Do I absolutely have to run DHCP on SBS 2008?
When running the Configure E-Mail and Internet Connection wizard in SBS 2003, you had the option to run DHCP services on the SBS server, or leave it on the router within the network. There was no guidance one way or another, it was a choice you had to make to complete the wizard.
With SBS 2008, we provide guidance.
The guidance is that you should run DHCP on the server. Why?
- Microsoft builds, and has been building a really high quality DHCP server built into Windows Server since Windows NT 4. Why not get one of the highest quality DHCP servers on the market for your network?
- The SBS team can ensure your DHCP server is set up correctly on SBS, making sure there are no duplicate IP addresses, and that the exclusion range is set up correctly for the server’s IP address
- If you feel comfortable in the DHCP management UI, you can set up reservations to make sure the same clients get the same IP address. This is handy for printers, or other things on your network that may act like servers, but you don’t want to manage the static IP address
- If you’re logging in remotely, you can see which clients are online by which ones have IP addresses in the DHCP management console. You can also see the clients IP address right in the console, so it makes it easy to find clients on the network, especially if you are remote.
- DHCP uses limited resources and has essentially no impact on the server’s performance
If the above 5 reasons aren’t good enough for you, and you absolutely must run the DHCP service on the router, here is how you do it.
- Close the Windows SBS Console, and cancel the Connect to the Internet Wizard if it’s running
- Click Start and go to All Programs and expand Windows Small Business Server
- Click on Windows SBS Console (Advanced Mode)
- On the Network tab, select the Connectivity sub-tab
- Click on Start DHCP (
). - At this point, the DHCP services will be forced to start. Since you have another DHCP server running on the network, the DHCP service will stop itself, and log an event in the Event Log about how it can’t start because there is another non-authorized DHCP server on the network. This is ok.
- Immediately click the same button, this time called Disable DHCP (
).
Now the networking components of the server will ignore the fact that the DHCP service is not running, keep it disabled, and let you proceed with the Connect to the Internet Wizard without having to disable the DHCP services.
IMPORTANT: Please do not call Microsoft support with an incorrectly configured LAN DNS. Make sure you make the SBS’s Internal IP address the primary DNS in your 3rd party DHCP server configuration.
Finally, the server is still going to alert you that DHCP services aren’t running, so to fix this:
- Flip on over to the Computers sub-tab on the Network tab.
- On the right, click on View Notification Settings.
- Uncheck the DHCP Server notification, and click OK.
Now DHCP services is no longer running on the server, and SBS will be fine with that. As a final note, please only do this if you have no other way around it, and if you’re familiar with your router UI to set it up correctly. If not, just disable DHCP on your router, and we’ll take care of the rest!
Labels: SBS 2008
posted by Sean Daniel at
8:46 AM
|
Links to this post
27 Comments ( Post a Comment ):
Heyyy! :)
Thank you. This post of yours is the solution to my question earlier about DHCP services on the router.
To me, bullet 4 (why run DHCP on SBS) is really helpful.
I knew I should have disabled DHCP and then tried using the wizard. Was just too lazy... :op
By
Aristarkhos, at 10/23/2008 4:08 AM
You can always switch back to having the server run DHCP simply by disabling DHCP on your router, and clicking "Start DHCP" above... don't forget to turn on the alert again too!
By
Sean Daniel, at 10/23/2008 10:11 AM
The above is absolutely right but I now have to go back to running DHCP on my router since Hyper-V breaks DHCP. I've read many articles on why running hyper-V on SBS2008 is a bad idea but i'm afraid those arguments are all aimed at SBS users in the 20+ user end of the market who may have a need for a second server. Current MS policy leaves truly small customers with 5-10 users and no requirement for a second server unable to take advantage of virtualization with SBS2008 Std. Hyper-V works just fine on SBS2008 but you will have to go elsewhere for your DHCP.
http://support.microsoft.com/kb/958829
By
Chris, at 12/11/2008 2:18 AM
Hi Chris, that's one of the reasons why running SBS 2008 as a Hyper-V host is not supported. When you enable DHCP, the DHCP server cannot find a nic to bind to.
I understand the frustration for a small business, but this is a limitation on the technology at this time, I'm sure in the future such issues may be resolved.
As you probably know, Microsoft best practices are that the Hyper-V host be only a Hyper-V host and not have any other roles or responsibilities.
Thanks
By
Sean Daniel, at 12/11/2008 9:48 AM
In the case of using DHCP services on a router and rather than disabling the DHCP services on SBS 2008, would it be wrong to remove the DHCP role from SBS 2008 all together?
By
Anonymous, at 1/13/2009 12:16 AM
You could, but the only difference it's making is saving you 4mb of hard drive space, it doesn't use any other resource when it's disabled.... we haven't tested this scenario of going back to running with DHCP, so you could be a bind.
