ASA Migration of DHCP Scope to a Server

Similar Messages

• DHCP scope only for WiFi

  Hi. Is it possible to configure some DHCP scope on Windows Server 2012 R2
  only for WiFi devices?
  Maybe some policy?
  Thank you!

  Hi,
  Base on my experience, in the enterprise environment, we usually create a private vlan for the wireless terminal.
  Therefore you can create a dedicated scope for the wireless terminal device.
  More information:
  What's New in DHCP in Windows Server 2012 R2
  http://technet.microsoft.com/en-us/library/dn305900.aspx
  Configuring a DHCP Superscope
  http://technet.microsoft.com/en-us/library/dd759168.aspx
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• WDS Server - PXE + Diffrent DHCP Scope + Diffrent Network

  Dear All,
  I have a WDS Server + DHCP on one server and OS Deployment is working properly.
  but i have a different network with different DHCP Server + DHCP Scope and wanted to deploy the WDS images on that.
  so please guide me how to do this..
  Explanation : DHCP + WDS on 172.27.11.XX  (OS Deployment working properly)
  DHCP on 172.27.3.XX (Not Able to find PXE Server on this..) all ports are open and tried to add 66 and 67 port with WDS  name or IP but did not work.. please help..
  Thanks in advance
  Dhiraj Gaikawd

  Hi,
  You should configure IP helper on your router to point to your DHCP and WDS server.
  And make sure port 4011 on WDS is reachable accross router.
  Hope this helps.

• DHCP Scope verfication

  Hello,
  We are migrating our Windows 2003 R2 DHCP servers to Windows 2008 R2 Servers with netsh export/ import method. Is there a suggested method (s) to verify that the scopes and option settings are imported to its entirety.
  Microsoft has the a technet article for verfication, but not a complete document from my perspective. One of the steps say to verify the scope and other settings are migrated. But how? I understand this can be done from DHCP console, but when you have 100
  some scope this will be a hard task to do. Is there any way to verify the settings and scopes once DHCP database is migrated.
  TIA
  TIA TP

  Hi,
  Base on my experience, wen general use the migration tools for the complex DHCP service environment migration.
  You can refer the following step by step video for the migration:
  Migrating DHCP using the Windows Server 2008 R2 Migration Tools
  http://technet.microsoft.com/en-us/video/migrating-dhcp-using-the-windows-server-2008-r2-migration-tools.aspx
  The similar thread:
  Migrate DHCP - Server 2003 r2 to Server 2008 r2
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/90a17e2f-e5d7-4697-8027-fc9af2633e2c/migrate-dhcp-server-2003-r2-to-server-2008-r2?forum=winserverNIS
  Hope this helps.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• New DHCP scope

  Hi spice family..We have a 2008 domain environment and just added a new 2008 DC toone of ourbuildings (bld3). All the pcs and printers are currently assigned IPs from a DHCP server from another building (bld2). DHCP server at bld2 is serving out IPs to bld2 and bld3. I want to set up the new DC as a DHCP server for bld3 only with a new scope. currently: Bld2 DHCP scope - 192.169.70.100 - 192.168.70.230Goal: Bld3 DHCP scope - 192.168.72.50 - 192.168.72.200Oh, I forgot to mention that there is also a file server at bld3 that the users access there. So, all devices are currently on the 70 subnet there and I want to migrate everything to the 72 except for the statically assigned printers. We will leave half of the ports on the switch on the 70 subnet for the printers. What would be the best solution for this? and will it break the shares...
  This topic first appeared in the Spiceworks Community

  Lieberman Software released a study today that finds 87% of IT pros believe the reports of security breaches among financial institutions belie the true number of hacks occurring within the industry.According to eWeek, the report, which surveyed nearly 150 IT pros, concludes that IT faces a lack of confidence concerning of advanced persistent threat (APT) attacks and how organizations are able to deal with them.Speaking with eWeek, the current President of Lieberman Software, Philip Lieberman, explained that the rising use of "automation among attackers and the increased use of zero days and unpatched vulnerabilities are adding to [the security risks that organizations face]." While IT is partof the problem, Lieberman places a larger portion of blame with senior leadership, which doesn't build "resiliency into their business operations...

