This presentation is great introduction to the dynamic host configuraton protocol "DHCP".
It also provides more protocol based details together with the comparison to BOOTP protocol.
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Tutorial on dhcp
1. Advanced data communication
Dynamic Host Configuration Protocol DHCP
and Auto configuration
BY
SALAH AMEAN AHMMED
2014-09-01 1
2. Overview
Introduction
Basics
Case - We play DHCP Server
◦ Problems
◦ Tasks
◦ Solutions
Autoconfiguration
◦ Basics
◦ Design goals
◦ Problems
◦ Solution
◦ Example protocols
Discussion
◦ Packet tracer demo
Conclusion
Questions and Answers
2014-09-01 2
3. DHCP Architecture
DHCP contains:
◦ DHCP clients
◦ DHCP servers
◦ DHCP relay agents on a network
clients interact with servers using DHCP messages
◦ To obtain and renew IP address leases.
2014-09-01 3
4. Configuration need
To be able to make use of TCP/IP protocol suite ,
◦ Each host,and router need certain amount of configuration information
◦ Configuration information is used to assign local names to systems, and identifiers(IP) to interfaces
◦ DNS and mobile IP agents
Many attempts to provides these info
Local broadcast
Outside communication(require routing)
2014-09-01 4
5. Reasons for such DHCP
First , hosts move more likely than routers and servers
◦ Mechanisms are required to assign and reassign configuration for hosts
Second, server are expected to be autonomus in term of users movement
◦ More confidentiality since configuration information is not dependant on other network services
Third,since devices are more than routers,
◦ Less error-prone
Fourth, in term of users experience,
◦ Simple
2014-09-01 5
6. DHCP parts
Address management:
◦ Handles the allocation of IP address and the lease to clients
◦ Handles the address management
Delivery of configuration data:
◦ DHCP protocol messages format and state machines
2014-09-01 6
7. DHCP Allocation Methods
Dynamic allocation
◦ given IP address is revocable
◦ IP address is given from a Pool (range of IP addresses) at the server
Automatic allocation
◦ Same method is used in getting the address
◦ Given IP address is never revoked
Manual allocation:
◦ The address is allocated based on the user’s request
◦ The address could be out of the DHCP allocated pool
Based on the identity of the node and the possibility of revoking the above methods differ
2014-09-01 7
8. Address pool and lease
DHCP client requests IP
DHCP server responses with address from DHCP pool
◦ Lease duration defines the time the user can utilize the address
◦ When expired, user may request extension
◦ Can be few minutes to days
Lease time is tradeoff between the number of expected clients, the size of the address pool,
and the desired stability of addresses
◦ Longer duration of lease,
◦ More stable
◦ But deplete the DHCP pool
Clients begin trying to renew lease tome after half time of the lease has passed
2014-09-01 8
9. Address pool and lease
DHCP Client sends request of IP address
◦ Name of the client
◦ Lease duration
◦ Copy of address it is using or last used
◦ Other parameters
Server response with the IP address together with the lease duration
◦ MAC address
◦ Time
◦ Interface
Server maintain the address in non-volatile memory
◦ So configuration of host wont get lost if server shutdown
2014-09-01 9
10. DHCP & BOOTP Message Format
DHCP extends BOOTP
Compatibility is maintained
BOOTP relay agents can process DHCP messages,
◦ BOOTP clients can use DHCP servers
2014-09-01 10
11. Similarities between BOOTP and DHCP
The format structure each uses to exchange messages between the server and clients
BOOTP and DHCP use nearly identical request messages (sent by clients) and reply messages (sent by servers). Messages in either of these protocols
use a single User Datagram Protocol (UDP) datagram of 576 bytes to enclose each protocol message. Message headers are the same for both BOOT
P and DHCP with one exception: the final message header field used to carry optional data. For BOOTP, this optional field is called the vendor-specifi
c area and is limited to 64 octets. For DHCP, this area is called the options field and can carry up to 312 octets of DHCP options information.
