When creating a scope on a dhcp server, what is the purpose of specifying an exclusion?
If you wonder how basic network configuration is managed across your environment, today is your lucky day. You’ll learn how to connect to your Microsoft DHCP server and manage all of the common components from DHCP scopes, DHCP policies, DHCP reservations, and DHCP leases! Show
Not a reader? Watch this related video tutorial! Not seeing the video? Make sure your ad blocker is disabled.
PrerequisitesThis article is a tutorial. If you plan on following along step-by-step, you will need the following:
DHCP ScopesAt its simplest, a Microsoft DHCP server is a machine on a network that hands out IP addresses to clients. It ensures all clients receive IP addresses so they can communicate on the network. It does this through DHCP scopes. A DHCP scope represents contains various components such as:
The DHCP scope is a core element on a network and that allows you to configure network settings common to all of the clients on that network. Creating a DHCP Scope via Server ManagerLet’s kick off this tutorial by learning how to add DHCP scopes to an existing DHCP server. For this first demo, you’re going to learn how to set up a DHCP scope via the Windows Server Manager. Assuming you’re at the Windows desktop of a test DHCP server: 1. Click on your Start menu and type dhcpmgmt.msc to open the DHCP Microsoft Management Console (MMC). 2. Once the DHCP MMC opens, click on the dropdown to the left of the server name and then on IPV4. Expand the DHCP server settings so that you can see IPv4 3. Right click on IPv4 and select New Scope to start the New Scope Wizard, and click Next on the introduction screen. Begin creating a new IPv4 DHCP scope4. Provide a name of your choice for the Name and Description. This tutorial will create a scope for the company’s head office. Click Next when complete. Create the name and description for the scope 5. Next, define an IP Address Range indicating the IP address range you’d like to assign to the DHCP server’s clients. The tutorial will ensure the first IP address allocated to clients will be 10.0.0.100 and the last IP address will be 10.0.0.200. These start and end IP addresses create the scope’s address pool which you’ll learn about later. Also on this screen, enter a CIDR Length or Subnet mask which will be assigned to all clients. Configure the IP Address Range
6. Click Next to skip past the Add Exclusions and Delay step. Add DHCP exclusions and delays
7. For now, click Next to accept the default Lease Duration. You’ll learn a lot about DHCP leases later in this tutorial. Select the lease duration8. Leave the default setting of Yes, I want to configure these options now and click Next on the Configure DHCP Options step. You will configure various scope options shortly in this tutorial. Configure DHCP options whilst configuring the DHCP scope9. Next, provide an IP address of 10.0.0.1 for the Router (Default Gateway). Once the DHCP scope is available to clients, the DHCP server will hand out this IP address as the clients’ default gateway. The default gateway is the primary way clients can communicate with other networks or the Internet in general. Provide Default Gateway details10. Since this tutorial is using an environment that has a DNS server located at 10.0.0.10, provide the IP address on the Domain name and DNS Servers step. This IP address will be handed out as the DNS client for DHCP clients to translate names into IP addresses. The Parent domain should automatically populate based on the Active Directory domain the DHCP server is a member of. Configure the DNS server information11. If your environment still uses a WINS server, provide its IP address on the WINS Server step. This tutorial does not use one, so click Next to continue. Add a WINS server to the DHCP scope options12. Finally, activate the new DHCP scope and make it available to clients by ensuring that Yes, I want to activate this scope now is selected. Then click Next to continue. Activate the DHCP ScopeOnce all of the above steps are followed, you should now see the new scope under IPv4 as shown below. Review the new DHCP scopeCreating a DHCP Scope with PowerShellIf you’re not a fan of the GUI or simply need to automate DHCP tasks, look no further than PowerShell. Let’s now cover the same process as just performed via the Server Manager, only this time with PowerShell. Assuming you’re at the Windows desktop of a test DHCP server: 1. Open Windows PowerShell as administrator. 2. Run the
As you’ll see in the below example, this server only has the scope that you’ve created using the GUI in the previous steps. Use PowerShell to report all of the available DHCP scopes on the server3. Run the
This cmdlet will create a DHCP scope called
4. Now, run Confirm that the DHCP scope has been deployed Managing Scope OptionsOnce you’ve created a scope, you can modify any attribute you’d like. Microsoft DHCP has an area specifically called Scope Options which allows you to change some common DHCP attributes sent to DHCP clients. Let’s now walk through the available scope options and cover their affect on your clients. While in the DHCP MMC:
