SBS 2008 Migration: Remember DHCP Exclusions!Posted: June 9, 2009
In our migration to SBS 2008 at SATV, I got bitten by a network configuration that may happen to you as well, so take note.
SBS 2008, like past versions, has a wizard to configure your network connection; in the old days it was called the CEICW; now it is the Connect to the Internet Wizard (CTIW). It’s a great tool. It sets the defaults and lines things up just the way they should be on a small network. I love it since it sets a known baseline for me. Then, when I run the wizard, I’m free to do all the customizing I need.
That’s also the bad part: It sets, or resets the defaults and sets the baseline. If your baseline is different from the one SBS has out of the box, you need to know that before you run the wizard so that you can set things right.
The above screenshot is our DHCP configuration. We have a number of static IP devices. To give us space and consistent allocations, I reserved .1 through .50 and .241 through .254 in our subnet for static devices.
Normally, SBS will reserve .1 through .10 and optionally .254 if the router is at that address, as it is in our installation. You’re on the hook for any other exclusions you need to make. If you already have an exclusion for .1 to .20, for example, the CTIW will delete it, and make its new default exclusion for .1 to .10.
What if you have static IP’s in the .11 through .20 area?
That has some interesting effects on a Windows network. Some devices may not respond. DNS entries might mysteriously disappear (since Windows DNS is dynamically updated.) You might wonder if your AD is corrupted.
And your VPN clients may not be able to access internal network resources. Or their connections may work the next time but not the next time after that.
I’m fortunate not to find out what would have happened if I had a DC in that IP range!
Moral: Pay close attention to your existing configuration. Perform the migration. As soon as it’s complete and you’ve run the CTIW, open the DHCP console, open your server, the IP4 tab, your scope and your address range, create an exclusion that covers your devices.
Since the CTIW already makes an exclusion for .1 through .10, I prefer to make another exclusion from .11 to whereever my highest reserved number should be, usually .20, .30 or .50. Then I may make another exclusion at the high end of my subnet, say, .241 to .254. (If your router is at .254, it may already have an exclusion.)