+ Reply to Thread
Results 1 to 21 of 21
  1. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #1

    Default **MCSE 2003 Blog**

    I will be posting sharing every details that I encounter with my lab practice, this will include errors, diagrams, my thoughts about the particular lab. I will be using cross reference and resources such as CBT_Nuggets/Trainsignal/MS Official Course/MS-Press/Sybex/Internet, as long they are related to my lab practice I will use them. I am doing a real simulation of this lab, on a real hardware, I am trying to avoid VM at the moment.
    Reply With Quote Quote  

  2. SS -->
  3. New Member royal's Avatar
    Join Date
    Jul 2006
    Location
    Chicago, IL
    Posts
    3,373
    #2
    You planning on starting up a blog?
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #3
    Quote Originally Posted by royal
    You planning on starting up a blog?
    I'm not sure what I'm starting here I think you can call it that, it basically me sharing all my information and configuration that I did with MCSE 2003 using Trainsignal, would this be allowed in TE?
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #4
    I think he wants to do something similar to what Turgon is doing with his CCIE: http://techexams.net/forums/viewtopic.php?t=23875

    Good luck!
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #5
    I think I should stop rofl

    This thing might bore some veterans but it will be helpful for peeps that are new and attempting to attain MCSE 2003
    Reply With Quote Quote  

  7. Questionably Benevolent Moderator Slowhand's Avatar
    Join Date
    Oct 2005
    Location
    Bay Area, CA
    Posts
    5,072
    Blog Entries
    1

    Certifications
    A+, Linux+, Server+, Security+, MCSA 2003, MCSA 2008, MCSA 2012, CCNA(expired), ITIL Foundation v3 (2011), VCP5-DCV, VCA-Cloud, VCA-DCV, VCA-WM
    #6
    I think it would be pretty cool to see a blog like that, among others. You could do it here, or just link the URL of the blog to your "WWW" button in your user-profile. Give it a shot. After all, what's the worst that could happen. . .


    -------------------------------------------------------
    ITHumidor.net - "Futuaris nisi irrisus ridebis"
    -------------------------------------------------------

    Free Microsoft Training: Microsoft Virtual Academy
    Free PowerShell Resources: Top 50 PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #7
    Lab 1 Active Directory:

    The 1st lab that I performed was "Renaming a Domain Controller" there is already an existing DC which I named "w2k3en32-s07" I started by going to "Active Directory Users and Computers" then I right click the domain name and a menu called "Raise Domain Functional Level." The current domain functional level is set to "Windows 2000 Mixed," I changed this to "Windows Server 2003" I will not be able to go a step back after doing this.

    This feature is only available on Windows 2003 Server, I renamed the DC computername/netbios, wala all kinds of error will start appearing now.
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #8
    Lab 1 Active Directory:

    I created 3 AD users, and selected them all by pressing ctrl + clicking on the 3 users, I then went to their properties, and got a dialog box saying "multiple users selected" all the users had one common attributes, that I now can simultaneously modify for all the users. Here's some of the attributes:

    UPN Suffix
    Logon Hours
    Computer Restrictions
    Profile Path
    Logon Script
    Home Folder
    Local Path
    Connect
    This also includes small attributes such as office, telephone etc.

    The next lab that was performed was dragging and dropping objects such as OU and Users to different locations, I also tried to disable the default Administrator account, enabled it and renamed it to a different name, I created a new account and add it to the domain and enterprise admin, you get the jigs.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Dec 2007
    Location
    Bay Area, California
    Posts
    430

    Certifications
    A+, Network+, MCP, MCDST, MCTS; Vista
    #9
    I have TS too. I wish CBT would include a lab book as well =(.

    What I found out that helps me is I re-draw diagrams using Visio, print them out, then doodle on them.
    Reply With Quote Quote  

  11. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #10

    Default DHCP User Class

    Lab 5 DHCP: Hiding resources/restricting internet access using DHCP User Class ID:

    This scenario stated it's helpfulness if you want to prevent users on a network environment from accessing the Internet, or if you want to hide particular computers such as accounting or human resource computers, so access by regular users is restricted.

    I installed and configured DHCP server on a Windows Server 2003 (w2k3en32-s07), 2nd I created 2 scopes of 192.168.1.0 (scope 1) and 192.168.2.0 (scope 2) to have a separate broadcast domain.

    I went ahead and modified the "server option" for scope 1:

    003 = 192.168.1.1 (Default Router and Gateway)
    006 = 192.168.1.2 (DNS Server)
    015 = soggyrice.local (DNS Domain Name)

    DHCP has 3 types of Class ID, the "Default User Class" is the User Class on which the scope option was modified, this is the default DHCP client uses.

