Transcript document

DHCP
Dynamic Host Configuration Protocol
By
Curtis Wright III
DHCP Definition

Dynamic Host Configuration Protocol(DHCP)
provides a framework for passing configuration
information to hosts on a TCP/IP network. DHCP
is based on the Bootstrap Protocol(BOOTP)
adding the capability of automatic allocation of
reusable network addresses and additional
configuration options. DHCP captures the
behavior of BOOTP relay agents. DHCP
participants can interoperate with BOOTP
participants.
DHCP Origins

DHCP is the result of the Dynamic Host
Configuration (DHC) working group of the
IETF addressing the issue they defined on
their first meeting in April 1989 in Cocoa
Beach, FL of the automated allocation of a
network address and transmission of other
parameters such as the subnet mast and a
default router.
DHCP RFC Sequence
RFC 1531 which was published in October of
1993 followed by 1541 same and month
followed by RFC 2131 in 1997.
Ralph Droms was the original author of
DHCP and it currently involved on its
ongoing evolution.
Predecessors to DHCP
1.
2.
Reverse Address Resolution Protocol
(RARP)
Bootstrap Protocol (BOOTP)
RARP





Provides a mechanism for a host to determine its IP
address when it is only aware of its MAC address.
RARP can determine and configure a diskless
workstation with an IP address.
No method for determining and delivering other
configuration data.
RARP server can service only a single subnet
because of its complete reliance on Ethernet
broadcasts.
RFC 903
BOOTP




Developed as answer to RARP’s limitations.
BOOTP allows hosts to be dynamically
configured to use the TCP/IP protocol suite.
BOOTP delivers configuration information
automatically instead of each TCP/IP host on a
network being manually configured.
RFC 951
BOOTP





BOOTP is a client/server process where the BOOTP client,
during the boot phase, requests configuration information from
a BOOTP server.
After receiving a request from a BOOTP client, the server looks
up the clients MAC address in its BOOTP configuration database
and sends a reply containing IP configuration information.
Client receives the reply and configures its TCP/IP stack.
BOOTP client will also load a boot file if the BOOTP server
supplies a path using the fully qualified filename.
The magic cookie, a mechanism for a BOOTP server to supply
vendor-specific operating system(OS) options to a BOOTP
client. Options include DNS servers, WINS or NetBIOS name
server, time servers, etc.
BOOTP
Even with these improvements BOOTP
had serious drawbacks such as:
1. BOOTP database was a static text file.
File had to be maintained by hand as
changes were made to the network.
2. Unable to dynamically allocate and
distribute IP addresses.
Dynamic IP addressing was critical when IP
address space was limited.

BOOTP Conversation

Two types of BOOTP messages:
1. BOOTREQUEST
2. BOOTREPLY
BOOTREQUEST/BOOTREPLY



Have the sane packet structure.
BOOTREQUEST includes information that
allows the BOOTP server to determine
what configuration data it must supply the
requesting host.
BOOTREPLY includes the information that
the client requested of the server.
BOOTREQUEST
Contains following information:
1. Source’s MAC address
2.Destination’s MAC address
3. Destination’s IP address
4.Source’s IP address
5. Destination server hostname
6. Boot filename
7. Vendor-specific data

BOOTP/DHCP similarities

DHCP has many of the same
characteristics as BOOTP such as
1.Client/server operating model
2.Packet structure
3.UDP port numbers
a. messages from a client to a server
are sent to the ‘server’ port (67).
b. Messages from a server to a client
are sent to the ‘client’ port (68).
BOOTP/DHCP Differences
There are two primary differences between
DHCP and BOOTP:
1. DHCP defines a mechanism through which
clients can be assigned a network address
for a finite lease, allowing for serial
reassignment of network addresses to
different clients.
2. DHCP provides the mechanism for a client
to acquire all of the IP configuration
parameters that it needs in order to
operate.
DHCP Message format
DHCP Message Field Desciptions
Fields
op
htype
hlen
hops
xid
secs
flags
ciaddr
yiaddr
siaddr
giaddr
chaddr
sname
Oct
ets
1
1
1
1
4
2
2
4
4
4
4
16
Descriptions
op code/message type
Hardware address type
hardware address length
Client sets to zero, optionally used by relay agents when booting via relay agent
Transaction ID
Filled in by client, seconds elapsed since client began address acquisition or renewal process.
flags
Client IP address
‘your’ (client) IP address
IP address of next server to use in bootstrap; returned in DHCPOFFER, DHCPACK by server.
Relay agent IP address
Client hardware address
DHCP Allocation Mechanisms
DHCP supports three mechanisms for IP allocation:
1.Automatic – a permanent IP address is assigned to a
client.
2.Dynamic – an IP address is assigned for a limited
amount of time.
3.Manual – a client’s IP address is assigned by network
administrator, and DHCP conveys that address to the
client.
A network could use one or more of these mechanisms
depending on the network administrator’s policies.
Dynamic Allocation
1. Allows automatic reuse of an address that is no
longer needed by the client to which it is
assigned.
2. Useful for assigning an address to a client that
will be connected to the network temporarily or
for sharing a limited pool of IP addresses among
a group of clients that do not need permanent IP
addresses.
3. Good for assigning an IP address to a new client
being permanently connected to a network having
a limited number of IP addresses that it is
necessary to reclaim them when old clients are
retired.
DHCP server and client messages
From client
From server
DHCPDISCOVER
DHCPOFFER
DHCPREQUEST
DHCPACK
DHCPDECLINE
DHCPNACK
DHCPRELEASE
DHCPINFORM
DHCP messages