Why are you so interested in removing DHCP services?
By
Sean Daniel, at 1/13/2009 8:54 AM
Thank you for your very informative description about disabling DHCP, I do however have one question. Why is it important to set the SBS internal IP address as the primary DNS address on the 3rd party DHCP server (router)?
I ask because I would like my laptops and workstations to access the Internet through the router even if the SBS Server is down and my ISP tells me that the ISP's DNS address should be the primary DNS on the router. Can you clarify?
By
Anonymous, at 3/04/2009 11:47 AM
This post has been removed by the author.
By
Justin, at 3/05/2009 10:17 AM
After I disabled DHCP on my 2WIRE router (which turns it into just a modem) I loose internet connection which prevents set-up completion on the SBS. DHCP on my server is ON. What do I do from here? Let me know if there's any additional info you need. Thanks.
By
Justin, at 3/05/2009 1:34 PM
The lack of an Internet should not prevent setup from completing on SBS, (downloading uploads, yes, but not completing) make sure you still have a link-light from your SBS to your 2WIRE router.
Additionally, it's possible the SBS server can't find the IP address of the 2WIRE (that one doesn't sound familiar from our range of router tests), you might have to run the Connect to the Internet Wizard and explicitly tell the server where the router is.
Make sure also that you're on a private subnet, SBS blocks public IP addresses!
Good luck!
By
Sean Daniel, at 3/07/2009 7:26 AM
There was another question above about having to make the DNS address the DHCP server hands out the SBS server, and why?
The answer to this is that the Active Directory needs DNS for Kerberos resolution. You won't be able to join computers to the domain or log in successfully (as well as probably some other items) without having DNS properly configured in your LAN to point to the Active Directory server, or SBS in this case.
Another thing to point out is Windows DNS servers assume that the primary and secondary (and additional of course) all have the same "view" of the Internet. Meaning you can see weird behavior if you set the primary DNS server to your SBS LAN and the secondary to the ISP. This means the primary has more information than the secondary, and Windows does not expect this. While it might appear to work, you could see some weird anomolies.
Good luck & Hope that answers your question.
Sean
By
Sean Daniel, at 3/07/2009 7:35 AM
Ahhh...getting closer now due to the great info in this article!
I'm setting up SBS2008 in a currently server-less environment, where the FIOS comes into the router / wireless router, all wired devices homerun back to the router, and wireless devices look to the wireless router for addresses. If I run DHCP from the server, and disable it on my router, how will internal wireless devices connect and get IP addresses?
I know, I know; that should be easy to answer...but for some reason I'm just not seeing it at the moment.
Help me out? :-)
By
Anonymous, at 3/20/2009 11:05 PM
If they are on the same subnet (ie. your router doesn't put wifi addresses on a seperate subnet) then the router will behavce as a switch and allow the DHCP packets to get through to the wireless computers.
this is how I run my house.
Sean
By
Sean Daniel, at 3/21/2009 9:26 AM
Thank you very much Sean!
I'll move forward from there...and will likely be back when I setup SBS2008 with a SonicWall TZ; which, of course, separates wifi as you eluded to. Unless you just want to go ahead and answer that question now! :-)
-Bill-
By
Anonymous, at 3/21/2009 11:37 AM
yeah, that Sonicwall is a little trickier. What I did (since I also had a sonicwall in my house, but it didn't cooperate with my xbox gaming past-time) was to turn off DHCP on the LAN (wired) network and let the SBS server do that, then leave DHCP on for the WLAN (Wireless) and change the primary DNS address that it hands out to be the SBS server's IP address on the LAN. You also have to change some firewall rules to allow all traffic to pass thorugh un-filtered between the WLAN and LAN. That will allow the DNS traffic to get through. The DHCP traffic won't go through because DHCP is local subnet traffic only, and you are crossing a NAT when you go from WLAN to LAN (or to WAN for that matter).
I hope that makes sense. Good luck Bill.
By
Sean Daniel, at 3/21/2009 12:14 PM
I've tried to use this trick, but SBS doesn't warn me that there is another DHCP server on my network (there is).
I obviously have a static IP for the SBS.
Any other ways i can fake my way through to the next step?
All patches and updates are installed as of today.
By
testing, at 10/15/2009 1:01 PM
I'm confused in your question. This functionality disables DHCP on the SBS server so you don't see the errors about another DHCP server on your network so you can run a DHCP server.
You can simply do the trick again to enable DHCP to get it back to the SBS server. What are you trying to do?
By
Sean Daniel, at 10/15/2009 1:39 PM
My client is running SBS 2008 with a SonicWALL NSA 240. DHCP for the wired network is handled by SBS, with wireless being handled by the SonicWALL. We are using HealthSense nurse call devices on the wireless network and they get their addresses from the SonicWALL. The vendor is seeing some issues with addressing and has suggested serving DHCP from SBS 2008 for the wireless network.