    I went and read here for further explanation of the difference between the 3 User Class ID.

    http://www.microsoft.com/technet/pro....mspx?mfr=true

    1. Default Bootp Class
    2. Default Routing and Remote Access Class
    3. Default User Class (default DHCP clients uses)

    I right clicked on the DHCP server and selected Define User Class, hit add and a "New Class" window pops, I created 2 new User Class:

    accounting
    nointernet

    I also modified ASCII character for the New Class, since it will not be accepted if this part is not modified, the window looks skrewed but I was able to modify it using the same name accounting and nointernet, I noticed that the ID: and Binary: started populating.

    I right click on "scope 1" scope options and went to Advanced Tab, I pulled down the User Class menu and the "accounting" and "nointernet" is now available, I went ahead and modified nointernet option 006 and 015, but left 003 blank, I notice that the DHCP scope options main window on the right now has 2 entries for 006 and 015 each one of them belonging to none (default user class) and no internet.

    I am now going to test and use the User Class that I created.

    C:\Documents and Settings\jbaello>ipconfig /showclassid *

    Windows IP Configuration


    DHCP Classes for Adapter "Local Area Connection":

    DHCP ClassID Name . . . . . . . . : Default Routing and Remote Access Class
    DHCP ClassID Description . . . . : User class for remote access clients


    DHCP ClassID Name . . . . . . . . : Default BOOTP Class
    DHCP ClassID Description . . . . : User class for BOOTP Clients

    DHCP ClassID Name . . . . . . . . : accounting
    DHCP ClassID Description . . . . : Secure Network Access

    DHCP ClassID Name . . . . . . . . : nointernet
    DHCP ClassID Description . . . . : restricted internet access
    There are no classes defined for Wireless Network Connection.


    C:\Documents and Settings\jbaello>ipconfig /setclassid "local area connection" n
    ointernet

    Windows IP Configuration

    Successfully set the class id for adapter Local Area Connection.

    C:\Documents and Settings\jbaello>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : rtt-eng-002-pas
    Primary Dns Suffix . . . . . . . : edited
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : edited

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . : soggyrice.local
    Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Cont
    roller
    Physical Address. . . . . . . . . : Edited
    Dhcp Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IP Address. . . . . . . . . . . . : 192.168.1.3
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . :
    DHCP Class ID . . . . . . . . . . : nointernet
    DHCP Server . . . . . . . . . . . : 192.168.1.2
    DNS Servers . . . . . . . . . . . : 192.168.1.2
    Lease Obtained. . . . . . . . . . : Sunday, August 31, 2008 8:19:53 PM
    Lease Expires . . . . . . . . . . : Monday, September 08, 2008 8:19:53 P
    M

    Ethernet adapter Wireless Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card
    Physical Address. . . . . . . . . : Edited

    C:\Documents and Settings\jbaello>

    I noticed how the default gateway lost it's address and the DHCP Class ID has been changed to nointernet, so no gateway (router address) means no internet access.

    Same scenario applies to accounting restricting access to particular machines, by changing a 003 router/gateway option into a different address that the regular users uses, I can also modify other options that will best serve my needs/requirements.

    I run ipconfig /setclassid "local area connection" to set it back to the default User Class.
    Reply With Quote Quote  

  12. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #11

    Default Re: DHCP User Class

    Quote Originally Posted by jbaello
    Lab 5 DHCP: Hiding resources/restricting internet access using DHCP class ID:
    I understand that this is from the TrainSignal labs, but I really question the real world applicability of this "solution" they are proposing. There are so many issues with what they are doing it's laughable. The way it's presented it seams as though they actually consider this a workable design. Someone correct me here if I am missing something, but seriously give me a scenario where this makes any sense...
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Jan 2008
    Posts
    1,941

    Certifications
    MCITP: EA, EMA; MCSE 2000/2003: M; MCSE 2000: S; MCSA 2000/2003: S; MCTS: ISA 2006; VCP3/4
    #12
    I see the "use" of it, but this is what subnets, or sophisticated edge firewalls are for.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #13
    There's no reason to be critical about it; he's just playing around. You guys jump all over him and tell him to practice more, and then you rag on him when he does that

    You can learn a lot by not doing things the ideal or recommended way (at least, as long as you're aware that's the case). It's all good
    Reply With Quote Quote  