DHCPDISCOVER- Client broadcast to locate
available servers.
DHCPOFFER- Server to client in response to
DHCPDISCOVER with offer of configuration
parameters.
DHCPREQUEST – Client message to servers
either (a) requesting offered parameters from
one server and implicitly declining offers from
all others, (b) confirming correctness of
previously allocated address after, e.g.,
system reboot, or (c) extending the lease on
a particular network address
DHCPACK Server to client with configuration
parameters, including committed network
address.
DHCP messages (contd)




DHCPNACK – Server to client indicating
client notion of network address is incorrect
or client’s lease as expired.
DHCPDECLINE – Client to server indicating
network address is already in use.
DHCPRELEASE – Client to server
relinquishing network address and
cancelling remaining lease
DHCPINFORM – Client to server, asking only
for local configuration parameters; client
already has externally configured network
address.
DHCP client and server messages when allocating a new
network address
Server
(Not Selected)
Client
Server(selected)
Begins initialization
DHCPDISCOVER
DHCPDISCOVER
Determines configuration
Determines Configuration
DHCPOFFER
Collects Replies
Selects configuration
DHCPREQUEST
DHCPREQUEST
Commits configuration
DHCPACK
Initialization complete
Graceful shutdown
DHCPRELEASE
Discards lease
DHCP client and server messages for previously allocated
network address
Server
Server
Client
Begins Initialization
Locates
Configuration
Locates
Configuration
DHCPACK
DHCPACK
Initialization complete
Constructing and sending DHCP
messages



DHCP clients and servers both construct DHCP
messages by filling in fields in the fixed format
section of the message and appending tagged
data items in the variable length option area.
Options area includes first a four-octet ‘magic
cookie’, followed by the options which comes
from BOOTP.
The last option must ALWAYS be the ‘end’
option.
Constructing and sending DHCP
messages (contd)



DHCP messages broadcast by a client prior to that client
obtaining its IP address must have the source address
field in the IP header set to 0.
DHCP clients are responsible for all message
retransmission. The client MUST adopt a retransmission
strategy that incorporates a randomized exponential
backoff algorithm to determine the delay between
retransmissions.
DHCP servers and BOOTP relay agents attempt to deliver
DHCPOFFER, DHCPACK, and DHCPNACK messages
directly to the client using unicast delivery.
DHCP server administrative
controls
A DHCP server has a block of network addresses
from with it can satisfy requests for new
addresses.
Each server maintains a database of allocated
addresses and leases in local permanent
storage.
 DHCP server are not required to respond to
every DHCPDISCOVER and DHCPREQUEST
message they receive.
 DHCP server needs to use some unique
identifier to associate a client with its lease.
 DHCP clients are free to use any strategy in
selecting a DHCP server among those from
which the client receives a DHCPOFFER
message.
DHCP Server Behavior
While not required for correct operation of DHCP, the sever
SHOULD NOT use the selected network address before the
client responds to the server’s DHCPOFFER message.
Procedure for server choosing an expiration time for a lease:
If the client has not requested a specific lease in the
DHCPDISCOVER message and the client already has an
assigned network address, the server returns the lease
expiration time previously assigned to that address(note
that the client must explicitly request a specific lease to
extend the expiration time on a previously assigned
address),
ELSEIF
the client has not requested a specific lease in the
DHCPDISCOVER message and the client does not have an
assigned network address, the server assigns a locally
configured default lease time, ELSE
If the client has requested a specific lease in the
DHCPDISCOVER message(regardless of whether the client
DHCP server behavior (contd)
The sever must return to the client:
1.
The client’s network address
2.
The expiration time for the client’s lease
3.
Parameters requested by the client based on specified
rules. 4. The server MUST supply as many of the
requested parameters as possible and MUST omit any
parameters it cannot provide.
5.Any parameters from the existing binding that differ from
the Host Requirements Document defaults,
6.Any parameters specific to this client
7.Any parameter specific to this client’s class; the parameters
must be identified by an exact match between the
client’s vendor class identifiers and the client’s classes
identified in the server
8.Parameters with non-default values on the client’s subnet.
State transition diagram for client
INITREBOOT
INIT
REBOOTING
DHCPOFFER/
Discard
SELECTING
DHCPOFFER/Collect Replies
REQUESTING
REBINDING
DHCPACK/Record lease,set timers T1, T2
BOUND
T1 expires Send DHCPREQUEST to
Leasing server
RENEWING
DHCPACK/Record lease, set timers T1, T2
DHCPOFFER,DHCPACK,DHCPNAK
Discard
DHCPAK/
Halt Network




