The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks and an extension of the Bootstrap Protocol. DHCP allows for computers to be configured automatically to communicate with each other over an IP network without the need for manual setup by a network administrator. The implementation of DHCP relies on a DHCP server to hand out network configuration information to DHCP-capable clients that request an IP address (and other information required or useful in communicating with other devices on an IP network). In addition to an IP address, common configuration information served over DHCP includes a default gateway, subnet mask and DNS sever(s).

Share tech news, updates, or what's on your mind.

Sign up to Post

Hello IT people 😁
I need to build a data center. from servers point of view, how to do or what is the best practice for the followings:
1- for the DHCP I Need the setup to be HA or Cluster.
2-for WSUS I Need the setup to be Cluster.
3-for  SMTP I Need the setup to be HA.
4- for MYSQL DB I Need the setup to HA with Sync.
5-For NTP I Need the setup to be HA or Cluster.
6-For AD please note that's required to moving FSMO, maybe TLS needed, trust configuration between Server Farm and DMZ domains if used and GPO for all Systems.

feel free to ask any questions to help me 😅
Exploring SharePoint 2016
LVL 13
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

I work in a corporate environment. I am based in the USA, corporate IT is in Germany. They image all of our computers via Matrix42. We have received a batch of new HP Elitebook 850 G5 laptops. I have them on our network and powered on. I have accessed the BIOS via F10 and have found that the PXE boot is enabled, but Germany does not see it. When the laptop boot, normally I would see the startup screen indicating IP addresses, DHCP info, etc. With the new batch, all I see is 'Protected by HP Secure Start'. I have access to the internet, so I know I am on the network. I can run IPCONFIG /all and see all my network info.

How do I configure this laptop for Network PXE boot?

Thanks in advance.
DHCP Logging Question:  I am running DHCP services on a Windows Server 2016.  I would like to know how I can capture all of the DHCP log activity for an indefinite amount of time in a format that humans can read.  Any suggestions are appreciated.
Could someone please help me understand what needs to be done transitioning from Cisco VOIP to Avaya?  Specifically, Option 242 that needs to be configured on DHCP Voice Pool? The client claims that the phones are staying in Data Vlan (Vlan 1) and not going over to Voice Vlan (Vlan 900).

The setup is pretty straight forward. There is one building (3 closets total) and only 2 Vlans: Data and Voice.  

Vlan 1 Data
Vlan 900 Voice

The Cisco 2921 Router is configured for Voice DHCP like this:
ip dhcp pool VOIP
 option 150 ip
 dns-server is the Call Manager IP.

I believe there is an Avaya server (controller) onsite that will be acting as DHCP for the new Avaya phones.

What needs to be done for the Avaya phones to obtain 10.13.x.x IP addresses and not 10.12.x.x ? I've read about Options 242 (or 176) that need to be configured but I'm not sure how to go about it. I haven't really worked with Avaya phones before.

What about LLDP? The switches are Cisco, 2960x. Switchport are configured to access vlan 1 and Voice vlan 900.

Any help would be appreciated!
I have a Vlan set in one Layer3 Dell 6248 switch, this vlan purpose is to connect our PBX, I have two subnets, my Native has the scope and the vlan 7 has now if I have my facts right I created the vlan in the switch  and gave it IP with IP Helper Address that in it self should be able to route to my DHCP server where I created the scope, I think that I have everything cover so I can plug phones into the switch and they will be able to reach the subnet to get an IP from that scope but I connect the phones that are programmed to look for vlan 7 and they cannot reach, but some of my devices that are in scope are reporting to the scope, can anyone help me to understand what did I do wrong ?
I want to document DFS within an organisation, whats best way to do this?

I have good notes on AD, DHCP, DNS etc just looking for DFS

Environment is 2012 r2 environment

Found this


Any other ways appreciated
I'm still having issues getting my new server fully online. I created my new domain on Windows Server Essentials 2016, and migrated all the computers from the Windows Server 2012 domain onto the new domain.

Everything seems to be working except for DNS/DHCP. I have to set a static IP as well as define an outside DNS server such as in order to get internet on my devices.

