部署 DHCP 使用 Windows PowerShellDeploy DHCP Using Windows PowerShell

適用於:Windows Server(以每年次管道)、Windows Server 2016Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016

本指南提供如何使用 Windows PowerShell 部署自動將 IP 位址和 DHCP 選項指派給您網路上的一或多個子網路連接 IPv4 DHCP 戶端網際網路通訊協定」(IP) 版本 4 動態主機設定通訊協定 (DHCP) 伺服器上的指示。This guide provides instructions on how to use Windows PowerShell to deploy an Internet Protocol (IP) version 4 Dynamic Host Configuration Protocol (DHCP) server that automatically assigns IP addresses and DHCP options to IPv4 DHCP clients that are connected to one or more subnets on your network.

注意

從 TechNet 庫下載 Word 格式這份文件,請查看部署 DHCP 使用 Windows PowerShell 中的 Windows Server 2016To download this document in Word format from TechNet Gallery, see Deploy DHCP Using Windows PowerShell in Windows Server 2016.

若要指定 IP 使用 DHCP 伺服器位址儲存管理費用因為您不需要手動設定 TCP/IP v4 設定中的針對所有網路介面卡,在網路上每一部電腦。Using DHCP servers to assign IP addresses saves in administrative overhead because you do not need to manually configure the TCP/IP v4 settings for every network adapter in every computer on your network. 使用 DHCP,當電腦自動執行 v4 的 TCP/IP 設定,或其他 DHCP client 已連接到您的網路。With DHCP, TCP/IP v4 configuration is performed automatically when a computer or other DHCP client is connected to your network.

為獨立伺服器,或做為 Active Directory domain 的一部分,您可以部署 DHCP 伺服器工作群組中。You can deploy your DHCP server in a workgroup as a standalone server, or as part of an Active Directory domain.

本指南包含下列各節。This guide contains the following sections.

DHCP 部署概觀DHCP Deployment Overview

下圖描述案例,您可以使用此快速入門部署。The following illustration depicts the scenario that you can deploy by using this guide. Active Directory domain 案例包含一個 DHCP 伺服器。The scenario includes one DHCP server in an Active Directory domain. 伺服器提供給 DHCP 戶端兩個不同的子網路上的 IP 位址設定。The server is configured to provide IP addresses to DHCP clients on two different subnets. 子網路分隔路由器的 DHCP 轉寄支援。The subnets are separated by a router that has DHCP Forwarding enabled.

DHCP 網路拓撲概觀

技術概觀Technology Overviews

下列章節提供 DHCP 和 TCP/IP 簡短的概觀。The following sections provide brief overviews of DHCP and TCP/IP.

DHCP 概觀DHCP overview

DHCP 是標準簡化主機 IP 設定的管理的 IP。DHCP is an IP standard for simplifying the management of host IP configuration. 標準 DHCP 提供使用 DHCP 伺服器管理 DHCP 式戶端,您網路上的 IP 位址動態配置及其他設定的相關詳細資料的方式。The DHCP standard provides for the use of DHCP servers as a way to manage dynamic allocation of IP addresses and other related configuration details for DHCP-enabled clients on your network.

DHCP 可讓您使用 DHCP 伺服器動態指派的電腦或其他裝置,例如印表機,請在您的區域網路,而不是以手動方式與靜態 IP 位址設定每部裝置的 IP 位址。DHCP allows you to use a DHCP server to dynamically assign an IP address to a computer or other device, such as a printer, on your local network, rather than manually configuring every device with a static IP address.

每個 TCP/IP 網路上的電腦必須唯一的 IP 位址,因為的 IP 位址,其相關子網路遮罩找出主機電腦和電腦連接的子網路。Every computer on a TCP/IP network must have a unique IP address, because the IP address and its related subnet mask identify both the host computer and the subnet to which the computer is attached. 使用 DHCP,您可以確保所有電腦設定為 DHCP 戶端都獲得適當的網路位置的子網路的 IP 位址,使用 DHCP 選項,例如預設閘道和 DNS 伺服器,您可以自動提供 DHCP 戶端正確運作,您網路上所需的資訊。By using DHCP, you can ensure that all computers that are configured as DHCP clients receive an IP address that is appropriate for their network location and subnet, and by using DHCP options, such as default gateway and DNS servers, you can automatically provide DHCP clients with the information that they need to function correctly on your network.

TCP 型網路,它可以減少參與設定電腦的系統管理工作量與複雜。For TCP/IP-based networks, DHCP reduces the complexity and amount of administrative work involved in configuring computers.

TCP/IP 概觀TCP/IP overview

根據預設,所有版本的 Windows Server 與 Windows Client 作業系統都有設定為自動取得 IP 位址和其他資訊,稱為 DHCP 選項,DHCP 伺服器的 IP 版本 4 的網路連接 TCP/IP 設定。By default, all versions of Windows Server and Windows Client operating systems have TCP/IP settings for IP version 4 network connections configured to automatically obtain an IP address and other information, called DHCP options, from a DHCP server. 因此,您不需要手動設定 TCP/IP 設定,除非電腦伺服器電腦或其他裝置,需要手動設定、靜態 IP 位址。Because of this, you do not need to configure TCP/IP settings manually unless the computer is a server computer or other device that requires a manually configured, static IP address.

例如,建議您手動設定 DHCP 伺服器的 IP 位址,以及執行 Active Directory Domain Services (AD DS) 網域控制站的 DNS 伺服器的 IP 位址。For example, it is recommended that you manually configure the IP address of the DHCP server, and the IP addresses of DNS servers and domain controllers that are running Active Directory Domain Services (AD DS).

以下是在 Windows Server 2016 TCP/IP:TCP/IP in Windows Server 2016 is the following:

  • 網路根據業界標準網路通訊協定的軟體。Networking software based on industry-standard networking protocols.

  • 路由企業網路通訊協定支援 windows 電腦的區域網路(區域網路)和寬區域 (WAN) 環境連接。A routable enterprise networking protocol that supports the connection of your Windows-based computer to both local area network (LAN) and wide area network (WAN) environments.

  • 核心技術與公共事業適用於 windows 的電腦連接的不同系統,以分享的資訊。Core technologies and utilities for connecting your Windows-based computer with dissimilar systems for the purpose of sharing information.