Use of well-known UDP ports for client/server communication
Both BOOTP and DHCP use the same reserved protocol ports for sending and receiving messages between servers and clients. Both BOOTP and DHC
P servers use UDP port 67 to listen for and receive client request messages. BOOTP and DHCP clients typically reserve UDP port 68 for accepting me
ssage replies from either a BOOTP server or DHCP server.
Because DHCP and BOOTP messages use nearly identical format types and packet structures, and typically use the same well-known service ports, B
OOTP or DHCP relay agent programs usually treat BOOTP and DHCP messages as essentially the same message type, without differentiating betwee
n them.
IP address distribution as an integral part of configuration service
Although both BOOTP and DHCP allocate IP addresses to clients during startup, they use different methods of allocation. BOOTP typically provides fi
xed allocation of a single IP address for each client, permanently reserving this address in the BOOTP server database. DHCP typically provides dyna
mic, leased allocation of available IP addresses, reserving each DHCP client address temporarily in the DHCP server database.
2014-09-01 11
12. BOOTP and DHCP
BOOTP DHCP
Designed prior to DHCP. Designed after BOOTP.
Intended to configure diskless workstations with limited boot capabilities. Intended to configure frequently relocated networked computers (such as portables) that have local har
d drives and full boot capabilities.
Dynamic BOOTP has a default 30-day expiration on IP address leases. DHCP has a default eight-day expiration on IP address leases.
Supports a limited number of client configuration parameters calledvendor extensions
.
Supports a larger and extensible set of client configuration parameters called options.
Describes a two-phase bootstrap configuration process, as follows:
•Clients contact BOOTP servers to perform address determination and boot file name
selection.
•Clients contact Trivial File Transfer Protocol (TFTP) servers to perform file transfer of
their boot image.
Describes a single-phase boot configuration process whereby a DHCP client negotiates with a DHCP serv
er to determine its IP address and obtain any other initial configuration details it needs for network oper
ation.
BOOTP clients do not rebind or renew configuration with the BOOTP server except wh
en the system restarts.
DHCP clients do not require a system restart to rebind or renew configuration with the DHCP server. Ins
tead, clients automatically enter a rebinding state at set timed intervals to renew their leased address al
location with the DHCP server. This process occurs in the background and is transparent to the user.
2014-09-01 12
13. Differences Between BOOTP and DHCP
BOOTP supports a limited number of client configuration parameters called vendo
r extensions , while DHCP supports a larger and extensible set of client configurati
on parameters called options.
BOOTP uses a two-phase bootstrap configuration process in which clients contact
BOOTP servers to perform address determination and boot file name selection, an
d clients contact Trivial File Transfer Protocol (TFTP) servers to perform file transfe
r of their boot image. DHCP uses a single-phase boot configuration process where
by a DHCP client negotiates with a DHCP server to determine its IP address and ob
tain any other initial configuration details it needs for network operation.
BOOTP clients do not rebind or renew configuration with the BOOTP server except
when the system restarts, while DHCP clients do not require a system restart to re
bind or renew configuration with the DHCP server. Instead, clients automatically e
nter the Rebinding state at set timed intervals to renew their leased address alloca
tion with the DHCP server. This process occurs in the background and is transpare
nt to the user.
2014-09-01 13
14. BOOTP
BOOTstrap Protocol (BOOTP)
◦ From 1985
◦ Host can configure its IP parameters at boot time.
◦ 3 services.
◦ IP address assignment.
◦ Detection of the IP address for a serving machine.
◦ The name of a file to be loaded and executed by the client machine (boot file name)
◦ Not only assign IP address, but also default router, network mask, etc.
