Service Pack 4

Systems administrators have waited a long time for Windows NT 4.0's Service Pack 4. SP4 has received publicity primarily for its Security Configuration Editor (SCE—for more information about SCE, see Mark Joseph Edwards, "Service Pack 4's New Security Configuration Editor," October 1998), but don't let the service pack's real benefits pass you by. SP4 includes significant bug fixes and new features for three core NT networking technologies—Dynamic Host Configuration Protocol (DHCP), Windows Internet Naming Service (WINS), and Domain Name System (DNS). Here's a roundup of these technologies' failures and how SP4 fixes those problems.

Number of DHCP Scopes Expands
Some firms place a lot of scopes on one DHCP server—one large firm put 1200 scopes on one machine to centralize its DHCP services. The result of this setup is interesting. The system's 1200 scopes require 1200 subnets. When the server receives a DHCP discover message, it must find the scope for that particular subnet, then figure out which (if any) IP addresses are available for that subnet. Microsoft didn't build DHCP to handle 1200 scopes; when a DHCP query comes to the server, the server locks up the DHCP database and ignores incoming DHCP requests while it searches for the scope. This method isn't as goofy as it sounds; Microsoft expected customers to put no more than a dozen scopes on a DHCP server. If you have only a dozen scopes, the lock-and-search process doesn't take long. However, if you have 1200 scopes, the process can be time-consuming, and the fact that every DHCP search queries the database on disk worsens the problem.

SP4 fixes the DHCP slowness in two ways. First, it stores the DHCP database in RAM (which makes DHCP a little more—but not much more—RAM-thirsty). Second, SP4 offers a redesign of DHCP; the program is now multithreaded, so it can search the database and listen for new DHCP queries at the same time.

DHCP Handles More Reservations
SP4 offers more good news for big-network DHCP administrators. I've never run across this problem on my network, but if you don't have SP4 and you give a DHCP server more than 570 DHCP reservations, DHCP Manager displays only the past 570 reservations. This limitation makes managing lots of reservations impossible. Presumably, SP4 makes the sky the limit.

DHCP Server Rechecks Bad Addresses
When a DHCP server gives a DHCP client an IP address, the client verifies that no other machine is using that IP address before the client gets comfortable with the new address. Suppose a DHCP client receives the IP address 200.200.100.200. When it receives the address, it uses an Address Resolution Protocol (ARP) request to broadcast on the local subnet, asking the question, "Is anyone out there using 200.200.100.200?" If no computer responds to the ARP request, the DHCP client knows that it can use the address. But if a machine responds to the broadcast, the client knows that the DHCP server gave it a bad address. The client tells the DHCP server that its address is bad by sending the server a DHCP_DECLINE message (which basically tells the server, "Keep your IP address; I don't want it!"). When a DHCP server receives a DHCP_DECLINE message, it needs to note the bad address so that it won't offer another client the bad address. The DHCP server stores IP addresses that DHCP clients decline in its reserved addresses database; IP addresses in the reserved addresses database have the machine name BAD_ADDRESS.

So far, so good: Keeping track of bad IP addresses makes sense. But addresses that DHCP marks as bad might not stay bad—and once DHCP marks an address as bad, it always thinks the address is bad. The reserved addresses database's lack of a time limit can cause problems. In some large organizations, DHCP databases lock up bazillions of unused IP addresses because the addresses caused an IP address conflict at one time.

SP4 solves this potential problem by treating BAD_ADDRESS records as if they were any other DHCP lease. SP4 expires BAD_ADDRESS records after the network's typical lease period. When you apply SP4, it immediately notices and eliminates a bunch of BAD_ADDRESS records that have existed for much longer than the lease period. One side effect of installing SP4 is that suddenly your DHCP scopes have a lot of new IP addresses available.

DHCP Client Is More Tenacious
If a DHCP client discovers through an ARP that the IP address that its DHCP server provides is bad, the client declines the address and asks for another. If the second address that the DHCP server offers is also bad, an NT client without SP4 just gives up. But under SP4, DHCP clients don't give up after receiving two bad addresses. Microsoft hasn't announced how many IP address attempts an SP4 client will make, but the number is higher than two.

DHCP Offers More Logs
To log all DHCP actions, open DHCP Manager; select a server; and choose Server, Properties. DHCP logging is useful, but it produces one huge log for each server. Such large logs can be cumbersome to review. SP4 updates DHCP Manager to create seven logs: DHCPSrvLog.Mon, DHCPSrvLog.Tue, and so on. The improvement isn't huge, but it makes DHCP logging more manageable. (For more information about DHCP logging, see Darren Mar-Elia, "WINS and DHCP Preventive Maintenance," page 61.)

DHCP Excludes Addresses When You Expand the Scope
When I originally set up my class C network, I created a DHCP scope that handed out addresses between .12 and .100, but I excluded .33 and .50, the addresses of a Primary Domain Controller (PDC) and a mail server, respectively. I later expanded the scope to offer addresses from .5 to .200. Shortly after I expanded my scope, the PDC reported a duplicate IP address. DHCP had given .33 to a client machine. I scratched my head and moved the PDC to .240, an address outside the DHCP scope. (I later also moved the mail server to an address outside the scope.)

In acquainting myself with SP4, I discovered that the problem I ran into has always been characteristic of DHCP servers: When you extend the scope, DHCP forgets about the addresses that you told it to exclude. SP4 supposedly fixes that problem, and so far the fix seems to work.

   Previous  [1]  2  Next