  • 適用於通用網際網路服務,例如檔案傳輸通訊協定(檔案)伺服器存取基本知識。A foundation for gaining access to global Internet services, such as Web and File Transfer Protocol (FTP) servers.

  • 穩定,延展性跨平台,client 日伺服器架構。A robust, scalable, cross-platform, client/server framework.

TCP/IP 提供基本 TCP/IP 公用程式,可讓 Windows 電腦連接並分享的資訊和其他 Microsoft、非 Microsoft 系統,包括:TCP/IP provides basic TCP/IP utilities that enable Windows-based computers to connect and share information with other Microsoft and non-Microsoft systems, including:

  • Windows Server 2016Windows Server 2016

  • Windows 10Windows 10

  • Windows Server 2012 R2Windows Server 2012 R2

  • Windows 8.1Windows 8.1

  • Windows Server 2012Windows Server 2012

  • Windows 8Windows 8

  • Windows Server 2008 R2Windows Server 2008 R2

  • Windows 7Windows 7

  • Windows Server 2008Windows Server 2008

  • Windows VistaWindows Vista

  • 網際網路主機Internet hosts

  • 蘋果 Macintosh 系統Apple Macintosh systems

  • 大型 IBM 主機IBM mainframes

  • UNIX 和 Linux 系統UNIX and Linux systems

  • 開放 VM 系統Open VMS systems

  • 網路準備印表機Network-ready printers

  • 平板電腦和行動電話有線乙太網路或 wireless 802.11 的技術支援Tablets and cellular telephones with wired Ethernet or wireless 802.11 technology enabled

規劃 DHCP 部署Plan DHCP Deployment

以下是金鑰規劃步驟之前,請先安裝 DHCP 伺服器角色。Following are key planning steps before installing the DHCP server role.

規劃伺服器 DHCP 和 DHCP 轉接Planning DHCP servers and DHCP forwarding

由於 DHCP 訊息廣播的訊息,它們不轉送之間路由器子網路。Because DHCP messages are broadcast messages, they are not forwarded between subnets by routers. 如果您有多個子網路,並想要提供 DHCP 為每個子網路的服務,您必須執行下列其中一個動作:If you have multiple subnets and want to provide DHCP service for each subnet, you must do one of the following:

  • 安裝每個子網路 DHCP 伺服器Install a DHCP server on each subnet

  • 設定路由器 DHCP 廣播的郵件轉寄子網路上並設定多個領域子網路每一個範圍 DHCP 伺服器上。Configure routers to forward DHCP broadcast messages across subnets and configure multiple scopes on the DHCP server, one scope per subnet.

在大部分案例中,設定,將 DHCP 廣播的郵件轉寄路由器有更多成本效益的比 DHCP 伺服器每個區段實體網路上的部署。In most cases, configuring routers to forward DHCP broadcast messages is more cost effective than deploying a DHCP server on each physical segment of the network.

規劃 IP 位址範圍Planning IP address ranges

每個子網路中必須有它自己獨特的 IP 位址。Each subnet must have its own unique IP address range. 這些範圍表示範圍 DHCP 伺服器上。These ranges are represented on a DHCP server with scopes.

領域是使用 DHCP 服務子網路上的電腦的 IP 位址管理群組。A scope is an administrative grouping of IP addresses for computers on a subnet that use the DHCP service. 系統管理員會先建立的每個實體的子網路的範圍,然後使用範圍定義用所使用的參數。The administrator first creates a scope for each physical subnet and then uses the scope to define the parameters used by clients.

領域具有下列屬性:A scope has the following properties:

  • IP 位址,包括或排除使用 DHCP 服務租用提供的地址。A range of IP addresses from which to include or exclude addresses used for DHCP service lease offerings.

  • 子網路遮罩] 判斷子網路首碼指定 IP 位址。A subnet mask, which determines the subnet prefix for a given IP address.

  • 指派建立時領域名稱。A scope name assigned when it is created.

  • 租用期間值,已指派給 DHCP 戶端接收動態配置的 IP 位址。Lease duration values, which are assigned to DHCP clients that receive dynamically allocated IP addresses.

  • 指派給 DHCP 戶端,例如 DNS 伺服器的 IP 位址和路由器] / [預設閘道 IP 位址設定的任何 DHCP 範圍選項。Any DHCP scope options configured for assignment to DHCP clients, such as DNS server IP address and router/default gateway IP address.

  • 保留也會用來確保 DHCP client 收到相同的 IP 位址。Reservations are optionally used to ensure that a DHCP client always receives the same IP address.

部署之前您的伺服器,會列出您子網路和您想要使用的每個子網路的 IP 位址範圍。Before deploying your servers, list your subnets and the IP address range you want to use for each subnet.

子網路遮罩計劃Planning subnet masks

使用 [子網路遮罩分辨網路 Id 和主機 Id 中 IP 位址。Network IDs and host IDs within an IP address are distinguished by using a subnet mask. 每個子網路遮罩是 32 位元數字使用連續元群組的所有的網路找出 (1) ID 和所有零 (0) 找出主機 ID 部分的 IP 位址。Each subnet mask is a 32-bit number that uses consecutive bit groups of all ones (1) to identify the network ID and all zeroes (0) to identify the host ID portions of an IP address.

例如,常用的 IP 位址 131.107.16.200 子網路遮罩是下列 32 位元二進位數字:For example, the subnet mask normally used with the IP address 131.107.16.200 is the following 32-bit binary number:

11111111 11111111 00000000 00000000

此子網路遮罩數字是 16 一位元後面 16 零位元,指出這個 IP 位址的網路 ID 和主機 ID 區段這兩個 16 位元的長度。This subnet mask number is 16 one-bits followed by 16 zero-bits, indicating that the network ID and host ID sections of this IP address are both 16 bits in length. 一般而言,這個子網路遮罩小數點標記中顯示為 255.255.0.0。Normally, this subnet mask is displayed in dotted decimal notation as 255.255.0.0.

下表顯示子網路遮罩網際網路位址類別。The following table displays subnet masks for the Internet address classes.