◦ Sent as UDP messages (UDP Port 67 (server) and 68 (host))
◦ Use limited broadcast address (255.255.255.255):
◦ These addresses are never forwarded
2014-09-01 14
15. DHCP
Dynamic Host Configuration Protocol (DHCP)
◦ From 1993
◦ An extension of BOOTP, very similar to DHCP
◦ Same port numbers as BOOTP
◦ Extensions:
◦ Supports temporary allocation (“leases”) of IP addresses
◦ DHCP client can acquire all IP configuration parameters needed to operate
◦ DHCP is the preferred mechanism for dynamic assignment of IP addresses
◦ DHCP can interoperate with BOOTP clients.
2014-09-01 15
16. Message Format
16
Vendor specific is replaced with options
2014-09-01
17. DHCP Message Type
Message type is sent as an option. Value Message Type
1 DHCPDISCOVER
2 DHCPOFFER
3 DHCPREQUEST
4 DHCPDECLINE
5 DHCPACK
6 DHCPNAK
7 DHCPRELEASE
8 DHCPINFORM
17
18. Message Types
DHCPDISCOVER: Broadcast by a client to find available DHCP servers.
DHCPOFFER: Response from a server to a DHCPDISCOVER and offering IP address
and other parameters.
DHCPREQUEST: Message from a client to servers that does one of the following:
◦ Requests the parameters offered by one of the servers and declines all other offers.
◦ Verifies a previously allocated address after a system or network change (a reboot for example).
◦ Requests the extension of a lease on a particular address.
2014-09-01 18
19. Contd.
DHCPACK: Acknowledgement from server to client with parameters,
including IP address.
DHCPNACK: Negative acknowledgement from server to client, indicating that the client's lease has expired or
that a requested IP address is incorrect.
DHCPDECLINE: Message from client to server indicating that the offered address is already in use.
DHCPRELEASE: Message from client to server canceling remainder of a lease and relinquishing network
address.
DHCPINFORM: Message from a client that already has an IP address (manually configured for example),
requesting further configuration parameters from the DHCP server.
2014-09-01 19
20. DHCP operation
20
Client discover server and address offered by them
Client uses broadcast to request address
The selected server will respond to the client(others will be rejected)
If the client knows the address the process in simplified by
◦ Starting with REQUEST and ACK messages
The offer msg includes the lease upper bound to renew its address
◦ T1=t/2
◦ T2=7T/8
DHCPREQUEST is broadcast to all servers and only one server will respond
2014-09-01
21. DHCP operation
21
Several servers could be there
Client choose any server
Other servers declined
2014-09-01
22. DHCP state machine
DHCP client have few states
◦ INIT: no address yet
◦ Selecting: processing address
◦ Requesting: after selecting
◦ Bound address with T1 and T2
T1 client attempt renewing address
T1 expires client reacquires address from a server
2014-09-01 22
23. DHCP Operation DHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCPDISCOVER
Sent to 255.255.255.255
DHCP Server
DCHP DISCOVER
23
DHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPOFFER
DHCPOFFER
DCHP OFFER
2014-09-01
24. DHCP Operation
24
DHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPREQUEST
DCHP DISCOVER DHCPACK
At this time, the DHCP
client can start to use the IP
address
DHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPREQUEST
Renewing a Lease DHCPACK
(sent when 50% of lease
has expired)
If DHCP server sends
DHCPNACK, then
address is released.
2014-09-01
25. DHCP Operation
25
DHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPRELEASE
DCHP RELEASE
At this time, the DHCP
client has released the IP
address
2014-09-01
26. Client Server Interactions
The client broadcasts a DHCPDISCOVER message on its local physical subnet.
◦ The DHCPDISCOVER message may include some options such as network address
suggestion or lease duration.
Each server may respond with a DHCPOFFER message that includes an available
network address (your IP address) and other configuration options.
◦ The servers record the address as offered to the client to prevent the same address being
offered to other clients in the event of further DHCPDISCOVER messages being received
before the first client has completed its configuration.
2014-09-01 26
27. Contd.
The client receives one or more DHCPOFFER messages from one or more servers.
◦ The client chooses one based on the configuration parameters offered and
broadcasts a DHCPREQUEST message that includes the server identifier option to
indicate which message it has selected and the requested IP address option, taken
from your IP address in the selected offer.
