Manage DHCP server to lighten the burden of enterprise network administrator

In a larger network of work environment, network administrators can not find an effective way to manage and maintain the network, then his work efficiency will become very low, without reducing the quality of the work of the network administrator will become more intense. Then how should network administrator for their own burden, let oneself from the frequent simple labor liberation? In fact, good at managing a DHCP server is a good way to lighten the network management of the DHCP server, the entire process of the establishment of the most critical, reasonable settings can really make the Internet management once and for all! 1. Set the lease term To avoid frequent change of address in the default state, the client system in the local area network requests the IP address from the DHCP server, only can use 8 days, after this period, must request the IP address again to the DHCP server; Obviously, if the IP address of the client system changes frequently, will bring many potential problems, such as address conflict problems, network access problems, these problems will seriously affect the efficiency of network management, increase the workload of network administrators. In order to improve the efficiency of network management, to lighten the workload of network management, we can set the lease period of IP address cleverly, and ensure that the IP address that the client system applies to can be used all the time. When you set the lease term, we can first login to the DHCP server system with super privileges, open the corresponding system's "Start" menu, click the "Settings", the Control Panel option, in the Pop-up System Control Panel window to select the "Administrative Tools", "DHCP" feature icon, Access to the DHCP server console interface; Second, expand the target host option on the left side of the DHCP server console interface, select the target scope from below, right-click the scope, click Properties on the shortcut menu, and eject the target scope Properties setting interface; Click on the "General" tab, open the Option Settings page shown in Figure 1, where we can see that the DHCP server's IP address assigned to the client system defaults to 8 days, and in order for the DHCP server to be able to assign IP addresses to client computers in a fixed manner, we must select the "Unrestricted" option and finally click " OK "button to perform the save operation, so that the IP address of the DHCP client can be used all the time, then the LAN will not easily occur address conflicts, network access is not normal and other fault phenomena. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' style= ' Border-bottom-color: #000000; Border-top-color: #000000; Border-right-color: #000000; Border-left-coloR: #000000 "border=1 alt=" manage the DHCP server for the enterprise network administrator to lighten "src=" http://images.51cto.com/files/uploadimg/20090826/2011500.jpg " >2, set reservation address, avoid network access error many times, some important hosts in the LAN need to provide network services to the ordinary client system, if the IP address of these important hosts frequently changes, then the client system in the attempt to access them, it is very easy to network access error phenomenon. To ensure network access stability, we can set reserved addresses on the DHCP server to dedicate these reserved addresses to those important hosts, ensuring that they always provide services externally using a fixed IP address, and when setting a reserved address, We can do this by doing the following: First, open the DHCP Server console window with the previous action, expand the target host, Scope branch options, and select the retention subkey under the target Branch option, and right-click the subkey, and select from the pop-up shortcut menu. New Reservation command, enter the Setup dialog as shown in Figure 2; second, in the Reserved Name text box, enter the appropriate reserved address use information, in the Reserved address text box, enter the IP address that needs to be fixed to the important host, enter the physical address of the network card of the important host in the MAC address text box, and click the "Add" button, Complete the set up task for the reserved address. After you set up a reserved address in the DHCP server system, we also need to log into the important host system, click the "Start"/"Settings"/"Network Connections" command on the system desktop, and then right-click the local connection icon in the Pop-up Network Connections List window to execute the Properties command on the shortcut menu. Open the target Local Area Connection Properties Settings window, select the TCP/IP Protocol option in the window, click the Properties button, and in the TCP/IP Protocol Option Settings window after that, the IP address is filled in correctly, and finally click OK. In that way, the important host will automatically use the reservation address to provide services, and other client systems can not rob the address, at this time the key host network access stability can be guaranteed. 3, set up user categories to avoid network virus transmission you know, when the computer infected with network virus connected to the network, the virus may be transmitted through the network to other computers, will eventually lead to the entire network paralysis phenomenon, which will bring trouble to the network management work. In fact, in the DHCP server system, we can set the user class for the client system to ensure that only designated security users can connect to the network, those unfamiliar or insecure client systems are unable to obtain the IP address from the DHCP server and other Internet parameters, This prevents unsecured computers from propagating network viruses to other computers.When you set the user class for the DHCP server, you can follow these steps: First expand the target host option in the DHCP Server Console window, right-click the host name, click the Define user Class option in the right-click menu, and set the new user class name from the pop-up settings window to " Anquan ", at the same time, according to the actual need to set the description of the user category description information, and then enter" Anquan "in the ASCII region, in the ID area will automatically generate the corresponding" Anquan "user class ID identifier information, Later, the DHCP server will use this information to verify that the client system complies with the security requirements; 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' style= ' Border-bottom-color: #000000; Border-top-color: #000000; Border-right-color: #000000; Border-left-color: #000000 "border=1 alt=" management of the DHCP server for the enterprise network management staff to lighten the "src=" http://images.51cto.com/files/uploadimg/20090826 /2011501.jpg > second, right click Scope Options from the target host in the DHCP Server Console window, click Configure Options on the shortcut menu, and then tap the Advanced tab to open the Advanced tab Settings page. Here we can correctly set the ordinary client system to use the normal Internet when the default gateway address, DNS server address and other parameters, of course, including IP address and the address of the lease term and other parameters; below, in the client system that needs to be connected to the network, Create a DHCP class ID string that complies with DHCP server security authentication requirements. For example, here the DHCP server stipulates that only a client system with a DHCP user class name of "Anquan" can obtain the correct Internet access parameters from the DHCP server for network connectivity; To do this, we need to create a manual for those secure client systems named "Anquan" The DHCP class ID string for this operation, we can first open the client system's DOS command line Work window, where the "Ipconfig/setclassid local Connection Anquan" string command is executed, In that case, the target client system will be able to successfully through the DHCP server security verification, after verification, the DHCP server will be the correct network parameters assigned to the target client system, the client system can be securely connected to the local area network。 In addition to configuring the above parameters, we also need to set the IP address of the target client system to "automatically obtain IP address", in the default state, the normal client system is used to automatically obtain the IP address way to network connectivity, so we generally do not need to do this alone. In the future, only client systems that are set up by user class in the LAN can connect to the network, while those that contain viruses or other unsafe factors cannot obtain the Internet parameters from the DHCP server system, then the network virus can not illegally spread through the network channel. 4, centralized authorization management, to ensure the stability of the network operation in a larger network environment, there may be multiple DHCP servers, and these DHCP servers may be at the same time by a number of network administrators to manage; Obviously, if a number of network administrators constantly change the DHCP server, Can affect the stability of the network's operation. In order to ensure the stability of the network operation, we must be centralized management of multiple DHCP servers, at the same time to the network administrator authorization management, to avoid the DHCP server settings are arbitrarily changed, the following is the specific steps to set up: First of all, the local area network to join the DHCP server to the Active Directory and click the start, Settings, Control Panel command in the primary domain controller, double-click the Administrative Tools icon in the Pop-up Control Panel window, and open the Management Tools List window for the corresponding system; 498) this.width=498 ' OnMouseWheel = ' Javascript:return big (This) ' style= ' Border-bottom-color: #000000; Border-top-color: #000000; Border-right-color: #000000; Border-left-color: #000000 "border=1 alt=" management of the DHCP server for the enterprise network management staff to lighten the "src=" http://images.51cto.com/files/uploadimg/20090826 /2011502.jpg > second, double-click the Active directory Users and Computers feature option in the List window, and then select the users, DHCP Administrators groups, and then open the member Options Settings page. Here, add the network administrator account that you can actually trust, expand the domain security policy, Windows Settings, Security Settings node options in the primary domain controller, and then select the Restricted group from under the target node, and the default DHCP The Administrators group also joins in, then expands the DHCP AdMinistrators Group Property settings interface, in the security Settings page of the interface, add the user account that can manage the DHCP server to the group, and then click OK to save the setup operation, so that a dozen has an authorized network administrator to administer the DHCP server. Other network administrators are not qualified to manage DHCP servers at will. 5, protect the effective DHCP, avoid the phenomenon of address conflicts many network devices often come with a DHCP server, and in the default state they are enabled to run state, when these network devices are connected to the LAN, Their own DHCP servers can compromise the working stability of a valid DHCP server on the local area network, and are particularly prone to similar address conflict failures. To avoid the phenomenon of address conflicts, we need to protect the local area network effective DHCP server, to avoid other DHCP server impact on it, the following is the specific protection steps: first to login to the LAN primary domain controller system, open the system desktop on the "Start" menu, from which to click Programs, administrative Tools, DHCP option, eject the DHCP console window, expand the target host option from the list area to the left of the window, right-click the Host option, select Add Server from the pop-up right-click menu, and open the Settings dialog shown in Figure 4; 498 this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' style= ' Border-bottom-color: #000000; Border-top-color: #000000; Border-right-color: #000000; Border-left-color: #000000 "border=1 alt=" management of the DHCP server for the enterprise network management staff to lighten the "src=" http://images.51cto.com/files/uploadimg/20090826 /2011503.jpg > second Click the Browse button in the dialog box, and from the Computer Browse window that appears, locate the host system name of the valid DHCP server in the local area network and add the host name. Of course, we can also directly fill in the host system name of the valid DHCP server in this server text box, and then click OK to perform the settings save operation. As a result, if any of the client systems in the LAN-designated domain will automatically request an IP address from a DHCP server in the specified domain, instead of requesting an address from another DHCP server, then the address conflict phenomenon will not occur easily.