1285094_1_Assign3Concepts

DHCP

Computers attached to a TCP/IP network must know the following information

• IP address• subnet mask• IP address of a router• IP address of a name serverThis information is usually stored on disk, however with

diskless devices or devices that are booted for the first time, this information must be obtain from the network

BOOTP – Bootstrap Protocol

• a client/server protocol designed to provides the necessary information

BOOTP Packet Format

BOOTP Fields• Operation code

– 8-bit field defines the type of BOOTP packet: request(1) or reply (2)• Hardware type

– 8-bit field defines the type of physical network (Ethernet is 1)• Hardware length

– 8-bit field defines the length of the physical address in bytes (Ethernet is 6)

• Hop count– 8-bit field defines the maximum number of hops the packet can travel

BOOTP Fields (cont.)• Transaction ID

– 4-byte field identifies the transaction so the server returns the same value in the reply

• Number of seconds– 16-bit field indicates the number of seconds elapsed since the time

the client started to boot• Client IP address

– 4-byte field contains client IP, 0 if client does not have it• Your IP address

– 4-byte field contains the client IP address, filled by the server (in reply message)

BOOTP Fields (cont.)• Server IP address

– 4-byte field contains the server IP, filled by the server in reply message• Gateway IP address

– 4-byte field contain the IP of a router, filled by the server in the reply message

• Client hardware address– 16-byte field; physical address of the client

• Server name– 64-byte field; optional, filled by the server in a reply packet; domain

name of server

BOOTP Fields (cont.)

• Boot filename– 128-byte field; optional, filled by server in reply packet; full

pathname of boot file• Options– 64-byte field; can carry either additional information (such

as network mask or default router address) or some specific vendor information; used only in the reply message

BOOTP Operation

UDP Ports

• Client's use a well-known port 68 instead of an ephemeral port

• this is due to the reply from the server being broadcast

DHCP – Dynamic Host Configuration Protocol

• BOOTP is not dynamic; a lookup table is used to match the physical address with the IP address

• DHCP provides dynamic configuration• DHCP is an extension of BOOTP• Provides temporary IP addresses for a limited time• allows hosts to be moved between networks without

reconfiguration

Leasing

• DHCP servers issue leases for a specific period of time

• when the time expires, the client must either stop using the IP address or renew the lease

• the DHCP server does not necessarily renew the lease

Packet Format

• almost the same format as BOOTP to allow backward compatibility

• only added a 1-bit flag• however, extra options have been added

Packet Format

Exchanging Messages

Practical Task• 1) You are required to configure and test a DHCP server to

provide IP Address and related configuration parameters to a client computer.

• Set up a pool of DHCP addresses from 192.168.15.30 to 192.168.15.50, Subnet Mask 255.255.255.0,

• Gateway 192.168.15.1, • DNS Primary Server of 192.168.15.1, • Default lease time of 3 hours and maximum lease time of 6

hours. • Test the operation of your DHCP server using an external

client requesting a DHCP lease.

Practical Task

• 2) Capture and describe the network activity occuring between the client and DHCP Server.

• On your Linux computer use a packet sniffer to capture network traffic, then analyse and describe the overall DHCP lease allocation process, and describe the detail in each packet.

Linux DHCP

• Setting up a Linux DHCP server requires that:1. The dhcpd service can read a corresponding

configuration file dhcpd.conf that is usually kept in the /etc directory

2. If this does not exist then it must be created wg vi /etc/dhcpd.conf

3. The DHCP service, dhcpd, is switch on

Role of dhcpd.conf file

• Following is a sample dhcpd.conf file from a Linux box with two interfaces: – one internal and – one that connects to the Internet.

• This machine performs NAT translation for the internal network and leases out a range of 10 IP addresses on this network as well.

• The dhcpd.conf file contains a dummy entry for the external interface (required) and a host entry for one particular machine that needs a fixed address.

Sample dhcpd.confoption domain-name “surname.itc514.edu";option domain-name-servers dns.surname.itc514.edu;option subnet-mask 255.255.255.0;default-lease-time 600;max-lease-time 7200;

subnet 192.168.15.0 netmask 255.255.255.0 {range 192.168.15.30 192.168.15.50;option broadcast-address 192.168.15.255;option routers dns.surname.itc514.edu;}

Sample dhcpd.conf (continued)

subnet 209.180.251.0 netmask 255.255.255.0 {}

host shadofax{hardware ethernet 00:0C:29:45:52:EB;fixed-address shadofax.surname.itc514.edu;}

ddns-update-style ad-hoc;

• Save the configuration file to /etc• Switch on dhcpd• Open a client workstation, physical or virtual

and set the network adapter to get IP address automatically.

• Alternatively use Windows Client commands:C:\> ipconfig /release (Enter)C:\> ipconfig /renew (Enter) and check withC:\> ipconfig /all

Wireshark

• Download a copy of the Wireshark packet monitoring software and install it on a client, physical or virtual.

• Configure a packet capture folder to store captured packets.

• Renew the lease on the client• Start the packet capture process• Store about 30 seconds of captured packets• Use Wireshark to open the capture file for analysis.

• You may like to change the dhcpd.conf file to shorten the lease time and experiment with the automatic renewal of IP addresses close to the lease expiry.

End ...