地址課Address class 子網路遮罩的位元Bits for subnet mask 子網路遮罩Subnet mask
A 課Class A 11111111 00000000 00000000 0000000011111111 00000000 00000000 00000000 255.0.0.0255.0.0.0
BClass B 11111111 11111111 00000000 0000000011111111 11111111 00000000 00000000 255.255.0.0255.255.0.0
C 課Class C 11111111 11111111 11111111 0000000011111111 11111111 11111111 00000000 255.255.255.0255.255.255.0

當您建立領域 DHCP 中,輸入 ip 範圍 DHCP 提供這些預設子網路遮罩值。When you create a scope in DHCP and you enter the IP address range for the scope, DHCP provides these default subnet mask values. 一般而言,子網路遮罩的預設值是適用於任何特殊需求大部分網路與其中每個 IP 網路區段對應單一實體網路。Typically, default subnet mask values are acceptable for most networks with no special requirements and where each IP network segment corresponds to a single physical network.

有時候,您可以使用 [自訂子網路遮罩實作 IP 子網路。In some cases, you can use customized subnet masks to implement IP subnetting. IP 子網路,您也可以細分預設主機 ID 部分指定的原始課程為基礎的網路 ID 量度子網路的 IP 位址With IP subnetting, you can subdivide the default host ID portion of an IP address to specify subnets, which are subdivisions of the original class-based network ID.

自訂子網路遮罩長度,您可以減少用於實際主機收到的位元By customizing the subnet mask length, you can reduce the number of bits that are used for the actual host ID.

若要防止地址和路由問題,您應該確定區段網路上的所有 TCP/IP 電腦都使用相同的子網路遮罩與每個電腦或裝置具有獨特的 IP 位址。To prevent addressing and routing problems, you should make sure that all TCP/IP computers on a network segment use the same subnet mask and that each computer or device has an unique IP address.

規劃範圍排除項目Planning exclusion ranges

當您建立範圍 DHCP 伺服器時,您可以指定 IP 位址範圍包含所有的租用 DHCP 戶端,例如電腦與其他裝置以允許 DHCP 伺服器的 IP 位址。When you create a scope on a DHCP server, you specify an IP address range that includes all of the IP addresses that the DHCP server is allowed to lease to DHCP clients, such as computers and other devices. 如果您然後並手動設定某些伺服器與其他裝置靜態相同的 IP 位址範圍使用 DHCP 伺服器的 IP 位址,您不小心可以建立 IP 位址衝突,有您和 DHCP 伺服器兩指派相同的 IP 位址不同的裝置。If you then go and manually configure some servers and other devices with static IP addresses from the same IP address range that the DHCP server is using, you can accidentally create an IP address conflict, where you and the DHCP server have both assigned the same IP address to different devices.

若要解開這個問題,您可以建立 DHCP 範圍排除項目範圍。To solve this problem, you can create an exclusion range for the DHCP scope. 排除項目範圍是介於領域的 IP 位址 DHCP 伺服器不受允許使用連續 IP 位址。An exclusion range is a contiguous range of IP addresses within the scope's IP address range that the DHCP server is not allowed to use. 如果您建立排除範圍,DHCP 伺服器不會指派範圍,讓您以手動方式將這些位址指派而不需要建立 IP 位址衝突中的位址。If you create an exclusion range, the DHCP server does not assign the addresses in that range, allowing you to manually assign these addresses without creating an IP address conflict.

您可以從排除 IP 位址 distribution DHCP 伺服器建立的每個領域排除範圍。You can exclude IP addresses from distribution by the DHCP server by creating an exclusion range for each scope. 適用於所有裝置與靜態 IP 位址設定,您應該使用排除項目。You should use exclusions for all devices that are configured with a static IP address. 排除的位址應該會包含所有伺服器,非 DHCP 戶端、無磁碟工作站,或其他路由並遠端存取和 PPP 手動指派的 IP 位址。The excluded addresses should include all IP addresses that you assigned manually to other servers, non-DHCP clients, diskless workstations, or Routing and Remote Access and PPP clients.

建議您在使用額外的地址,以配合未來網路成長設定您的範圍排除項目。It is recommended that you configure your exclusion range with extra addresses to accommodate future network growth. 下表 ip 10.0.0.1-10.0.0.254 和 255.255.255.0 子網路遮罩領域提供的範例排除範圍。The following table provides an example exclusion range for a scope with an IP address range of 10.0.0.1 - 10.0.0.254 and a subnet mask of 255.255.255.0.

設定項目Configuration items 範例值Example values
排除項目範圍開始 IP 位址Exclusion range Start IP Address 10.0.0.110.0.0.1
排除項目範圍結束 IP 位址Exclusion range End IP Address 10.0.0.2510.0.0.25

規劃靜態的 TCP/IP 設定Planning TCP/IP static configuration

特定裝置,例如路由器、DHCP 伺服器和 DNS 伺服器,必須使用靜態 IP 位址設定。Certain devices, such as routers, DHCP servers, and DNS servers, must be configured with a static IP address. 此外,您可能有其他裝置,例如印表機、想要確保永遠具有相同的 IP 位址。In addition, you might have additional devices, such as printers, that you want to ensure always have the same IP address. 列出的裝置,您靜態想要設定的每個子網路,並規劃排除範圍您想要使用 DHCP 伺服器上,以確保 DHCP 伺服器不會租用靜態設定裝置的 IP 位址。List the devices that you want to configure statically for each subnet, and then plan the exclusion range you want to use on the DHCP server to ensure that the DHCP server does not lease the IP address of a statically configured device. 排除項目範圍是有限的一連串中排除 DHCP 服務方案的範圍的 IP 位址。An exclusion range is a limited sequence of IP addresses within a scope, excluded from DHCP service offerings. 排除項目範圍確保給您網路上的 DHCP 戶端伺服器不提供任何這些範圍中的位址。Exclusion ranges assure that any addresses in these ranges are not offered by the server to DHCP clients on your network.

例如,如果子網路的 IP 位址範圍是透過 192.168.0.254 192.168.0.1 10 個裝置您想要使用靜態 IP 位址設定,您可以建立排除項目範圍 192.168.0 的。x包含十部或多個 IP 位址的範圍:192.168.0.1 透過 192.168.0.15。For example, if the IP address range for a subnet is 192.168.0.1 through 192.168.0.254 and you have ten devices that you want to configure with a static IP address, you can create an exclusion range for the 192.168.0.x scope that includes ten or more IP addresses: 192.168.0.1 through 192.168.0.15.