◦ In the event that no offers are received, if the client has knowledge of a previous
network address, the client may reuse that address if its lease is still valid, until the
lease expires.
2014-09-01 27
28. Contd.
The servers receive the DHCPREQUEST broadcast from the client.
◦ Those servers not selected by the DHCPREQUEST message use the
message as notification that the client has declined that server's offer.
◦ The server selected in the DHCPREQUEST message commits the
binding for the client to persistent storage and responds with a
DHCPACK message containing the configuration parameters for the
requesting client.
2014-09-01 28
29. Contd.
The combination of client hardware and assigned network address constitute a unique
identifier for the client's lease and are used by both the client and server to identify a
lease referred to in any DHCP messages.
The your IP address field in the DHCPACK messages is filled in with the selected
network address.
2014-09-01 29
30. Contd.
The client receives the DHCPACK message with configuration parameters.
◦ The client performs a final check on the parameters, for example with ARP for
allocated network address, and notes the duration of the lease and the lease
identification cookie specified in the DHCPACK message. At this point, the client is
configured.
◦ If the client detects a problem with the parameters in the DHCPACK message (the
address is already in use on the network, for example), the client sends a
DHCPDECLINE message to the server and restarts the configuration process.
2014-09-01 30
31. Contd.
The client should wait a minimum of ten seconds before restarting the configuration
process to avoid excessive network traffic in case of looping.
On receipt of a DHCPDECLINE, the server must mark the offered address as
unavailable (and possibly inform the system administrator that there is a configuration
problem).
If the client receives a DHCPNAK message, the client restarts the configuration process.
2014-09-01 31
32. Contd.
The client may choose to relinquish its lease on a network address by sending a
DHCPRELEASE message to the server.
The client identifies the lease to be released by including its network address and its
hardware address.
2014-09-01 32
33. Lease Renewal
When a server sends the DHCPACK to a client with IP address and configuration parameters, it
also registers the start of the lease time for that address.
This lease time is passed to the client as one of the options in the DHCPACK message, together
with two timer values, T1 and T2.
The client is rightfully entitled to use the given address for the duration of the lease time.
2014-09-01 33
34. Contd.
On applying the receive configuration, the client also starts the timers T1 and T2. At this time,
the client is in the BOUND state.
Times T1 and T2 are options configurable by the server but T1 must be less than T2, and T2 must
be less than the lease time.
According to RFC 2132, T1 defaults to (0.5 * lease time) and T2 defaults to (0.875 * lease time).
2014-09-01 34
35. Contd.
When timer T1 expires, the client will send a DHCPREQUEST (unicast) to the server
that offered the address, asking to extend the lease for the given configuration. The
client is now in the RENEWING state
The server would usually respond with a DHCPACK message indicating the new lease
time, and timers T1 and T2 are reset at the client accordingly.
The server also resets its record of the lease time.
Under normal circumstances, an active client would continually renew its lease in this
way indefinitely, without the lease ever expiring.
2014-09-01 35
36. Contd.
If no DHCPACK is received until timer T2 expires, the client enters the REBINDING state.
Client now broadcasts a DHCPREQUEST message to extend its lease.
This request can be confirmed by a DHCPACK message from any DHCP server on the
network.
2014-09-01 36
37. Contd.
If the client does not receive a DHCPACK message after its lease has expired, it has to
stop using its current TCP/IP configuration.
The client may then return to the INIT state, issuing a DHCPDISCOVER broadcast to try
and obtain any valid address.
2014-09-01 37
38. Reusing a Previously allocated address
The client broadcasts a DHCPREQUEST message on its local subnet.
◦ The DHCPREQUEST message includes the client's previously used network address.
If the client’s lease is still current, the server with knowledge of the client's configuration
parameters responds with a DHCPACK message to the client, renewing the lease at the
same time.
◦ The client must then proceed to test for the IP address.
If the client's lease has expired, the server with knowledge of the client responds with
DHCPNACK.
