Professional Documents
Culture Documents
DHCP Service
Product Operations Guide
Contents
SD4
Contributors
Program Manager
Jeff Yuhas, Microsoft Corporation
Lead Writers
Michael Sarabosing, Covestic Inc.
Akil Washington, Covestic Inc.
Test Manager
Greg Gicewicz, Microsoft Corporation
QA Manager
Jim Ptaszynski, Microsoft Corporation
Technical Editors
Frank Manning, Volt Technical Services
Patricia Rytkonen, Volt Technical Services
Production Editor
Kevin Klein, Volt Technical Services
1
Introduction to Product
Operations Guide
SD6
Document Purpose
This guide describes processes and procedures for improving the
management of Microsoft Windows Server 2003 Dynamic Host
Configuration Protocol (DHCP) service in an information technology
(IT) infrastructure.
Intended Audience
This material should be useful for anyone planning to deploy this
product into an existing IT infrastructure, especially one based on the
IT Infrastructure Library (ITIL)a comprehensive set of best
practices for IT service managementand Microsoft Operations
Framework (MOF). It is aimed primarily at two main groups: IT
managers and IT support staff (including analysts and service-desk
specialists).
Background
This guide is based on Microsoft Solutions for Management (MSM).
MSM provides a combination of best practices, best-practice
implementation services, and best-practice automation, all of which
help customers achieve operational excellence as demonstrated by
high quality of service, industry reliability, availability, and security,
and low total cost of ownership (TCO).
These MSM best practices are based on MOF, a structured, yet flexible
approach based on ITIL. MOF includes guidelines on how to plan,
Figure 1
MOF Process Model and SMFs
SD8
Figure 2 shows the MOF Team Model, along with some of the many
functional roles or function teams that might exist in service
management organizations. These roles and function teams are
shown mapped to the MOF role cluster to which they would likely
belong.
Change management
Release/systems engineering
Configuration control/asset
management
Software distribution/licensing
Intellectual property protection Quality assurance
Network and system security
Intrusion detection
Virus protection
Release
Audit and compliance admin
Contingency planning
Enterprise architectu
Infrastructure engine
Capacity manageme
Cost/IT budget mana
Resource and long-r
planning
Security
Infrastructure
Partner
Support
Maintenance vendors
Environment support
Managed services, outsourcers,
trading partners
Software/hardware suppliers
Operations
Messaging operations
Database operations
Network administration
Monitoring/metrics
Availability management
Figure 2
MOF Team Model and examples of functional roles or teams
Service desk/help de
Production/productio
Problem manageme
Service level manag
The MOF Team Model is built on six quality goals, which are
described and matched with the applicable team role cluster in Table
1.
Table 1. MOF Team Model Quality Goals and Role Clusters
Quality goal
Release
Infrastructure
Support
Operations
Partner
Security
2
High-Level Tasks for
Maintaining
Windows Server 2003
DHCP Services
SD10
Overview
Every company consists of employees (people), activities that those
employees perform (processes), and tools that help them perform
those activities (technology). No matter what the business, it most
likely consists of people, processes, and technology working together
to achieve a common goal. The following table illustrates this point.
Table 2. Examples of People, Process, and Technology Working
Together
Area
People
Process
Technology
Auto repair
industry
Mechanic
Repair manual
Socket set
Software
development
industry
Programmer
Project plan
Compiler;
debugger
IT operations
IT technician
Microsoft
Operations
Framework
Windows Serv
2003 DHCP
Service
Technology Required
The following table lists the tools or technologies used in the
procedures described in this guide. All tools should be accessed from
Description
Location
Disk
Defragmente
r
Start>All
Programs>Accessories
>System Tools>Disk
Defragmenter
Backup
Start>All
Programs>Accessories
>System Tools>Backup
Srvinfo.exe
Windows
Management
Instrumentat
ion (WMI)
Provides for
management
capabilities. In this
POG, specifically, it
is used within
Microsoft Visual
Basic Scripting
Edition (VBScript).
DHCP
Manager
Centralized
management and
monitoring tools
used for modifying
DHCP parameters.
This can be found
either in
Administrative Tools
after initial install of
the DHCP service or
via Adminpak.msi.
%systemroot
%system32\
dhcpmgmt.msc
SD12
Required
technology
Event
Viewer
Description
Location
Start>Control Panel>
Administrative
Tools>Event Viewer
Provides detailed
performance
information on key
metrics used to
troubleshoot
bottlenecks and
degradation. It is
automatically
installed with
Windows
Server 2003.
