Become Part of our Team and Push Digital Sovereignty
- Teamleader IT / Project Manager (m/f/x)
- IT Consultant (m/f/x)
- Outbound Sales Represantative (m/f/x)
DHCP and DNS are two essential services in IT networks. While a DHCP server sends out information that clients need to communicate with other machines and services, DNS ensures that servers, clients, and services can be found by their names.
Table of Contents
The Dynamic Host Configuration Protocol dynamically assigns IP addresses and other configuration options to devices in a network. This way, it’s very easy to add new computers, tablets, or smartphones – administrators no longer have to configure every device manually, since the DHCP server does the job. This is why DHCP is great for larger networks with constantly changing clients, e.g. schools, companies, etc.
The DHCP server either distributes free IP addresses from a specific pool, or it assigns static addresses to the clients and identifies them via their MAC address (Media Access Control, unique identifier assigned to a network interface controller). In the first scenario, the clients can get different IPs, which can be convenient if the server hands out addresses from a small pool to a large number of devices (that are not active at the same time). If the DHCP server distributes static addresses, all clients always receive the same IP – ideal for network services or certain machines that have to be accessible around the clock.
The DHCP server also determines how long an IP address is valid. If the so-called lease time expires while a client is still active, it tries to automatically renew the lease time. Users don’t normally notice this exchange between the server and the client.
As I mentioned, the DHCP server can also transfer other information to the clients, such as subnet mask, name server, domain name, and gateway – even details for network booting (PXE boot, Preboot eXecution Environment), NTP (Network Time Protocol), or proxy configuration via WPAD (Web Proxy Auto-Discovery Protocol).
A unique feature of IPv6 is the stateless address configuration (SLAAC): Clients can pick their own addresses (based on the prefix being advertised on the connected network interface). A DHCP server can still be useful in IPv6 networks, as it can hand out information about the time server, domain names, DNS servers, etc. to clients.
Thanks to DNS nobody has to remember IP addresses – the Domain Name System is a hierarchical and decentralized naming system for computers, services, etc. connected to the internet or a private network. DNS works a bit like a telephone book: It assigns domain names like www.univention.de to numerical IP addresses (126.96.36.199) and vice versa. DNS consists of thousands of servers working together. If one server cannot resolve a name or IP, it can contact another server that can then ask the next one, and so on.
A DNS server in a private network is also responsible for the name resolution. It knows all IP addresses and names of the devices. For external queries, i.e. to the internet, the local name server can contact one or more external DNS servers.
Here we have summarized differences, purposes and advantages of DHCP and DNS for you.
|Definition||DHCP = Dynamic Host Configuration Protocol||DNS = Domian Name System|
|Port used||DHCP runs on port 67 and 68||DNS runs on port 53|
|Supported protocols||UDP||UDP, TCP|
|Type||Centralized system||Decentralized system|
|Advantages||Relieable method of configurating and assigning IP adresses||Prevents users from having to remember IP adresses themselves|
Dynamic DNS (DDNS) is a method of automatically updating DNS entries – particularly important when a DHCP and a DNS server interact. For example, after a DHCP server has assigned an IP to a requesting client, it can communicate this information to a DNS server which then automatically updates the DNS information.
Also, the client itself can transmit the information to the DNS server. This often happens with Windows clients. It is often referred to as DNS Update (RFC 2136) or Dynamic Update (Microsoft).
Tip: If you are looking for more detailled information on DNS, please visit our extensive DNS introduction.
DNS is a hierarchical structure: The root is at the top and represented by a dot (.). The next level is called top-level domain (TLD), e.g. com, org, or a country code as de, at, or ch. After another dot there is the second-level domain (SLD), sometimes followed by a third-level domain or another subdomain, each separated by a dot. Up to 255 characters are allowed. In some countries (e.g. the UK) the SLDs are fixed (e.g. .co.uk. or .gov.uk.). In other countries (like in Germany) second-level domains can be registered via providers who are DENIC (Deutsches Network Information Center) members or work with a DENIC member. The last part of the address is the hostname.
An address like www.univention.de. (with the final dot!) is called Fully Qualified Domain Name (FQDN). A lot of applications (i.e. web browsers) don’t necessarily need the dot that’s representing the root. That’s different for name servers like BIND (see the next section): When you enter the hostname in the Univention Management Console (UMC) always put in the FQDN with the dot and not the IP address.
In a UCS domain, there are different system roles: The domain controller master, the domain controller backup, and the domain controller slave all include a DNS server; the software is called BIND. It’s also possible to install a DHCP server on those machines (ISC DHCP). Please refer to the UCS manual for more information on how to set up those services.
