Using the Microsoft Management Console (MMC) DHCP snap-in to set up a DHCP server, authorize it, and create a DHCP scope is a fairly trivial task.
Unfortunately, if you have to create and manage dozens if not hundreds of subnets on a regular basis, using a GUI to create DHCP scopes with all the options you want, such as exclusions and reservations, is far from ideal. If you're sick of going through the MMC to create your new DHCP scopes, you'll be glad to hear that you can accomplish the necessary tasks at a command prompt. Windows Server 2003 includes a utility called Netsh that you can use to manipulate DHCP server parameters at the command prompt. This, of course, means that you can script DHCP scope setting and even incorporate it as part of an automated workflow.
Netsh
According to Microsoft's documentation, "Netsh is a command-line scripting utility that allows you to, either locally or remotely, display or modify the network configuration of a computer that is currently running." You can think of Netsh as just another command-line utility like xcopy.exe or net.exe, but it's really more of a command shell similar to Telnet or FTP. In fact, if you open a command prompt and type
netsh
you get a netsh prompt at which you can enter commands interactively with the shell.
You can use Netsh to view and make changes to network configurations, including DHCP, RAS, routing, and WINS configurations. Netsh is included with Windows XP and Windows 2003, but there are some slight differences between the two commands in the different OS versions. For example, you can't use the XP version of Netsh to access DHCP server configuration information. You can find out more about Netsh in "Netsh overview" (http://technet2.microsoft.com/windowsserver/en/library/61427fbd-de1f-4c8a-b613-321f7a3cca6a1033.mspx?mfr=true).
The CreateDHCPScope Script
The CreateDHCPScope.cmd Windows shell script, which Listing 1 shows, uses Netsh to do the bulk of its work. The script performs the following actions:
- Creates a DHCP scope on a designated server.
- Sets the IP range and default gateway.
- Activates the scope.
I will also show how you can modify the script to create exclusions and reservations.
The CreateDHCPScope script takes eight parameters, which represent the minimum settings a DHCP scope should have in order to be useful. After retrieving the parameters from the command line and assigning them some more useful variable names, the script's first task is to create the scope. In the code at callout A, you can see how the script creates a scope and gives it a name and a comment (which is the same as the description in the DHCP snap-in).
After the script has created the scope, it sets up the IP range and default gateway in the code at callout B. You'll notice that there's an explicit command to set the IP range, but setting the default gateway is done by setting the value of option 003. You can use this method to set other options. Table 1 shows a list of some of the more common DHCP options available and their descriptions.
The script's last step is to activate the scope (see the code at callout C). Using Netsh to create the scope leaves it in a deactivated state by default—you need to set the value of state to 1 to mark it as active. If you're testing this script in an environment that's visible from your production network, I suggest either commenting this section out or explicitly setting the state value to 0 to leave the scope inactive until you've verified that all the settings in the scope were correctly set.
Many DHCP scopes contain two additional settings that the Create-DHCPScope script doesn't show. These are DHCP exclusions and DHCP reservations. DHCP exclusions allow you to specify a range of IP addresses within a DHCP scope's inclusion ranges that the server should not assign. The excluded IP addresses are often set aside for routers and for nodes such as servers and printers that need static IP addresses.
Another way that you can assign static IP addresses without visiting each node is by implementing DHCP reservations. Reservations hold an IP address for a device (specified by the device's media access control—MAC—address) so that whenever that node tries to obtain an IP address from the DHCP server, it always receives the same IP address. In addition to letting you implement static IP addresses for nodes that require them (such as printers) without having to manually change the nodes' settings, reservations make it easy to keep track of the static IP addresses over time because they're all stored centrally on your server. Reservations are also useful for changing the subnet, subnet settings, DNS servers, and routers without visiting individual devices.