Вы находитесь на странице: 1из 7

Configuring a DHCP Superscope – Dante Leo

Applies To: Windows Server 2008 R2 – 2016

A superscope is an administrative feature of Dynamic Host Configuration Protocol

(DHCP) servers running Windows Server 2008 that you can create and manage by using the DHCP Microsoft Management Console (MMC) snap-in. By using a superscope, you can group multiple scopes as a single administrative entity. With this feature, a DHCP server can:

Support DHCP clients on a single physical network segment (such as a single Ethernet LAN segment) where multiple logical IP networks are used. When more than one logical IP network is used on each physical subnet or network, such configurations are often called multinets.

Support remote DHCP clients located on the far side of DHCP and BOOTP relay agents (where the network on the far side of the relay agent uses multinets).

In multinet configurations, you can use DHCP superscopes to group and activate

individual scope ranges of IP addresses used on your network. In this way, the DHCP server can activate and provide leases from more than one scope to clients on a single

physical network.

Superscopes can resolve specific types of DHCP deployment issues for multinets, including situations in which:

The available address pool for a currently active scope is nearly depleted, and more computers need to be added to the network. The original scope includes the full addressable range for a single IP network of a specified address class. You need to use another range of IP addresses to extend the address space for the same physical network segment.

Clients must be migrated over time to a new scope (such as to renumber the current IP network from an address range used in an existing active scope to a new scope that contains another range of IP addresses).

You want to use two DHCP servers on the same physical network segment to manage separate logical IP networks.

Superscope configurations for multinets

The following section shows how a simple DHCP network consisting originally of one physical network segment and one DHCP server can be extended to use superscopes for support of multinet configurations.

Example 1: Non-routed DHCP server (before superscope)

In this example, a small local area network (LAN) with one DHCP server supports a single physical subnet, Subnet A. The DHCP server in this configuration is limited to leasing addresses to clients on this same physical subnet.

The following illustration shows this example network in its original state. At this point, no superscopes have been added and a single scope, Scope 1, is used to service all DHCP clients on Subnet A.

Scope 1, is used to service all DHCP clients on Subnet A. Example 2: Superscope for

Example 2: Superscope for non-routed DHCP server supporting local multinets

To include multinets implemented for client computers on Subnet A, the same network segment where the DHCP server is located, you can configure a superscope that includes as members the original scope (Scope 1) and additional scopes for the logical multinets for which you need to add support (Scope 2 and Scope 3).

This illustration shows the scope and superscope configuration to support the multinets on the same physical network (Subnet A) as the DHCP server.

Example 3: Superscope for routed DHCP server with relay agent supporting remote multinets To include

Example 3: Superscope for routed DHCP server with relay agent supporting remote multinets

To include multinets implemented for client computers on Subnet B, the remote network segment located across a router from the DHCP server on Subnet A, you can configure a superscope that includes as members the additional scopes for the logical multinets for which you need to add remote support (Scope 2 and Scope 3).

Because the multinets are for the remote network (Subnet B), the original scope (Scope 1) does not need to be part of the added superscope.

This illustration shows the scope and superscope configuration to support the multinets on the remote physical network (Subnet B) away from the DHCP server. A DHCP relay agent is used for DHCP servers to support clients on remote subnets.

Create a superscope You can use this procedure to create a DHCP superscope. Membership in

Create a superscope

You can use this procedure to create a DHCP superscope.

Membership in the Administrators or DHCP Administrators group is the minimum required to complete this procedure.

To create a superscope

1. Open the DHCP snap-in.

2. In the console tree, click the DHCP server you want to configure.

3. On the Action menu, click New Superscope.

This menu option only appears if at least one scope that is not currently part of a superscope has been created at the DHCP server.

4. Follow the instructions in the New Superscope Wizard.

Configuring a DHCP Multicast Scope

Applies To: Windows Server 2008 R2 - 2016

Multicasting is the sending of network traffic to a group of endpointsdestination hosts. Only those members in the group of endpoints hosts that are listening for the multicast traffic (the multicast group) process the multicast traffic. All other nodes hosts ignore the multicast traffic.

Multicast scopes are supported by using Multicast Address Dynamic Client Allocation Protocol (MADCAP), a protocol for performing multicast address allocation. The MADCAP protocol describes how multicast address allocation or MADCAP servers can dynamically provide IP addresses to other computers (MADCAP clients) on your network.

Typically, a MADCAP server is also a multicast server (MCS) used to support IP multicasting. An MCS manages the shared or group use of the allocated multicast IP address and streams data traffic to members that share the use of the specified group address.

After an MCS is configured and allocated a group address to use, any multicast clients that have registered their membership with the MCS can receive streams sent to this address. By registering with the MCS, clients can participate efficiently in the stream process, such as for real-time video or audio network transmissions. The MCS also manages the multicast group list, updating its membership and status so that multicast traffic is received by all current members.

You can use this procedure to create a multicast scope.

Membership in the Administrators or DHCP Administrators group is the minimum required to complete this procedure.

To create a multicast scope

1. Open the DHCP Microsoft Management Console (MMC) snap-in.

2. In the console tree, click the DHCP server you want to configure.

3. On the Action menu, click New Multicast Scope.

4. Follow the instructions in the New Multicast Scope Wizard.

Configuring Name Protection

Applies To: Windows Server 2008 R2 - 2016

Name squatting occurs when a non-Windows-based computer registers in Domain Name System (DNS) with a name that is already registered to a Windows-based computer. The use of name protection in Windows Server prevents name squatting by non-Windows- based computers. Name squatting does not present a problem on a homogeneous Windows network where Active Directory Domain Services (AD DS) can be used to reserve a name for a single user or computer.

Name protection is based on the Dynamic Host Configuration Identifier (DHCID) in the Dynamic Host Configuration Protocol (DHCP) server, and support for the new DHCID RR (resource record) in DNS. DHCID RR is described by the Internet Engineering Task Force (IETF) in RFCs 4701 and 4703.

DHCID is a resource record (RR) stored in DNS that maps names to prevent duplicate registration. This RR is used by DHCP to store an identifier for a computer, along with other information for the name such as the A/AAAA records of the computer. The unique position of DHCP in the name registration process allows it to request this match, and then refuse the registration of a computer with a different address attempting to register a name with an existing DHCID record.

DHCID prevents the following name squatting situations:

Server name squatting by a client

Server name squatting by another server

Client name squatting by another client

Client name squatting by a server

In addition, support for DHCP Unique Identifier (DUID) will be added to the IPv4 registration on the DHCP client. DUID is described by the IETF in RFC 4361.

Name protection can be configured for IPv4 and IPv6 at the network adapter level or scope level. Name protection settings configured at the scope level take precedence over the setting at the IPv4 or IPv6 level. If Name protection at the scope level is not configured at all, then the setting at the IPv4 or IPv6 network adapter takes precedence. DHCID protects names on a first come-first served basis.

To enable name protection at the IPv4 or IPv6 node level

1. Open the DHCP Microsoft Management Console (MMC) snap-in.

2. In the console tree, double-click the DHCP server you want to configure, right- click IPv4 or IPv6, and then click Properties.

3. Click DNS, click Advanced, and then check Enable Name Protection.

To enable name protection at the scope level

1. Open the DHCP console.

2. In the console tree, double-click the DHCP server you want to configure, double- click IPv4 or IPv6, right-click the scope you want, and then click Properties.

3. Click DNS, click Configure, and then check Enable Name Protection.