DHCP
Feb 19, 2016
DHCP
Computers attached to a TCP/IP network must know the following information
• IP address• subnet mask• IP address of a router• IP address of a name serverThis information is usually stored on disk, however with
diskless devices or devices that are booted for the first time, this information must be obtain from the network
BOOTP – Bootstrap Protocol
• a client/server protocol designed to provides the necessary information
BOOTP Packet Format
BOOTP Fields• Operation code
– 8-bit field defines the type of BOOTP packet: request(1) or reply (2)• Hardware type
– 8-bit field defines the type of physical network (Ethernet is 1)• Hardware length
– 8-bit field defines the length of the physical address in bytes (Ethernet is 6)
• Hop count– 8-bit field defines the maximum number of hops the packet can travel
BOOTP Fields (cont.)• Transaction ID
– 4-byte field identifies the transaction so the server returns the same value in the reply
• Number of seconds– 16-bit field indicates the number of seconds elapsed since the time
the client started to boot• Client IP address
– 4-byte field contains client IP, 0 if client does not have it• Your IP address
– 4-byte field contains the client IP address, filled by the server (in reply message)
BOOTP Fields (cont.)• Server IP address
– 4-byte field contains the server IP, filled by the server in reply message• Gateway IP address
– 4-byte field contain the IP of a router, filled by the server in the reply message
• Client hardware address– 16-byte field; physical address of the client
• Server name– 64-byte field; optional, filled by the server in a reply packet; domain
name of server
BOOTP Fields (cont.)
• Boot filename– 128-byte field; optional, filled by server in reply packet; full
pathname of boot file• Options– 64-byte field; can carry either additional information (such
as network mask or default router address) or some specific vendor information; used only in the reply message
BOOTP Operation
UDP Ports
• Client's use a well-known port 68 instead of an ephemeral port
• this is due to the reply from the server being broadcast
DHCP – Dynamic Host Configuration Protocol
• BOOTP is not dynamic; a lookup table is used to match the physical address with the IP address
• DHCP provides dynamic configuration• DHCP is an extension of BOOTP• Provides temporary IP addresses for a limited time• allows hosts to be moved between networks without
reconfiguration
Leasing
• DHCP servers issue leases for a specific period of time
• when the time expires, the client must either stop using the IP address or renew the lease
• the DHCP server does not necessarily renew the lease
Packet Format
• almost the same format as BOOTP to allow backward compatibility
• only added a 1-bit flag• however, extra options have been added
Packet Format
Exchanging Messages
Practical Task• 1) You are required to configure and test a DHCP server to
provide IP Address and related configuration parameters to a client computer.
• Set up a pool of DHCP addresses from 192.168.15.30 to 192.168.15.50, Subnet Mask 255.255.255.0,
• Gateway 192.168.15.1, • DNS Primary Server of 192.168.15.1, • Default lease time of 3 hours and maximum lease time of 6
hours. • Test the operation of your DHCP server using an external
client requesting a DHCP lease.
Practical Task
• 2) Capture and describe the network activity occuring between the client and DHCP Server.
• On your Linux computer use a packet sniffer to capture network traffic, then analyse and describe the overall DHCP lease allocation process, and describe the detail in each packet.
Linux DHCP
• Setting up a Linux DHCP server requires that:1. The dhcpd service can read a corresponding
configuration file dhcpd.conf that is usually kept in the /etc directory
2. If this does not exist then it must be created wg vi /etc/dhcpd.conf
3. The DHCP service, dhcpd, is switch on
Role of dhcpd.conf file
• Following is a sample dhcpd.conf file from a Linux box with two interfaces: – one internal and – one that connects to the Internet.
• This machine performs NAT translation for the internal network and leases out a range of 10 IP addresses on this network as well.
• The dhcpd.conf file contains a dummy entry for the external interface (required) and a host entry for one particular machine that needs a fixed address.
Sample dhcpd.confoption domain-name “surname.itc514.edu";option domain-name-servers dns.surname.itc514.edu;option subnet-mask 255.255.255.0;default-lease-time 600;max-lease-time 7200;
subnet 192.168.15.0 netmask 255.255.255.0 {range 192.168.15.30 192.168.15.50;option broadcast-address 192.168.15.255;option routers dns.surname.itc514.edu;}
Sample dhcpd.conf (continued)
subnet 209.180.251.0 netmask 255.255.255.0 {}
host shadofax{hardware ethernet 00:0C:29:45:52:EB;fixed-address shadofax.surname.itc514.edu;}
ddns-update-style ad-hoc;
• Save the configuration file to /etc• Switch on dhcpd• Open a client workstation, physical or virtual
and set the network adapter to get IP address automatically.
• Alternatively use Windows Client commands:C:\> ipconfig /release (Enter)C:\> ipconfig /renew (Enter) and check withC:\> ipconfig /all
Wireshark
• Download a copy of the Wireshark packet monitoring software and install it on a client, physical or virtual.
• Configure a packet capture folder to store captured packets.
• Renew the lease on the client• Start the packet capture process• Store about 30 seconds of captured packets• Use Wireshark to open the capture file for analysis.
• You may like to change the dhcpd.conf file to shorten the lease time and experiment with the automatic renewal of IP addresses close to the lease expiry.
End ...