Some DHCP drawbacks
A malicious user could make trouble by putting up
an unofficial DHCP server.
The "broadcast flag": DHCP includes a way in
which client implementations unable to receive a
packet with a specific IP address can ask the
server or relay agent to use the broadcast IP
address in the replies (a "flag" set by the client in
the requests
An easy mistake to make in setting up a DHCP
server is to fail to set all the necessary global
parameters.
Long leases can be disadvantageous in cases
where you need to change a configuration
parameter or withdraw an address from use.
DHCP security

DHCP which is built on UDP and IP and is
used to make maintenance of remote
and/or diskless hosts easier in its current
form is quite insecure.
IPv6(IPng) or IP Next Generation




It has been foreseen due to the rapid growth of
the Internet and its initial design that there will
come a point where there will not be any available
addresses to connect new hosts.
IPv6 is one of several solutions that has been
proposed to deal with this issue.
IPv6 has a stateless autoconfiguration capability.
Stateless autoconfiguration does not require
manual host configuration, minimal router
configuration, and no additional servers. A host is
able generate its own addresses using a
combination of locally available information and
information advertised by routers.
Future of DHCP
1. DHCP for IPv6 is the future for DHCP .
2. DHCPv6 complements IPv6 by providing a
stateful autoconfiguration option to facilitate the
automatic configuration of DHCP clients(RFC
3315).
In stateful autoconfiguration, hosts obtain
interface addresses and/or configuration
information and parameters from a server. The
server maintains a database of the addresses that
have been to which hosts.
3.DHCP clients can get configuration options such as
DNS server addresses.
4. DHCPv6 uses a combination of unicast and
multicast messages instead of broadcast message
for the majority of its conversation.
References
1.www.dhcp.org
2.DHCP for Windows 2000
3.The DHCP handbook
Exam Questions
1.
2.
Provide timeline diagram of messages
exchanged between DHCP client and
servers when allocating a new network
address.
List the predecessors to DHCP with their
advantages and disadvantages and
explain why DCHP is better.
Exam Question Answers
Server
(not selected)
Client
Server
(selected)
V
V
V
|
|
|
|
Begins Initialization
|
|
|
|
| -------------------------------/ | \ ---------------------------------------- |
| / DHCPDISCOVER
|
DHCPDISCOVER
\ |
|
|
|
Determines Configuration
|
Determines Configuration
|
|
|
| \----------------------|
----------------------------------/ |
| DHCPOFFER \
|
/ DHCPOFFER
|
|
\
| /
|
|
Collects Replies
|
|
\ |
|
|
Selects Configuration
|
|
|
|
| ___________________/ | \__________________________ |
| / DHCPREQUEST
| DHCPREQUEST
\ |
|
|
|
|
|
Commits configuration
|
|
|
|
|
_________________________/ |
|
| / DHCPACK
|
|
|
|
|
Initialization complete
|
Exam Question Answers(Contd)
Predecessors to DHCP are
1.RARP(Reverse Address Resolution Protocol)
Benefits
a. Provides a mechanism for a host to determine its
IP address when it is only aware of its MAC address
b. RARP can determine and configure a diskless
workstation with an IP address.
Disadvantages
a. No method for determining and delivering other
configuration data.
b. RARP server can service only a single subnet
because of its complete reliance on Ethernet broadcasts
Exam Question Answers(Contd)
2.
BOOTP(Bootstrap Protocol)
Benefits
a. BOOTP allows hosts to be dynamically
configured to use the TCP/IP protocol suite
b. BOOTP delivers configuration information
automatically instead of each TCP/IP host on a
network being manually configured
Disadvantages
a. BOOTP database was a static text file
which was maintained by hand as network
changes were made.
b. Unable to dynamically allocate and distribute
IP addresses.
Exam Question Answers(Contd)
DHCP is better because
a. DHCP defines a mechanism through which
clients can be assigned a network address for
a finite lease, allowing for serial reassignment
of network addresses to different clients.
b. DHCP provides the mechanism for a client to
acquire all of the IP configuration parameters
that it needs in order to operate.