Brief Introduction to DHCP server creation and lease

The DHCP server can help us manage IP addresses. I believe everyone knows this. DHCP can be associated with the preset IP address through the lease, and automatically and securely allocate and lease IP address information for the local TCP/IP network, so as to achieve centralized IP address management, basically, no human intervention from the Administrator is required. But there will always be two sides. Although the DHCP service can automatically allocate IP information to the client, when a customer connects to the local LAN through DHCP, you can access local shared resources or some sensitive information. Even if the other party is not malicious, some viruses or Trojans on the client may endanger the security of the local network. Therefore, not only does the server need security configuration, but also some targeted management of the client.

In fact, we can create a DHCP class for the client machine, and specify a gateway and DNS information for the class on the DHCP server. If the DHCP class machine does not have the gateway or DNS information, of course, you cannot obtain related configurations or permissions, such as Internet access. Here we will discuss how to set up the DHCP class to prevent unauthorized machines from obtaining the DHCP address information of machines in the company's network. The following operations are all performed in the same network segment ).

Create a DHCP user or supplier

1. Create a new user or provider option class

1) Start the DHCP manager. In the console tree structure, click "available DHCP servers ". Right-click "winsrv server" and click "Define User class" to create a new user class, or click "define provider class" to create a new provider class. Click "add ".

2) In the "new category" dialog box, enter a descriptive ID name for the new option in the "display name" edit box. Here we enter "long ", in the "Description" box, you can add additional information at will, which is omitted for convenience. Enter the data provided by the DHCP client under ID or ASCII. The data is used in the DHCP server service to match the class ID. Click the left side of the text input box to input data in hexadecimal bytes. Click on the right of the text input box and enter data with ASCII text characters. Enter "long", click "OK", and then click "close ".

Now we have defined a DHCP user class with the ID of Long. We need to configure this user class below.

2. Configure the user class

Right-click "scope options", select "advanced", and select the user category "Long" just created in the "user category" section below ", then select the option to be configured in the available options below. Generally, select "003 Router", "006 DNS server", and "051 lease. Select "006 DNS server" for DNS settings, enter the address of the local DNS server in the IP address below, and press "add.

Vro configurations are basically the same. For the lease, you must note that the following hexadecimal numbers are required for the long type. For example, if the lease is 10 days or 864000 seconds ), enter 864000 in decimal format and press "OK". The system will automatically display the hexadecimal number.

Set the specified DHCP class ID string for the client

To connect to the client computer of the Windows 2000-based DHCP server, you can use the following command to set the specified DHCP class ID string:

Ipconfig/setclassid adapter_name class_id

For example, to configure a DHCP class with the user class ID "myuserclass" for a NIC called "LAN connection, enter ipconfig/setclassid "Local Area Connection" myuserclass in the command line, and press Enter. The client has only one Nic, so you can also write "ipconfig/setclassid * long" here. The asterisk represents all local connections, so that the client uses the DHCP user class with the ID of Long.

We can see that the lease term is 10 days, which is the lease period we Just configured. The DHCP Class ID is long, and the DNS Servers, DHCP Servers, and gateways are all set as before. Success!