We help IT Professionals succeed at work.

DHCP question

We are setting up a new site. From a AD\DNS and DHCP standpoint im trying to make sure everything is done.

-Setup DHCP scope
-Let our network team setup DHCP relays(we have a separate team who manages the network)
-Setup Sites(AD sites and services)
-create a DNS reverse lookup zone

Am I missing anything?
Watch Question

Distinguished Expert 2018
The subject of your question says "DHCP" question, but then some of your tasks aren't really DHCP related.  So it becomes pretty difficult to answer whether you missed anything, as each organization is different and it isn't clear what the end goal is.

In general though, here are my thoughts.

I usually do *not* recommend using DHCP relays between sites.  The whole reason to create a site in AD is to help machines find the "closest" resource such as a domain controller or DFS, and the only reason that is a concern is when links are slow or unreliable.  Which are exactly the kinds of links you *don't* want broadcast DHCP traffic going over.  DHCP should be local to the site.

DHCP relays are great for fast reliable links, such as campus links, or even between VLANs crossing a single router/layer 3 switch.  

A DNS reverse lookup zone isn't required for DHCP at all. Whether you want or need one is a matter of how you'd be using it.  Again, it seems out of place given the rest of the question, but makes it seem like goals overall, or goals for the question, weren't really communicated.
Hi guys,

You haven't mentioned whether you are using DHCP to register DNS entries for clients. It's not necessary, but is useful for hosts that cannot authenticate to the domain such as printers etc.

One thing that looks like it's missing is DNS scavenging. If you don't set this up at the start, you can end up with a very painful task later working out what settings are needed.

Another thing I would look at is DNS netmask ordering. Depending on your site subnet size, you will need to adjust the filter that DNS uses to determine if a server is on the same site or not. This requires your site IP addressing to be bound within a neat subnet and might require you to liaise with your networking team to ensure that this will work. Whilst some Windows services will look at sites and services for link costs etc. to decide how which server to send you to, some services rely on DNS responses to send you to the correct server.

I want to contradict some of what Cliff has said. It's only my opinion of course, so please don't take this as personal. :-)

If you have reliable links between sites, I don't see any reason not to have DHCP run from a 'datacentre'. DHCP requests on the local network segment are broadcast. Once they reach the relay, the request is converted into a unicast packet to be sent to the DHCP server address.

I have seen DHCP relay setup across international links between sites without issue, but this is situations where there are multiple resilient links between the sites in question.

I would recommend a reverse DNS zone. If you are monitoring your network (you should be :-) ) and have the IP address of a host youn want to investigate, you could open up the DNS management console, open your zone and sort the zone by IP address, but it's much quicker and easier to run nslookup and enter the IP address.
Thomas NSystems Analyst - Windows System Administrator


sorry guys I was typing while I was thinking of what to post. Yea its more of a site configuration question. I dont manage the relays and its not my decision to make how the machines can broadcast to my DHCP server. I am just responsible for the actual AD\DNS, and DHCP servers.