If I power back on the old server which no devices are connected to, I can connect to the internet without settings a static IP or DNS server.

I'm thinking there's a problem with the DNS on my new server, though I'm not sure what it is. The server is brand new, on a new domain as the primary DC. I migrated the DHCP settings from the old server and adjusted them to remove references to the old server, and set references to the new server.

When I run dcdiag /fix I get the following output:

Starting test: SystemLog
         An error event occurred.  EventID: 0x0000168F
            Time Generated: 04/04/2019   22:05:16
            Event String:
            The dynamic deletion of the DNS record '_kerberos._tcp.dc._msdcs.ad.domain.com. 600 IN SRV 0 100 88 SVR-HVDC1.ad.domain.com.' failed on the following DNS server:
         An error event occurred.  EventID: 0x0000168F
            Time Generated: 04/04/2019   22:05:16
            Event String:
            The dynamic deletion of the DNS record '_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.ad.domain.com. 600 IN SRV 0 100 88 

Open in new window

a client has a Hyper V machine, server 2012 r2 standard.  this acts as their Domain Controller, recently they ran out of IP addresses and a new PC wouldn't get an IP address, so we expanded the scope from 1.1 - 1.200 to 1.1 - 1.254 so it gives them more IP's.  obviously they have servers with static IP's of .222 etc so we made sure all these would be put as reservations for those devices (i believe they were exclusions anyway).  when we did all of that the problematic PC got an IP and it was fine,  this morning the client has come in to say that the PC hasn't got an IP address again, in DHCP the lease is still valid for that machine, so i deleted it, got the PC rebooted and then it got an IP address, the same IP as it had the day before.

can anyone shed some light on this issue and why it would do this?
Hello fellow Experts Exchange members:

I have a very strange situation.  This morning, one of our workstations with a static IP address set reported "IP address conflict" upon logon to Windows.

The IP address in question was reserved in DHCP, and there are no rogue DHCP servers on the network.

After modifying the DHCP reservation to use a different IP address, I tried to determine the device using the conflicting IP address but was unable to do so.

The device responds to pings and somehow acquired an IP address that is valid for accessing on our network but would not have been assigned by DHCP.

Here is one of the unusual parts: the device has an unregistered MAC address.  By that, I mean that when I enter the MAC address into online MAC address vendor query websites I get a "Not found"-or-similar message.

I have also tried to isolate which part of the network the device could be on, and here is the second unusual part: with the servers off, a static IP address (using public DNS servers) set on one of the workstations not using the conflicting IP address, and all network devices disconnected from the network switch besides the perimeter firewall, the conflicting IP address *STILL RESPONDS TO PINGS*.

Neither the perimeter firewall nor the managed switch nor the workstation used the conflicting IP address, and there were no other network devices of any kind including the wireless router and any wireless clients reachable.  (They were physically disconnected …
Looks like I'm back again.

I created a new domain on my Windows Server 2016 Essentials domain controller, and transferred all my users to it. Everything seemed to be going well until I took off the static ip I had set on one of my user machines.

This led me to check my Server Manager on my one and only domain controller, and I found the following errors.

Error 1202: DFSR
Additional Information:
Error: 160 (One or more arguments are not correct.)

Error 1202: ADWS
This computer is now hosting the specified directory instance, but Active Directory Web Services could not service it. Active Directory Web Services will retry this operation periodically.
 Directory instance: NTDS
 Directory instance LDAP port: 389
 Directory instance SSL port: 636

Warning 4013: Microsoft-Windows-DNS-Server-Service
The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial …
OWASP: Forgery and Phishing
LVL 13
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Hello Team.
I’m hoping some DNS, DHCP masters will help to understand a bit more how Secure dynamic DNS registration works and tell me if my solution is the best approach.

Problem Description
From time to time when users are connecting to different VLAN or VPN, The DHCP Server or the Client is not creating either a A record or PTR record


Users would use either Windows 7 or Windows 10. We don’t have any lower OS.
DHCP, DNS roles are installed on Domain Controllers. DHCP is running on 3 Windows Server 2012, and DNS is running on 3 Windows Servers 2012 and 1 Windows Server 2016.