◦ The client then must initiate a new IP address allocation process.
2014-09-01 38
39. DHCP Pros
It relieves the network administrator of a great deal of manual configuration work.
The ability for a device to be moved from network to network and to automatically obtain
valid configuration parameters for the current network can be of great benefit to mobile
users.
Because IP addresses are only allocated when clients are actually active, it is possible,
by the use of reasonably short lease times and the fact that mobile clients do not need to
be allocated more than one address, to reduce the total number of addresses in use in
an organization.
2014-09-01 39
40. Ipv6 auto configuration
IPv6 supports the following types of auto-configuration:
Stateful auto-configuration.
This type of configuration requires a certain level of human intervention because it needs a Dynamic Host
Configuration Protocol for IPv6 (DHCPv6) server for the installation and administration of the nodes. The D
HCPv6 server keeps a list of nodes to which it supplies configuration information. It also maintains state inf
ormation so the server knows how long each address is in use, and when it might be available for reassign
ment.
Stateless auto-configuration. This type of configuration is suitable for small organizations and individuals. I
n this case, each host determines its addresses from the contents of received router advertisements. Using
the IEEE EUI-64 standard to define the network ID portion of the address, it is reasonable to assume the un
iqueness of the host address on the link.
Regardless of how the address is determined, the node must verify that its potential address is unique to t
he local link. This is done by sending a neighbor solicitation message to the potential address. If the node r
eceives any response, it knows that the address is already in use and must determine another address.
2014-09-01 40
41. Attacks on DHCP
An Authorised users/devices connection to the network
◦ DOS:
◦ Involve resource exhaustion of netwok resources
◦ Requesting all the IP addresses in the server’s pocket
◦ So when the authorised user comes
◦ «Sold out»
IP was designed based on trust
WPA2
2014-09-01 41
42. Supplement-Packet tracer configuration
en
conf t
host name R1
inte fa0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
exit
conf t
ip dhcp pool ip10
net 192.168.10.0 255.255.255.0
default 192.168.10.1
exit
ip dhcp execlude 192.168.10.1 192.168.10.10
exit
copy run star
2014-09-01 42
49. DHCP DISCOVER
This Message contains rich info
◦ Parameters
◦ Configuration the client seeks
◦ Auto configuration enquiry
2014-09-01 49
50. DHCPNAK
DHCP server address 10.0.0.1
Server rejects the request for address
◦ Request IP address: 172.16.1.34
◦ The client should not attempt to request for it
Transaction ID uniquify client’s request
◦ So the response reaches the specific client
2014-09-01 50
51. DHCP Request
Client switched networks and
◦ Attempts to request its old address
◦ It has switched networks
◦ 172.16.1.34 is old address
Depends on server’s response
2014-09-01 51
52. DHCP OFFER
DHCP offer is sent from server 10.0.0.1
◦ Offering IP 10.0.0.57 for up to 12 hours
2014-09-01 52
53. Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997.
References
[1] Fall, K.R. and Stevens, W.R..(2011). TCP/IP Illustrated, Volume 1: The Protocols. ddison-Wesley Professional Computing Series, Pearson Education. http://books.
google.co.kr/books?id=a23OAn5i8R0C
[2](n. d.). BOOTP and DHCP. Microsoft Technet. accessed on 10/03/2014 from http://technet.microsoft.com/en-us/library/cc781243(v=ws.10).aspx
[3] Droms, R.( March,1997). “Dynamic Host Configuration Protocol ”, RFC 2131.
[4] dhcpcd.http://roy.marples.name/man/html8/dhcpcd.html
2014-09-01 53
54. Address Polling/defense Mechanism
Mechanism for discovery of addresses that are already in use.
