Re: Wide area failures?

Wow, Ace! I LOVE complete answers. Thank you. I've been reading my *** off
all morning.

I'm fuzzy on one detail: If the windows 2003 server owns DHCP, what kind of
penalty do we pay for assignment through the VPN connection? I presume there
will be a slowdown, right?

The W2003 server is the DNS host/primary nameserver. We do not rely on the
ISP for DNS services. All locations have a T1 or better pipe, the routers at
the CSU/DSU are simple Netopia or older Cisco models. I had nothing to do
with the design of this network. It was in place for over 10 years (with
appropriate ad hoc upgrades) when I came on the scene. Now we are upgrading
and I need to anticipate problems.

Thanks for your help,

Mike
--
"The mind is quicker than you think!"


"Ace Fekay [MVP]" wrote:

In news:1A543601-8B44-437A-9E53-2BF57A3B2E81@xxxxxxxxxxxxx,
Mike Burke <MikeBurke@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Thank for the reply, Ace.

The updating deficiencies you mentioned may account for some of the
problems I discovered using the 2040 model. This is a TZ-190, and I
was informed just this afternoon that DHCP updating to the DNS server
is rock solid.

However, I value your input (based on the quality of your posts to
this group).

Can you direct me to specific analysis, comparisons or details? I may
have to influence at least 4 other people before we make changes.

BTW, the interest in domain-name-recognition stems from our intention
to create a Windows Domain Server and apply ADS in the near future.

I've been living on coffee for the last 2 days. It's hard on old men
like me.

Mike

I'll have to dig up documentation, but honestly most engineers in the
industry will tell you the same thing, if at all possible, there are greater
advantages using Windows DHCP. Security for one. I'm sure you are interested
in security. A router's DHCP service just does not offer security with
registration updates. Sure Windows clients will register themselves, but if
you get DHCP to own the record, it will self scavenge and rename the records
as the IPs are reused. Let me see one of those routers do that. I'm sure if
all the engineers and MVPs read this, they may jump in and reiterate this
often discussed subject in these newsgroups. You can probably search back,
although the thread titles don't reflect it, but they are in many responses
when folks post questions concerning their problems and it comes to light a
router DHCP is involved.

I thought there was an AD infrastructure in place. Good to hear you are
planning on moving forward with AD. What are you using now?

Keep in mind, DNS is IMPORTANT for AD. Matter of fact, AD will NOT work
without DNS. If you use your ISP's DNS, a long list of issues will occur.
Windows DHCP is authorized within AD to perform DHCP services. It will also
support backward level client registration that do not support registration.
Also, you can force Windows DHCP to register all clients, no matter what
version. Between that and configuring DHCP to won the records, and set
scavenging on the zone, you pretty much have a self -cleaning environment.
Cisco or any others cannot do this sort of stuff. Reservations are
configured easier. Security too.

One of the new DHCP features in 2008 is IP quarantine with a feature called
Network Access Protection.
http://www.microsoft.com/technet/network/nap/napoverview.mspx

And NAP for 2003: Network Access Quarantine Control in Windows Server 2003
http://technet.microsoft.com/en-us/library/bb726973.aspx

Besides being easier to manage Windows DHCP, to convince others about
technical advantages can be made easier by reading up on AD, DNS, DHCP and
how they interact. The more solid the DNS infrastructure, the more solid and
reliable AD will be. There is an AD Cookbook to read up on to help with your
future AD plans.

The following are some more links I found. Some are weak in the technical
area, but some are better than others.

DHCP box and Windows 2003 Server Domain Controller documentation (good one)
http://www.eggheadcafe.com/software/aspnet/31810545/dhcp-box-and-windows-2003.aspx

DHCP on server vs router
http://www.techexams.net/forums/viewtopic.php?p=216556

Windows DHCP vs Router DHCP (scroll down past the ads)
http://www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Cisco_PIX_Firewall/Q_22754770.html

Same thing.
http://www.computing.net/answers/networking/dhcp-router-vs-server/30739.html

O'Reilly Media | Active Directory CookbookThis Cookbook is also a perfect
companion to Active Directory, the tutorial that experts hail as the best
source for understanding Microsoft's network ...
http://www.oreilly.com/catalog/activedckbk/

I hope this helps.

Ace



.

Quantcast