Is there a way to have SBS 2008 DHCP server work in a VLAN environment, so its able to assign the correct IP scope to the correct VLAN. There are 3 VLANs in the network.
Jason
By
Jason Comstock, at 10/19/2009 11:52 AM
Hey Jason, I think you are hitting a different issue. You want to make sure that all the firewalls between the WLAN and LAN are disabled. Sonicwall keeps the WLAN and LAN seperate by default (for guest access), you want to dis-allow guest access, and then add the firewall rules to allow all traffic to go from the WLAN to the LAN.
Then in the Sonicwall DHCP server, you want to set the Primary DNS server to be the SBS 2008 server's LAN IP address.
Then you'll want to make sure from a WLAN client that you can resolve the server name, domain.local name, and then server.domain.local name, they should all resolve.
That should fix your setup.
DHCP cannot pass out packets on a seperate subnet, as that's the design of DHCP, to be single subnet only. The only way to do this would be to have a wireless network card added to the server, which would drastically increase wireless traffic on that network, and you'd be putting SBS in an unsupported network configuration, which could introduce other concerns.
Hope that helps,
Sean
By
Sean Daniel, at 10/19/2009 1:44 PM
Hi there,
I'm unable to make your workaround work.
When i hit "Enable DHCP" button, it starts the DHCP service just fine.
I even tried removing the SBS' manual LAN IP and setting it to "Automatic" (ie, DHCP from my router) and it STILL turns DHCP on with no problem.
Does this tip no longer work due to Microsoft SW updates or something?
And obviously, the CTIW won't budge past this.
I'm integrating this box into a well oiled Mac network, so i don't wanna mess with my working DHCP setup.
By
testing, at 10/25/2009 7:34 PM
Because this button keys of the state of the DHCP server, you will have to click it twice.
Your router having DHCP on it tells the SBS service not to start. Thus the button says "Enable DHCP", which does start the DHCP service, and it will promptly shut down again, but click the button again which now says "Disable DHCP". At this point it will disable the DHCP service and set the flag so CTIW can continue while your router runs DHCP.
Do not set the server's IP address to dynamic, this is an unsupported scenario.
No Microsoft SW Updates will have broken this.
By
Sean Daniel, at 10/26/2009 1:52 PM
Great write up, I'm sure it will help.
I used dhcp server on many windows version. Unfortunatly, I've got problem running it on SBS2008. I configured it and now I cannot enter in the management interface. Is somebody having the same problem? I posted on http://www.petri.co.il/forums/showthread.php?p=186552
Thank you,
LF
By
Anonymous, at 11/04/2009 7:33 AM
It should work just fine, if you open up DHCP management on the server it should load, if it doesn't, I would restart the DHCP services from services.msc.
By
Sean Daniel, at 11/06/2009 10:08 AM
Hi Sean,
I'm having the same issue that "testing" did above. Clicking "Start DHCP" starts the DHCP service just fine. It doesn't seem to care that there's another DHCP server running on the network. Even if I wait a few minutes and hit "refresh view" it never switches to "Disable DHCP". There's obviously more going on to how SBS 2008 detects whether DHCP is disabled or not, because disabling the service and setting it to not notify is insufficient, CTIW still complains and will not run.
Any thoughts on what may be causing this behavior? This is SBS 2k8 running on a new Dell R710. Relatively new. Given that both "testing" and I have run into the issue relatively recently, I'd also be inclined to suspect that it's an update that has changed this feature.
Any insights would be appreciated,
Thanks.
By
Jim, at 11/23/2009 11:03 AM
Right, found the resolve here:
http://blogs.technet.com/sbs/archive/2008/09/17/introducing-the-connect-to-the-internet-wizard-ctiw.aspx#3127305
Sorry, unfamiliar with blogger in general, not sure if I can drop a hyperlink in the comment or not, and couldn't find a way to simply edit my previous comment.
Resolve is basically to go into the SBS Console (Advanced), go to Network, Connectivity and click "Stop DHCP". Once stopped, you can run the CTIW w/out being prompted about disabling DHCP on your router. Then I disabled the DHCP notification as you described.
I did confirm that after clicking "Stop DHCP" and running the CTIW the DHCP service was set to disabled.
So far, all seems well.
By
Jim, at 11/23/2009 11:33 AM
What are the GOTCHA's when you disable DHCP and allow your router to provide that function?
I want my router to do DHCP so other network clients still function when the SBS is down.
However... I use VPN on my SBS. Will I be jacked with regard to VPN access if SBS doesnt control DHCP? And What other gotcha's should we be aware of?
By
David P, at 12/01/2009 3:18 PM
The key thing is just to ensure that DNS is configured correctly.
By
Sean Daniel, at 12/08/2009 12:16 PM
Links to this post ( Create a Link ):
<< Home