For a small Active Directory managed network (say 30-50 DHCP clients) should I have a domain controller (and then somehow another one as a failover) hand out IPs via DHCP or should I just let my router do it?
Just an update, fyi:
We have two brand-new machines running as AD, DNS, etc. servers so we've got a nice setup going there. Just wondering if it makes sense to check the "DHCP" box on one or both of them as well, and turn it off in our router.
Best Answer
I'd hand out IP addresses with the Windows DHCP server. It's nicer than any router's DHCP server I've ever seen (as far as the management interface and displaying statistics). Perhaps I've grown soft w/ my age, but I prefer the GUI management in Windwos for DHCP Servers.
Having a secondary domain controller (also assigned the "Global Catalog" role) is a great cheap insurance policy. If you're not going to store any data on it then it doesn't have to have a "set the world on fire" disk subsystem or hardware redundancy. It's just really, really nice in a disaster scenario to have a second copy of AD around.
I'd have both DC's run DNS and "point" clients at both. You can configure both with either "root hints" or "forwarders" to your ISP's DNS servers-- your choice.
As far as a secondary DHCP server goes I'm fairly "down" on the behaviour of Microsoft DHCP Server when you have two overlapping DHCP servers. The behaviour becomes nondeterministic since they don't coordinate their activities (i.e. a client will get a lease from the first one that responds). My solution is to make sure that the DHCP database is backed-up each day and, in the event of failure, I'll manually roll the DHCP backup onto the secondary node and bring DHCP up there. Running 8+ day DHCP leases helps with this, too.
Perhaps I'm not paranoid enough, but in environments the size you're talking about w/ properly spec'd server computer hardware (UPS, redundant power supplies, RAID) I just don't "lose" server computers all that frequently enough to be worried sick about DHCP failover.