2

I looking through the services list on some of the Windows 2012 R2 servers here and noticed that DHCP client is running, despite the servers using static IP on all interfaces.

This seemed like a no-brainer, and safe to stop. However, when I try to stop it I get the warning that that will drag 5(!) other services with it...

enter image description here

Is it safe for me to stop DHCP Client, or will that bring the server to a grinding halt (or affect its network connecivity)?

Evert
  • 162
  • 1
  • 3
  • 14
  • 6
    Why do you want to stop the service? – Craig Watson Jun 08 '15 at 08:51
  • Because I have static IP on all interfaces and have 0 use for a DHCP client on these boxes. But apparently the client is more than just a DHCP client, despite its name...? – Evert Jun 08 '15 at 12:32
  • Do not disable it, you will run into issues, where right now you are likely having none with the service running. The NLS and NLA services being dependant are a new thing with 2012, and must stay running. – DanBig Jun 08 '15 at 16:48
  • "The NLS and NLA services being dependant" ... This is a HUGE gotcha that I recently ran into. If NLS and NLA are not running, the network stack cannot determine if the server is in a "public" or a "private" network, so the Windows Firewall assumes "Public", which then causes things like WinRM to break for connections for other subnets. – Ryan Fisher Jul 02 '15 at 16:01

2 Answers2

2

As you have discovered on your own, the service is a core component of the Windows networking stack, and thus several other services depend on it; it's really best to leave it running.

If all your NICs are configured with static IP addresses, there really is no problem at all with this setup; the DHCP client service is only actually used when a NIC requires it.

Massimo
  • 68,714
  • 56
  • 196
  • 319
  • So the DHCP client does more than just being the client component for DHCP, apparently? – Evert Jun 08 '15 at 12:31
  • 1
    Yes. The DHCP Client service is also responsible for registering/unregistering Dynamic DNS records. You'd think the DNS Client service would do that, but DNS Client is your DNS cache. – Ryan Fisher Jul 02 '15 at 15:58
  • The Windows networking stack definitely has its quirks. Let's not even get into what kind of havoc ensues if you try to stop the Windows Firewall service... http://serverfault.com/questions/520509/how-can-i-back-up-my-recommendation-to-not-disable-the-windows-firewall-service – Massimo Jul 02 '15 at 16:30
  • It's worth mentioning here that, enabling Dynamic DNS Update unwisely is a high-security concern that could lead to "unintended one" to update your record which equals to the impact of compromising your domain controller, is some case. – KING SABRI May 15 '18 at 23:15
2

From the service description:

Registers and updates IP addresses and DNS records for this computer.

So no, you shouldn't disable this service if you want the server to register it's DNS records in the relevant AD DNS zone (assuming the server is joined to an AD domain).

As you've shown in your screenshot, other services depend on this service so those dependent services would be affected also.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171