This issue seems to be since a long time as another IT departments from time to time where telling our team that DNS is not working proper. The problem is that when they were telling that their issue got already resolved, so we never got the opportunity to understand what the issue really was until recently where I finally got a incident and hands on a laptop where the Registration really wasn’t working. When I saw that I started to dig into that issue more details.
First I checked if the problem is not with some VPN connection but quickly with Networks team we were able to prove that VPN is not the issue as two laptops where having no issues at all getting a A and PTR record.
I started to look into the Configuration on the DHCP scopes and DNS Forward Lookup zones and discovered following:
The DHCP Server under the DNS setting has …
3rd party wants access to a customers DC for changing DHCP

Just wanted to check what the best practice was for this?

Which acccount is best suited to this purpose?
Our DHCP server about every week has been causing us issues. It won't hand out IP addresses to clients. What happens is when I log into the DHCP server and go to task manager I see that the service: svchost.exe is running our CPU at 100%. When I kill the service and it restarts itself the issue is resolved. What is causing this issue? Or what can I look at to see where I can further research this.

Our server is Windows 2008 R2 Standard

When I go into the logs I don't see anything under DHCP to me that stands out.
I have an SBS 2011 which runs exchange/DNS/DHCP/VPN but I had to remove the DHCP from it and use the routers DHCP for reasons that I cannot explain. Everything works fine but I cannot find anything online that says that VPN will work with an external DHCP.

I've just had my first remote user complain that she cannot connect so I rerun the fix my network and setup the vpn again and she appears to be connected fine. Is there anything else I need to check/do on the server or the router to ensure proper operation of the VPN?
Hi Experts,

We are moving to a new Mitel Cloud service and have IP485G phones.

I setup a VLAN on our switches along with a DHCP scope on a windows 2012r2 DC.

We receive the correct IP, router, dns  from the VOIP VLAN but the option .156 is not populating in order to get config files and firmware updates.

I am using the string below configServers="update.sky.shoretel.com"  

Thank You

Could someone please explain the practical difference between these two dns settings in DHCP?
I am currently set to "Dynamically update DNS records only if requested by DHCP" but I have read that best practice is to use "Always dynamically update DNS and PTR records"

 Why should I do this? I do see many duplicate/old A records in my DNS. Will changing the setting to "always" stop these duplicate records?
Thank you very much
Hello folks, need another pair of eyes to check my DC Win2016 hardware specs.  Only for AD purposes box.  DC, DHCP, DNS.  It'll be sitting separately from VM environment and crunching only AD specific purposes.  

HPE ProLiant DL360 Gen10 Performance - rack-mountable -Xeon Silver 4110 2. - x1
Intel Xeon Silver 4110 / 2.1 GHz processor- x1
HPE SmartMemory - DDR4 - 16 GB - DIMM 288-pin -registered - x1
HPE Read Intensive - solid state drive - 480 GB - SATA 6Gb/s - x2
HPE Foundation Care 24x7 Service - extended service agreement - 3 years - o - x1
Hardware Option(s) Install into a Server (CDW ConfigurationServices) - x1
Switchport in an err-disable state due to MAC Adress conflict.

Have cleared the DHCP bindings which cleared the err-disable error, but now have no connectivity.

I have two questions regarding our DHCP server.

We have a DC running DHCP  on a server that we will shut down (SERVER 1), and therefore we need to move the DHCP service to another server (SERVER 2), can I just deactivate it on the first server (SERVER 1), and then active it on the other server (SERVER 2)?
Even if I can I have a problem because our active DHCP is configured on all our routers at out ISP who connect our offices as DHCP relay with IP-address x.x.x.x, and therefore I come to my second question, can I after shutting down the old DC (SERVER 1), configure the new DC (SERVER 2) with that old IP address that (SERVER1) had, will that work?
OWASP: Threats Fundamentals
LVL 13
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Hey guys,
 We are considering to provision all our Domain Controllers as CORE edition servers 2016.   Wondering on others experience from manageability standpoint.  
How do you guys manage it.  Say you need ADUC, DNS, DHCP, AD Sites-services, etc, etc.  
I'm thinking to have at least one Regular Domain Controller with GUI interface.  Others are OK to have CORE.  Thoughts?