ARP is used by the client to check the uniqueness of it provided address
◦ Avoid duplicate address
2014-09-01 54
55. DHCP supports mechanisms
Dynamic allocation is the only one of the three mechanisms that allows automatic reuse of an address that is no longer needed by the client to which it was assigned
automatic allocation", DHCP assigns a permanent IP address to a
client. In "dynamic allocation", DHCP assigns an IP address to a
client for a limited period of time (or until the client explicitly
relinquishes the address). In "manual allocation", a client's IP
address is assigned by the network administrator, and DHCP is used
simply to convey the assigned address to the client. A particular
network will use one or more of these mechanisms, depending on the
policies of the network administrator.
Dynamic allocation is theonly one the three mechanisms that allows reuse of an a
ddress when this address in no longer needed by the client to which it was assign
ed
2014-09-01 55
56. DHCP support mechanism
Dynamic allocation
◦ Allows the reassignment of addresses if they are no longer used
Automatic allocation
Manual allocation
2014-09-01 56
57. DHCP supports mechanisms
dynamic allocation is particularly useful for assigning an address to a client that
will be
connected to the network only temporarily or for sharing a limited
pool of IP addresses among a group of clients that do not need
permanent IP addresses. Dynamic allocation may also be a good choice
for assigning an IP address to a new client being permanently
connected to a network where IP addresses are sufficiently scarce
that it is important to reclaim them when old clients are retired.
2014-09-01 57
58. The manual configuration sometimes for some reason is neede
Manual allocation allows DHCP to be used to eliminate the error-prone process of manu
ally configuring hosts with IP addresses in environments where (for whatever reasons) it
is desirable to manage IP address assignment outside of the DHCP mechanisms.
2014-09-01 58
59. The format of DHCP messages is based on the format of BOOTP messages,
to capture the BOOTP relay agent behavior described as part of the
BOOTP specification [7, 21] and to allow interoperability of existing
BOOTP clients with DHCP servers. Using BOOTP relay agents eliminates
the necessity of having a DHCP server on each physical network
segment.
2014-09-01 59
61. 61
BOOTP and RARP Client and server
RARP can solve the IP address. Why do we need BOOTP?
The RARP client and server must be in the same network.
The BOOTP client and server can be in the different networks.
Client and Server in the same network
Destination IP address
Source IP address
Port number
2014-09-01
62. 62
Client and server in the same network
Operations of BOOTP for client and server in the same network:
1. The BOOTP server issues a passive open command on UDP port number
67 and waits for a client.
2. A booted client issues an active open command on port number 68. The
message is encapsulated in a UDP user datagram, using the destination
and source port number 67 and 68. The UDP user datagram is encapsulated
in an IP datagram. The client uses all 0s as the source IP address and all 1s
as the destination IP address.
3. The server responds with either a broadcast or a unicast message
using a UDP source and destination port numbers 67 and 68.
2014-09-01
63. 63
Client and server on two different networks
An IP address with all 1s is broadcast within a network. A host or a router needs
to be configured as a relay agent to relay the message to other networks.
The relay agent knows the unicast address of the BOOTP server. When the
relay agent receives a broadcast request message, it sends the message to
the BOOTP server and send the reply back when it gets the replay message
from the server.
2014-09-01
64. 64
BOOTP packet format
Operation code defines
the BOOTP packet type:
(1) request
(2) reply
2014-09-01
68. DHCP in linux
dhcpcd is an implementation of the DHCP client.
dhcpcd gets the host information (IP address, routes, etc) from a DHCP server and configures
the network interface of the machine on which it is running
2014-09-01 68
70. Dynamic Assignment of IP addresses
Dynamic assignment of IP addresses is desirable for several reasons:
◦ IP addresses are assigned on-demand
◦ Avoid manual IP configuration
◦ Support mobility of laptops
2014-09-01 70
71. Solutions for dynamic assignment of IP addresses
Reverse Address Resolution Protocol (RARP)
◦ Works similar to ARP
◦ Broadcast a request for the IP address associated with a given MAC address
◦ RARP server responds with an IP address
◦ Only assigns IP address (not the default router and subnetmask)
RARP
Ethernet MAC
address
(48 bit)
IP address ARP
(32 bit)
71