Вы находитесь на странице: 1из 14

DHCP is a protocol like BOOTP (actually dhcpd includes much of

the functionality of BOOTPD!). It assigns IP addresses to clients

based on lease times. DHCP is used extensively by Microsoft and more
recently also by Apple. It is probably essential in any multi-platform
Multiple Ethernet Interfaces are supported by this DHCP package. You need
to run Linux 2.0.32 or later.
Short for Dynamic Host Configuration Protocol, a protocol for assigning

dynamic IP addresses to devices on a network. With dynamic addressing, a

device can have a different IP address every time it connects to the network.
In some systems, the device's IP address can even change while it is still
connected. DHCP also supports a mix of static and dynamic IP addresses.
Dynamic addressing simplifies network administration because the software
keeps track of IP addresses rather than requiring an administrator to manage
the task. This means that a new computer can be added to a network without
the hassle of manually assigning it a unique IP address. Many ISPs use
dynamic IP addressing for dial-up users.
How DHCP Works

For a detailed description of DHCP, we suggest that you download RFC

1541 from any of the Internet draft repository sites. A good place to start is
ds.internic.net, available via FTP, Gopher and HTTP. For a less detailed
description, read on.
DHCP is an extension of BOOTP, the previous IP allocation specification.
So, existing BOOTP devices can communicate with DHCP servers and
allow DHCP requests to cross routers running BOOTP forwarders. This
level of backward compatibility makes it easy for administrators to upgrade
their network devices from BOOTP to DHCP as needed, without having to
replace all of the clients at once or having to upgrade all of the routers.
Several major advancements beyond the BOOTP specifications provide
significant advantages. For example, DHCP supports the concept of a

"lease" whereby a server can allocate an address to a client for a specific

amount of time. If you have more devices than IP addresses, using shorter
leases can help to keep you from running out of addresses. If you have more
addresses than devices, you can utilize permanent leases or you can assign
fixed addresses to specific devices similar to BOOTP's mechanism.
Also, DHCP incorporates a much more robust dialogue during lease
negotiation. Since the addresses can be assigned to the devices on an ad-hoc
basis, mechanisms need to be incorporated into the assignment procedure
that allow for a broader range of options, as well as for a broader range of
error handling conditions. BOOTP protocol only allowed for two types of
messages (request and reply), while DHCP has seven possible message types
that can be used during the address assignment sequence.
When a DHCP device attaches itself to the network for the first time, it
broadcasts a DHCPDISCOVER packet. A DHCP servers on the local
segment will see the broadcast and return a DHCPOFFER packet that
contains an IP address and other information. The servers may or may not
conduct some sort of preliminary testing prior to offering the address, such
as generating an ARP or an ICMP echo to see if the address is already in use
by another node somewhere. If your network does not have a DHCP server
on every segment, you will need to configure your routers to provide
BOOTP relay agents that forward the broadcasts to a predefined server on a
remote segment.
The client may receive multiple DHCPOFFER packets from any number of
servers, so it must choose between them, and broadcast a DHCPREQUEST
packet that identifies the explicit server and lease offer that it likes the best.
This decision may be based on which offer has the longest lease or which
offer provides the most information that the specific client needs for optimal
operation (more on this later). The non-chosen servers would notice the
explicit DHCPREQUEST packet and go on about their business.
Assuming that the offer is still valid, the chosen server would return a
DHCPACK that tells the client the lease is finalized. If the offer is no longer
valid for some reason-perhaps due to a time-out or another client allocating
the lease-then the selected server must respond with a DHCPNAK message.
This would cause the client to send another DHCPDISCOVER packet,
starting the process over again.

Once the client receives a DHCPACK, then all ownership and maintenance
of the lease is the responsibility of the client. For example, a client may
refuse an offer that is detailed in the DHCPACK message, and it is the
client's responsibility to do so. Clients are supposed to test the addresses that
have been offered to them by conducting ARP broadcasts. So if another node
responds to the ARP, the client would assume that the offered address is in
use. At this point, the client would reject the offer by sending a
DHCPDECLINE message to the offering server, and would also send
another DHCPDISCOVER packet, thereby starting the process yet again.
Once the client has the lease, it must be renewed prior to the lease expiration
through another DHCPREQUEST message. If a client finishes using a lease
prior to its expiration date, the client is supposed to send a DHCPRELEASE
message to the server so that the lease can be made available to other nodes.
If the server doesn't hear from the client by the end of the lease, it marks the
lease as non-renewed, and makes it available for other clients to use.
This sequence of events is pretty straightforward and leaves a lot of room to
correct any miscommunication between the clients and the servers. This is a
good thing, because most of the implementations that we studied at in our
labs didn't follow the letter of the law very well. Only because of the
negotiation model's failure-centric approach does the technology work at all.

When setting up a DHCP server, the first thing you have to do is define a
scope. A scope is a list of valid IP addresses you want the DHCP server to be
able to assign to clients. When a machine requests TCP/IP information from
the DHCP server, the information is provided from the scope you created.
Every DHCP server is required to have at least one scope. You can, however,
create multiple scopes on a DHCP server to administer different subnets.



