Dhcp server, 2 dhcp server – Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

Chapter 8

Configuration of network services

110

Warning

In rules for DNS requests, it is necessary to enter an expression matching the full DNS

name! If, for example, the kerio.c* expression is introduced, only names kerio.cz,
kerio.com

etc. would match the rule and host names included in these domains (such

as www.kerio.cz and secure.kerio.com) would not!

•

Use the Reverse DNS query alternative to specify rule for DNS queries on IP addresses

in a particular subnet. Subnet is specified by a network address and a corresponding

mask (i.e. 192.168.1.0 / 255.255.255.0).

•

Use the Then forward query to DNS Server(s) field to specify IP address(es) of one or

more DNS server(s) to which queries will be forwarded.

If multiple DNS servers are specified, they are considered as primary, secondary, etc.

If the Do not forward option is checked, DNS queries will not be forwarded to any

other DNS server — WinRoute will search only in the hosts local file or in DHCP ta-

bles (see below). If requested name or IP address is not found, non-existence of the

name/address is reported to the client.

8.2 DHCP server

The DHCP protocol (Dynamic Host Configuration Protocol) is used for easy TCP/IP configura-

tion of hosts within the network. Upon an operation system start-up, the client host sends

a configuration request that is detected by the DHCP server. The DHCP server selects appro-

priate configuration parameters (IP address with appropriate subnet mask and other optional

parameters, such as IP address of the default gateway, addresses of DNS servers, domain

name, etc.) for the client stations. All client parameters can be set at the server only — at

individual hosts, enable the option that TCP/IP parameters are configured automatically from

the DHCP server. For most operating systems (e.g. Windows, Linux, etc.), this option is set by

default — it is not necessary to perform any additional settings at client hosts.

The DHCP server assigns clients IP addresses within a predefined scope for a certain period

(lease time). If an IP address is to be kept, the client must request an extension on the period

of time before the lease expires. If the client has not required an extension on the lease time,

the IP address is considered free and can be assigned to another client. This is performed

automatically and transparently.

So called reservations can be also defined on the DHCP server — certain clients will have their

own IP addresses reserved. Addresses can be reserved for a hardware address (MAC) or a host

name. These clients will have fixed IP address. These addresses are configured automatically.

Using DHCP brings two main benefits. First, the administration is much easier than with the

other protocols as all settings may be done at the server (it is not necessary to configure

individual workstations). Second, many network conflicts are eliminated (i.e. one IP address

cannot be assigned to more than one workstation, etc.).