• Prestage DHCP scopes before DCPromo

  Hi all,
  We are looking to replace our W2003 DCs site servers with nice new shiny W2012 DCs and are currently thinking of hosting the DHCP role on the DCs. We are going to ensure that there is a standard domain account for DNS registration as per TechNet article
  cc774797 (currently unable to link to it)
  We are looking to prestage as much as possible including the DHCP role and relevant scopes beforehand, as we will be running Dcpromo on the night of the migration and once complete authorise the server and the scopes.
  Is this going to be cause any problems? All of the articles I have read say there is no real link between DHCP and AD (apart from authoring the server), however all seem to suggest installing and configuring the DHCP role after dcpromo.

  Hi Gerry,
  Yes, it is recommended to move the DHCP server role after the new server was promoted to a new DC and the related roles are transferred to it.
  After you promote the new server to a new DC and the DC replication is finished, you can export the DHCP configuration and DB backup on the old DC and then install the DHCP role and import the Database and configuration files to new DC. Then please stop
  the service from the old server before you authorize the new DHCP server. After you test all the functionality of new DC/DNS/DHCP server works fine, you can demote the old DC.
  Best regards,
  Susie
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• Migrating from SBS 2011 to Windows Server 2012R2 Standard with 365

  Im looking to move SBS 2011 to Server 2012R2 standard and with a 365 migration as well.
  Im thinking
  BPA for AD (health check)
  Add the Server2012R2 as a DC
  Ensure replication
  Move DHCP
  Change DNS
  Now this is where I get lost, now Im lost to use either dirsync or add essentials service, I have gone for standard and 30 cals with the option  as I have 28 users and the essentials service would make everything quite nice for remote access and backups
  etc....  however I don't know whether to just use dirsync with password replication instead ?
  Currently Im aiming towards getting the dc up and running then enabling essentials on the dc but I dont know how it will effect SBS and having essentials on the same network and sync'ing people to the cloud ? So Should I use DirSync on a different server
  instead to sync up to azure ?
  Finally with 365 I have only ever done a migration involving an export of pst's from an exchange box and then on a new domain with new pc's and reimport the pst's on the user accounts in outlook.
  However I have read when migrating to 365 was using exchange 2010 there was a application
  to move everything across however you needed an ssl cert iirc ? so I dont know how it works now since the nice new dashboard upgrade (assuming the tool has been updated like dirsync)
  along with the above how does AD now know where exahcnge if you use the migration app with an ssl cert and is it a case of still running the 365 config tool to configure each user to look at their mail in the
  cloud ? Also is it a good idea to enable essentials from the start of the 2012r2 dc for replication top 365 or to use dirsync ?
  then finally when replications is all good start transferring the FSMO roles over to the new DC and demote and remove the SBS server
  I have seen (below) but i dont think it covers this scenario and I cant be the only person in this situation =\ ?
  http://blogs.technet.com/b/infratalks/archive/2012/09/07/transition-from-small-business-server-to-standard-windows-server.aspx
  http://social.technet.microsoft.com/Forums/en-US/f552ef12-07a9-4f7a-bf5e-24500c3e1dc3/migrate-sbs-2011-to-server-2012-standard?forum=smallbusinessserver
  http://social.technet.microsoft.com/Forums/en-US/e1d4b09f-8857-4ef6-9a80-6a906e76b688/how-to-migrate-sbs-2011-to-standard-2012-server?forum=smallbusinessserver

  Hi,
  Would you please let us know current situation of this issue? If any update, please feel free to let us know.
  à
  Currently Im aiming towards getting the dc up and running then enabling essentials on the dc but I dont know how it will effect SBS and having essentials on the same network
  and sync'ing people to the cloud?
  I’m a little confused with the description. Did you mean that set up DC (Windows Server 2012 Standard) and
  then install the Windows Server Essentials Experience role? If so, when you migrate, please refer to the article:
  Migrate from Previous Versions to Windows Server 2012 R2 Essentials or Windows Server Essentials Experience
  Regarding to migrate Exchange to Office 365, please refer to following articles.
  Migrate
  All Mailboxes to the Cloud with a Cutover Exchange Migration
  Step-By-Step:
  Migrating from Exchange 2007 to Office 365
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
  does not guarantee the accuracy of this information.
  Meanwhile, there is an additional article that you can refer to:
  Manage Office 365 in Windows Server Essentials. It may help us to understand Office 365 in Server Essentials clearly.
  If anything I misunderstand, please don’t hesitate to let me know.
  Hope this helps.
  Best regards,
  Justin Gu

