New features in DHCP for Windows Server 2008 R2 / Windows 7

What are the major changes? The DHCP server in Windows Server 2008 R2 has invested in the areas of security, reliability, manageability and usability. Similarly on the DHCP Client in Windows 7 has invested on certain optimization for obtaining IP Address.   The following changes are available in DHCP server in Windows Server 2008 R2:   ·        …


Migration of DHCP Server from Windows Server 2003 to Windows Server 2008

Microsoft product support team often encounters migrated DHCP servers which are dysfunctional. The reason quite often for the bad state of the DHCP server is because backup/restore has been used by the customers for migrating the DHCP server across server versions (e.g. migrating from Windows Server 2003 DHCP to Windows Server 2008).  Backup and Restore…


MAC Filter Import Tool

Hello Everybody, Thanks for all those who tried the MacFilterCallout dll. As you all must have checked out by now that Link Layer Filtering feature is a part of Windows Server 2008 R2 DHCP Server. DHCP Server team has come up with a GUI based tool which will let an administrator import the MAC addresses…


DHCP Broadcast flag handling in Windows 7

1.     DHCP Broadcast flag: DHCP messages have ‘flags’ field. The first bit in this field indicates whether the client is expecting a broadcast or unicast response from the DHCP server Relay agent. When the bit is set to 1, it indicates that the client expects broadcast response, and when the bit is set to 0,…


How to configure Link Layer based filtering

In the scenarios where there are increasing security concerns and potential threats in networks, Link Layer based filtering feature in Windows Server 2008 R2 DHCP Server provides administrators the ability to specifically control network resource access to the clients by issuance or denial of IP Address to them, based on MAC address of clients configured…


Troubleshooting Link Layer based filtering

Some of the issues that are commonly faced in scenarios where Link Layer based filters have been configured.   1. MAC Address is added in allow list but still the client is denied IP address.     Check if there is some wildcard entry in the deny list which matches the MAC Address of the requesting client. Because deny…


What Is Name Protection

Name Protection is based on the DHCID support to the DHCP server, and support for the new DHCID RR (Resource Record) to Microsoft DNS.  In addition, support for DUID will be added to the IPv4 registration on the DHCP client. Note this feature prevents name squatting due to non-Windows OS machines, for example servers with…


How to configure Name Protection

This feature supports prevention of name squatting issues caused due to non-Windows OS machines. Using this feature one could prevent registration of non-Windows OS machine with a same name that is already registered for another machine in DNS Server. This feature is available for IPv4 and IPv6 networks. Name Protection can be configured at the…


How to configure split-scope using wizard

Split-scope configuration (Widely known as 80/20 Configurations) is typically considered as high-availability deployment scenario for the DHCP Server. It involves configuring scopes with the same subnet address and subnet mask and configuration on two distinct DHCP Servers. The two scopes have complementary exclusion ranges and therefore will not serve the same address to different clients….


How to prevent address exhaustion from Secondary Server in split-scope deployment

DHCP secondary server is configured with 20% of address leases and if it serves the clients at the same pace it would run out of address leases and would be useless if the primary DHCP server is down. To avoid address range depletion on the secondary server one of the following two methods can be…