  15. Drops by now and again astorrs's Avatar
    Join Date
    May 2008
    Location
    Vancouver, Canada
    Posts
    3,141

    Certifications
    I have numerous certs from VMware, Citrix, Microsoft, EMC, Nimble Storage, Palo Alto Networks and more...
    #14
    Quote Originally Posted by dynamik
    There's no reason to be critical about it; he's just playing around. You guys jump all over him and tell him to practice more, and then you rag on him when he does that

    You can learn a lot by not doing things the ideal or recommended way (at least, as long as you're aware that's the case). It's all good
    I was in no way attacking jbaello or the blog he is posting of his efforts here. I fully support what he is doing, my understanding was this particular scenario (Lab #5) was poised by TrainSignal and that is who I was questioning. If that is not the case and jbaello you're just trying to understand the deeper workings of DHCP then go for it, I think it's great. I was just confused and assumed TrainSignal was the one who had proposed this scenario and it's two often I see training labs that show you a way to do something without addressing the negatives about doing it that way.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Jan 2008
    Posts
    1,941

    Certifications
    MCITP: EA, EMA; MCSE 2000/2003: M; MCSE 2000: S; MCSA 2000/2003: S; MCTS: ISA 2006; VCP3/4
    #15
    Quote Originally Posted by dynamik
    There's no reason to be critical about it; he's just playing around. You guys jump all over him and tell him to practice more, and then you rag on him when he does that

    You can learn a lot by not doing things the ideal or recommended way (at least, as long as you're aware that's the case). It's all good
    I ragged on him?
    Reply With Quote Quote  

  17. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #16
    LAB 09: RRAS LAN ROUTING

    I am using my general knowledge for this, but since I need to practice AD replication from 2 different Sites, I am posting the scenario for this lab practice using RRAS lan routing. I will be configuring Microsoft Windows Server 2003, as a router to route 192.168.1.0 and 192.168.2.0 segment so both broadcast domain will have a connectivity by using Microsoft Routing and Remote Access Service (RRAS).

    Router
    Hostname - w2k3en64-s05
    NIC = 2
    Lan 1/NIC1 - TCP/IP Configuration 192.168.1.1/255.255.255.0 (nothing more)
    Lan 2/NIC2 - TCP/IP Configuration 192.168.2.1/255.255.255.0 (nothing more)

    Server1

    Hostname - w2k3en32-s07
    NIC = 192.168.1.2, 255.255.255.0, 192.168.1.1

    Server2

    Hostname - w2k3en32-s08
    NIC = 192.168.2.2, 255.255.255.0, 192.168.1.1

    I installed RRAS by going to Add or Remove role, I can also go to Add or Remove Programs, or by simply typing appwiz.cpl on run command to install the service.

    I started Add or remove role, and was prompted by a wizard, and I will select Remote Access/VPN Server for this, I hit next and a configuration window open, where you will be seeing the following options:

    Remote Access (dial-up VPN)
    Network Address Translation (NAT)
    Virtual Private Network (VPN) access and NAT
    Secure connection between two private networks
    Custom configuration

    I simply selected Custom configuration, and from here I selected LAN routing and finish, I started RRAS mmc console, I did not see my RRAS server running so I simpy right click on "Server Status" and "Add Server" the default is "This computer" and hit ok.

    From here I went to IP routing and configured the following under IP Routing\General I now see the interface for LAN1 & LAN2.

    LAN 1 = 192.168.1.1 | 255.255.255.0/24
    LAN 2 = 192.168.2.1 | 255.255.255.0/24

    Diagram:


    L2 Switch ---- Server 1
    |
    |
    |
    LAN1 (NIC 1)
    Router - w2k3en64-s05
    LAN2 (NIC 2)
    |
    |
    |
    |
    L2 Switch ---- Server 2

    I ping LAN 1 and LAN 2 as well every server from 2 different switch and Local Area Network (LAN) connectivity is working fine, I will now be able to replicate my Active Directory or configure multiple sites bridgehead server (kind of :P), forest thrusts, configure UGMC, GC etc.

    I will post static route for internet connectivity soon.

