Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 616
  • Last Modified:

DHCP Scopes on servers


Here is the situation:
I have 2 2003 server DCs and I just added 3 2008 DC Servers in my domain (same site). On the 2 2003 servers I have 1 scope on each DC split like this
2003 DC1 - 192.168.10.20 to 192.168.10.127
2003 DC2 - 192.168.10.128 to 192.168.10.254

I exported and then imported the dhcp scope settings from the 2 2003 servers to 2 of the 2008 servers and everything is running fine - so it's like a mirror now so to speak. On the 3rd 2008 server I need to make a scope of these IPs, so I need to split it up something like:

2008 DC3 - 192.168.10.20 to 192.168.10.50
2008 DC4 - 192.168.10.51 to 192.168.10.200
2008 DC5 - 192.168.10.210 to 192.168.10.254

Questions:
While I change the scope settings on the 2008 DCs (splitting them up like above) will this cause any problems with clients who already have leases?

Once I am done creating the scopes on the 2008 servers as above can I then stop the DHCP services on the 2003 servers safely without having issues? If a client(s) is now having a lease from one of the 2003 servers and I stop the DHCP services on the 2003 server I'm assuming they will be fine since it will automatically be picked up by the scopes on the 2008 DCs, correct?

I hope running the same scopes on the servers ( for the time being) wont cause problems.

I plan on demoting the 2003 DCs as soon as I straighten out the DHCP on the 2008 servers. Thanks.
0
tolinrome
Asked:
tolinrome
  • 5
  • 3
3 Solutions
 
ChiefITCommented:
It's my recommendation that you split the address pool between two servers that support the entire group of computers. The scope should be the entire 192.168.1.1-254 space.

This way if one of your new servers dies, then you have another that can support all DHCP clients.

Example:
1-50 fixed IPs
192.168.1.51 to 192.168.1.152 100 IPs
192.168.1.153 to 192.168.1.254 100 IP

There is no need and it is counterproductive to split the address pool between three servers. Keep the redundancy between two to support all IPs within the scope that accept DHCP.
0
 
ChiefITCommented:
Also, prior to authorizing your DHCP on the 2008 servers, you must UN-authorize the two 2003 servers. To the clients that are not seeking an IP address during this time, it will appear transparent to them.
0
 
Leon FesterIT Project Change ManagerCommented:
You don't want to have all the DHCP servers online and authorized at the same time.
Unlike DNS where the database is shared/replicated via Active Directory, the DHCP Servers, each maintain their own databases of leases. Any IP Leases from the 2K3 server will not reflect on the 2K8 leases list.

I'd recommend that you plan your changes to co-incide with some scheduled downtime for all your DHCP clients.
Typically this would be the sequence of events:
1. Shutdown all  DHCP clients, aka ask users to shutdown their machines at the end of the day.
2. Configure the new scopes on the 2K8 servers. (Can be done beforehand as well)
3. un-authorize 2K3 DHCP Servers.
4. authorize 2K8 DHCP Servers.
5. Start a workstation, and check if the machine has picked up a DHCP address.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
tolinromeAuthor Commented:
ok, all dc's 2003 and 2008 have their dhcp servers authorized and the two 2008 dhcp settings are a replica of the two 2003 dhcp settings since I just copied the dhcp database over from 2003 to 2008. Would it be safe for the clients if I now deauthorize the two 2003 dhcp servers so I can be ready to demote them? I just want to make sure that when I deauthorize the 2003 dhcp servers that the clients will be able to renew their leases on the 2008 dhcp servers.
The two 2008 dhcp servers are online and authorized and dns is all setup accordingly.
Thanks.
0
 
ChiefITCommented:
You should have de-authorized the 2003 servers BEFORE bringing up the 2008 servers. Please de-authorized them immediately. If your clients have problems after that, go to start>>RUN>> and type services.msc. Then, restart the DHCP server service on both 2008 servers.
0
 
tolinromeAuthor Commented:
Ok, I just unauthorized both 2003 servers and then I restarted the dhcp server on them a few minutes ago - so far no problems. Both 2003 dhcp servers now have the red arrow icon point downwards - signifying they are not authorized. However they are still started since when I go to all All Tasks I have the option to either Stop, Pause or Restart.
When the client leases expires they should now pick up from the 2008 dhcp servers....hopefully.

Thanks!
0
 
tolinromeAuthor Commented:
ever since I unauthorized the two 2003 dhcp servers I have 2 users who cant get an ip address from the new 2008 servers, everyone else at this monent seems fine. I tried ipconfig -release, I restarted their machines, I also restarted the two 2008 DCs (dhcp server services) as well.

any help?
0
 
ChiefITCommented:
Well, DHCP is working well. Check their nic settings to ensure that IPv6 is not enabled. It doesn't appear that you support that on your network. Once you disable IPv6 and enable TCP/IP v4 then try to go to the command prompt and type:

Ipconfig /release
IPconfig /renew

Also, some software firewalls block DHCP, unless otherwise told not to by a rule. So, you might check into any software firewalls. These two users also are on the same broadcast domain, correct??
0
 
ChiefITCommented:
if all else fails:

Go to START>>RUN>>services.msc

And reset the DHCP client service applet.
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now