DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.
Dhcp(Final)
-
Upload
ayush-singhal -
Category
Documents
-
view
217 -
download
0
description
Transcript of Dhcp(Final)
2
TYPES OF IP ALLOCATION
• Dynamic allocation: a network administrator reserves a range of IP addresses for DHCP, and each client computer on the LAN is configured to request an IP address from the DHCP server during network initialization. The request-and-grant process uses a lease concept with a controllable time period, allowing the DHCP server to reclaim (and then reallocate) IP addresses that are not renewed.
• Automatic allocation: the DHCP server permanently assigns an IP address to a requesting client from the range defined by the administrator. This is like dynamic allocation, but the DHCP server keeps a table of past IP address assignments, so that it can preferentially assign to a client the same IP address that the client previously had.
• Static allocation: the DHCP server allocates an IP address based on a preconfigured mapping to each client's MAC address. This feature is variously called static DHCP assignment by DD-WRT, fixed-address by the dhcpd documentation, address reservation by Netgear, DHCP reservation or static DHCP by Cisco and Linksys, and IP address reservation or MAC/IP address binding by various other router manufacturers.
3
Dynamic Assignment of IP addresses
• Dynamic assignment of IP addresses is desirable for several reasons:– IP addresses are assigned on-demand– Avoid manual IP configuration– Support mobility of laptops– Reliable IP Address Configuration– Reduced Network Administartion
4
Reduced Network Administartion
– Centralized and automated TCP/IP configuration.– The ability to define TCP/IP configurations from a central
location.– The ability to assign a full range of additional TCP/IP
configuration values by means of DHCP options.– The efficient handling of IP address changes for clients that
must be updated frequently, such as those for portable computers that move to different locations on a wireless network.
– The forwarding of initial DHCP messages by using a DHCP relay agent, which eliminates the need for a DHCP server on every subnet.
5
Solutions for dynamic assignment of IP addresses
• Reverse Address Resolution Protocol (RARP)– Works similar to ARP– Broadcast a request for the IP address associated
with a given MAC address– RARP server responds with an IP address– Only assigns IP address (not the default router and
subnetmask)
RARP
Ethernet MACaddress(48 bit)
ARPIP address(32 bit)
6
BOOTP
• BOOTstrap Protocol (BOOTP) • From 1985• Host can configure its IP parameters at boot time. • 3 services.
– IP address assignment.
– Detection of the IP address for a serving machine.
– The name of a file to be loaded and executed by the client machine (boot file name)
– Not only assign IP address, but also default router, network mask, etc. – Sent as UDP messages (UDP Port 67 (server) and 68 (host))– Use limited broadcast address (255.255.255.255):
• These addresses are never forwarded
7
DHCP
• Dynamic Host Configuration Protocol (DHCP) – From 1993– An extension of BOOTP, very similar to DHCP– Same port numbers as BOOTP – Extensions:
• Supports temporary allocation (“leases”) of IP addresses• DHCP client can acquire all IP configuration parameters
needed to operate– DHCP is the preferred mechanism for dynamic assignment
of IP addresses– DHCP can interoperate with BOOTP clients.
8
DHCP Interaction (simplified)
Argon00:a0:24:71:e4:44 DHCP Server
DHCP Request00:a0:24:71:e4:44Sent to 255.255.255.255
Argon128.143.137.144
00:a0:24:71:e4:44 DHCP ServerDHCP Response:IP address: 128.143.137.144Default gateway: 128.143.137.1Netmask: 255.255.0.0
9
DHCP Message Format
Number of Seconds
OpCode Hardware Type
Your IP address
Unused (in BOOTP)Flags (in DHCP)
Gateway IP address
Client IP address
Server IP address
Hardware AddressLength
Hop Count
Server host name (64 bytes)
Client hardware address (16 bytes)
Boot file name (128 bytes)
Transaction ID
Options
(There are >100 different options)
10
DHCP
• OpCode: 1 (Request), 2(Reply) Note: DHCP message type is sent in an option
• Hardware Type: 1 (for Ethernet)• Hardware address length: 6 (for Ethernet)• Hop count: set to 0 by client• Transaction ID: Integer (used to match reply to response)• Seconds: number of seconds since the client started to boot• Client IP address, Your IP address, server IP address,
Gateway IP address, client hardware address, server host name, boot file name: client fills in the information that it has, leaves rest blank
11
DHCP Message Type
• Message type is sent as an option.
Value Message Type
1 DHCPDISCOVER
2 DHCPOFFER
3 DHCPREQUEST
4 DHCPDECLINE
5 DHCPACK
6 DHCPNAK
7 DHCPRELEASE
8 DHCPINFORM
12
Other options (selection)
• Other DHCP information that is sent as an option:
Subnet Mask, Name Server, Hostname, Domain Name, Forward On/Off, Default IP TTL, Broadcast Address, Static Route, Ethernet Encapsulation, X Window Manager, X Window Font, DHCP Msg Type, DHCP Renewal Time, DHCP Rebinding, Time SMTP-Server, SMTP-Server, Client FQDN, Printer Name, …
13
DHCP Operation
• DCHP DISCOVER
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCPDISCOVERSent to 255.255.255.255
DHCP Server
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPOFFER
DHCPOFFER
• DCHP OFFER
14
DHCP Operation
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPREQUEST
DHCPACK• DCHP ACKNOWLEDGE
At this time, the DHCP client can start to use the IP address
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPREQUEST
DHCPACK
15
DHCP Operation
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPRELEASE
• DCHP RELEASE
At this time, the DHCP client has released the IP address
16
LIMITATIONS OF DHCP
• DHCP is not a secure protocol, as no mechanism is built in to allow clients and servers to authenticate each other. Both are vulnerable to deception (e.g., one computer can pretend to be another) and to attack (rogue clients can exhaust a server’s address pool).
• DHCP is not a routable protocol; it is limited to a specific local area network (LAN). If network administrators want a given DHCP server to provide addressing to multiple subnets on a given network, they must configure DHCP relay services on the routers DHCP requests have to cross.