    Edited:

    Please note that prior to installing RRAS the Windows Firewall/Internet Connection Sharing service, needs to be stopped and the startup type set to disabled.
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #17
    Quote Originally Posted by HeroPsycho
    I see the "use" of it, but this is what subnets, or sophisticated edge firewalls are for.
    Perhaps you can demonstrate your sophisticated edge firewall, so us noobs can learn more
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Jan 2008
    Posts
    1,941

    Certifications
    MCITP: EA, EMA; MCSE 2000/2003: M; MCSE 2000: S; MCSA 2000/2003: S; MCTS: ISA 2006; VCP3/4
    #18
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #19
    Lab 5: DHCP Fault Tolerant 50/50 Split Scope

    Server 1 (w2k3en32-07) – DC/AD/DNS – Windows Server 2003
    Server 2 (w2k3en64-s05) – DHCP – Windows Server 2003
    Server 3 (w2k3en32-s0 – DHCP – Windows Server 2003
    Client 1 (rtt-eng-002-pas) –


    In this scenario, it was explained on how to setup a fault tolerant DHCP, configuring a split scope on the same subnet which will be a Class C 192.168.1.0/24 network = 255 – 2 (network address, and broadcast address).

    This lab practice is pretty straight forward, it shows how you can configure split scope on the same subnet, it might not be as interesting as it is, but imagine working on a company that has more than 200 clients all pulling an IP lease on a single DHCP server, and all of a sudden this DHCP server stopped working, we can save ourselves some precious downtime, this is where the scenario is best used.

    I installed DHCP service on both Server 2 and Server 3, and configured the following scopes.


    Server 2 DHCP scope configuration:

    Start IP address 192.168.1.1 – End IP address 192.168.1.127
    Exclusions: 192.168.1.100 (Server 1)
    Scope Options: 003, 006, 015, 044
    8 hours lease duration

    Server 3 DHCP scope configuration:

    Start IP address 192.168.1.128 – End IP address 192.168.1.254
    Exclusions: 192.168.1.200 (Server 2), 192.168.1.254 (Gateway)
    Scope Options: 003, 006, 015, 044
    8 hours lease duration


    By this point we probably get the idea of this scenario, it will have a fault tolerant DHCP scope. We will have no control on which DHCP server will give out an IP address lease first, since client machine will send out broadcast on the network to seek out a DHCP server, the first DHCP server that responds will give out an IP address lease, I read more about DORA process.

    DHCP (D)iscover
    DHCP (O)ffer
    DHCP (R)equest
    DHCP (A)ck

    In a bigger environment where there are lots of laptop users, it’s a best practice to minimize the lease duration, to ensure that laptop users will not hold onto lease address for longer if they are gone and not connected on the network. Tendency is the lease assigned will be held up until it expires, decreasing the pool of IP address availability. DHCP lease is a pretty big topic I read more on this link.

    http://www.tech-faq.com/dhcp-leasing.shtml

    The other way to avoid this problem is to enable Vendor Class\Microsoft Options 002 (Windows clients to release DHCP lease on shutdown), which forces DHCP clients to release its IP lease on shutdown, to make it available, you might find use with this depends on your current situation.

    To ensure that client receives an IP address, I simply authorize the DHCP server, I noticed that prior to installation, the DHCP server has a red arrow pointing down, this is a good indication that the DHCP server is not fully functional. To authorize DHCP server the account has to be a member of the enterprise admin group or a non enterprise admin account has to be delegated the rights to authorize DHCP servers (I will blog more about delegating rights later on).

    I read more about authorizing DHCP server on this site.

    http://technet.microsoft.com/en-us/l.../cc759688.aspx

    I now simply test fault tolerant on this two DHCP server by stopping, unplugging or shutting down Server 2 or Server 3 but not both (I imagined that by doing this, that I simulated a problem with one of my DHCP server that caused it to stop working), I noticed that when Server 2 is down, Client 1 gets an IP address from Server 3 Duh :P and vice versa, pretty simple rather than being talked by my CEO.

    WORD!
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #20
    Lab 5: DHCP Superscope using RRAS and 1 NIC with Virtual IP.

    This scenario explains on how to create a Superscope, generally I can create a single segment adjusting the subnet to accommodate around 500 clients a 255.255.254.0/23 will have 512 hosts. Instead it would be a better practice to use multiple segment to divide the broadcast domain, which will minimize network chattiness causing network bandwidth being used than needed, like mentioned in training materials client sending out broadcast will prompt every clients in the network to receive this broadcast, not intended destination clients will normally reply with another broadcast we can see where this thing is going, broadcast be-gets broadcast causing a slow network.

    This is when Superscope comes in handy, by creating 2 segments on a DHCP server and joining them together.

    Question: Why do I need a Superscope when I can do just the same thing with regular scope?
    Answer: Superscope should be named scopegroup, cause literally that's all it do, now in my situation if I have multiple DHCP scope spread out I can use superscope to group them together.

