DHCP - University of Delaware
Download
Report
Transcript DHCP - University of Delaware
DHCP
Dynamic Host Configuration Protocol
CIS 856: TCP/IP and Upper Layer Protocols
Presented by Kyle Getz
October 20, 2005
Motivation for DHCP
Configuration parameters for network hosts
IP address
Router
Subnet Mask
Many more…
Before DHCP
Manual assignment
RARP
BOOTP
DHCP Features
Protocol for providing configuration
parameters to hosts over network
Dynamic allocation of IP addresses
Minimal human intervention
Sample Network
DHCP Server
DHCP Clients
UDP Port 68
UDP Port 68
UDP Port 68
UDP Port 67
Router
Internet
Preliminaries
(DHCP) Message = DHCP-PDU (A-PDU)
Client = DHCP Client
Server = DHCP Server
Well-known port numbers
DHCP Server: UDP port 67
DHCP Client: UDP port 68
No ephemeral ports
Broadcast and unicast used for PDU’s in both
directions
“Broadcast”: link and IP addresses are broadcast
“Unicast”: link and IP addresses are unicast
Initial Message Flow
Server A
Client
DHCPDISCOVER
DHCPOFFER
Server B
DHCPDISCOVER
DHCPOFFER
Client attempts to discover
available DHCP servers
Servers reply with offers
Client collects offers and
decides which offer to accept
DHCPREQUEST
Configuration complete
DHCPREQUEST
DHCPACK
Graceful shutdown
DHCPRELEASE
Client broadcasts request for
one of the received offers
Server acknowledges client’s
use of IP address
Client explicitly releases
use of IP address
DHCP Message Types
DHCP Message
Use
DHCPDISCOVER
Client broadcast to locate available servers
DHCPOFFER
Server to client response offering configuration parameters
DHCPREQUEST
Client broadcast requesting offered parameters
DHCPDECLINE
Client to server notification that IP address is in use
DHCPACK
Server to client response confirming a request
DHCPNAK
Server to client response denying a request
DHCPRELEASE
Client to server request to relinquish IP address
DHCPINFORM
Client to server request for configuration parameters
Lease Renewal Times (Client)
T1 < T2 < Lease time
T1 default value = 1/2 of lease time
T2 default value = 7/8 of lease time
Communicated via DHCPOFFER, DHCPACK
Client actions when times elapse
T1: client must renew address with the DHCP server
T2: client must renew address with any DHCP server
Lease time: client must stop using IP address
Renewal Message Flow
Server A
Client
Server B
T1 elapses
DHCPREQUEST
Configuration complete
DHCPACK
Client unicasts request to
continue using IP address
Server acknowledges
request and updates lease
T1 elapses
DHCPREQUEST
Client unicasts request to
continue using IP address
T2 elapses
DHCPREQUEST
DHCPACK
DHCPREQUEST
Configuration complete
Client broadcasts request to
continue using IP address
Server acknowledges
request and updates lease
Client FSM (Simplified)
DHCPNAK/
Stop using IP address
INIT
DHCPNAK,
Lease expires/
Stop using IP
address
DHCPNAK/
Discard offer
RENEWING
T2/Broadcast DHCPREQUEST
REBINDING
DHCPACK/Set T1,T2
DHCPACK (in use)/
DHCPDECLINE
DHCPACK/Set T1,T2
-/DHCPDISCOVER
REQUESTING
Select offer/DHCPREQUEST
SELECTING
DHCPOFFER/
Process offer
T1/
Unicast
DHCPREQUEST
DHCPACK/Set T1,T2
BOUND
Retransmissions
Client responsible for all retransmissions
Retransmission strategy
Exponential backoff
Randomized
Recommendations
Base delay doubled for each retransmission
Random number picked from [-1,+1]
Maximum base delay: 64 seconds
Server Storage
Permanent storage
Pool of available IP addresses
Local configuration parameters
Mapping between clients and leases
Flexibility concerning storage update
When DHCPOFFER sent
When DHCPACK sent
Server Logic (Simplified)
Event
Action Taken
DHCPDISCOVER
If current lease for client exists, send DHCPOFFER
Else, if IP address available, send DHCPOFFER
Else, do nothing
DHCPREQUEST
If IP address available, send DHCPACK
Else, send DHCPNAK
DHCPDECLINE
Mark IP address unavailable, notify network administrator
DHCPRELEASE
Mark IP address available, delete lease
DHCPINFORM
Send DHCPACK with configuration parameters
Lease expiration
Mark IP address available, delete lease
DHCP PDU Format
32 Bits
Operation Code
Hardware Type
Hardware Length
Hop Count
Transaction ID
Seconds Elapsed
B
Client IP address
Your IP address
Server IP address
Relay agent IP address
Client hardware address
(16 bytes)
Server host name
(64 bytes)
Boot file name
(128 bytes)
Magic Cookie
Options
(up to 312 bytes)
Must Be Zero (MBZ)
DHCP Options
Magic Cookie:
99
130
83
99
4 bytes
Option format:
Code
Length
1 byte
1 byte
Data
Length bytes
Subnet Mask:
1
4
One-byte options:
0
255
Padding
End of options
255
255
255
0
Another Sample Network
DHCP Clients
Internet
Relay Agent within Router
DHCP Server
Relay Agents
Remove restriction of having DHCP server on
every network
Listen for DHCP messages and transmit them
to appropriate machine
Client to server relay
Broadcast from client Unicast to server(s)
Server to client relay
Broadcast from server Broadcast to client
Unicast from server Unicast to client
Demonstration
Advanced Topics
Lease times
Dynamic DNS
Reliability
Security
Lease Times
Anywhere from 15 minutes – 1 year
Common lease times & rationales
15 minutes: Maximum number of addresses free
3 days: Microsoft default
4 months: Students can keep lease over summer
Tradeoff
Dynamic DNS
If IP address changes due to DHCP, DNS entry
is wrong
Client or server can update DNS
Option 81: Client FQDN
81
Length
1 byte
1 byte
Flags
rcode1
rcode2
“Length” bytes
Name…
Reliability
Two synchronized DHCP servers on the same
network: Primary, Secondary
Permanent storage constantly communicated
Failure: Secondary server takes over
DHCP Clients
Primary
Server
Secondary
Server
Security
Potentially unauthorized clients
Malicious client could exhaust address pool
Malicious server (Rogue server)
Supply incorrect configuration parameters
Supply malicious configuration parameters