructure. DHCP is a fundamental network client service and, as such, it can impact
other services within the branch infrastructure. Therefore IT professionals responsible for
other services within the IT infrastructure will also benefit from this guidance.

Network Addressing Services


Several networking services are necessary to support the TCP/IP network environment.
Some of those services deliver IP addresses to clients upon request and provide clients
with a user-friendly name to resolve the IP addresses of different hosts and domains.
These services include the Dynamic Host Configuration Protocol (DHCP), Domain Name
Service (DNS), and Windows Internet Naming Service (WINS). This paper offers
guidance on DHCP services for branch infrastructures. For more information about DNS

Solution Accelerators microsoft.com/technet/SolutionAccelerators


2 BOIS DHCP Services Guide

and WINS at branch locations, see the BOIS Name Resolution Services Guide, located
at http://www.microsoft.com/branchoffice.

Dynamic Host Configuration Protocol


DHCP in Windows Server 2008 enables the centralized automatic management of IP
addresses and other TCP/IP settings for network clients. This section covers the
functionality and design considerations that are specific to branch sites but does not
provide complete functional and design information. For more information about DHCP
and DHCP server roles in Windows Server 2008 see the “Dynamic Host Configuration
Protocol” page at http://go.microsoft.com/fwlink/?LinkID=108876.
DHCP is a lightweight and highly scalable protocol. Figure 1 shows the design reference
for DHCP in a network environment that supports branch sites.

Figure 1. DHCP design reference


The approach used for the DHCP design in the BOIS model is to centralize DHCP in the
hub site. The following section shows the design considerations that should help you to
determine whether this design meets the needs of your organization.

Solution Accelerators microsoft.com/technet/SolutionAccelerators


BOIS DHCP Services Guide 3

DHCP Server Placement


You should first consider whether a DHCP server is required at the branch site. You
should take the following design considerations into account:
• Administrative overhead. Each additional DHCP server generates a higher
administrative workload. Configuring, monitoring, and updating the server adds costs
to the management of the infrastructure. Some of the management overhead may be
reduced by deploying Windows Server 2008 Server Core installations for DHCP
services. However, the hardware costs associated with devoting a single server to
DHCP services at branch locations may be too high, unless server virtualization is
used.
• Network topology. You must consider the existing network infrastructure to ensure
that the routers and firewalls in place can enable the intended design to function as
planned and whether the routers and firewalls support IPv6, if that is in use. For
example, a centralized DHCP topology typically requires the deployment of
DHCP/bootstrap protocol (BOOTP) relay agents or the configuration of a helper
address to forward the required network packets on Cisco routers.
• Network availability. If the wide area network (WAN) link is likely to be down for
periods of time that approach the DHCP lease period, the design may need to
include a local DHCP service. If a centralized model is required, the lease time of the
DHCP service should be extended to cover periods when the WAN link may be
down.
• Service availability. If a branch site-based service is planned, it may be impossible
to provide a backup service at the local site. For more information, see “How to
Configure Dynamic Host Configuration Protocol Servers with Split Scopes”, at
http://go.microsoft.com/fwlink/?LinkId=47137.
• WAN link speeds. The available bandwidths and the latency of the network WAN
links are a significant consideration for the DHCP server. High latency links may not
be able to support the passing of DHCP requests from the branch site clients to a
centralized server. For example, an exchange between the DHCP client and the
DHCP server typically consists of four packets, each containing a maximum of 4
kilobytes (KBs). So the maximum data requirement is 4 x 4 = 16 KBs per request. For
more information about the DHCP exchange, see “Network Configuration
Technologies” at http://go.microsoft.com/fwlink/?linkid=4614.
• Hardware costs. If the branch sites require a local DHCP service, it is likely that this
service can co-locate on a general purpose branch site server; DHCP is a relatively
low impact service. For more information about service co-location, see the Service
Co-location Notes section later in this guide. If service co-location is not possible due
to incompatibility or performance issues, the service must be configured on new
hardware. This hardware could be in the form of a simple network device, such as a
site router that supports DHCP services, or it could be a new server. It is important to
consider the ongoing management cost of this hardware as well as the hardware
costs alone.
• Scalability. You should consider adding a level of growth into the user base at each
site to ensure that the service does not fail as natural company growth occurs over
the lifetime of the design.
• Internet Protocol Version. You should consider whether IPv6 or IPv4 protocols can
be used in the environment and the impact this may have on the design
requirements. Using IPv6 at one or more locations may require configuration
changes to firewalls or the use of tunneling protocols, such as Toredo, which
encapsulate IPv6 packets for traversal through incompatible gateways or firewalls.
For the BOIS design model, the DHCP services are not critical for everyday operations
because the lease times are set to exceed most potential outages. New clients or
roaming clients could experience problems if brought online while DHCP is not in service,

Solution Accelerators microsoft.com/technet/SolutionAccelerators


4 BOIS DHCP Services Guide

but some organizations may consider his to be an acceptable risk and would avoid
deploying and managing DHCP in each branch site.
Figure 2 shows the centralized approach that is used in the BOIS design model.

Figure 2. BOIS DHCP design model

Service Co-Location Notes


Like DNS and WINS, DHCP can generally coexist with other services on a shared
instance of the operating system, which makes it suitable for co-location on a single
instance of the operating system. As with any other service, you should use the least
privileges possible. The DHCP administrator must be a member of the Administrators
group on the local computer.
The following list shows the options for co-locating DHCP with other services (if it cannot
be centralized):
• Co-locate DHCP with Active Directory and DNS. This is useful for organizations in
which DHCP is operated by the same group that operates Active Directory® domain
service and DNS. If you decide to run the DHCP service with Active Directory and
DNS, see "Installing Dynamic Host Configuration Protocol (DHCP) and Domain
Name System (DNS) on a Domain Controller," at
http://go.microsoft.com/fwlink/?LinkId=47139
Note This article is based on Microsoft Windows™ 2000 Server, but the information is also
valid for Microsoft Windows Server™ 2003 and Windows Server 2008.
• Co-locate DHCP with file and print services. This can be a good choice for
organizations that want to separate DHCP from Active Directory and DNS. This is
feasible only if the service administration can be coordinated (when separation of
administration is not required).
• Co-locate DHCP on a networking server. This can be a good solution for branch
sites with a Windows-based networking server. DHCP can be co-located with
Microsoft Internet Security and Acceleration (ISA) Server or run on a virtual machine
on the networking server (although additional software licensing and management
costs related to the virtual machine are sometimes difficult to justify).

Solution Accelerators microsoft.com/technet/SolutionAccelerators


BOIS DHCP Services Guide 5

Summary
DHCP services are a part of the core network services in Windows Server 2008 and can
be used to centrally manage IP addressing and other related configuration parameters in
enterprise network environments. By deploying DHCP services correctly you can reduce
administrative overhead by automatically configuring TCP/IP services on a number of
clients and devices.

Additional Resources
The following resources can be used to learn more about DHPC services in Windows
Server 2008:
For more information about DHCP Server roles in Windows Server 2008, see “Dynamic
Host Configuration Protocol” at http://go.microsoft.com/fwlink/?LinkID=108876.
For more information about using Network Access Protection with DHCP, see the “Step-
by-Step: Demonstrate NAP DHCP Enforcement in a Test Lab” guide at
http://www.microsoft.com/downloads/details.aspx?FamilyID=AC38E5BB-18CE-40CB-
8E59-188F7A198897&displaylang=en
For information about the new networking features of Windows Server 2008, see “New
Networking Features in Windows Server 2008 and Windows Vista” at
http://technet.microsoft.com/en-us/library/bb726965.aspx
For more information about server core installations, see the Server Core Installation
Option for Windows Server 2008 Step-by-Step Guide at
http://technet2.microsoft.com/windowsserver2008/en/library/edc9ae73-8df6-4bb5-a863-
45fdcb5496cb1033.mspx?mfr=true
For more information about server virtualization in Windows Server 2008, see The
Windows Server 2008 Hyper-V TechCenter at
http://go.microsoft.com/fwlink/?LinkId=101268

Feedback
Please direct questions and comments about this guide to satfdbk@microsoft.com.

Solution Accelerators microsoft.com/technet/SolutionAccelerators