DHCP, Task: Compliance check-modifying the DHCP lease duration

Task: Compliance check - modifying the DHCP lease duration

Purpose

This task audits the lease duration configuration to ensure that it matches the original architectural intent.

Procedure 1: Use the DHCP manager to review scope lease durations

1. Click Start, then Run, and type:
   

   %SystemRoot%\system32\dhcpmgmt.msc /s

2. Double-click the server that is being evaluated for this optimization. This should display the currently configured scopes for the server.
3. Right-click the specific scope to modify, and choose Properties.
4. Note the lease length/duration, and repeat for other servers/scopes.
5. Compare this current value from established architecture baselines.
6. If the scopes are noncompliant, submit a request for change (RFC) to give visibility to this configuration drift.

To correct the configuration, repeat steps 1-4, modifying the lease length value on step 4.

Procedure Option 2: Use the netsh.exe to review scope lease durations

1. Access the DHCP administrative client either physically or via Terminal Services.
2. On the Start menu, click Run. Type cmd.exe and click OK.
3. Type the netsh command:
   

   Netsh DHCP Server \\<servername> scope x.x.x.x show optionvalue

4. Replace <servername> with the hostname of the DHCP server. Replace x.x.x.x with the IP of the DHCP server.
5. Note the Option Element Value specified under an OptionId of 51. This value is the lease length in seconds. Repeat step 2 for each server name and scope.
6. Compare this current value from established architecture baselines.
7. If the scopes are noncompliant, submit a request for change (RFC) to give visibility to this configuration drift.

When a scope is created, the default lease duration is set to eight days, which works well in most cases. However, because lease renewal is an ongoing process that may affect the performance of DHCP clients and the network, it might be useful to review the lease duration and change it or reset it where appropriate. Use the following guidelines to decide how best to modify lease duration settings for improving DHCP performance on the network:

● If there are many IP addresses available and configurations that rarely change on the network, increase the lease duration to reduce the frequency of lease renewal queries between clients and the DHCP server. This reduces network traffic.

● If there are few IP addresses available and if client configurations change frequently or clients move often on the network, reduce the lease duration. This increases the rate at which addresses are returned to the available address pool for reassignment.

● Consider the ratio between connected computers and available IP addresses. For example, if there are 40 systems sharing a Class C address (with 254 available addresses), the demand for reusing addresses is low. A long lease time, such as two months, would be appropriate in such a situation. However, if 230 computers share the same address pool, demand for available addresses is greater, and a lease time of a few days or weeks is more appropriate.

● Use infinite lease durations with caution. Even in a relatively stable environment, there is a certain amount of turnover among clients. At a minimum, roving computers might be added and removed, desktop computers might be moved from one office to another, and network adapter cards might be replaced. If a client with an infinite lease is removed from the network, the DHCP server is not notified, and the IP address cannot be reused. A better option is a long lease duration, such as six months. This ensures that addresses are ultimately recovered.

One option for implementation is creating lease times based on scope availability. For example, if scope availability is less than 10 percent, reduce the lease time per the following guidelines:

6 days >4 days >2 days >1 day

Dependencies

None

Technology Required

Base DHCP Windows Server 2003