DHCP enhancements in Windows Vista & Windows Server 2008: NAP enforcement & DHCPv6 (December 6, 2007)
Chat Topic: DHCP enhancements in Windows Vista & Windows Server 2008: NAP enforcement & DHCPv6
Date: Thursday, December 6, 2007
Please note: Portions of this transcript have been edited for clarity
Carolyn [MSFT] (Moderator):
Welcome to today’s chat, DHCP enhancements in Windows Vista & Windows Server 2008: NAP enforcement & DHCPv6. We are pleased to welcome our experts for today. I will have them introduce themselves now.
Kadir [MSFT] (Expert): Hi Folks - My name is Kadir. I'm working as a developer in the DHCP Server team.
Mayur [MSFT] (Expert): Hi, I'm Mayur R. Naik from the DHCP Server Team at Microsoft IDC.
Anthony [MSFT] (Expert):Hello All, I am Anthony working for DHCP test team.
Pandian (Expert):Hi Everyone, This is Pandian working with DHCP Server team.
ujjwalj (Expert):Hello everyone, this is Ujjwal working for DHCP test team.
rishabh[MSFT] (Expert):Hi I am rishabh , I am working for DHCP test team.
RamaSubbuSK (Expert):Hi all, I'm RamaSubbu working for DHCP Team.
Carolyn [MSFT] (Moderator):...and myself, your moderator for the chat: Carolyn. I am a technical editor for Windows Server User Assistance, working on security.
Start of chat:
RamaSubbuSK (Expert):Q: If two Windows Server 2008 DHCP servers are configured in a 80/20 split scope configuration and the 20% scope is full, what happens if the server hosting the other 80% fails? Can the other server be notified if it happens?A: You can install MOM pack to notify the DHCP Server failures.
Mayur [MSFT] (Expert):Q: In a split-scope configuration (two DHCP servers on the same subnet), is there a way to delay the DHCPOFFER from the "secondary" so that the IP chosen by the client will always, at least under normal circumstances, be the one for the "primary" server?A: You can implement the delay using the DHCP Server Callout API. Please see http://msdn2.microsoft.com/en-us/library/aa363372.aspx and http://blogs.msdn.com/anto_rocks/archive/2005/02/25/380510.aspx.
Anthony [MSFT] (Expert):
Q: Can you tell me why should I use classid?
A: Currently we use the Class ID in VPN dial in scenarios. All VPN dial-in clients use RRAS.Microsoft as the Class ID. Class ID is used to distribute options specific to some client with that ClassID. For a DHCP options class to be in effect between the DHCP server and its clients, both must be configured with a matching DHCP class ID string that identifies the client as a member of a specific user or vendor options class when it obtains its address lease from the server.
Anthony [MSFT] (Expert):
Q: Thank you, Anthony. Can you tell me if there is any benefit if I use it?
A: Yes, there is benefit in using ClassID. You can refer to http://technet.microsoft.com/en-us/library/bb727003.aspx for more information. You can use Class ID to secure a network for client who is part of the network or laptop users who receive their IP Address from this DHCP Server on the network. In DHCP Server you can configure the Class ID. When you configure Class ID you need to use the Same ID on all client machines so any DHCP packet sent by the client can be understood by the DHCP server of that class. You set Class ID on client machines using *Ipconfig /setclassid* command.
Pandian (Expert):Q: Can I configure DHCP for IPV4 and IPV6 separately?A: From Windows Server 2008 and later you can configure IPv4 and IPv6 separately.
RamaSubbuSK (Expert):
Q: We are also looking for ipv6 in near future. Do you have any white paper for how to deploy ipv6 and the how much whole setup will cost for a 3000-employee company?
A: A quick link: http://www.microsoft.com/technet/technetmag/issues/2007/03/CableGuy/default.aspx.
rishabh[MSFT] (Expert):
Q: Can we try it before buying it?
A: Yes. http://www.microsoft.com/windowsserver2008/audsel.mspx
Kadir [MSFT] (Expert):
Q: Hello, in our company we have the problem with win2k3. When a client moves to another subnet he gets his old address from the DHCP server for the wrong subnet. Is this scenario solved with Windows Server 2008?
A: Yes - you can try the scenario in the RC1 build which has just been released. Kindly visit http://www.microsoft.com/windowsserver2008/audsel.mspx.
Pandian (Expert):
Q: Can we try it before buying it?
A: Windows Server 2008 RC1 is already out. It can be downloaded from the link provided in http://www.microsoft.com/presspass/press/2007/dec07/12-05WS08RC1PR.mspx
Mayur [MSFT] (Expert):
Q: What new is coming in Windows Server 2008?
A: DHCP v4 NAP and DHCPv6 Stateful and Stateless Server.
Pandian (Expert):
Q: We are interested in DHCP & DNS.
A: Thanks for your interest in DHCP & DNS.
Anthony [MSFT] (Expert):
Q: We used nap also. Worked good.
A: Thanks. For more information refer to http://www.microsoft.com/nap.
RamaSubbuSK (Expert):
Q: When is Windows Server 2008 coming?
A: Watch out for dates @ http://www.microsoft.com/windowsserver2008/default.mspxhttp://technet.microsoft.com/en-us/windowsserver/2008/default.aspx
RamaSubbuSK (Expert):
Q: If two Windows Server 2008 DHCP Server are configured in a 80/20 split scope configuration and the 20% scope is full. What happens if the server hosting the other 80% fails? Can the other server be notified if it happens?