• Windows 2008 R2 DHCP scope change - Netsh Exec not working

  OK, there seems to be a disconnect between Netsh documentation and how it actually works.  We are in the process of re-addressing ALL our DHCP scopes (joys of a buy-out) and using the steps outlined in numerous MS articles and Blogs etc... we should
  be able to use "Netsh dhcp server scope 192.168.1.0 dump > scope1.cfg"  then modify the cfg file with the new scope address (i.e. change all 192.168.1. to lets say 10.10.5.).  Then use netsh exec scope1.cfg (yes, the file modified) to
  create the new scope which would contain all the "stuff" the current scope has (reservations, options, etc).  
  Well, all we get is the response "The following command was not found:   |".  
  Environment is as follows:
  Account is a domain admin
  working on a RDP session on the DHCP server
  Server is Windows 2008 R2 (current functioning DHCP server)
  Using administrative CMD (elevated)
  have tried changing context into Netsh | DHCP | Server and default CMD - all "no go"
  supporting link from MS: http://technet.microsoft.com/en-us/library/cc772372(v=ws.10).aspx#BKMK_1
  There's a lot of discussions around this, but I haven't seen any response that says how to actually do it.  export/import won't work for us since we have to update the scope info.  With almost 100 scopes to update, we really need this functionality!
  (or similar method)
  Any assistance would be greatly appreciated.

  OK...  It seems the issue is with the dump file.  I actually got exec to run once with a dump file which wasn't modified.  The stupid part is it only ran one time, I could not duplicate it.   Since
  I've beat this thing to death and no one could offer any assistance (Hello MS?), I'm not wasting any more time on it.   Luckily, I was able to figure out an alternate method.  
  Looking at the dump file I realized all the lines are just a straight NetSh commands, which means all I needed to do is grab the lines and preface them with NetSh.  Like this...
  for /f "tokens=*" %a in ('type scope.cfg ^| find /i "dhcp"') do NetSh %a
  where scope.cfg is your dump file.   This runs perfect and seems to be the exact thing that exec should be doing.  I did flip the "SET STATE 1" to "0" so the scope was deactivated  (Don't forget to run it in an elevated
  prompt).
  Hope this helps someone else so they aren't spending days for nothing!

• Ip source guard feature and dhcp DHCP scope exhaustion (client spoofs other clients)

  Hi everybody.
  A dhcp server assigns ip adress based on mac address carried by client hardware field in dhcp packets.
  One potential attack is when a rogue host mimics different mac addresses and causes dhcp server to assign the ip addresses until no ip address is left for legitimate host.
  For e.g a host h1 with mac1 has assigned ip address by dhcp server as:
  199.199.199.1 mac1
  Dhcp server has the above entry in its database.
  Using hacking tools such as Yersinia or Gobbler one can create a dhcp discover messages each time creating a different mac for client hardware field in dhcp server thereby causing a dhcp server to assign ip addresses because to dhcp server , these are legitimate dhcp discover messages with each carrying a different mac in client hardware addresses.
  You might say use dhcp snooping and it will prevent that (  dhcp scope exhaustion) and configure the switch to check if src mac matches the client hardware address in dhcp message. But still we can creat spoofed discover messages where src mac in ethernet header will match the client hardware address in dhcp discover message. We still did not overcome the problem.
  You might say use IP source guard feature but will it really prevent that problem from happening?
  Let me illustrate it :
  h1---------f1/1SW---------DHCP server
  Let say we have configured dhcp snooping on sw1 and f1/1 is untrusted port.  The switch has following dhcp binding
  199.199.199.1    mac1   vlan1  f1/1
  Next we configure ip source guard to  validate both src mac and src ip against the dhcp bindings  . When  we configures ip source guard first  , it will allow dhcp communication only so a host can request ip address and a dhcp binding can be built. After that ip source guard will validate src ip or src mac or both against the dhcp binding.depending upon how we configure ip source guard.
  In our case we have configured ip source guard to validate both src mac and src ip against the dhcp binding.
  A dhcp binding is already created as:
  199.199.199.1 mac1 vlan 1 f1/1
  Now using the hacking tools Yersinia or Gobbler on h1, we create our first spoofed dhcp discover message  where src mac=mac2 in ethernet header and  client harware address= mac2 in dhcp discover message. Since switch is configured with ip source guard feature and therefore allows dhcp discover message to pass through. Dhcp server upon receiving the dhcp message assigns another ip address from the pool. Now the dhcp server has following entries:
  199.199.199.1 mac1
  199.199.199.2 mac2.
  We can continue to craft spoofed dhcp discover messages as mentioned above and have dhcp server keep assigning ip addresses until the whole pool is exhausted.
  So my question is how does  ip source guard in conjuction with dhcp snooping prevent this particular attack from happening? ( i.e DHCP scope exhaustion)
  I really appreciate your input.
  thanks and have a great week.