Start>Control Panel>
Administrative Tools>
Performance
Task
Manager
Offers an immediate
view of system
activity and
performance. This
technology is
automatically
installed with
Windows
Server 2003.
Right-click an empty
space on the taskbar,
and then click Task
Manager.
Service
Control
(SC.exe)
%systemroot
%\system32\ sc.exe
Netsh
Manages network
services and
configuration objects.
%systemroot
%\system32\netsh.exe
System
Monitor
(formerly
called
Performance
Monitor)
(Netsh.exe)
Or to open Event
Viewer using the
command line:
Start>Run. In the Open
box, type
eventvwr.msc, and
then click OK.
Or to open System
Monitor using the
command line:
Start>Run. In the Open
box, type perfmon, and
then click OK.
Required
technology
Description
Location
then click OK.
Windows
Server 2003
Resource Kit
Tools
Provides operations
tools, scripts, and
shortcuts to add and
automate
administrative
functionality for
Windows Server
2003. This kit is a
separate installable
package.
http://www.microsoft.
com/downloads/detai
ls.aspx?
familyid=9d467a6957ff-4ae7-96eeb18c4790cffd&displayla
ng=en, or search for
Windows Server 2003
Resource Kit Tools at
http://www.microsoft.
com.
Microsoft
Word, Excel,
and Access
XP
Full-featured
Microsoft Office
desktop applications
that can be used to
create the reports
and manage the data
sets listed in this
product operations
guide.
Microsoft
SQL
Server
(optional)
Can be used to
manage enterpriselevel volumes of
management log,
performance, and
configuration data.
http://www.microsoft.
com/sql/
SD14
Operating Quadrant
The processes for this section are based on the service management
function (SMF) guides that make up the MOF Operating Quadrant.
For more information on the MOF Process Model and the SMFs, see
http://www.microsoft.com/msm and
http://www.microsoft.com/mof.
Related SMFs
Weekly Processes
Process Name
Related SMFs
Storage resource
management
Monthly Processes
Process Name
Related SMFs
Related SMFs
Related SMFs
Perform monitoring
Weekly Processes
Process Name
Related SMFs
Related SMFs
Related SMFs
SD16
Supporting Quadrant
The processes for this section are based on the SMF guides that make
up the MOF Supporting Quadrant.
Related SMFs
Support
Investigation and
diagnosis
Support
Weekly Processes
Process Name
Related SMFs
Investigation and
diagnosis
Monthly Processes
Process Name
Related SMFs
Related SMFs
Related SMFs
Weekly Processes
Process Name
Related SMFs
Related SMFs
Related SMFs
SD18
Optimizing Quadrant
The tasks for this section are based on the SMF guides that make up
the MOF Optimizing Quadrant.
Related SMFs
Related SMFs
Related SMFs
As-Needed Processes
Process Name
There are no as-needed
processes for this SMF.
Related SMFs
Changing Quadrant
The processes for this section are based on the SMF guides that make
up the MOF Changing Quadrant.
Related SMFs
Change classification
Weekly Processes
Process Name
Related SMFs
Related SMFs
Related SMFs
SD20
Related SMF
Related SMF
Related SMF
Review configuration
items
As-Needed Processes
Process Name
Related SMF
3
Detailed Maintenance
Actions
Overview
This chapter provides detailed information about the processes that
must be performed in order to maintain Windows Server 2003 DHCP
services. These processes are arranged according to the MOF
quadrant to which they belong and, within each quadrant, by the
MOF SMF guides that make up that quadrant.
Those quadrants are:
Operating
Supporting
Optimizing
Changing
For more information about the MOF Process Model and the MOF
SMF guides that make up each quadrant of the model, see
http://www.microsoft.com/msm. For more information about the
MOF Team Model and team role clusters, see
http://www.microsoft.com/mof.
SD22
Operating
Quadrant
Storage
Management SMF
Operations Role
Cluster
As Needed
SD24
SD26
SD28
Dependencies
Backup jobs are logged to disk.
Incident management process.
Technology Required
Backup utility
Third-party backup software
Dependencies
Scheduled backups are being performed.