    Resources:

    Cname/Server1 - Hostname/w2k3en32-s07 (192.168.1.100)
    Cname/Server2 - Hostname/w2k3en64-s05 (192.168.1.200)
    Cname/Client 1 - Hostname/w2k3en64-s04 (DHCP enabled)
    Cname/Client 2 - Hostname/xpen32-c01 (DHCP enabled)

    The first step is to create a RRAS to route 192.168.1.0 and 192.168.2.0, I always remember that segments are design to not talk with each other, to let segments talk we will need a router. I will also configure a virtual IP address on a single NIC.

    Server 2/w2k3en64-s05 - RRAS
    IP Address: 192.168.1.200
    Subnet: 255.255.255.0
    Preferred DNS server: 192.168.1.100

    To create a virtual IP address, I simply went to Local Area Connection Properties > Internet Protocol (TCP/IP) and selected properties, from here I selected "advanced" and added the following entry as shown from the screenshot.



    This virtual IP will serves as a Gateway for LAN 2 192.168.2.0 network address, to test routing I simply ping the Gateway address of 192.168.1.200 and 192.168.2.200 from client1.

    Note: Please see my Lab 5: RRAS if you need more info about RRAS.

    The 2nd step I did is to create 2 different scope on Server2 using the following, and activating the scope that was created:

    Scope 1 - 192.168.1.0
    Address Range: 192.168.1.1 - 192.168.1.254
    Subnet: 255.255.255.0
    Scope Options:
    003 (192.168.1.200)
    006 (192.168.1.100)
    015 (soggyrice.local)
    044 (192.168.1.100)

    Scope 2 - 192.168.2.0
    Address Range: 192.168.1.1 - 192.168.1.254
    Subnet: 255.255.255.0
    Scope Options:
    003 (192.168.2.200)
    Note: I changed 003 using the virtual IP address I configured on RRAS server.

    006 (192.168.1.100)
    015 (soggyrice.local)
    044 (192.168.1.100)

    DHCP 1 screenshot:


    I will now create a superscope, I simply right click on DHCP server and selected "New Superscope" I named it "Soggyrice Master Superscope" I selected all of the available scopes and hit finished, note how "DHCP 1" screenshot differ compared to "DHCP 2" screenshot.

    DHCP 2 screenshot:


    If both clients 1 and 2 continuously gets an IP address from scope 1 "192.168.1.0" network, I would simply do the following to force client 2 to obtain an IP address from scope 2 "192.168.2.0" network.

    1. Exclude all available IP address from scope1.
    2. Create a reservation on scope2.

    Fortunately client 2 obtained an IP address from scope 2 "192.168.2.0" network.

    To test segment connectivity I simply ping Gateway 192.168.1.200 and 192.168.2.200 on client1 and client2 machines which replied fine, I now have a superscope in place.

    Coolness!
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Jul 2007
    Posts
    1,198
    #21
    LAB 5 DHCP: Relay Agent

    This scenario explains on how to relay DHCP broadcast sent by clients who is on a different segment by using DHCP Relay Agent, normally if you have a router that is RFC 1542 compliant we can enable “bootp” to forward DHCP broadcasts and contact the DHCP server.

    Usually client sends out a broadcast seeking for a DHCP server, but since DHCP server is on a different segment, client will not be able to obtain an IP address from a DHCP server instead it will get an automatic private IP address (APIPA).

    Relay Agent will listen for DHCP broadcast sent by client and forward it to a DHCP server, so this gives us an idea that no matter which segment DHCP broadcast is coming from, it will be picked up by the relay agent and will get forwarded to a DHCP server, so DHCP clients gets an IP address lease.

    First I configured a RRAS server to route 192.168.1.0 and 192.168.2.0 segment.

    RRAS
    Cname/Server3 – w2k3en64-s07/Hostname
    NIC 1: 192.168.1.230/255.255.255.0
    NIC 2: 192.168.2.230/255.255.255.0

    Second I configured Server2 which is the DHCP server with the following scopes:

    Scope 1 – 192.168.1.0
    IP Range 192.168.1.1 – 192.168.1.254
    Exclusion: 192.168.1.100, 192.168.1.230, 192.168.1.254
    Scope Options:
    003: 192.168.1.230
    006: 192.168.1.100
    015: soggyrice.local
    044: 192.168.1.100
    046: 0x8