The UCS OpenLDAP directory service is responsible for transmitting information about the DNS and DHCP services. You can use the UMC (Univention Management Console) and the UDM (Univention Directory Manager) to configure both services. All changes are automatically being sent to other UCS systems with the integrated listener/notifier replication mechanism.
Please note: If Samba is being used as an Active Directory domain controller, the DNS service uses Samba’s own directory service and no longer relies on OpenLDAP. This is a necessary prerequisite for the dynamic DNS update of Windows clients. The S4 connector makes sure that Samba’s and OpenLDAP’s DNS information remains consistent.
UCS offers a DHCP server app in the Univention App Center. After installing it, you can access its configuration via Domain / DHCP in the Univention Management Console.
Click on DHCP to configure the DHCP services for your domain. UCS automatically generates the services, e.g. when you install a UCS@school server. The next sections shows an example on how to set up a DHCP service for a school called Queen’s College.
When you install the DHCP server via the Univention App Center, UCS automatically assigns the newly created DHCP services to the correct DHCP server. As a result, newly created clients (via UMC or UDM) turn up as new LDAP objects, as well as new DHCP objects (see win7-Client in the example).
You can assign a static IP address (default setting), which means that the client always receives the same IP. The DNS information is created accordingly and synchronized with the UCS DNS server (listener/notifier).
If you prefer dynamically assigned IP addresses, please create a new DHCP subnet and enter a range of IP addresses. The DHCP server now picks IPs from this pool and distributes them to the clients.
The Policies menu on the left allows you to submit the DHCP settings to the subnet. This is where you decide whether the DHCP server assigns dynamic or static IP addresses and whether clients not known to the LDAP directory service should also receive an address. Alternatively, you can create several DHCP pools in the subnet. Each pool can manage its own range of IP addresses and other DHCP configuration options.
If you want to distribute IPs to all client computers – whether you created them in the directory service or not –, there are two things to keep in mind:
Like I said, it’s a good idea to work with UCS policies when configuring DHCP. The tree-like structure of LDAP directories is similar to that of a file system. Objects like users or computers are in a container. Policies are linked to those containers, so they can describe settings that are applied to more than one object. Using the Policies menu on the left, you can configure your DHCP objects, e.g. the lease time, boot options, etc. Of course, it’s possible to define policies for other DHCP objects, like DHCP services or subnets.
UCS automatically sets up DHCP, DNS, and DDNS for you which saves a lot of time and effort. Use administration tools like UMC (web interface) or UDM (on the command-line) to change the configuration and adjust the services to your own needs. Apart from the central administration, the UCS policies can be very helpful, especially in larger environments with many devices and services.
Stefanie Schneider studied physics at the University in Bremen before she decided to specialize in IT and open source. Since 2018 she's been working as an Open Source Software Consultant for the Professional Services team of Univention.
Can you help me provide some information?
In order to enable the DHCP and DNS services at Windows Server 2019 what are the information are required?
since this blog article is about UCS and not about Windows servers I can only advise you to have a look at Microsoft’s documentation on these services: https://docs.microsoft.com/en-US/windows-server/manage/windows-admin-center/use/manage-servers#dhcp
Hi. How to ensure that files on dhcp and dns servers in the same network are contiguousReply
I am not sure if I understand your question correct, but in case you are referring to to the files that are related to the configuration of the DNS and DHCP service in Univention Corporate Server are stored in in the LDAP-based Directory and every UCS providing DNS and/or DHCP will use the centrally stored configuration.Reply
How can I see the list of devices that have been allocated addresses from the UCS Pool? I can see the addresses on my router, but cannot see them in the UCS interface.
the feature to display assigned DHCP-leases is not yet implemented in the Univention Management Console. We already got some requests for the function and looking for a solution.
Even though it might look like a simple task, it is rather complicated, especially in a distributed environment with multiple DHCP-services running.
The server has two basic functions:
Managing IP addresses – The DHCP server controls a range of IP addresses and allocates them to clients, either permanently or for a defined period of time. The server uses a lease mechanism to determine how long a client can use a nonpermanent address. When the address is no longer in use, it is returned to the pool and can be reassigned. The server maintains information about the binding of IP addresses to clients in its DHCP network tables, ensuring that no address is used by more than one client.
Providing network configuration for clients – The server assigns an IP address and provides other information for network configuration, such as a host name, broadcast address, network subnet mask, default gateway, name service, and potentially much more information. The network configuration information is obtained from the server’s dhcptab database.Reply