Technology Required
Backup utility
Operating
Quadrant
Storage
Management SMF
Operations Role
Cluster
Weekly
SD30
Dependencies
None
Technology Required
Base DHCP Windows Server 2003
Windows Management Instrumentation (WMI) infrastructure
Windows Script Host
SD32
Operating
Quadrant
Service Monitoring
and Control SMF
Infrastructure Role
Cluster
Daily
SD34
Script Listing:
rem DHCP Service Performance Basic Collector --------------------On Error Resume Next
rem
rem
rem
rem
rem
rem
rem
SD36
b. After the line For Each objItem in colItems all the way to
Next are the output commands to echo the results to
screen. Select the objects you would like to log and replace the
Wscript.Echo lines with one concatenated and formatted
output including formatting such as (quotes) represented by
chr(34) and , (commas).
For example, to create a PerfMon-style output for DHCP
Nacks/sec, Offers/sec, and Requests/sec, the result would
be:
Dependencies
None
Technology Required
Base DHCP Windows Server 2003
WMI infrastructure
Windows Script Host
SD38
SD40
19. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
20. In the Performance Object pull-down menu, select Physical
Disk.
21. Click Disk Reads/sec from the counters, and choose the
appropriate drive where the DHCP database is housed. The
default for DHCP is C:
22. Click Add.
23. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
24. In the Performance Object pull-down menu, select Physical
Disk.
25. Click Disk Writes/sec from the counters, and choose the
appropriate drive where the DHCP database is housed. The
default for DHCP is C:
26. Click Add.
27. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
28. In the Performance Object pull-down menu, select Memory.
29. Click Available MBytes from the counters, and click Add.
30. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
40. In the Performance Object pull-down menu, select Memory.
41. Click Page Faults/sec from the counters, and click Add.
42. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
43. In the Performance Object pull-down menu, select Paging File.
44. Click %Usage from the counters, and choose _Total on Select
instances from list.
45. Click Add.
46. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
47. In the Performance Object pull-down menu, select Processor.
48. Click %DPC Time from the counters, and choose _Total on
Select instances from list.
49. Click Add.
50. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
51. In the Performance Object pull-down menu, select Processor.
SD42
52. Click %Processor Time from the counters, and choose _Total on
Select instances from list.
53. Click Add.
54. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
55. In the Performance Object pull-down menu, select Processor.
56. Click Interrupts/sec from the counters, and choose _Total on
Select instances from list.
57. Click Add.
58. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
59. In the Performance Object pull-down menu, select Processor.
60. Click Interrupts/sec from the counters, and choose _Total on
Select instances from list.
61. Click Add.
62. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
63. In the Performance Object pull-down menu, select Server.
64. Click Bytes Total/sec from the counters, and click Add.
65. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
66. In the Performance Object pull-down menu, select Server.
67. Click Work Item Shortages from the counters, and click Add.
68. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
69. In the Performance Object pull-down menu, select System.
70. Click Context Switches/sec, and click Add.
71. Verify that the new counter was added to the logging.
(The Add Counters window may be blocking the previous DHCP
Server Load and Util window.)
72. In the Performance Object pull-down menu, select System.
SD44
b. After the line For Each objItem in colItems all the way to
Next are the output commands to echo the results to the
screen. Select the objects you would like to log, and replace
the Wscript.Echo lines with one concatenated and
formatted output including formatting such as (quotes)
represented by chr(34) and , (commas).
For example, to create a PerfMon-style output for DHCP
Nacks/sec, Offers/sec, and Requests/sec, the result would
be:
SD46
c.
Next
Next
Dependencies
None
Technology Required
WMI infrastructure
Windows Script Host
Base DHCP Windows Server 2003
Optimizing
Quadrant
Capacity
Management SMF
Infrastructure Role
Cluster
Monthly
SD48
Technology Required
Microsoft Excel or third-party spreadsheet application
Supporting
Quadrant
Problem
Management SMF
Operations Role
Cluster
Dependencies
None
Technology Required
Base DHCP Windows Server 2003
Daily
SD50
Procedure 1: Detect and identify DHCP servers that are not part of a
known list
To detect rogue DHCP servers on a local subnet
1. On a client or server other than the DHCP server, open a
command shell by clicking Start, then Run, typing cmd and
clicking OK.