  Thanks Karthikeyan.
  First of all, we gather all the information about the  locations of legitimate dhcp servers in our network. Once we have this information, we will configure the ports used to reach them as trusted. All the ports where end users will connect will be untrusted and therefore subject to dhcp snooping .
  it means if any of user connected in that switch/vlan runs a dhcp  services like vmware for eg. Snooping will prevent the dhcp/bootp  servers connected to that port will not be able to process.
  Yes that is correct. Because dhcp snooping feature will check these ports for the messages usually sent by dhcp server such as dhcp offer, etc. If the end user is running dhcp server using virtual machine, that port should be configured as trusted if it is dertermined  that end user is running a legitimate dhcp server using vm ware.
  When we have the dhcp snooping it prevents the 1st level of hacking  itself. I don't think so it will have any impact on dhcp address  releasing.
  I am sorry. You lost me here. What is 1 level of hacking?
  Dhcp snooping checks for dhcp messages such as dhcp release, dhcp decline.on untrusted port against the dhcp bindings.
  Here is why;
  h1---------SW1-------dhcp server
                 |
               h2
  Let say we don't have dhcp snooping in above attack and  h2 is a legitimate user has already assigned ip address 199.199.199.2 by dhcp server. Thus the dhcp server has an entry:
  199.199.199.2 mac2
  Next we connect rogue user and it gets ip address 199.199.199.1 now the dhcp server has entries:
  199.199.199. 1  mac1
  199.199.199.2   mac2
  Now using hacking tools, h1 create a fake dhcp release message  with  199.199.199.199.2   mac2
  Dhcp server upon receiving this message, will release the ip address and returns it to the pool.
  By using DHCP snooping, switch will peer inside dhcp release message and checks against the binding. If there is conflict, it will drop the message.
  IFor e.g
  If have dhcp snooping configured , then switch will have adhcp binding as:
  199.199.199.1    mac1    vlan 1   f1/1  lease time
  199.199.199.2     mac2    vlan 2    f1/2 lease time.
  If h1 tries to send fake dhcp release with ip address 199.199.199.2    mac2
  Switch will check ip address 199.199.199.2  and mac2 against the binding related to f1/1 . Sw will find a conflict and therefore drops the dhcp release packet.
  Thanks

• How to check particular DHCP Scope all Details.

  How to check particular one DHCP Scope ALL Details. Server is Windows 2003 so Powershell.
  Any Command like Netsh or anything? For a particular Scope.
  Also How to export & import a particular DHCP Scope?
  AliahMurfy

  Hi,
  With netsh command you can manage your DHCP server.
  For more information you can refer to:
  Netsh commands for DHCP
  http://technet.microsoft.com/en-us/library/cc787375.aspx#BKMK_export
  Especially for subtitle Netsh DHCP server
  Hope this helps.

• IPAM does not show all the dhcp scopes

  Hello,
  I have the following strange behavior.
  I've installed IPAM on a new server (2012 R2), all the acces rules are completed. But when i'm looking to the DHCP scope, not all off the scopes are included.
  For the moment its not possible to upload screenshots, but only 3 off the 4 scopes are included in IPAM.
  Has anyone an idee what the problem can be?
  Thank you in advance!
  Regards,
  Kevin

  Hi,
  Check the selections you have made for viewing first. To see IPv4 scopes, click DHCP Scopes in the upper navigation pane and IPv4 in the lower navigation pane. To see IPv6 scopes click IPv6 in the lower nav pane, etc.
  You can also view scopes by clicking DNS and DHCP Servers and choosing Server Type = DHCP and View  = Scope Properties. Again, you must click IPv4 or IPv6 in the lower nav pane. You can't view IPv4 and IPv6 scopes at the same time.
  Also check and see if the scopes are shown in IP Address Blocks when you choose the Current View = IP Address Ranges.
  If a scope was recently created on a DHCP server, or the server was recently added, then all data might not yet be gathered. Right-click the server in SERVER INVENTORY and then click Retrieve All Server Data, and be sure to refresh the view using the display
  pane refresh button or F5.
  Let me know if this helps.
  Thanks,
  -Greg

