blog posts

Dynamic Host Configuration Protocol (DHCP) is a network management protocol that automatically assigns IP addresses to devices on a network. This automation simplifies network administration, eliminating the need for manual IP configuration. DHCP is essential in both small local networks and large enterprise environments, ensuring seamless connectivity.

One of the key aspects of DHCP management is monitoring and analyzing the DHCP server to ensure its optimal performance. PowerShell provides a powerful set of cmdlets to retrieve crucial DHCP data, diagnose issues, and manage settings efficiently.

In this article, we will explore how to analyze a DHCP server using PowerShell. You will learn how to retrieve server information, check IP address allocations, analyze logs, and more.

Prerequisites: Installing the DHCP Server Module

To manage Windows-based DHCP servers, you must install the DHCP Server module, which is part of the Remote Server Administration Tools (RSAT). Ensure that RSAT for DHCP is installed before proceeding with PowerShell commands.

Identifying DHCP Servers on the Network

For effective DHCP analysis, the first step is identifying all DHCP servers in your environment. This is particularly important in larger networks with multiple DHCP servers.

The following PowerShell command retrieves a list of DHCP servers registered in Active Directory:

Get-DhcpServerInDC

To store the server names in a variable for further analysis:

$dhcps = (Get-DhcpServerInDC).DNSName

This command provides a list of DHCP servers available on your network. However, if a DHCP server is running but not registered in Active Directory, this method will not detect it.

Retrieving Basic DHCP Server Settings

Once you have identified the DHCP servers, you can check their settings. The following command retrieves essential information about a specific DHCP server:

Get-DhcpServerSetting -ComputerName <MyDHCP>

This command provides details such as:

• Whether the server is a domain member
• Whether it is authorized in Active Directory
• If its configuration was restored from a backup

To retrieve additional database-related information, use:

Get-DhcpServerDatabase -ComputerName <MyDHCP>

To check if logging is enabled and where log files are stored:

Get-DhcpServerAuditLog -ComputerName <MyDHCP>

However, this command does not display the log content. You will need to manually review the log files for detailed analysis.

IPv4 and IPv6 Specific Cmdlets

The DHCP Server module provides dedicated cmdlets for IPv4 and IPv6. Most cmdlets have a “4” or “6” suffix to indicate their respective IP versions. The following example retrieves general DHCP service statistics for IPv4:

Get-DhcpServerv4Statistics -ComputerName <MyDHCP>

This command provides an overview of DHCP service performance, including:

• Number of active leases
• Available IP addresses
• Lease duration statistics

For IPv6, use:

Get-DhcpServerv6Statistics -ComputerName <MyDHCP>

Analyzing DHCP Scopes

DHCP scopes define the range of IP addresses available for lease. To retrieve all scopes on a DHCP server, run:

Get-DhcpServerv4Scope -ComputerName <MyDHCP>

To retrieve scope statistics, including the percentage of used and available addresses:

Get-DhcpServerv4ScopeStatistics -ComputerName <MyDHCP>

For multiple DHCP servers, you can analyze all scopes in the domain:

$dhcps | ForEach-Object { Get-DhcpServerv4Scope -ComputerName $_ }

Managing IP Address Allocations

To analyze DHCP address allocation, use the following commands:

Free IP Addresses

To retrieve available IP addresses within a scope:

Get-DhcpServerv4FreeIPAddress -ComputerName <MyDHCP> -ScopeId 192.168.0.0 -StartAddress 192.168.0.50 -NumAddress 20

This command checks for 20 available addresses starting from 192.168.0.50.

Assigned IP Addresses

To retrieve a list of leased IP addresses:

Get-DhcpServerv4Lease -ComputerName <MyDHCP> -ScopeId 192.168.0.0

This command provides:

• Assigned IP addresses
• MAC addresses of clients
• Lease expiration details

Reserved IP Addresses

Reserved addresses are assigned to specific devices with static IPs. To retrieve reserved addresses:

Get-DhcpServerv4Reservation -ComputerName <MyDHCP> -ScopeId 192.168.0.0

Checking for Blocked Clients

If a client is unable to obtain an IP address, check whether it appears in the deny list:

Get-DhcpServerv4Filter -ComputerName <MyDHCP>

Conclusion

PowerShell provides an extensive set of tools for managing and analyzing DHCP servers efficiently. The DHCP Server module includes 121 cmdlets, allowing administrators to retrieve detailed information, monitor leases, and manage IP allocation dynamically. By leveraging these commands, IT professionals can maintain a robust and well-monitored DHCP infrastructure.

For further automation, PowerShell scripts can be created to monitor DHCP status, detect potential issues, and generate reports for proactive network management.