在此範例中,使用 10 排除 IP 位址伺服器和其他裝置設定成靜態 IP 位址,還有適用的新裝置,您可能想要新增未來靜態設定五個其他的 IP 位址。In this example, you use ten of the excluded IP addresses to configure servers and other devices with static IP addresses and five additional IP addresses are left available for static configuration of new devices that you might want to add in the future. 使用這個排除項目範圍,透過 192.168.0.254 192.168.0.16 位址集區與剩餘 DHCP 伺服器。With this exclusion range, the DHCP server is left with an address pool of 192.168.0.16 through 192.168.0.254.

下表中提供 AD DS 和 DNS 範例額外的設定項目。Additional example configuration items for AD DS and DNS are provided in the following table.

設定項目Configuration items 範例值Example values
網路連接繫結Network Connect Bindings 乙太網路Ethernet
DNS 伺服器設定DNS Server Settings DC1.corp.contoso.comDC1.corp.contoso.com
慣用的 DNS 伺服器的 IP 位址Preferred DNS server IP address 10.0.0.210.0.0.2
範圍值Scope values

1.範圍名稱1. Scope Name
2.開始 IP 位址2. Starting IP Address
3.結束 IP 位址3. Ending IP Address
4.子網路遮罩4. Subnet Mask
5.預設閘道(選擇性)5. Default Gateway (optional)
6.租用期間6. Lease duration
1.主要子網路1. Primary Subnet
2. 10.0.0.12. 10.0.0.1
3. 10.0.0.2543. 10.0.0.254
4. 255.255.255.04. 255.255.255.0
5. 10.0.0.15. 10.0.0.1
6.8 天6. 8 days
IPv6 DHCP 伺服器操作模式IPv6 DHCP Server Operation Mode 不支援Not enabled

本指南使用實驗室測試Using This Guide in a Test Lab

您可以使用此指南 production 環境中部署之前,DHCP 部署在實驗室測試。You can use this guide to deploy DHCP in a test lab before you deploy in a production environment.

注意

如果您不想在實驗室測試組織中部署 DHCP,您可以跳過一節部署 DHCPIf you do not want to deploy DHCP in a test lab, you can skip to the section Deploy DHCP.

實驗室您的需求會根據您正在使用實體伺服器或 (VMs) 虛擬電腦,以及您是否會使用 Active Directory domain 或部署獨立 DHCP 伺服器。The requirements for your lab differ depending on whether you are using physical servers or virtual machines (VMs), and whether you are using an Active Directory domain or deploying a standalone DHCP server.

您可以使用下列資訊,以判斷您需要測試使用本指南 DHCP 部署的最低資源。You can use the following information to determine the minimum resources you need to test DHCP deployment using this guide.

測試與 Vm Lab 需求Test Lab requirements with VMs

若要部署 DHCP 實驗室測試的 Vm 中,您需要下列資源。To deploy DHCP in a test lab with VMs, you need the following resources.

網域部署或獨立部署,您將需要設定為 Hyper\ HYPER-V 主機伺服器。For either domain deployment or standalone deployment, you need one server that is configured as a Hyper-V host.

網域部署Domain deployment

這個部署需要一個實體伺服器、一個 virtual 切換、兩個 virtual 伺服器,以及一個 virtual client:This deployment requires one physical server, one virtual switch, two virtual servers, and one virtual client:

您所在的伺服器,在 [HYPER-V 管理員建立下列項目。On your physical server, in Hyper-V Manager, create the following items.

  1. 一個內部virtual 切換。One Internal virtual switch. 不會建立外部virtual 切換,因為您的測試 Vm 子網路,其中包含 DHCP 伺服器上 Hyper\ HYPER-V 主機時,將會從 DHCP 伺服器收到 IP 位址。Do not create an External virtual switch, because if your Hyper-V host is on a subnet that includes a DHCP server, your test VMs will receive an IP address from your DHCP server. 此外,您要部署的測試 DHCP 伺服器可能指派到其他電腦上安裝 Hyper\ HYPER-V 主機的位置的子網路的 IP 位址。In addition, the test DHCP server that you deploy might assign IP addresses to other computers on the subnet where the Hyper-V host is installed.
  2. 您建立一個 VM 執行為網域控制站的 Active Directory Domain Services 連接到內部 virtual 切換設定 Windows Server 2106。One VM running Windows Server 2106 configured as a domain controller with Active Directory Domain Services that is connected to the Internal virtual switch you created. 本指南再比對,此伺服器必須 10.0.0.2 靜態設定的 IP 位址。To match this guide, this server must have a statically configured IP address of 10.0.0.2. 部署 AD DS 資訊,會看到一節部署 DC1 Windows Server 2016 中核心網路指南For information on deploying AD DS, see the section Deploying DC1 in the Windows Server 2016 Core Network Guide.
  3. 其中執行,您將會設定為 DHCP 伺服器及本指南使用的 Windows Server 2106 VM 已連接到 virtual 內部切換您建立。One VM running Windows Server 2106 that you will configure as a DHCP server by using this guide and that is connected to the Internal virtual switch you created.
  4. 執行 Windows client 作業系統連接到 virtual 內部一個 VM 切換所建立,而且您將會使用驗證,DHCP 伺服器動態配置 IP 位址和 DHCP 選項來 DHCP 戶端。One VM running a Windows client operating system that is connected to the Internal virtual switch you created and that you will use to verify that your DHCP server is dynamically allocating IP addresses and DHCP options to DHCP clients.

獨立 DHCP 伺服器部署Standalone DHCP server deployment

此部署需要一個實體伺服器、一 virtual 切換,一個 isp 與一個 virtual client:This deployment requires one physical server, one virtual switch, one virtual server, and one virtual client:

您所在的伺服器,在 [HYPER-V 管理員建立下列項目。On your physical server, in Hyper-V Manager, create the following items.