• DHCP scope full, event ID 1020

  Hi, one of our Windows 2008 R2 Domain controllers is returning the following warning message on almost a daily basis:
  Log Name:      System
  Source:        Microsoft-Windows-DHCP-Server
  Date:          19/11/2014 11:32:41 AM
  Event ID:      1020
  Task Category: None
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      computername.domain.x.x
  Description:
  Scope, 10.x.x.0, is 83 percent full with only 39 IP addresses remaining.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-DHCP-Server" Guid="{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}" EventSourceName="DhcpServer" />
      <EventID Qualifiers="0">1020</EventID>
      <Version>0</Version>
      <Level>3</Level>
      <Task>0</Task>
      <Opcode>0</Opcode>
      <Keywords>0x80000000000000</Keywords>
      <TimeCreated SystemTime="2014-11-19T00:32:41.000000000Z" />
      <EventRecordID>12980</EventRecordID>
      <Correlation />
      <Execution ProcessID="0" ThreadID="0" />
      <Channel>System</Channel>
      <Computer>computer.domain.x.x</Computer>
      <Security />
    </System>
    <EventData>
      <Data>10.x.x.x</Data>
      <Data>83</Data>
      <Data>39</Data>
    </EventData>
  </Event>
  Upon review of Microsoft Support online, I found the following article which illustrates a few options:
  http://support.microsoft.com/kb/255999/en-au
  What would be the logical choice for us, having the 10.x.x network?
  Ideally, it would be good not having to re-subnet anything if possible, or re-create the scope.
  Would a scope extension require a reboot of the server? Never done this before, so thought I should ask.

  Hi,
  According to your description, my understanding is that DC prompts an warning event ID 1020, indicate 83% full with DHCP scope.
  By default, the threshold value for firing of event 1020 is 80%. Estimate devices number, contrast with the number of IP address in this scope, if the percentage is less than 80%, you may try to reduce the lease duration and decrease the cleanup interval.
  This can help to speed the reclaiming of expired scope IP addresses.
  To reduce the lease duration:
  1.At the DHCP server, click Start, point to Administrative Tools, and then click
  DHCP.
  2.In the DCHP console tree, right-click the scope you want to configure, and then click
  Properties.
  3.On the General tab, under Lease duration for DHCP clients, type the new lease duration.
  To use a Netsh command to set the cleanup interval time:
  1.At the DHCP server, click Start, click Run, type
  cmd, and then press ENTER.
  2.Type netsh dhcp set databasecleanupinterval <NewInterval> (where "NewInterval" is the amount of time in minutes between DHCP database cleanups).
  As an existing DHCP scope, its subnet mask can’t be changed. If the Start Address and
  End Address do not currently include all addresses for your specific subnet, you can increase the number of addresses in the scope by extending the
  Start Address or End Address in the scope properties. This operation needn’t reboot.
  If neither of above 2 suggestions is applicable, new a DHCP scope or reference
  KB255999 (resubnetting and superscoping). At the same time, you need to change your network topology.
  Best Regards,           
  Eve Wang

• DHCP scope options: How TO

  Hi,
  I have a 10.4 server as DHCP for several VLANs. I need to setup DHCP scope options on two VLANs to be able to direct DHCP requests from a specific device (IP phones) to the relevant VLAN for obtianing IP addresses.
  I cannot see bootpd.plist in /etc and not much information available online about this.
  Found these two relevant posts but not much of help:
  http://discussions.apple.com/message.jspa?messageID=7200952
  http://discussions.info.apple.com/message.jspa?messageID=5054131
  I can export the serveradmin settings out and can see the entries but where and how do I make the scope entries? plist editor won't open the file and if i convert to csv in excel the existing data is there and logical but where do i enter my scope options?
  any help in the right direction will be much appreciated.
  cheers
  Muhammad

  You didn't try hard enough... ;). You need to use the Get-DhcpServerv4OptionValue cmdlet (or ...v6...).
  Get-DhcpServerv4OptionValue -ComputerName <computername> | Where-Object OptionID -eq 6 | Select-Object Value
  Edit: I think it's important that you know how I solved this problem. Perhaps you can put it to use yourself some time. The first thing I did was return all the 'get' DHCP cmdlets using this command: Get-Command -Module dhcp* -Name get-*. I quick scanned
  the cmdlets (actually, they're functions) and found the word 'option.' I jumped over to the DHCP MMC snap-in and quickly figured out why that sounded familiar. In the GUI, you right-click Server Options to get to this setting. I then ran the function in my
  example without piping it to the Where-Object cmdlet, and it return a value property. I then added the | Where-Object to filter down what was returned.
  In writing this edit, I determined there's actually an -OptionID parameter, which means I could have better written my example. Here's that now:
  Get-DhcpServerv4OptionValue -ComputerName <computername> -OptionID 6 | Select-Object Value
  Always filter as close to the left as possible. That's means we don't want to pipe to something when we can filter with a built-in parameter.

