Monitoring and Troubleshooting the Windows DHCP Server
14. Mike is the senior network analyst at a financial firm in downtown Manhattan. On a typical day, Mike monitors network traffic, compiles the traffic into a report, and submits any abnormalities to the appropriate technology team.The network is composed of a Windows 2003 Active Directory back end and a combination ofWindows 2000 and Windows XP clients on the front end. On one particular Monday morning, Mike notices a large increase in the number of DHCPDECLINE messages coming from a majority of DHCP clients on subnet A. He checks the daily change control logs for any weekend work that might have caused this and comes across one entry of particular interest.The previous weekend, the systems team installed an additional DHCP server on subnet A to help balance the DHCP lease load on the existing DHCP server. With the data that Mike has already gathered, what conclusion can you come to as to the source of so many new DHCPDECLINE messages on Monday morning?
A. Conflict detection was not enabled on the new DHCP server.
B. The new DHCP server was configured with an overlapping scope of IP addresses.
C. The new DHCP server was not authorized, causing clients to decline its IP addresses.
D. The new DHCP server was not running Windows Server 2003.
0 B. Answer B is correct, because DHCPDECLINE messages are generated by clients that determine an IP address is already in use on the network and decline its use, asking for another valid IP address.Windows 2000 and Windows XP clients have conflict detection built into their DHCP client software and thus generate these messages when DHCP servers with overlapping DHCP scopes hand out conflicting IP addresses.
0 Answer A is incorrect because conflict detection on the server side would not generate DHCPDECLINE messages. Conflict detection on the server side is a means by which the server determines if the lease it is about to hand out is already is use; this reduces the incidence of clients issuing DHCPDECLINE messages. Answer C is incorrect because an unauthorized server does not cause clients to issue DHCPDECLINE messages, because it does not respond to client DHCP messages at all. Answer D is incorrect because running a DHCP server on a Windows 2003 server, as opposed to a Windows 2000 or Windows NT 4.0 server, has no bearing on the frequency of client DHCPDE-CLINE messages.
15. Gary has been the DHCP administrator for T&G Sporting Company for the past five years. When Gary retired last month, he gave the keys to the kingdom to Jeff, a newbie in the field of engineering but very eager to learn.Although new to a lot ofWindows technology, Jeff was the only administrator at T&G and thus had full rights to manage anything and everything. Jeff immediately began poking around into all the systems and services to learn as much as he could, as quickly as he could, before something broke and he had to learn it on the fly. Jeff was not quick enough. Jeff's manager, Jim, came up to him a few days after he took over, reporting that nobody on the second floor could access the Internet or anything else on the network. Jeff took a cursory look at the DHCP server service on the second floor and noticed that it was started. He then used the netsh utility to view the configuration of the DHCP scope, and noted that it appeared to be unchanged. He then looked at the System logs in the event viewer and noticed many specific errors with the source of DHCP server and Event ID of 1046.What did Jeff accidentally do to cause this problem while poking around in DHCP?
A. He deleted the DHCP database.
B. He unauthorized the DHCP server.
C. He turned off dynamic updates.
D. He created a multicast scope.
0 B. Answer B is correct because event ID 1046 specifically states that your DHCP server is no longer authorized in Active Directory and therefore will not hand out IP leases. With Jeff's Enterprise Admins group rights, he had the ability to remove DHCP servers from the authorization list.
0 Answer A is incorrect, because if Jeff had deleted the DHCP database, he would have had to stop the service first in order to free up the files in use. At this point, when the service started backup, a new database would have been created, which would have resulted in the output of the netsh command showing no scope data. Answers C and D are incorrect because these configurations have no effect on whether or not DHCP is handing out IP leases.
Post a comment