  1. 一個內部virtual 切換。One Internal virtual switch. 不會建立外部virtual 切換,因為您的測試 Vm 子網路,其中包含 DHCP 伺服器上 Hyper\ HYPER-V 主機時,將會從 DHCP 伺服器收到 IP 位址。Do not create an External virtual switch, because if your Hyper-V host is on a subnet that includes a DHCP server, your test VMs will receive an IP address from your DHCP server. 此外,您要部署的測試 DHCP 伺服器可能指派到其他電腦上安裝 Hyper\ HYPER-V 主機的位置的子網路的 IP 位址。In addition, the test DHCP server that you deploy might assign IP addresses to other computers on the subnet where the Hyper-V host is installed.
  2. 其中執行,您將會設定為 DHCP 伺服器及本指南使用的 Windows Server 2106 VM 已連接到 virtual 內部切換您建立。One VM running Windows Server 2106 that you will configure as a DHCP server by using this guide and that is connected to the Internal virtual switch you created.
  3. 執行 Windows client 作業系統連接到 virtual 內部一個 VM 切換所建立,而且您將會使用驗證,DHCP 伺服器動態配置 IP 位址和 DHCP 選項來 DHCP 戶端。One VM running a Windows client operating system that is connected to the Internal virtual switch you created and that you will use to verify that your DHCP server is dynamically allocating IP addresses and DHCP options to DHCP clients.

使用實體伺服器測試 Lab 需求Test Lab requirements with physical servers

若要在使用實體伺服器實驗室測試部署 DHCP,您需要下列資源。To deploy DHCP in a test lab with physical servers, you need the following resources.

網域部署Domain deployment

此部署需要一個中樞或切換、兩個實體伺服器和一個實體 client:This deployment requires one hub or switch, two physical servers and one physical client:

  1. 一乙太網路中樞或切換的可以連接實體電腦的纜乙太網路One Ethernet hub or switch to which you can connect the physical computers with Ethernet cables
  2. 實體電腦上執行為網域控制站 Active Directory Domain Services 與設定 Windows Server 2106。One physical computer running Windows Server 2106 configured as a domain controller with Active Directory Domain Services. 本指南再比對,此伺服器必須 10.0.0.2 靜態設定的 IP 位址。To match this guide, this server must have a statically configured IP address of 10.0.0.2. 部署 AD DS 資訊,會看到一節部署 DC1 Windows Server 2016 中核心網路指南For information on deploying AD DS, see the section Deploying DC1 in the Windows Server 2016 Core Network Guide.
  3. 實體電腦上執行 Windows Server 2106,您將會使用此快速入門設定為 DHCP 伺服器。One physical computer running Windows Server 2106 that you will configure as a DHCP server by using this guide.
  4. 實體電腦上執行 Windows client 作業系統,您將會使用,以確認您的 DHCP 伺服器動態配置 IP 位址和 DHCP 選項來 DHCP 戶端。One physical computer running a Windows client operating system that you will use to verify that your DHCP server is dynamically allocating IP addresses and DHCP options to DHCP clients.

注意

如果您不需要此部署不足,無法測試的電腦,可用於某部測試 AD DS 和 DHCP-不過 production 環境不建議使用此設定。If you do not have enough test machines for this deployment, you can use one test machine for both AD DS and DHCP - however this configuration is not recommended for a production environment.

獨立 DHCP 伺服器部署Standalone DHCP server deployment

此部署需要一個中樞或切換、實體伺服器、和一個實體 client:This deployment requires one hub or switch, one physical server, and one physical client:

  1. 一乙太網路中樞或切換的可以連接實體電腦的纜乙太網路One Ethernet hub or switch to which you can connect the physical computers with Ethernet cables
  2. 實體電腦上執行 Windows Server 2106,您將會使用此快速入門設定為 DHCP 伺服器。One physical computer running Windows Server 2106 that you will configure as a DHCP server by using this guide.
  3. 實體電腦上執行 Windows client 作業系統,您將會使用,以確認您的 DHCP 伺服器動態配置 IP 位址和 DHCP 選項來 DHCP 戶端。One physical computer running a Windows client operating system that you will use to verify that your DHCP server is dynamically allocating IP addresses and DHCP options to DHCP clients.

部署 DHCPDeploy DHCP

本章節提供的範例,您可以用來部署 DHCP 伺服器上的 Windows PowerShell 命令。This section provides example Windows PowerShell commands that you can use to deploy DHCP on one server. 之前,請先執行這些範例命令伺服器上,您必須修改以符合您的網路及環境的命令。Before you run these example commands on your server, you must modify the commands to match your network and environment.

例如您執行的命令之前,您應該會取代範例值在下列項目的命令中:For example, before you run the commands, you should replace example values in the commands for the following items:

  • 電腦名稱Computer names
  • IP 位址領域範圍為每個您想要設定(每個子網路 1 範圍)的IP Address range for each scope you want to configure (1 scope per subnet)
  • 子網路遮罩每個您想要設定的 IP 位址範圍Subnet mask for each IP address range you want to configure
  • 每個領域範圍名稱Scope name for each scope
  • 每個範圍排除項目範圍Exclusion range for each scope
  • DHCP 選項值,例如預設閘道、網域名稱和或 WINS DNS 伺服器DHCP option values, such as default gateway, domain name, and DNS or WINS servers
  • 介面名稱Interface names

重要

檢查並修改您的環境中的每個命令之前您執行的命令。Examine and modify every command for your environment before you run the command.

安裝 DHCP-要實體的電腦上 VM 的位置?Where to Install DHCP - on a physical computer or a VM?

您所在的電腦上或一樣安裝 DHCP 伺服器角色 (VM) Hyper\ HYPER-V 主機上安裝。You can install the DHCP server role on a physical computer or on a virtual machine (VM) that is installed on a Hyper-V host. 如果您正在安裝 DHCP VM 上您想要提供實體網路的 HYPER-V 主機已連接到電腦的 IP 位址指派 DHCP 伺服器,您必須連接 VM virtual 網路介面卡是 HYPER-V Virtual 切換到外部If you are installing DHCP on a VM and you want the DHCP server to provide IP address assignments to computers on the physical network to which the Hyper-V host is connected, you must connect the VM virtual network adapter to a Hyper-V Virtual Switch that is External.

如需詳細資訊,請查看區段Virtual 切換建立 HYPER-V 管理員與主題中的建立 virtual 網路For more information, see the section Create a Virtual Switch with Hyper-V Manager in the topic Create a virtual network.

系統管理員身分執行 Windows PowerShellRun Windows PowerShell as an Administrator

您可以使用下列程序,才能執行 Windows PowerShell 以系統管理員權限。You can use the following procedure to run Windows PowerShell with Administrator privileges.

  1. 在執行 Windows Server 2016 的電腦,請按一下[開始],然後以滑鼠右鍵按一下 [Windows PowerShell 圖示。On a computer running Windows Server 2016, click Start, then right-click the Windows PowerShell icon. 會出現功能表。A menu appears.

  2. 功能表中,按一下 [更多,然後按一下 [以系統管理員身分執行In the menu, click More, and then click Run as administrator. 如果出現提示,請輸入認證帳號在電腦上的系統管理員權限。If prompted, type the credentials for an account that has Administrator privileges on the computer. 如果系統管理員等級 account 與您的登入電腦的使用者帳號,您將不會收到 credential 提示。If the user account with which you are logged on to the computer is an Administrator level account, you will not receive a credential prompt.

  3. Windows PowerShell 開啟以系統管理員權限。Windows PowerShell opens with Administrator privileges.

重新命名 DHCP 伺服器,並設定靜態 IP 位址Rename the DHCP server and configure a static IP address

如果已經執行此動作,您可以使用下列的 Windows PowerShell 命令重新命名 DHCP 伺服器,並設定伺服器的靜態 IP 位址。If you have not already done so, you can use the following Windows PowerShell commands to rename the DHCP server and configure a static IP address for the server.

設定靜態 IP 位址Configure a static IP address

您可以使用下列命令,將靜態 IP 位址指派給 DHCP 伺服器,並且以正確 DNS 伺服器的 IP 位址設定 DHCP 伺服器 TCP/IP 屬性。You can use the following commands to assign a static IP address to the DHCP server, and to configure the DHCP server TCP/IP properties with the correct DNS server IP address. 您必須也取代介面名稱與 IP 位址,在此範例中您想要設定您的電腦使用的值。You must also replace interface names and IP addresses in this example with the values that you want to use to configure your computer.

New-NetIPAddress -IPAddress 10.0.0.3 -InterfaceAlias "Ethernet" -DefaultGateway 10.0.0.1 -AddressFamily IPv4 -PrefixLength 24

Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 10.0.0.2

如需下列命令,查看下列主題。For more information about these commands, see the following topics.

將電腦重新命名Rename the computer

您可以使用下列命令,以重新命名,然後重新開機。You can use the following commands to rename and then restart the computer.

Rename-Computer -Name DHCP1

Restart-Computer

如需下列命令,查看下列主題。For more information about these commands, see the following topics.

將電腦加入網域 (Optional)Join the computer to the domain (Optional)

如果您在 Active Directory domain 環境來安裝 DHCP 伺服器,您必須將電腦加入的網域。If you are installing your DHCP server in an Active Directory domain environment, you must join the computer to the domain. Windows PowerShell 開放的系統管理員權限,並更換網域名稱 NetBios 後執行下列命令CORP適用於您的環境的值。Open Windows PowerShell with Administrator privileges, and then run the following command after replacing the domain NetBios name CORP with a value that is appropriate for your environment.

Add-Computer CORP

出現提示時,輸入認證使用者核對有權限加入網域的電腦。When prompted, type the credentials for a domain user account that has permission to join a computer to the domain.

Restart-Computer

如需有關 Add-Computer 命令,查看下列主題。For more information about the Add-Computer command, see the following topic.

安裝 DHCPInstall DHCP

電腦重新開機之後,Windows PowerShell 開放的系統管理員權限,並執行下列命令,然後安裝 DHCP。After the computer restarts, open Windows PowerShell with Administrator privileges, and then install DHCP by running the following command.

Install-WindowsFeature DHCP -IncludeManagementTools

如需有關這個命令的詳細資訊,請查看下列主題。For more information about this command, see the following topic.

建立 DHCP 安全性群組Create DHCP security groups

若要建立安全性群組,您必須執行 Windows PowerShell、網路殼層 (netsh) 命令,並使變成作用中的新群組重新 DHCP 服務。To create security groups, you must run a Network Shell (netsh) command in Windows PowerShell, and then restart the DHCP service so that the new groups become active.

當您在 DHCP 伺服器上,執行下列 netsh 命令DHCP 系統管理員DHCP 使用者中建立安全性群組本機使用者和群組DHCP 伺服器上。When you run the following netsh command on the DHCP server, the DHCP Administrators and DHCP Users security groups are created in Local Users and Groups on the DHCP server.

netsh dhcp add securitygroups

下列命令重新開機 DHCP 服務本機電腦上。The following command restarts the DHCP service on the local computer.

Restart-service dhcpserver

如需下列命令,查看下列主題。For more information about these commands, see the following topics.

授權在 Active Directory (Optional) DHCP 伺服器Authorize the DHCP server in Active Directory (Optional)

如果您正在安裝 DHCP 網域環境中,您必須執行下列步驟來授權 DHCP 伺服器網域中運作。If you are installing DHCP in a domain environment, you must perform the following steps to authorize the DHCP server to operate in the domain.

注意

在 Active Directory 網域中安裝未經授權的 DHCP 伺服器無法正常運作,並不租用 DHCP 戶端 IP 位址。Unauthorized DHCP servers that are installed in Active Directory domains cannot function properly, and do not lease IP addresses to DHCP clients. 未經授權 DHCP 伺服器自動停用是正確的 IP 位址指派給您網路上的戶端可防止未經授權的 DHCP 伺服器的安全性功能。The automatic disabling of unauthorized DHCP servers is a security feature that prevents unauthorized DHCP servers from assigning incorrect IP addresses to clients on your network.

您可以使用下列命令新增 DHCP 伺服器的在 Active Directory 授權 DHCP 伺服器清單。You can use the following command to add the DHCP server to the list of authorized DHCP servers in Active Directory.

注意

如果您不網域環境,不會執行這個命令。If you do not have a domain environment, do not run this command.

Add-DhcpServerInDC -DnsName DHCP1.corp.contoso.com -IPAddress 10.0.0.3

若要驗證 DHCP 伺服器,在 Active Directory 授權,您可以使用下列命令。To verify that the DHCP server is authorized in Active Directory, you can use the following command.