2. Enter the Dhcploc.exe utility command:
dhcploc -p -a:"dhcpadmin -i:360 16.23.23.4 23.1.2.44 23.1.2.45
This will run the Dhcploc utility on the local interface having the
IP 16.23.23.4. The tool will send a discovery packet, and DHCP
servers that respond but do not have the IP address of 23.1.2.44 or
23.1.2.45 will trigger an alarm to Dhcpadmin user every three
minutes (-i:360).
3. When Dhcploc is running, type d to discover.
Dependencies
None
Technology Required
Dhcploc from the Windows Server 2003 \Support\Tools
directory on the Windows Server 2003 Install CD
Base DHCP Windows Server 2003
SD52
SD54
SD56
SD58
Supporting
Quadrant
Incident
Management SMF
Support Role
Cluster
Daily
SD60
Supporting
Quadrant
Incident
Management SMF
Support Role
Cluster
Daily
SD62
SD64
Changing Quadrant
Configuration
Management SMF
Operations Role
Cluster
Monthly
SD66
Dependencies
None
Technology Required
Base DHCP Windows Server 2003
SD68
SD70
Changing Quadrant
Change
Management SMF
Infrastructure Role
Cluster
Daily Schedule
SD72
4
Processes by MOF Role
Clusters
This chapter is designed for those who want to see all the processes
for a single role cluster in one place. The information is the same as
that in the previous two chapters. The only difference is that the
processes are ordered by MOF role cluster.
Task 1: Monitor and resolve alerts indicating DHCP conflict (rogue detection a
IP in use)
Task 2: Monitor key DHCP dependencies (Active Directory and network)
Task 3: Monitor log for DHCP events
Task 4: Service checkcheck DHCP authorization status
Task 5: Service checkresolve alerts indicating the following services are not
running: Dhcpserver
Task 7: Service checkverify that all DHCP relay agents are functioning norm
Task 8: Service checkverify that the DHCP server is backing up its DB
automatically
Weekly Processes
Process 1: Storage resource management
Task 1: Monitor disk space for the DHCP logs and DB
Monthly Processes
There are no monthly processes for this role cluster.
As-Needed Processes
Process 1: Data backup, restore, and recovery operations
Task 1: Verify restore
SD74
5
Troubleshooting
Overview
The following table contains troubleshooting tips that should be
useful in maintaining this product. The tips are based on known
issues and follow the best practices for troubleshooting and problem
management outlined by the Incident Management SMF and the
Problem Management SMF, both found in the MOF Supporting
Quadrant.
SD76
Verify that the client computer has a valid functioning network connection. First,
check that related client hardware (cables and network adapters) are working
properly at the client using basic network and hardware troubleshooting steps.
If the client hardware appears to be prepared and functioning properly, check that
DHCP server is available on the network by pinging it from another computer on t
same network as the affected DHCP client.
The DHCP client appears to have automatically assigned itself an IP address that i
incorrect for the current network.
Cause of Problem
The Windows XP, Windows Millennium Edition (ME), or Windows 98 DHCP clien
could not find a DHCP server and has used IP autoconfiguration to configure its IP
address.
In some larger networks, disabling IP autoconfiguration might be desirable for
network administration
Resolution of Problem
First, use the ping command to test connectivity from the client to the server. Next
either verify or manually attempt to renew the client lease. Depending on the netw
requirements, it might be necessary to disable IP autoconfiguration at the client.
The client might be missing DHCP options in its leased configuration, either becau
the DHCP server is not configured to distribute them or because the client does no
support the options distributed by the server.
Resolution of Problem
For Microsoft DHCP clients, verify that the most commonly used and supported
options have been configured at the server, scope, client, or class level of options
assignment.
SD78
The DHCP client appears to have incorrect or incomplete options, such as an incor
or missing router (default gateway) configured for the subnet on which it is located
Cause of Problem
The client has the full and correct set of DHCP options assigned, but its network
configuration does not appear to be working correctly.
If the DHCP server is configured with an incorrect DHCP router option (option co
3) for the default gateway address of the client, clients running Windows NT,
Windows 2000, or Windows XP use the correct address. However, DHCP clients
running Windows 95 use the incorrect address.
Resolution of Problem
Change the IP address list for the router (default gateway) option at the applicable
DHCP scope and server. In rare instances, configure the DHCP client to use a
specialized list of routers different from other scope clients. In such cases, add a
reservation and configure the router option list specifically for the reserved client.
The IP address of the DHCP server was changed, and now DHCP clients cannot ge
IP addresses.
Resolution of Problem (1)
A DHCP server can only service requests for a scope that has a network ID that is t
same as the network ID of its IP address.
