DHCP Required on SBS2008?

Posted on 2011-02-21
Last Modified: 2012-06-27
Can anyone tell me if I'm required to have SBS2008 also serve DCHP requests on a single server domain?

Currently, I have my sonicwall TZ210 doing this for me.

I'm worried about having problems with wireless clients getting IP addresses, etc and I would rather just have my Sonicwall do DHCP for me.

Will this work?
Question by:chrisrbloom
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
  • +3
LVL 96

Expert Comment

by:Lee W, MVP
ID: 34947272
There's no reason the DHCP server from SBS can't handle the wireless.

Otherwise, you'll have to modify your DNS setting on the sonicwall to ensure it specifies the SBS server is the DNS server (since DNS is VITAL to a functional Active Directory domain).
LVL 77

Expert Comment

by:Rob Williams
ID: 34947437
It is very critical the server be your DHCP server, and if it is not, the wizards will fail, and the best practices analyzer will warn you of this. This is not just true of SBS but it is best to have any Windows server as the DHCP server for the following reasons:
-allows for more scope options than your router can offer. Some of which are necessary for SBS services
-secure dynamic DNS updates
-Proper DNS registration for older O/S clients
-central management
-DHCP integration for VPN clients
-eliminates the risk of the router automatically assigning the ISP's DNS, resulting is slow name resolution

It is possible to configure DNS to rgister clinets add add the scope options to the Sonicwall, but why?

Expert Comment

ID: 34947528
turn off dhcp on sonicwall and point the dhcp requests on the sonicwall to your windows dhcp server

works no problem
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.


Expert Comment

ID: 34947545
basically your setting up DHCP pass-thru on your sonicwall
LVL 70

Expert Comment

ID: 34947674
It would be far better to disable DHCP on the sonicwall and use the SBS server. DHCP in SBS is designed to integrate with the rest of the system and importnatly give the address of the SBS server as the DNS server so that it is used to service DNS lookups - not the router - this is essential.

Author Comment

ID: 34947684
The reason I ask is because I did go through the wizards on SBS2008 and got an error that DNS failed...but I looked and it appeared to be running fine.  I turned off DHCP on the sonicwall, turned it on on the SBS.

Rebooted...and none of my office clients could go online.  Server never booted.  Perpetually stuck in "Starting Services" mode for hours.  All the while nobody could go online.

Well, they could if they didn't need DNS.  The server somehow inserted itself to the only DNS server on the network, and since it wasn't up, all the clients failed.

Thinking it would just be better to control it myself as I have been doing for years.

LVL 77

Expert Comment

by:Rob Williams
ID: 34947706
>>"The server somehow inserted itself to the only DNS server on the network"
It is supposed to, this is critical in a windows domain. You cannot add the router or ISP even as an alternate. Yes that means if the SBS is down you have no internet.

You need to disable the Sonicwall, enable DHCP on the SBS, run the "fix my network wizard", and reboot all clients.
If it still doesn't work you need to address the problem rather than a work around.
LVL 51

Expert Comment

ID: 34947709
I hope your SBS server isn't setup as a DHCP client too.  If you shut down the Sonicwall DHCP and your server wouldn't start, I would think that might be the case.

If not, make sure the SBS server points to itself for DNS, has your router as the gateway, and isn't multi-homed.

DHCP should work fine for the wireless as long as your router is set as either a bridge or access point and doesn't assign addresses to the clients.  You CAN set it up to work as a DHCP server for your wirelss clients too if the LAN segment is plugged into the WAN port of the wireless router as it effectively creates a separate network that is using NAT.

LVL 77

Accepted Solution

Rob Williams earned 500 total points
ID: 34947712
If the server is off line you will lose internet access. However fact is in a Windows domain regardless of whether you use the server or the router for DHCP the only DNS servers you can assign to your DHCP clients is your internal DNS servers. If you assign the router or ISP as even an alternate, you will have slow logons, name resolution issues, and the http://connect wizard for joining clients to the SBS will fail. The only way to retain internet when the SBS is of line is to add a second DC/DNS server to your domain.

#1 rule of Windows DNS, server and clients must point ONLY to the internal DNS server. ISP's DNS is added as a forwarder.

Ignoring best practices, I have never understood if the SBS is offline and you have lost file access, authentication, and e-mail (Exchange), why is internet so important. That is just a personal feeling.

Having said all of that it is not compulsary to ue the SBS for DHCP, but if not you should read the following:

Author Comment

ID: 34947721
Well, you answered my questions and I'll go to work making it work.

FYI, in the past, I usually set up my DHCP server (sonicwall) to publish SBS as the first DNS server, then OpenDNS as rollovers.  It didn't seem to cause a problem on SBS2003 installs, but I guess 2008 is a little more restrictive.

Thanks for the quick help!
LVL 77

Expert Comment

by:Rob Williams
ID: 34947746
>>"I usually set up my DHCP server (sonicwall) to publish SBS as the first DNS server, then OpenDNS as rollovers"
It usually causes slow logons and name resolution issues.
Good luck with it. Long term its worth having it set up right. DNS is the backbone of a Windows domain

Not so sure all points should be awarded to me.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Let's recap what we learned from yesterday's Skyport Systems webinar.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question