    Scope 2 – 192.168.2.0
    IP Range 192.168.2.1 – 192.168.2.254
    Exclusion: 192.168.2.100, 192.168.2.230
    Scope Options:
    003: 192.168.2.230
    006: 192.168.1.100
    015: soggyrice.local
    044: 192.168.1.100
    046: 0x8

    Network Diagram:

    Client1 (dhcp client)
    |
    |
    Switch1 ---- Server1 DC/AD/DNS (192.168.1.100)
    |
    |
    |
    192.168.1.0/192.168.1.230
    Server3/w2k3en64-s05 - RRAS/DHCP Relay Agent
    192.168.2.0/192.168.2.230
    |
    |
    |
    Switch2 ---- Server2 DHCP Server (192.168.2.200)
    |
    |
    Client2 (dhcp client)

    Third I configured “DHCP Relay Agent” I started RRAS MMC console, and went to w2k3en64-s05 > IP Routing > General – right click general and selected “New Routing Protocol” and selected DHCP Relay Agent. I right click DHCP relay agent and went to properties, from here I added the DHCP server address which is 192.168.2.200.

    Screenshot 1:


    Screenshot 2:


    I configured DHCP relay agent interface which is needed since this is the gateway the relay agent will be listening to which is 192.168.1.230 gateway on the 192.168.1.0 network, if it hears and receives DHCP broadcast it will automatically forward it to a DHCP server, allowing dhcp client to obtain an IP address from the DHCP server that is located on a different segment.

    I simply right click DHCP Relay Agent and selected New Interface I selected Local Area Connection/NIC1 as the interface. Note how the relay agent "Requests received" counter has changed as shown on screenshot 3

    Screenshot 3:


    I will now test DHCP relay agent from client 1, please note that client 1 is connected to Switch1 which is also the 192.168.1.0 local area network, first I will try to delete any dhcp lease on the DHCP server to fully simulate client1 obtaining an IP address using the relay agent.

    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.

    C:\Documents and Settings\jbaello>ipconfig /all

    Windows IP Configuration

    Host Name . . . . . . . . . . . . : rtt-eng-002-pas
    Primary Dns Suffix . . . . . . . : edited
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : edited

    Ethernet adapter Local Area Connection:

    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Cont
    roller
    Physical Address. . . . . . . . . : edited
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 192.168.1.1
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.230
    DHCP Class ID . . . . . . . . . . :
    DNS Servers . . . . . . . . . . . : 192.168.1.100

    Ethernet adapter Wireless Network Connection:

    Media State . . . . . . . . . . . : Media disconnected
    Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card
    Physical Address. . . . . . . . . : edited

    C:\Documents and Settings\jbaello>ping 192.168.1.100

    Pinging 192.168.1.100 with 32 bytes of data:

    Reply from 192.168.1.100: bytes=32 time<1ms TTL=128
    Reply from 192.168.1.100: bytes=32 time<1ms TTL=128
    Reply from 192.168.1.100: bytes=32 time<1ms TTL=128
    Reply from 192.168.1.100: bytes=32 time<1ms TTL=128

    Ping statistics for 192.168.1.100:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    C:\Documents and Settings\jbaello>ping 192.168.1.230

    Pinging 192.168.1.230 with 32 bytes of data:

    Reply from 192.168.1.230: bytes=32 time<1ms TTL=128
    Reply from 192.168.1.230: bytes=32 time<1ms TTL=128
    Reply from 192.168.1.230: bytes=32 time<1ms TTL=128
    Reply from 192.168.1.230: bytes=32 time<1ms TTL=128

    Ping statistics for 192.168.1.230:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    C:\Documents and Settings\jbaello>ping 192.168.2.200

    Pinging 192.168.2.200 with 32 bytes of data:

    Reply from 192.168.2.200: bytes=32 time<1ms TTL=127
    Reply from 192.168.2.200: bytes=32 time<1ms TTL=127
    Reply from 192.168.2.200: bytes=32 time<1ms TTL=127
    Reply from 192.168.2.200: bytes=32 time<1ms TTL=127

    Ping statistics for 192.168.2.200:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    C:\Documents and Settings\jbaello>ping 192.168.2.230

    Pinging 192.168.2.230 with 32 bytes of data:

    Reply from 192.168.2.230: bytes=32 time<1ms TTL=128
    Reply from 192.168.2.230: bytes=32 time<1ms TTL=128
    Reply from 192.168.2.230: bytes=32 time<1ms TTL=128
    Reply from 192.168.2.230: bytes=32 time<1ms TTL=128

    Ping statistics for 192.168.2.230:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

    C:\Documents and Settings\jbaello>awesome!!!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks