|Windows 2003 DHCP Server Advanced Configuration - Part 2|
|Written by Administrator|
|Sunday, 12 June 2011 19:02|
Backing up the DHCP database
Our DHCP server is fully functional but it may not always remain that way. We definitely want to back it up so we can quickly restore the functionality in the event of a disaster.
The DHCP scopes, settings and configuration are actually kept in a database file, and the database is automatically backed up every 60 minutes. But to manually back it up:
Restoring the DHCP Database
Let us imagine that a disaster with the DHCP server did occur and that we now have to restore the DHCP functionality. Restoring the DHCP database is just as simple as backing it up:
The DHCP database will then be restored.
Let us imagine that, after restoring the database, the DHCP server developed some issues and started malfunctioning. Luckily, DHCP comes equipped with several tools to help us troubleshoot.
The Event Viewer displays events that the server has reported and whether those events represent actual issues or normal operation. Most of the issue events related to DHCP will be reported in the System log of the Event Viewer with a Source of DHCPServer.
To view the Event Viewer:
Depending on how active the server is, the System log may be cluttered with Information, Warning and Error events that are unrelated to DHCP. To see only DHCP issues, filtering non-important events is necessary. To do this:
The System log is now displaying only DHCP Warning and Error events. This should cause any DHCP-related issues to stick out:
Every event has an Event ID. In case a particular event's description is too vague to understand, you may have to research the Event ID for further clarification.
DHCP Audit Logs
Another DHCP troubleshooting tool is the DHCP audit logs. These logs display detailed information about what the DHCP server has been doing. If a client leases an IP address, renews its IP address, or releases its IP address, the DHCP server will audit this activity.
More concerning events are also audited: if the DHCP server service stops, encounters a rogue DHCP server in the network, or fails to start, the server will audit this issue as well. These logs provide closer visibility into what the DHCP server is doing.
To access the DHCP audit logs:
In the dhcp folder, the log files will be titled DhcpSrvLog -%WeekDay%. log, where %WeekDay% is a week day. There should be one for the past six days.
The log may appear overwhelming, but it is very simple to read. Each line contains several pieces of information but the most important is the code at the beginning of the line, since that describes what is being audited. That code is defined on the top portion of the log file. As each line is comma-separated you can actually save the log file in .csv format and open it in Excel for easier and more convenient reading and analysis.
Although a protocol analyzer is not an official DHCP troubleshooting tool, it is nonetheless an excellent tool for troubleshooting issues where the server is not servicing clients. In such situations you would use the protocol analyzer on the server to determine whether DHCP Discover/Request packets from clients are arriving at the server at all or if they are arriving but being ignored by the server.
If you find that the packets are not arriving at the server at all, you would have isolated the problem to most likely being a routing issue or an issue with any relay agents/configured IP helpers in the network.
However, if you find that the packets are arriving but being ignored by the server, then you would have isolated the problem to either residing on the server or the configuration of DHCP.
The screen shot below, of Wireshark, shows that the server received a DHCP Discover packet from a client and properly responded to it.
Continuing from our previous storyline, let us pretend that we found the issue that was affecting our DHCP server but to fix it we would have to take the DHCP server offline for a considerable amount of time, so for the time being we will just setup a different server as our DHCP server.
To accomplish this, we will have to transfer the DHCP database to our new server. Migrating the DHCP database is not only done in situations such as this. When a DHCP server is decommissioned, for example, you would need to transfer the DHCP database to the new server.
Although the transfer can technically be done in more than one way, presented below is one method. Regardless of the approach chosen, you should aim to minimize the amount of time that both DHCP servers are simultaneously active and able to service clients as this would increase the chances of one server leasing an IP address that is already in use.
8. On the new server, authorize the DHCP server.
9. On the old server, unauthorized the DHCP server.
Although we could perform a migration by simply backing up the DHCP database on the old server using the backup procedure and restoring it on the new server using the restore procedure, this approach also restores the old DHCP server's configuration settings, such as audit settings, conflict detection settings, DDNS settings, etc. It may not always be desirable to transfer those settings in a migration. The procedure described above only transfers the scopes and their settings.
Without careful observation, the full capabilities of DHCP can be overlooked. The protocol, in combination with the DHCP MMC, provides numerous methods to control client configuration settings and server administrative functions.
About the Writer
Nuno Delgado (KiLLaBeE) is a valuable member of the Firewall.cx community and an IT technician for a technology, business process outsourcing company. In his position, Nuno assists in supporting over fifteen-hundred internal and external customers nationally. Nuno currently holds the MCSA, MCP, CompTIA Server+, Network+, and A+ certifications.
GFI Software provides the single best source of network security, content security and messaging software for small to medium sized businesses.
If you have found the article useful, we would really appreciate you sharing it with others by using the provided services on the top left corner of this article. Sharing our articles takes only a minute of your time and helps Firewall.cx reach more people through such services.
|Last Updated on Wednesday, 20 March 2013 23:39|