Thanks in advance.
Hi everyone,

This may be a DNS issue - maybe not.

I had a user who was encountering some printing problems yesterday.  I got the printing problem solved but in doing so discovered that I was able to ping the PC using two different hostnames, but having only one IP address.  I've verified that the inaccurate hostname belonged to a workstation I've already removed from the network 30-45 days ago.

On a side note, I've since upgraded the OS from WIN 7 to WIN 10.

Now, 24 hours later, I'm still able to ping the one workstation by the two different hostnames.  Is there something else I need to take a look at?  We do have some special vlans that live in our enviornment.  Is it possible that, maybe, the MAC of the PC got assigned on a vlan and is somehow associated to the old PC name - or is that really thin possibility?  Just tossing ideas around.

What is the reason for multiple BAD_ADDRESS in DHCP?  Description - This address is already in use.  I deleted them already few days back.  They came back for some reason.  About eight of them.
And it seems they show up after a an abrupt power outage we had.  Not sure if related.

Server 2016 Domain Controller.
I would like to have some confirmation that I setup DNS scavenging correctly on my DNS server.  The DHCP lease duration is set 8 Days.  Under DNS Management, I right-clicked on the server and selected properties.  On the advanced tab, I enabled automatic scavenging of stale records and set the savenging period to 4 days.  I then righ-clicked on the server and selected "Set Aging / Scavenging for All Zones.."  I enabled the the scavenging of stale resource records and set the no-refresh interval to 4 days.  I set the refresh interval to 4 days.  Finally, I right-clicked on my forward lookup zone and selected properties.  I clicked on the Aging button on the general tab.  I enabled scavenging of stale resource records and set the no-refresh and refresh intervals to 4 days each.

Did I miss anything or is this correctly setup?
My environment consists of a Sophos UTM Firewall, two ESXi Hosts, about 12 Windows Servers running as VMs, some physical switches, physical wifi controller and APs, network printers, and client PCs.  

On my Windows DHCP server, I have the scope defined as thru  I have an IP exclusion range from thru  I currently assign static IP addresses to my Firewall, WiFi controller, Switches and all Servers (running as VMs).  All of these devices and servers are assigned IPs within the thru IP range.  In addition to assigning the devices and servers static IPs, I also create reservations for them within my DHCP server.  

I also create DHCP reservations for my network printers but I leave the printer itself configured to acquire the IP address from the DHCP server.  All of my client PCs, BYOD devices, etc. simply receive an IP address from the DHCP server.  

Is there any problem in creating reservations for my servers and hardware despite the fact that the IP range they fall within is excluded from the scope AND the IP address is physically assigned to the device or server?  I was creating the reservation so that I had quick visibility within the DHCP server as to what server / device had a given IP address.  However, I am not sure if creating these reservations could cause a potential conflict or not.  The one "flaw" that I could see is that if a VM is moved or restored then the virtual NIC would be assigned a …
My DC died last week.

So I moved my DHCP to my firewall to have my users work online since all the DATA is now cloud based and the server was really only DHCP and AD.

Current setup now because we needed users to authenticate since their PC's were losing the relationship with the dead server.

I got a PC and installed server 2016 essentials. Installed a NEW domain name which the client wanted to do a while back so took advantage now. All PCs are now joined into the new domain.

We ordered a new Dell poweredge server and  once that comes in we want to make that PDC and the current PC "acting as a server" as secondary.

What OS does the poweredge need to be able to transfer roles from the temp PC server to turn it into a PDC? How do we accomplish this?

Thank you






The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol used on IP networks and an extension of the Bootstrap Protocol. DHCP allows for computers to be configured automatically to communicate with each other over an IP network without the need for manual setup by a network administrator. The implementation of DHCP relies on a DHCP server to hand out network configuration information to DHCP-capable clients that request an IP address (and other information required or useful in communicating with other devices on an IP network). In addition to an IP address, common configuration information served over DHCP includes a default gateway, subnet mask and DNS sever(s).