2. Right click on Scope Options and choose Configure Options to navigate to the Scope Options box to change these options. Configure a new DHCP Option3. Scroll down the available options under the General tab. You’ll see dozens of options that the DHCP server can assign to clients. Review new DHCP Scope Options 4. Perhaps you forgot to add one of your DNS servers. Find the 006 DNS Servers option, enter it’s IP address, click Add, and OK. This tutorial will be using the IP address of 10.0.0.5. Add a new DNS Server to DHCP OptionsOnce you click OK, Windows will then validate if DNS services are available on your provided IP address. Validating a new DNS Server5. Return to the main screen and review the Options pane. You’ll now see two IP addresses listed under 006 DNS Servers. Confirming the DNS Server Option is availableDHCP LeasesAn important part of DHCP is the lease. A device is known to “lease” an IP address from a DHCP server for a certain period of time (lease time). Network administrators typically configure DHCP servers to lease IP addresses based on different use cases. For example, for devices on a wired connection that rarely leave the network, administrators may assign a longer lease time like eight days. If the device never leaves the network, it’s not efficient to go through the lease renewal process. On the other hand, if a wireless device roams on and off the network several times a week, administrators may assign a shorter lease period (12-24 hours) to save available IP addresses for other devices. While in the DHCP console, you can find all current leases in —> IPv4 —> Scope [X.X.X.X] —> Address Leases as shown below. Once on the Address Leases window, you’ll see each IP address that the DHCP server has assigned along with the Lease Expiration date. Managing DHCP Address LeasesSetting the Microsoft DHCP Lease PeriodLet’s now discover how to set the DHCP lease period at the server level for DHCP clients. While still in the DHCP console on the DHCP server: 1. Find the scope containing the IP address pool you’d like to look at, right-click on the scope name, and select Properties. Display the properties of your DHCP Scope2. Within the Properties window, you’ll now see a Lease duration for DHCP clients. This setting is the DHCP lease time for all IP addresses in that scope. Show the DHCP Lease properties and the DHCP Lease duration 3. Click Cancel to close the Properties box. Finding Assigned DHCP Lease TimesDHCP services can only assign one IP address per device. How does the DHCP server know when it can re-use an IP address in the pool? The DHCP lease time. If a device doesn’t renew its dynamically assigned IP address within the lease time, the lease expires and is available to other devices to lease. How do you actually discover the lease time on a device? Unfortunately, each operating system (OS) has a different way of exposing the DHCP lease time. This tutorial will cover how to determine lease time on Windows 10.
To find a Windows DHCP client’s lease time, on the Windows client console, open Windows PowerShell and run the You’ll see the time the lease was made (Lease Obtained) and when it expires (Lease Expires). The Lease Obtained field is the exact time the DHCP server assigned the IP address to this device. The Lease Expires field indicates the time the device will ask the DHCP server to renew its lease. Subtract the Lease Expires value from the Lease Obtained value and you have your DHCP lease time. DHCP Address PoolsOnce you’ve configured the scope, you already have an address pool. The address pool is the range of IP addresses the DHCP server will assign to clients in a lease. Let’s navigate through the address pool already set up. Updating the Address PoolIP address scopes are not fixed in stone. It’s inevitable that after some time you’ll need to expand the address pool to allow more devices to connect to your network. Rather than creating a new address pool, it’s often easier to expand an existing pool. To do that: 1. Right click on —> IPv4 —> Scope [X.X.X.X] and click on Properties to open the Scope Properties configuration wizard. Update the DHCP address pool2. Update the fields to increase the range of IP addresses for your existing address pool so that more addresses are available for any future allocation. Once complete, click OK. Expand the DHCP address pool3. Click on —> IPv4 —> Scope [X.X.X.X] —> Address Pool to bring up the address pool. Notice below that it now shows the expanded Address Pool in the scope. Confirm the new DHCP poolAdding Exclusion Ranges to the Address PoolImagine that you need to create a small list of IP addresses within the address pool that are not assigned to any new devices on the network. Exclusion ranges are how you’d achieve this. Assuming that you still have the DHCP console open: 1. Click on —> IPv4 —> Scope [X.X.X.X] —> Address Pool to bring up the address pool. Review the Address Pool2. Right-click on Address Pool and click on New Exclusion Range to open the Add Exclusion wizard. Add a new exclusion range to your DHCP address pool3. Complete the fields to create a small range of IP addresses within your existing address pool that will not be included in any future allocation of leases. Once complete, click Add. Add the IP addresses to be excluded4. Back on the DHCP console, refresh the screen and note that the exclusion is now in place. Confirm that the addresses are now excluded from the DHCP scopeAt this point, whenever a new device connects to the network, your DHCP server will not lease an address from within this exclusion range. DHCP ReservationsIP addresses are, by their nature, dynamic. Most of the time this is OK as you typically don’t care what the IP address of your PC is. Occasionally you’ll need to manually specify the address of a device such as an admin laptop or a printer. When you need to statically assign an IP address to a particular device, use a DHCP reservation. Adding ReservationsLet’s start out by adding a reservation to a scope previously created. While in the DHCP console on the DHCP server: 1. Select —> IPv4 —> Scope [X.X.X.X] —> Reservations to open the Reservations window. You’ll see no reservations exist. Managing DHCP Reservations2. Right-click on Reservations and then choose New Reservation to open the New Reservation input box. Creating a new DHCP Reservation3. Complete the fields with details that are relevant to a device you’d like to assign a “static” IP address to.
Once complete, click Add. Information for a New Reservation4. Back on the DHCP console, refresh the screen and note that the reservation is now in place. Review the New DHCP ReservationAt this point, when the device that has the MAC address you’ve provided in the reservation goes through its DHCP lifecycle, it will be assigned the expected reserved IP address. Removing ReservationsAs part of the general lifecycle of devices within your organization, you’ll occasionally have to retire old devices, some of which will have DHCP reservations. Assuming you’re still in the DHCP console, removing DHCP reservation requires a right click on the reservation and clicking Delete. Removing a DHCP ReservationDHCP PoliciesPreviously, you learned how to set reservations by MAC address. Although reservations are useful, they don’t allow you to assign addresses or specific scope options based on other criteria. Using a DHCP policy, you can define various conditions a client must meet to assign an IP address. Using a DHCP policy, you can assign a specific category of devices a different DNS server, default gateway, or TFTP server, for example. To create a DHCP policy: 1. Right click —> IPv4 —> Scope [X.X.X.X] —> Policies and click on New Policy to open the Policy configuration window. Create a new DHCP policy2. Complete the fields with details of the Policy Name and a Description for the policy. Click Next, once complete. DHCP Policy creation wizard3. Click on the Criteria dropdown and notice the many conditions you can check for on a client. For this tutorial, select MAC Address and add a relevant Value, selecting Wildcard. 4. Either Add another condition for the policy or click Next to continue. Combine multiple conditions5. Next, add a subset of IP addresses from within your existing range. The DHCP server will assign devices matching the conditions defined earlier an IP address from this range. Once complete, click Next. Configure subset of IP addresses6. Now it’s time to define the options the client will receive if it meets the condition. For this tutorial, select 003 Router to modify the default gateway clients matching the condition will receive. Enter an IP address for the new gateway, click Add and then Next. Configure settings for the policy7. Review the screen and confirm that the details are correct. Click Finish to close the wizard. Review the new configuration8. Refresh the screen to confirm that the new policy is in place. Confirm the new policy is in placeConclusionIn this article, you’ve covered a lot of ground when it comes to DHCP. You’ve learned how to set up DHCP scopes and everything that comes with them. You also learned how DHCP assigns IP addresses and other information to clients. Armed with all of this new information, you can now confidently tackle DHCP like a champion. How are you planning on using this knowledge? What is exclusion range in DHCP?A DHCP exclusion range is a specified range of IP addresses residing within a DHCP range. An exclusion range is defined as a start/end IP address pair within an ipam/range object and is considered a sub-object within a regular DHCP range.
Why do we exclude IP addresses in DHCP?The ip dhcp excluded-address command may be used to reserve addresses that are statically assigned to key hosts. A DHCP server can configure much more than an IP address. Other IP configuration values can be set from DHCP configuration mode, as shown in Example 2-4.
What is the purpose of a DHCP scope?A scope is a consecutive range of IP addresses that a DHCP server can draw on to fulfill an IP address request from a DHCP client. By defining one or more scopes on your DHCP server, the server can manage the distribution and assignment of IP addresses to DHCP clients.
What is the functionality of a lease for a DHCP server?During the lease time, the DHCP server cannot assign that IP address to any other clients. The purpose of a lease is to limit the length of time that a client can use an IP address. A lease prevents unused clients from taking up IP addresses when there are more clients than addresses.
|