• How DHCP scope will work between two Wireless contoller

  Dear All,
               I would like to inform you that we are going to deploy Wireless Network with redundancy of Wireless LAN Controller and we need to figure out how DHCP scope would work during fail over  any one of Wireless LAN controller and DHCP Server .I have two site where Two Differenet DHCP Server would be palced with different DHCP socpe.So My query is that if Site-A(according to attached diagram) DHCP Server and controller fails how Wireless  client will take the DHCP scope from Site-B(according to attached diagram) DHCP Server as it has been configured different DHCP Scope.Can any one tell me whether i can configure same DHCP Scope at Both Site's DHCP Server.
  Is there any way to configure same DHCP Scope for two sites.For your infromation client wants two Different DHCP Server with different scope for Two Site and how redundancy would be ensured if any one WLC or DHCP goes down.
  I am eagerly waiting for your reply as early as possible.Please help to figure out the solution.
  I am going to attached Sample Design for your reference.
  Thanks and regards
  Erfan

  Erfan:
  My query was that if one wireless client already associated
  WLC-A with one IP block of Location-A (DHCP Server) using SSID named TEST. If DHCP-A or WLC-A goes down then how that same client would associate with WLC-B and get the IP Block from Location-B (DHCP Server) using same SSID name TEST.
  In this case the clinets connected to the APs in location A will disconnect (if the WLC went down) and they have to connect again when the APs join WLC-B. They will get IP address from location B block then.
  If DHCP went down when new clinets try to connect the primary DHCP is down so they are referred to the secondary DHCP. connected clinets will disconnect only when their DHCP lease times out. They will try to renew but the DHCP server is not available. They will disconnect then and connect again and getting IP from B site.
  1. How we will create same policy for that two different block using same SSID.
  what policy? where?..etc?
  2. client would be connected with Access point but they will get the IP through VLAN interface of the Controller and we have to assign IP helper address in the interface vlan.So how the the client would get the IP block if we assign two IP helper address in the interface vlan in case of failure of DHCP and WLC of one location.
  3. If we assign two IP helper address then which DHCP Server will release the IP for client and we can make delay between two DHCP Server to release the IP address.
  If two IP helpers are configured the switch will send them both the client's request and they client receives two offers. The clients chooses one of the offers. Usually the clinet will accept the faster DHCP server to respond.
  If you are using the DHCP on the WLC then it is different. The WLC will always try to reach the primary DHCP server as long as it is reachable. If the primary DHCP is not reachable then it falls back to the secondary DHCP server.
  Note that when you use IP helper then you usually disable DHCP Proxy feature on the controller. Do you have it disabled?

• DHCP scope

  Hi all i am facing issue with creating new scope in windows server 2012
  i have created a dhcp server on windows server with the details
  below.
  ip address 192.168.137.1
  subnet mask : 255.255.255.0
  now i am creating a new scope its not letting me do
  i am creating a new scope with 192.168.137.211
  or any its not let me create
  but if am selecting 
  10.1.10.100
  to
  10.1.10.200
  with subnet 255.0.0.0
  its created but when i am using the same on my added client windows 7 enterprise it is not able to ping to primary machine
  plz suggest me ..
  help me

  Hi,
  If you create the scope with the subnet mask 255.0.0.0, the scope would be 10.0.0.0/8. Since the 10.0.0.0/8 and the 192.168.127.0/24 are not in the same subnet, if you have
  no router between them, it would be impossible for them to connection.
  A DHCP server can only service requests for a scope whose network ID is the same as the network ID of its IP address without superscope or router. Since you DHCP server is
  in 192.168.127.0/24, you can add a scope with IP range from 192.168.137.2 to 192.168.137.254 with subnet mask 255.255.255.0.
  In addition, the links below would be helpful for you to better understand:
  Subnetting
  Configuring a DHCP Superscope
  DHCP Clients Are Unable to Get IP Addresses from a DHCP Server
  Best regards,
  Susie