Get-DhcpServerInDC

以下是範例 Windows PowerShell 中顯示的結果。Following are example results that are displayed in Windows PowerShell.

    IPAddress   DnsName
    ---------   -------
    10.0.0.3    DHCP1.corp.contoso.com

如需下列命令,查看下列主題。For more information about these commands, see the following topics.

通知伺服器管理員該 post\ 安裝 DHCP 設定已完成 (Optional)Notify Server Manager that post-install DHCP configuration is complete (Optional)

當您完成 post-安裝工作,例如建立安全性群組和授權 Active Directory 中的 DHCP 伺服器伺服器管理員可能仍會顯示在使用者介面這部,必須使用 DHCP 文章安裝設定精靈完成 post\ 安裝步驟警示。After you have completed post-installation tasks, such as creating security groups and authorizing the DHCP server in Active Directory, Server Manager might still display an alert in the user interface stating that post-installation steps must be completed by using the DHCP Post Installation Configuration wizard.

您可以防止顯示在伺服器管理員中,設定下列使用此 Windows PowerShell 命令機碼此 now\ 不必要並不正確的訊息。You can prevent this now-unnecessary and inaccurate message from appearing in Server Manager by configuring the following registry key using this Windows PowerShell command.

Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2

如需有關這個命令的詳細資訊,請查看下列主題。For more information about this command, see the following topic.

設定伺服器層級 DNS 動態更新設定設定 (Optional)Set server level DNS dynamic update configuration settings (Optional)

若要使用 DHCP 伺服器 DHCP client 電腦的執行 DNS 動態更新,您可以執行下列命令,此設定。If you want the DHCP server to perform DNS dynamic updates for DHCP client computers, you can run the following command to configure this setting. 這是設定,不範圍層級設定,讓它會影響您設定在伺服器上的所有範圍伺服器層級。This is a server level setting, not a scope level setting, so it will affect all scopes that you configure on the server. 這個命令範例也設定 DHCP 伺服器時 DNS 資源記錄戶端的 client 至少到期。This example command also configures the DHCP server to delete DNS resource records for clients when the client least expires.

Set-DhcpServerv4DnsSetting -ComputerName "DHCP1.corp.contoso.com" -DynamicUpdates "Always" -DeleteDnsRRonLeaseExpiry $True

您可以使用下列命令 DHCP 伺服器登記或移除 client 記錄 DNS 伺服器使用憑證的設定。You can use the following command to configure the credentials that the DHCP server uses to register or unregister client records on a DNS server. 此範例儲存認證 DHCP 伺服器上。This example saves a credential on a DHCP server. 使用第一個命令取得認證來建立PSCredential物件、,然後儲存中的物件$Credential變數。The first command uses Get-Credential to create a PSCredential object, and then stores the object in the $Credential variable. 命令提示您輸入使用者名稱和密碼,所以請確定您所提供的認證帳號,已更新資源記錄 DNS 伺服器上的權限。The command prompts you for user name and password, so ensure that you provide credentials for an account that has permission to update resource records on your DNS server.

$Credential = Get-Credential
Set-DhcpServerDnsCredential -Credential $Credential -ComputerName "DHCP1.corp.contoso.com"

如需下列命令,查看下列主題。For more information about these commands, see the following topics.

設定依舊套用範圍Configure the Corpnet Scope

DHCP 安裝完成後,您可以使用下列命令來設定和啟動依舊套用範圍,建立範圍,排除項目範圍設定 DHCP 選項預設閘道、DNS 伺服器的 IP 位址,以及 DNS 網域名稱。After DHCP installation is completed, you can use the following commands to configure and activate the Corpnet scope, create an exclusion range for the scope, and configure the DHCP options default gateway, DNS server IP address, and DNS domain name.

Add-DhcpServerv4Scope -name "Corpnet" -StartRange 10.0.0.1 -EndRange 10.0.0.254 -SubnetMask 255.255.255.0 -State Active`

Add-DhcpServerv4ExclusionRange -ScopeID 10.0.0.0 -StartRange 10.0.0.1 -EndRange 10.0.0.15`

Set-DhcpServerv4OptionValue -OptionID 3 -Value 10.0.0.1 -ScopeID 10.0.0.0 -ComputerName DHCP1.corp.contoso.com`

Set-DhcpServerv4OptionValue -DnsDomain corp.contoso.com -DnsServer 10.0.0.2

如需下列命令,查看下列主題。For more information about these commands, see the following topics.

設定 Corpnet2 範圍 (Optional)Configure the Corpnet2 Scope (Optional)

如果您有第二個子網路連接到第一個子網路路由器 DHCP 轉接功能的位置,您可以使用下列命令新增第二個範圍,名 Corpnet2 針對此範例。If you have a second subnet that is connected to the first subnet with a router where DHCP forwarding is enabled, you can use the following commands to add a second scope, named Corpnet2 for this example. 此範例中也設定排除範圍,以及預設閘道 IP 位址 \(路由器上的 IP 位址 subnet\)Corpnet2 子網路。This example also configures an exclusion range and the IP address for the default gateway (the router IP address on the subnet) of the Corpnet2 subnet.

Add-DhcpServerv4Scope -name "Corpnet2" -StartRange 10.0.1.1 -EndRange 10.0.1.254 -SubnetMask 255.255.255.0 -State Active

Add-DhcpServerv4ExclusionRange -ScopeID 10.0.1.0 -StartRange 10.0.1.1 -EndRange 10.0.1.15

Set-DhcpServerv4OptionValue -OptionID 3 -Value 10.0.1.1 -ScopeID 10.0.1.0 -ComputerName DHCP1.corp.contoso.com

如果您有其他的子網路的服務,此 DHCP 伺服器,您可以重複這些指令,若要新增的每個子網路的範圍所有命令的參數,使用不同的值。If you have additional subnets that are serviced by this DHCP server, you can repeat these commands, using different values for all of the command parameters, to add scopes for each subnet.

重要

請確定 DHCP 郵件轉寄所有路由器 DHCP 戶端和 DHCP 伺服器之間的都設定。Ensure that all routers between your DHCP clients and your DHCP server are configured for DHCP message forwarding. 如何設定 DHCP 轉接查看您路由器的文件的資訊。See your router documentation for information on how to configure DHCP forwarding.

