Configuring DHCP Policies
DHCP policies in Microsoft DHCP enable to create conditions that dictate how IP addresses and configuration settings like Options, Custom options and dynamic DNS settings are assigned to clients based on specific criteria. The DHCP server delivers these specific settings to clients that match these conditions. This feature enhances flexibility and control over the DHCP service, allowing for more granular management of network resources.
Key Concepts:
- Policy-Based Assignment:
- DHCP policies allow for the assignment of IP addresses and options based on predefined conditions.
- Policies can be applied at the scope level or server level, enabling broad or targeted configurations.
- Conditions:
- Conditions specify the criteria that a DHCP client must meet for the policy to apply.
- Common conditions include MAC address, vendor class, user class, relay agent information, and more.
- Settings:
- Once a condition is met, specific settings or options can be assigned to the client.
- Settings can include IP address ranges, lease duration, DNS server addresses, gateway addresses, and other DHCP options.
Defining DHCP policies for Microsoft DHCP servers via DDI Central enables you to apply specific configurations to DHCP clients based on various criteria. Here’s a detailed guide on how to configure these policies:
Creating a DHCP Policy
- Get into the DHCP module. Select the Network menu.
- On the Network page, navigate to the Policy tab.
- Click on the Add Policy button.

- On the Create Policy page that appears, provide a unique name for the policy and an optional description to clarify its purpose.

- Select and assign the DHCP server on which the policy should be applied.
- Select the scope of the policy. Policies can be applied at both the server level (affecting all scopes) and the scope level (affecting a specific scope).There are two options available. Select Global to assign the policy to the whole DHCP server level or, select Subnet to apply the policy to a particular scope
- When the Scope is chosen as a subnet, you'll be prompted to choose a Subnet and a particular IP address range within the chosen subnet upon which the policy should be activated.
- Status: Policies can be enabled or disabled as needed. A disabled policy is skipped during DHCP client request processing.The Status toggle enables or disables the policy. When enabled, the policy is active and applies to matching DHCP requests.
- Lease Duration: Set the duration for which an IP address will be leased to a client as per the policy.
-
Condition: This enables to combine and evaluate multiple conditions. Conditions can be combined using logical operators. Choose the conditional operation required for the policy you are creating:
Options:
- OR: The policy will apply if any of the specified conditions are met.
- AND: The policy will apply only if all specified conditions are met.
- Define Conditions:
- Operator: Establishes the comparison logic for evaluating the condition. Defines how the condition will compare the criteria to the value(s) provided. Common operators include Equals and Does Not Equal.
-
Value(s): The specific value or set of values that the criteria will be compared against. Enter the appropriate value(s) based on the selected criteria. Provides the data that will be used to evaluate whether the condition is met.
Note: The input format for the value field for all the criteria is a hexadecimal string with or without hyphen separation.
-
Wildcard Options:
Detects if the incoming client request does contain or does not contain certain specific patterns
- Prefix Wildcard (*): Allows you to append a wildcard character (*) at the beginning of the value-element. Treats the preceding characters as wildcard characters and the characters that follows as the pattern for comparison. Useful for matching any text that ends with the specified value.
- Append Wildcard (*): Allows you to append a wildcard character (*) at the end of the value. Treats the characters preceding the * as the pattern for comparison and the rest of characters as wildcard characters. Useful for matching any text that ends with the specified value.Useful for matching any text that begins with the specified value.
- Click Save within the Add Condition dialog box to add the defined condition to the policy. Confirms the entered criteria, operator, and value, and includes this condition in the policy being created or edited. This will take you back to the Create Policy page.
-
Set DHCP Options:
Configure the specific general DHCP options or Custom options that will be applied to clients meeting the policy conditions. Options can include:
- IP Address Range: Specify a sub-range of IP addresses within the scope.
- Standard DHCP Options: Such as default gateway, DNS servers and more.
- Vendor Specific Options: Custom options provided categorized under various vendor profiles.
- Lease Duration: Optionally set a different lease duration from the default scope settings.
- Review the policy settings and click Save to apply the policy.
- Modify existing policies by clicking the Edit button beside each policy. You can change conditions and settings as needed. You can also delete them if required using the Delete button.
Let's consider an example:
Example: To create a server-level policy for clients that are not members of the domain ddicentral.com enter the condition as follows.
- Choose the Condition as OR.
- Add and name the condition for unique identification.
- In the Add Condition dialog box, select FQDN as the Criteria.
- Select the Operator as Not Equals.
- Under the Values section, enter the value as ".ddicentral.com"
- Select the option Prefix Wildcard(*).
- Click Save.
Note: A policy with conditions based on fully qualified domain name criteria can have configuration settings for DNS but not for options or IP address ranges.
By using DHCP policies, administrators can efficiently manage how IP addresses and other network configurations are assigned, ensuring optimal performance and security tailored to different client needs. The interface shown in the image provides a user-friendly way to create and manage these policies, streamlining the administration of DHCP settings.