Ensure that the DHCP servers IP address is configured correctly. Verify that all IP
helpers on routers and DHCP relay agents accurately refer to this IP address.
Configure a BOOTP Relay on the client subnet (that is, the same physical netw
segment). Use the network vendor prescription for configuring the BOOTP Rel
2.
Configure a scope to match the network address on the other side of the
router or switch where the affected clients are located.
b.
In the scope, make sure that the subnet mask is correct for the remote subn
c.
d. Do not include this scope (that is, the one for the remote subnet) in
superscopes configured for use on the same local subnet or segment where
the DHCP server resides.
e.
Make sure there is only one logical route between the DHCP server and th
remote subnet clients.
SD80
The DHCP Relay Agent is not providing relay services for DHCP clients on a netw
segment.
Possible Causes and Resolutions of Problem
Possible Cause of Problem (1)
The interface on the server running routing and remote access that connects to the
network segment where the DHCP clients are located is not added to the DHCP Re
Agent IP routing protocol.
Resolution of Problem (1)
Verify that the interface on the server running routing and remote access that conn
to the network segment where the DHCP clients are located is added to the DHCP
Relay Agent IP routing protocol to enable the DHCP Relay Agent on a router interf
Possible Cause of Problem (2)
The Relay DHCP packets check box is not selected for the DHCP Relay Agent
interface that is connected to the network segment where the DHCP clients are
located.
Resolution of Problem (2)
Verify that the Relay DHCP packets check box is selected for the DHCP Relay Age
interface that is connected to the network segment where the DHCP clients are
located.
Possible Cause of Problem (3)
The IP addresses of DHCP servers configured on the global properties of the DHC
Relay Agent are incorrect.
Resolution of Problem (3)
Verify that the IP addresses of DHCP servers configured on the global properties o
the DHCP Relay Agent are the correct IP addresses for DHCP servers on your
internetwork. To configure global DHCP Relay Agent properties see
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs
server/mpr_how_dhcprelay2.asp.
From the router with the DHCP Relay Agent enabled, use the ping command to pi
each of the DHCP servers that are configured in the global DHCP Relay Agent dia
box. If you cannot ping the DHCP servers from the DHCP Relay Agent router,
troubleshoot the lack of connectivity between the DHCP Relay Agent router and th
DHCP server or servers.
Possible Cause of Problem (5)
IP packet filtering is preventing the receiving (through input filters) or sending
(through output filters) of DHCP traffic.
Resolution of Problem (5)
Verify that IP packet filtering on the router interfaces is not preventing the receivin
(through input filters) or sending (through output filters) of DHCP traffic. DHCP
traffic uses the User Datagram Protocol (UDP) ports of 67 and 68. Manage packet
filters
Possible Cause of Problem (6)
TCP/IP filtering is preventing the receiving of DHCP traffic.
Resolution of Problem (6)
Verify that TCP/IP filtering on the router interfaces is not preventing the receiving
DHCP traffic. DHCP traffic uses the UDP ports of 67 and 68. To configure TCP/IP
use TCP/IP filtering, see
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/proddocs
server/sag_TCPIP_pro_TCPIPfilter.asp.
6
Appendix
SD82
Description
ID
Date
The date at which this entry was logged on the DHCP ser
Time
The time at which this entry was logged on the DHCP ser
Description
IP address
Computer name
MAC address
Description
10
11
12
13
14
A lease request could not be satisfied because the scope's address pool
was exhausted.
15
16
17
20
21
22
23
24
25
30
31
32
50+
SD84
Description
Active queue
length
Conflict
check queue
length
The current length of the conflict check queue for the DHCP ser
This queue holds messages not responded to while the DHCP
server performs address conflict detection. A large value here m
indicate heavy lease traffic at the server or that Conflict Detectio
Attempts has been set too high.
Discovers/se
c
Duplicates
dropped/sec
Milliseconds
per packet
(Avg.)
Metric
Description
Packets
expired/sec
The number of packets per second that expire and are dropped
the DHCP server. Packets expire because they are in the server's
internal message queue for too long. A large number here indica
either that the server is either taking too long to process some
packets while other packets are queued or that traffic on the
network is too high for the DHCP server to handle.
Packets
received/sec
Offers/sec
Requests/sec
Informs/sec
Acks/sec
Nacks/sec
Declines/sec