請確認伺服器功能Verify Server Functionality

若要確認您 DHCP 伺服器,會提供給 DHCP 戶端的動態配置的 IP 位址,您可以子網路服務連接另一部電腦。To verify that your DHCP server is providing dynamic allocation of IP addresses to DHCP clients, you can connect another computer to a serviced subnet. 您的網路介面卡和電腦上的電源連接乙太網路電纜之後,它將會從您的 DHCP 伺服器要求 IP 位址。After you connect the Ethernet cable to the network adapter and power on the computer, it will request an IP address from your DHCP server. 您可以檢查成功設定使用ipconfig /all命令和檢查結果,或透過執行連接測試,例如嘗試存取您的瀏覽器或檔案共用的 Windows 檔案總管或其他應用程式使用 Web 資源。You can verify successful configuration by using the ipconfig /all command and reviewing the results, or by performing connectivity tests, such as attempting to access Web resources with your browser or file shares with Windows Explorer or other applications.

如果 client 不會收到 DHCP 伺服器的 IP 位址,請執行下列疑難排解步驟。If the client does not receive an IP address from your DHCP server, perform the following troubleshooting steps.

  1. 請確定乙太網路電纜插入都在電腦與乙太網路切換、中心] 或路由器。Ensure that the Ethernet cable is plugged into both the computer and the Ethernet switch, hub, or router.
  2. 如果您 client 電腦插入路由器分開 DHCP 伺服器網路區段,確定路由器設定向前 DHCP 訊息。If you plugged the client computer into a network segment that is separated from the DHCP server by a router, ensure that the router is configured to forward DHCP messages.
  3. 請確定 DHCP 伺服器授權 Active Directory 中,執行下列命令來擷取 Active Directory 授權 DHCP 伺服器清單。Ensure that the DHCP server is authorized in Active Directory by running the following command to retrieve the list of authorized DHCP servers from Active Directory. 取得-DhcpServerInDCGet-DhcpServerInDC.
  4. 確保的範圍啟動打開 DHCP 主控台 \ (伺服器管理員中,工具DHCP),展開伺服器樹檢視範圍,然後 right\ 按一下每個範圍。Ensure that your scopes are activated by opening the DHCP console (Server Manager, Tools, DHCP), expanding the server tree to review scopes, then right-clicking each scope. 如果接下來的功能表包括選擇Activate,按一下 [ ActivateIf the resulting menu includes the selection Activate, click Activate. \ (如果便會已經觸動範圍,功能表選取範圍就會顯示停用。)(If the scope is already activated, the menu selection reads Deactivate.)

Windows PowerShell 命令 DHCPWindows PowerShell Commands for DHCP

下列參考提供命令描述和語法所有 DHCP 伺服器 Windows PowerShell 命令的 Windows Server 2016。The following reference provides command descriptions and syntax for all DHCP Server Windows PowerShell commands for Windows Server 2016. 此主題列出的命令依字母順序根據動詞開頭命令,例如取得設定The topic lists commands in alphabetical order based on the verb at the beginning of the commands, such as Get or Set.

注意

在 Windows Server 2012 R2,您無法使用 Windows Server 2016 的命令。You can not use Windows Server 2016 commands in Windows Server 2012 R2.

下列參考提供命令描述和語法所有 DHCP 伺服器 Windows PowerShell 命令的 Windows Server 2012 R2。The following reference provides command descriptions and syntax for all DHCP Server Windows PowerShell commands for Windows Server 2012 R2. 此主題列出的命令依字母順序根據動詞開頭命令,例如取得設定The topic lists commands in alphabetical order based on the verb at the beginning of the commands, such as Get or Set.

注意

Windows Server 2016 中,您可以使用 Windows Server 2012 R2 的命令。You can use Windows Server 2012 R2 commands in Windows Server 2016.

本指南 Windows PowerShell 命令清單List of Windows PowerShell Commands in this guide

以下是簡單的指令和範例值本指南使用的清單。Following is a simple list of commands and example values that are used in this guide.

New-NetIPAddress -IPAddress 10.0.0.3 -InterfaceAlias "Ethernet" -DefaultGateway 10.0.0.1 -AddressFamily IPv4 -PrefixLength 24
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses 10.0.0.2
Rename-Computer -Name DHCP1
Restart-Computer

Add-Computer CORP
Restart-Computer

Install-WindowsFeature DHCP -IncludeManagementTools
netsh dhcp add securitygroups
Restart-service dhcpserver

Add-DhcpServerInDC -DnsName DHCP1.corp.contoso.com -IPAddress 10.0.0.3
Get-DhcpServerInDC

Set-ItemProperty –Path registry::HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ServerManager\Roles\12 –Name ConfigurationState –Value 2

Set-DhcpServerv4DnsSetting -ComputerName "DHCP1.corp.contoso.com" -DynamicUpdates "Always" -DeleteDnsRRonLeaseExpiry $True

$Credential = Get-Credential
Set-DhcpServerDnsCredential -Credential $Credential -ComputerName "DHCP1.corp.contoso.com"

rem At prompt, supply credential in form DOMAIN\user, password


rem Configure scope Corpnet

Add-DhcpServerv4Scope -name "Corpnet" -StartRange 10.0.0.1 -EndRange 10.0.0.254 -SubnetMask 255.255.255.0 -State Active

Add-DhcpServerv4ExclusionRange -ScopeID 10.0.0.0 -StartRange 10.0.0.1 -EndRange 10.0.0.15

Set-DhcpServerv4OptionValue -OptionID 3 -Value 10.0.0.1 -ScopeID 10.0.0.0 -ComputerName DHCP1.corp.contoso.com

Set-DhcpServerv4OptionValue -DnsDomain corp.contoso.com -DnsServer 10.0.0.2

rem Configure scope Corpnet2

Add-DhcpServerv4Scope -name "Corpnet2" -StartRange 10.0.1.1 -EndRange 10.0.1.254 -SubnetMask 255.255.255.0 -State Active

Add-DhcpServerv4ExclusionRange -ScopeID 10.0.1.0 -StartRange 10.0.1.1 -EndRange 10.0.1.15

Set-DhcpServerv4OptionValue -OptionID 3 -Value 10.0.1.1 -ScopeID 10.0.1.0 -ComputerName DHCP1.corp.contoso.com