How to Configure DHCP and DNS on Windows Server: A Complete, Detailed Guide

Correctly configure services DHCP y DNS On a Windows server, this is key to keeping any business or home network running efficiently, orderly, and securely. These services not only automate IP address assignment and ensure that devices are perfectly recognized on the network, but also facilitate name resolution and centralized management, crucial for good infrastructure performance and scalability.

In this article I will show you Everything you need to know to install, configure, and setup DHCP and DNS services on Windows servers, covering each section in detail and in a completely practical way. From prerequisites, through scope creation and configuration, to Active Directory integration and troubleshooting the most common issues. If you have any questions about how to keep your network running like clockwork, here's the definitive guide.

Why is it essential to have properly configured DHCP and DNS?

Before getting started, it is important to understand Why these two services are the foundation of any modern network. The Dynamic Host Configuration Protocol (DHCP) It allows you to automatically assign IP addresses and other network parameters (such as subnet mask, gateway, or DNS) to connecting devices. This prevents conflicts due to duplicate IP addresses and manual errors, and simplifies daily network management.

In turn, the Domain Name System (DNS) Translates domain names into IP addresses, allowing users to access services and resources using easy-to-remember names instead of numbers. Additionally, its integration with DHCP means that any network changes, such as a new IP address assignment, are automatically reflected in name lookups.

Prerequisites and best practices before installing DHCP and DNS

Before starting, there are some things to be clear about: fundamental aspects to avoid future problems. Although it may seem obvious, There cannot be more than one active DHCP server on the same network segment Unless a redundant or highly available infrastructure has been planned, if more than one DHCP server is providing IP addresses, the devices may end up on different subnets, causing access problems.

• Define a static IP address for the server that will perform the DHCP and DNS roles. It's important that the server itself doesn't change its IP address.
• Take an inventory of the IP address ranges you will use on each segment or VLANYou'll need to exclude ranges intended for devices with fixed IP addresses (such as servers, printers, or routers).
• Check that your user credentials are administrator credentials., especially if the network is managed through Active Directory.
• Be clear about the domain name and DNS servers that will be usedThis is critical for devices to correctly resolve names within the network.
• If your network is segmented into VLANs, plan a scope for each one.. It is not necessary to have a DHCP server per VLAN, but you do need to configure the appropriate relay (DHCP Helper) on your routers.

Installing the DHCP role on Windows Server step by step

La Installing the DHCP Server Role In Windows Server, this is a fairly standard process that has barely changed in recent versions (2016, 2019, and 2022). Here's the most commonly used procedure:

1. Accesses server administrator and select the option Add roles and features.
2. Choose Feature-based or role-based installation, ideal for most cases, and select the destination server from the list.
3. Find and mark the DHCP Server function. When the pop-up appears, make sure you also add the recommended features for the service.
4. Click on Next and review the features. It's generally recommended to leave the default settings.
5. Confirm the installation and wait for it to finish. You can see the progress in real time, and once it's finished, click on Close.

In recent versions, after installing the role, you'll see a notification or banner at the top indicating that you need to complete the setup. Click the banner and select Complete DHCP configuration to launch the initial setup wizard.

This assistant will perform two key tasks:

• Automatic creation of DHCP security groups (DHCP Administrators and Users), required to delegate management permissions.
• DHCP Server Authorization in Active Directory (essential if the environment is part of a domain). To do this, you'll need domain administrator credentials. If the server isn't joined to a domain, simply skip this step.

Basic DHCP Configuration: Scopes, Exclusions, and Other Essential Options

Once the service is installed and authorized, the crucial moment of configuration arrives. This is where you truly define the heart of your network infrastructure. The process is similar in all recent versions of Windows Server and is performed from the console. DHCP.

Creating an IPv4 scope

1. Right-click on "IPv4" in the DHCP console and select New scope.
2. Assign a name and description to the new scope for easy identification (e.g., “Office User Network”).
3. Defines the IP address range that the server will automatically assign to clients, for example, from 192.168.1.100 to 192.168.1.200.
4. Configure exclusions if there are addresses within the range that are already used by devices with fixed IP addresses, such as servers, printers, or routers.
5. Establishes the duration of the concessionThe default value is 8 days, suitable for most scenarios. In environments with high device turnover (such as public Wi-Fi), this can be reduced to 2 or 4 hours.
6. Configure the default gateway that customers will use and add it to the list.
7. Specify the domain and DNS servers that clients should use when resolving names.
8. If you use WINS servers, you can add them at this point; if not, just skip this step.
9. Activate the scope to start distributing IP addresses automatically, or pause the activation if you don't want to start it yet.

Configuring scope options and policies

After you have created the scope, you can further customize the Advanced Options that customers will receive with the IP grant:

• DNS servers: Add the IPs of your internal or external DNS servers.
• DNS domain name: Indicates the name of the domain to which the clients will belong.
• Default Gateway: Already configured, but it is worth checking.
• Other useful options They can be NTP (to set the time automatically), static routes, etc.

In the console you can have two types of options:

• Server options: apply to all scopes configured on that DHCP server.
• Scope options: only affect clients that get IPs within that specific range.

Reservations and exclusions

A very interesting functionality is that of reserve IP addresses for certain devices, so that they always receive the same IP even if their configuration is automatic. This is associated with the steer axle truck MAC from the computer's network card. This is especially useful for printers, point-of-sale terminals, or systems that rely on a static IP address for critical services.

Filters and protection

You can set up white and black lists of allowed or blocked MAC addresses, as well as configure failover to ensure the high availability in critical environmentsIt's not something that's usually needed in SMEs, but it's essential in medium-sized and large companies.

Credentials and automatic DNS registration

From the advanced server options tab, you can specify the credentials of a domain user so the DHCP server can automatically register the A and PTR records in the DNS. This ensures that when an IP address changes hands, the old record disappears and no traces remain.

DNS Integration and Configuration on Windows Server

El DNS server It can be installed and configured alongside DHCP, especially in Active Directory environments, where it is essential for the proper functioning of directory and authentication services. By integrating DNS and DHCP, device records are dynamically updated without manual intervention.

For a standard implementation:

• Install the DNS role through the Server Manager.
• Create the direct zones (Forward Lookup) y reverse zones (Reverse Lookup) necessary according to your domain name and subnets.
• Make sure the option to dynamic update is enabled so that DHCP can interact and update records automatically.
• Adjust permissions according to the level of security you need to prevent unwanted modifications.

Remember that in mixed environments (with non-Windows devices), some computers may not automatically register their names in DNS, so it's a good idea to check it from time to time or assign reservations.

How to authorize and check the status of the DHCP server in Active Directory

When you work on a domain-based infrastructure, Authorize the DHCP server in Active Directory This is a mandatory step. This prevents the appearance of third-party or rogue DHCP servers that could distribute unwanted IP addresses or cause security problems.

Authorization can be completed during the initial wizard, but if you need to do it later:

1. Open the DHCP console and right-click on the server name.
2. Press on Authorize.
3. Within a few seconds, the server icon in the console will display a green symbol if it is authorized.
4. To check it from PowerShell, you can use the command:
   Get-DhcpServerInDC

If the server is unauthorized, it will appear with a red icon and will not be able to distribute addresses.

Day-to-day administration and common problem solving

Once up and running, managing the DHCP service is fairly straightforward, but there are a number of typical issues that often occur:

• Clients not obtaining an IP address: This is usually due to network problems, poorly connected cables, the DHCP server being stopped or unauthorized, or because the address pool has been exhausted.
• IP address conflicts: These usually appear when there is more than one DHCP server on the same network or IPs are manually assigned without excluding them from the DHCP range.
• DNS record not updating: Check that the DHCP credentials are correctly defined and that dynamic update is enabled in the DNS zone.

If you have problems with the service, it is recommended:

1. Restart the DHCP service from the Services console or from the command prompt with:
   net start dhcpserver
2. Check the Windows Event Viewer for relevant logs.
3. Review scopes and exclusions to ensure you don't run out of address ranges.
4. Verify that the server has network connectivity and, if virtual, that the network interface is correctly configured.

Configuring clients to obtain IP and basic testing

For client computers to obtain their address automatically, the network card configuration must be in mode Obtain an IP address automatically for both IP and DNS. You can always check the IP obtained using ipconfig /all from the console commands.

If a team receives an address from the range APIPA (169.254.xx) means that no DHCP server could be located. This is a good indication for diagnosing communication or configuration issues.

When performing commands like ipconfig /release y ipconfig /renew, you can force the release and request for a new IP, useful for testing or when fine-tuning server parameters.

Advanced Considerations: VLANs, Failover, and Security

In networks segmented by VLANs, the DHCP server can manage all of them at the same time, but it is essential that the router or layer 3 switch has configured the DHCP relay (IP helper) to forward requests for each segment to the DHCP server.

For businesses that require maximum availability, Windows Server allows you to configure failover (DHCP Failover), which involves having two DHCP servers synchronized to avoid interruptions in the event of a downtime. Learn more about this feature at shared resources in Windows.

At the security level, it is recommended to use MAC address filters to restrict network access, although in large environments this may be difficult to maintain.

An indispensable point is to maintain DHCP database backups and, if possible, save them on separate disks to facilitate disaster recovery.

Related article:

How to Promote a Server to a Domain Controller in Windows Server: Complete and Updated Guide

Having a professional and careful DHCP and DNS configuration in Windows Server not only ensures proper network performance, but also prevents countless headaches when scaling, migrating, or troubleshooting issues. Regularly reviewing scopes, event logs, and monitoring IP address usage is essential to keeping your infrastructure under control.

Isaac

Passionate writer about the world of bytes and technology in general. I love sharing my knowledge through writing, and that's what I'll do on this blog, show you all the most interesting things about gadgets, software, hardware, tech trends, and more. My goal is to help you navigate the digital world in a simple and entertaining way.