A: Currently, we don’t have that support.
rishabh[MSFT] (Expert):
Q: Is there anywhere a change log for all changes for DHCP/DNS from w2k3 to w2k8?
A: Hi this link provides information about new networking features in Windows Server 2008 and Windows Vista http://technet.microsoft.com/en-us/library/bb726965.aspx.
Anthony [MSFT] (Expert):
Q: Also, we do not find help very useful. We have to search for everything on Web always. if you can write good help on Windows telling which button does what, that will be very good.
A: Thanks Patrick for your feedback.
Anthony [MSFT] (Expert):
Q: Anthony [msft], I mean for doing DHCP I have different window page, for DNS it is different, so my folks take time in moving from one to other. If you can give similar windows for all products, that will help our folks.
A: But you still have the capability of managing both DNS and DHCP using a single MMC window. Also in Win2K8 once has Server Manager which is a one stop UI for managing all server roles.
Kadir [MSFT] (Expert):
Q: I have a Windows Server 2k3 DHCP and some xp clients which are located in different vlans. Every vlan has an own ip-subnet. The vlans are routed together by a l3 switch with DHCP-relay agent enabled.
A: I apologize - I don't have enough information as of now. I would recommend you get in touch with Microsoft Support team for further followup on this issue.
RamaSubbuSK (Expert):
Q: What is Server Manager?
A: See information about Server Manager at http://technet2.microsoft.com/windowsserver2008/en/servermanager/default.mspx and http://www.microsoft.com/windowsserver2008/servermanagement.mspx.
RamaSubbuSK (Expert):
Q: What is the biggest problem u are facing with DHCP in w2008? Can you tell so that I decide if we should buy w2008 or not?
A: Here is link which will list all the features that we are supporting in Windows Server 2008.http://technet2.microsoft.com/windowsserver2008/en/servermanager/dhcpserver.mspx
RamaSubbuSK (Expert):
Q: Is there any plan to support DHCP Failover protocol in a future version of Windows? (RFC 3074)
A: Currently, we have 80/20 and Windows Clustering for failover solution.
Anthony [MSFT] (Expert):
Q: I'm using Vista for sometime. Everything works good but we are not able to use classId in proper way. Can you tell us the best way to use classid. We are finding it just redundant thing. I sure Microsoft will not make it without purpose:-)
A: You can refer to http://technet.microsoft.com/en-us/library/bb727003.aspx for more information. You can use Class ID to secure a network for client who is part of the network or laptop users who receive their IP Address from this DHCP Server on the network. In DHCP Server you can configure the Class ID. When you configure Class ID you need to use the Same ID on all client machines so any DHCP packet sent by the client can be understood by the DHCP server of that class. You set Class ID on client machines using *Ipconfig /setclassid* command.
Pandian (Expert):
Q: How does a DHCP client check for a duplicate IP on the network?
A: For Ipv4, the client uses ARP and for Ipv6 the client uses DAD (Duplicate address deduction) mechanism.
RamaSubbuSK (Expert):
Q: Do you know if there will be a simple way to add a DHCP reservation by right-clicking on an existing lease in Windows Server 2008?
A: Current we don’t have this support. But maybe the tool posted at http://blogs.technet.com/teamdhcp/archive/2006/09/19/457383.aspx will help you.
Kadir [MSFT] (Expert):
Q: Kadir: I think tscherni describes the problem from KB327875 but not under Windows NT Server. It seems so Windows Server 2003 has the same problem and he will be lucky if this works on Windows Server 2008.
A: Thanks for the additional information. The scenario sounds to be the same. May be the workaround should be tried and also better to get in touch with the support.
RamaSubbuSK (Expert):
Q: Also, my server looks unauthorized on DHCP MMC even though it's authorized when I check with netsh.
A: Try to authorize from NETSH.
RamaSubbuSK (Expert):Q: I currently have DHCP server working on Windows Server 2003 and some of my clients are now using rc1 (trial basis). I want to later use only Windows Server 2008 and take Windows Server 2003 for some other server.A: Use NETSH dump to consolidate the DHCP Server configuration. NETSH DHCP SERVER SCOPE EXPORT also can be used to export/import scope specific information.
RamaSubbuSK (Expert):
Q: ramasubbu, I said it is shown authorized when I check from netsh. I already tried to authorize from netsh also.
A: Use NETSH DHCP DELETE Server to unauthorize and authorize it again.
RamaSubbuSK (Expert):
Q: Ramasubbu, can I consolidate the configuration of 2 DHCP servers?
A: Take NETSH DHCP SERVER DUMP from one server and import it to another.
Carolyn [MSFT] (Moderator):I'd like to thank our experts for joining us today to talk about DHCP enhancements in Windows Vista & Windows Server 2008: NAP enforcement & DHCPv6.
If you would like further information on today's topic, please visit the following URLs: VPN resources on TechNet •DHCP Home Page: http://technet.microsoft.com/en-us/network/bb643151.aspx•DHCP NAP - http://www.microsoft.com/downloads/details.aspx?familyid=AC38E5BB-18CE-40CB-8E59-188F7A198897&displaylang=en•DHCP NAP Webcast: http://support.microsoft.com/kb/924165/en-us•Technet: http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=1510&SiteID=17•Blog: http://blogs.technet.com/teamdhcp/default.aspx
Thanks for your interest and feedback!
