Thursday, May 03, 2012 7:14 AM
When two servers are configured with a shared secret/key to communicate DHCP information what type of security is used? Are sync updates of lease status communicated on RPC port 135? is the data encrypted? If encryption is used does anyone know the strength?
Carl Smith MCITP-EA
Friday, May 04, 2012 6:47 AMModerator
Thanks for posting here.
Both nodes will authentic with each other with Kerberos protocol :
Account for administering the cluster: When you first create a cluster or add servers to it, you must be logged on to the domain with an account that has local administrator rights on all servers in that cluster. The account does not need to be a Domain Administrator account, but can be a Domain Users account that is in the DHCP Administrators group on each clustered server. In addition, if the account is not a Domain Administrator account, the account (or the group that the account is a member of) must be given the Create Computer Objects and Read All Properties permissions in the domain.
DHCP Step-by-Step Guide: Demonstrate DHCP Failover – Clustering in a Test Lab
For any detail information about cluster and other failover methods it is suggested post to High Availability (Clustering) forum:
TechNet Community Support
Wednesday, May 09, 2012 7:58 AMI understand from documentation that the DHCP load balancing and cluster features are supported within a workgroup (browse master) environment, as a result kerberos cannot be used in this scenario. The pre-shared key that is entered to setup the DHCP failover relationship seems to be what is used to generate the shared secret but I am unable to determine what the strength of the cryptography is, can anyone from Microsoft provide information on this?
Carl Smith MCITP-EA
Friday, May 11, 2012 4:59 AM
The shared secret is used for providing message authentication for the DHCP Failover messages (IP address lease synchronization) exchanged between the 2 DHCP servers in a failover relationship. By default, SHA-256 is used to generate the message authentication code for each message. In case an admin wishes to use a different crypto algorithm (other than SHA-256), it can be changed adding a registry value FailoverCryptoAlgorithm under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters\.
Let us know if you have further questions.
- Marked As Answer by Carls233 Thursday, December 06, 2012 11:14 AM