When you create a scope, you must select the range of IP addresses and you
must specify the appropriate scope options to include. These options are
what we were referring to above when we mentioned that you can assign
other network information to your clients at the time they are given an IP
There are two types of scope options: Global and Scope. Global options are
propagated to all the scopes that you create on that DHCP server, while
Scope options are only for the individual scope that you are working with.
For example, if you have different scopes for several different subnets and
each subnet will have a different default gateway but will share the same
DNS servers, you would want to set the DNS servers as a Global option
while the default gateways would be set separately in each scope as a Scope
Table A shows a list of all of the Global and Scope options available in a
Windows 2000 DHCP server.

Table A
Time Offset

Trailer Encapsulation


ARP Cache Timeout

Time Server

Ethernet Encapsulation

Name Servers

TCP Default Time-to-Live

DNS Servers

Keepalive Interval

Log Servers

Keepalive Garbage

Cookie Servers

NIS Domain Name

LPR Servers

NIS Servers

Impress Servers

NTP Servers

Resource Location

Vendor Specific Info

Host Name


Boot File Size


Merit Dump File

WINS/NBT Node Type

DNS Domain Name

NetBIOS Scope ID

Swap Server

XWindow System Font

Root Path

XWindow System Display

Extensions Path

NIS+ Domain Name

IP Layer Forwarding

NIS+ Servers

Nonlocal Source Routing Boot Server Host Name

Policy Filter Masks

Bootfile Name

Max DG Reassembly

Mobile IP Home Agents

Default IP Time-to-Live

Simple Mail Transfer Protocol (SMTP)


Path MTU Aging Timeout Post Office Protocol (POP3) Servers

Path MTU Plateau Table

Network News Transfer Protocol (NNTP)


MTU Option

World Wide Web (WWW) Servers

All Subnets Are Local

Finger Servers

Broadcast Address

Internet Relay Chat (IRC) Servers

Perform Mask Discovery StreetTalk Servers

Mask Supplier Option

StreetTalk Directory Assistance (STDA)


Perform Router

Router Solicitation Address

If you create a scope and later run out of IP addresses, dont fret. You can
create an additional scope and your new scope will assign IP addresses
where your previous scope ended.
To define a scope using the Create Scope Wizard:
From the Action menu, select New Scope to launch the Create Scope
Wizard, and then click Next.
Type a name and description of your scope (Figure C) and click Next.

Figure C

Enter the start and end IP addresses of your scope. Remember to also assign
the appropriate subnet mask as well (Figure D). Click Next.
Figure D

This window is where you specify all of your static IP addresses to exclude
from your scope (Figure E). Add any exclusions and click Next.

Figure E

Enter the amount of time the lease is active (Figure F) and click Next.
Figure F

1. The next screen asks you whether you want to configure your DHCP
options now or later. For this article, we will select Yes, I Want To
Configure These Options Now and click Next.
2. Enter your domain name and add the IP addresses for your DNS
servers as shown in Figure G.
Figure G

1. Enter the addresses of any WINS servers you configured on your

network for resolving NetBIOS names into IP addresses, as shown in
Figure H.

Figure H

Choose Yes or No to indicate whether to activate your scope. There is still

more work to be done, so we will choose No, as shown in Figure I.
Figure I

Click Finish.

Some networks implement superscopes, which are collections of scopes that
are grouped to allow multiple logical subnets on one physical network. For
more information on creating superscopes, see Microsofts article Q161571:
Using DHCP Superscopes to Serve Multiple Logical Subnets.
In addition to specifying exclusions, you can add reservations to your DHCP
server. By adding a reservation, you ensure that a machine always receives
the same IP address from the DHCP server.
To add a reservation:
From the DHCP console, click the + sign next to the scope you created.
Click Reservations and select Action | New Reservation, as shown in
Figure J.
Figure J

Enter a friendly name for the reservation and the IP address you want to
assign to the computer or device.
Enter the MAC address of the computer or device. (For Windows NT/2000
machines, you can find the MAC address by running ipconfig/all from the
command prompt of the machine.)
Enter a description and then choose the following reservation type: DHCP,
BOOTP (going across a router), or both, as shown in Figure K. Click Add.

Figure K

Remember that after you install and configure your DHCP server, you will
need to authorize your scope before it can be activated. Authorizing your
DHCP server allows you to prevent hackers from configuring rogue DHCP
To authorize your DHCP server:
1. From the DHCP console, click on the DHCP icon.
2. From the Action menu, select Manage Authorized Servers, as shown
in Figure L.

Figure L

1. Click Authorize and enter the name or IP address for your server
(Figure M).
Figure M

1. Now youre ready to activate your DHCP server and bring it online.
Click the scope you created and choose Activate from the Action
menu (Figure N).

Figure N

Troubleshooting DHCP
After configuring DHCP, the easiest way to troubleshoot is to use Ipconfig
from a command prompt in Windows NT/2000. To view all TCP/IP
information on a machine. just typeipconfig/all from a command prompt. To
release a DHCP lease, type ipconfig/release; to renew a lease, type
On Windows 98 machines, you must use the Winipcfg utility to access
TCP/IP information. You can access this utility by choosing Start | Run and
typing winipcfg (Figure O). From there, you can click the Release and
Renew buttons to access other options.

Figure O