DHCP

Dynamic Host Configuration Protocol

CIS 856: TCP/IP and Upper Layer ProtocolsPresented by Kyle Getz

October 20, 2005

Motivation for DHCP Configuration parameters for network

hosts IP address Router Subnet Mask Many more…

Before DHCP Manual assignment RARP BOOTP

DHCP Features Protocol for providing configuration

parameters to hosts over network Dynamic allocation of IP addresses Minimal human intervention

Sample Network

Router

Internet

DHCP Server

UDP Port 68

UDP Port 68

UDP Port 68

UDP Port 67

DHCP Clients

Preliminaries (DHCP) Message = DHCP-PDU (A-PDU) Client = DHCP Client Server = DHCP Server Well-known port numbers

DHCP Server: UDP port 67 DHCP Client: UDP port 68 No ephemeral ports

Broadcast and unicast used for PDU’s in both directions “Broadcast”: link and IP addresses are

broadcast “Unicast”: link and IP addresses are unicast

Initial Message FlowServer A Client Server B

Client attempts to discover available DHCP serversDHCPDISCOVE

RDHCPDISCOVE

R

Servers reply with offersDHCPOFFE

RDHCPOFFE

RClient collects offers and decides which offer to accept

Client broadcasts request for one of the received offersDHCPREQUES

TDHCPREQUES

T

Server acknowledges client’s use of IP addressDHCPAC

KConfiguration complete

Client explicitly releases use of IP addressDHCPRELEAS

E

Graceful shutdown

DHCP Message Types

DHCP Message

Use

DHCPDISCOVER Client broadcast to locate available servers

DHCPOFFER Server to client response offering configuration parameters

DHCPREQUEST Client broadcast requesting offered parameters

DHCPDECLINE Client to server notification that IP address is in use

DHCPACK Server to client response confirming a request

DHCPNAK Server to client response denying a request

DHCPRELEASE Client to server request to relinquish IP address

DHCPINFORM Client to server request for configuration parameters

Lease Renewal Times (Client)

T1 < T2 < Lease time T1 default value = 1/2 of lease time T2 default value = 7/8 of lease time Communicated via DHCPOFFER, DHCPACK Client actions when times elapse

T1: client must renew address with the DHCP server

T2: client must renew address with any DHCP server

Lease time: client must stop using IP address

Renewal Message FlowServer A Client Server B

Client unicasts request to continue using IP addressDHCPREQUES

TServer acknowledges request and updates leaseDHCPACK

Client broadcasts request to continue using IP addressDHCPREQUES

TDHCPREQUES

TServer acknowledges request and updates leaseDHCPAC

K

Configuration complete

T1 elapses

T1 elapses

Client unicasts request to continue using IP addressDHCPREQUES

TT2 elapses

Configuration complete

Client FSM (Simplified)

INIT

SELECTING

-/DHCPDISCOVE

R

DHCPOFFER/ Process offer

REQUESTING

Select offer/DHCPREQUEST

BOUND

DHCPACK/Set T1,T2

DHCPACK/Set T1,T2

DHCPACK/Set T1,T2

RENEWING

T1/ Unicast

DHCPREQUEST

REBINDING

T2/Broadcast DHCPREQUEST

DHCPNAK/ Stop using IP

addressDHCPNAK, Lease

expires/ Stop using IP address

DHCPACK (in use)/

DHCPDECLINE

DHCPNAK/ Discard

offer

Retransmissions Client responsible for all retransmissions Retransmission strategy

Exponential backoff Randomized

Recommendations Base delay doubled for each retransmission Random number picked from [-1,+1] Maximum base delay: 64 seconds

Server Storage Permanent storage

Pool of available IP addresses Local configuration parameters Mapping between clients and leases

Flexibility concerning storage update When DHCPOFFER sent When DHCPACK sent

Server Logic (Simplified)

Event Action Taken DHCPDISCOVER

If current lease for client exists, send DHCPOFFERElse, if IP address available, send DHCPOFFERElse, do nothing

DHCPREQUEST If IP address available, send DHCPACKElse, send DHCPNAK

DHCPDECLINE Mark IP address unavailable, notify network administrator

DHCPRELEASE Mark IP address available, delete lease

DHCPINFORM Send DHCPACK with configuration parameters

Lease expiration

Mark IP address available, delete lease

DHCP PDU Format32 Bits

Operation Code Hardware Type Hardware Length Hop Count

Transaction ID

Seconds Elapsed B Must Be Zero (MBZ)

Client IP address

Your IP address

Server IP address

Relay agent IP address

Client hardware address(16 bytes)

Server host name(64 bytes)

Boot file name(128 bytes)

Options(up to 312 bytes)

Magic Cookie

DHCP Options

255 End of options

Code Length Data1 byte 1 byte Length

bytes

0 Padding

1 4 255 255 255 0

Subnet Mask:

99 130 83 99Magic Cookie:

Option format:

One-byte options:

4 bytes

Another Sample Network

Router

Internet

DHCP Server

DHCP Clients

Relay Agent within

Relay Agents Remove restriction of having DHCP

server on every network Listen for DHCP messages and transmit

them to appropriate machine Client to server relay

Broadcast from client Unicast to server(s) Server to client relay

Broadcast from server Broadcast to client Unicast from server Unicast to client

Demonstration

Advanced Topics Lease times Dynamic DNS Reliability Security

Lease Times Anywhere from 15 minutes – 1 year Common lease times & rationales

15 minutes: Maximum number of addresses free

3 days: Microsoft default 4 months: Students can keep lease over

summer Tradeoff

Dynamic DNS If IP address changes due to DHCP, DNS

entry is wrong Client or server can update DNS Option 81: Client FQDN

81 Length Flags rcode1 rcode2 Name…1 byte 1 byte “Length”

bytes

Reliability Two synchronized DHCP servers on the same

network: Primary, Secondary Permanent storage constantly communicated Failure: Secondary server takes over

Secondary Server

DHCP Clients

Primary

Server

Security Potentially unauthorized clients Malicious client could exhaust address

pool Malicious server (Rogue server)

Supply incorrect configuration parameters Supply malicious configuration parameters