Solved

dhcp best practices

Posted on 2010-09-22
5
365 Views
Last Modified: 2012-05-10
1st off don't laugh. this is an embarrassment to the IT World

So i just started working at this company and man i have to say their network is jacked up.

they have 2 DHCP scopes running on two different servers

the DHCP scope has no reservation allocated for the networking gear or the servers

their servers have 2 active nics (some 3) on the same network - no sub-netting.  

they have a slew of ip-conflicts weekly (attributed by the servers being in the same pool as the dhcp scope)

What i would like to know is this
1. by removing the homing nics will it increase performance?
2. how is this setup bad?  

sorry just ranting and looking for good answers
0
Comment
Question by:johnkesoglou
  • 3
  • 2
5 Comments
 
LVL 16

Accepted Solution

by:
InteraX earned 500 total points
ID: 33737158
If the servers have multiple nics on the same vlan, I would look at teaming them for redundancy/performance increase. Removing them isn't necessary as long as they are both the same make or support the same teaming software. If they don't try diabling one of them or giving them different IP's. DNS round robin should sort out the rest for name resolution etc.

Assuming the DHCP scopes are both the same, if the DHCP servers are set to ping the target clients before allocating an address, this may not be a problem, but what we do at my place is have the scopes split so that one server gives out the lower half of the IP range and the other the upper half. Then you will not get IP address conflict at all.
Our servers and other infrastructure equipment is not in the scope range. (in fact they are on a totally different VLAN)

Whilst there are no worngs or rights, the above can be considered bad because you are experiencing IP address conflict. What is worse is that this is being experienced by the servers.

Action plan:

Re-create the DHCP scopes without including the servers IPs. (move the servers & infrastructure IP's to the beginning or the end of the subnet if possible)
Team the NIC's if possible.
0
 

Author Closing Comment

by:johnkesoglou
ID: 33739463
i was looking for a more constructive way to tell the client that there was something wrong with the current setup.  you gave a great answer but i indicated that i knew the answer.

thanks anyway
0
 
LVL 16

Expert Comment

by:InteraX
ID: 33741804
As for a more constructive way to tell the client they have a bad setup, tell them that are expeirncing porblems and issues right now. Until this is sorted out, they will cary on experiencing problems.

If they want to see MS best practices, see http://technet.microsoft.com/en-us/library/cc780311(WS.10).aspx & http://technet.microsoft.com/en-us/library/cc776596(WS.10).aspx

One thing MS haven't included on their DHCP server is DHCP server clustering which is now in the spec, but MS want you to buy their enterprise version of Windows and cluster DHCP using windows clustering. 3 times the cost.
0
 

Author Comment

by:johnkesoglou
ID: 33744739
hi guys


i appreciate the feedback, this PIX seems to have some sort of issue outside of the configuration.  the only thing i did outside of the config was upgrade the firewall pdm software.  The other line items regarding http .0.0.0.0 and telnet 0.0.0.0  :)  i was unable to hit the pdm from the outside (assuming i could use telnet on ethernet0 - and that we must use SSH on the public interface.)  

so once i get everything cleared up, i will remove these and take care of everything internally from one of the servers using rdp.

i really appreciate the feedback.

i did notice that each time i put a command in place it takes the firewall several minutes to "turn on" or "turn off" ... i.e. i add a NAT rule and it is inaccessible for several minutes.  i know the device is old but i am using this in the interim until i can get myself a decent ASA 5505
0
 

Author Comment

by:johnkesoglou
ID: 33744827
lol - disregard my last post intended for another issue

thanks for your feedback :)
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DHCP Server 14 100
CENTOS DHCP Server / PXE/TFTP 14 156
MS Endpoint Protection 2 45
Separate DNS forwarding 2 20
Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

827 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question