DHCP (Dynamic Host Configuration Protocol)

DHCP is an application-layer program, using the client-server paradigm that actually helps
TCP/IP at the network layer.
DHCP can be used to assign permanent IP address to the host and routers in a network.
DHCP can also be configured to provide temporary, on demand, IP addresses to hosts.

DHCP Message Format

The 64-byte option field has a dual purpose. It carry either additional information or some specific
vendor information. The server uses a number called a magic cookie, in the format of an IP address
with the value of 99.130.83.99 . When the client finishes reading the message, it looks for the
magic cookie. If present, the next 60 byte are options.
DHCP Operation
1. The joining host creates a DHCPDISCOVER message. The message is encapsulated in a
UDP user datagram with source port set to 68 and destination port set to 67. The user
datagram is encapsulated in an IP datagram with the source address set to 0.0.0.0 (this host)
and the destination address set to 255.255.255.255 (broadcast address).
2. The DHCP server or server(if more than one) responds with a DHCPOFFER message in
which the your-IP-address field defines the offered IP address for the joining host and the
server-IP-address includes the IP address of the server. The message is encapsulated in a
user datagram with the same pot number, but in the reverse order. The user datagram in
turn is encapsulated in a datagram with the server address as the source of IP address, but
the destination address is a broadcast address.

3. The joining hosts receives one or more offers and selects the best of them. The joining hosts
then send a DHCPREQUEST message to the server that has given the best offer. The
fields with known value are set. Here, the destination address still is set to the broadcast
address to let other servers know that their offer was not accepted.
4. Finally, the selected server responds with a DHCPACK message to the client if the offered
IP address is valid. If the server cannot keep its offer, it may respond with DHCPNACK
message. This message is also broadcast to let other servers know that the request is
accepted or rejected.

The DHCP client acts as a state machine that performs transitions from one state to another
depending on the messages it receives or sends.
Transition diagram

When the client first starts, it is in the INIT state. The client broadcasts a discover message.
When the client receives an offer, the client goes to SELECTING state.
After the client selects an offer, it sends a request message and goes to the REQUESTING
state.
If an ACK arrives, the client goes to the BOUND state and uses the IP address

When the lease is 50% expired, the client tries to renew it by moving to the RENEWING
state.
If the server renew the lease, the client moves to the BOUND state again. If the lease is not
renewed and the lease time is 75% expired, the client moves to REBINDING state.
If the server agrees with lease, the client moves to BOUND state, otherwise it goes to INIT
state and requests another IP address

NAT (Network Address Translation)

Network Address Translation is a technology that can provide the mapping between the private
and universal addresses , and at the same time supporting virtual private networks
The technology allows a site to use a set of private addresses for internal communication and
a set of global Internet addresses (at least one) for communication with the rest of the world
The site must have only one single connection to global Internet through a NAT-capable router
that runs NAT software.

Here, the private network is invisible to the rest of the Internet; the rest of the internet sees only
the NAT router with the address 200.24.5.8
Address Translation

All of the outgoing packets go through the NAT router, which replaces the source
address in the packet with the global NAT address.
All incoming packets also pass through the Nat router, which replaces the destination
address in the packet (the NAT router global address) with the appropriate private
address.

Translation Table

A translation table is maintained so that, the NAT router will be able to identify the
destination address for a packet coming from the Internet.
In its simplest form, a translation table has only two columns : the private address and
the external address (destination address of the packet)
When the router translates the source address of the outgoing packet, it also makes note
of the destination address. When the response comes back from the destination, the
router uses the source address of the packet to find private address of the packet.

Using both IP Addresses and Port Addresses

To allow a many-to-many relationship between private-network hosts and external

server programs, we include the source port, destination port and the transport
layer protocol.
For example, suppose two hosts inside a private network with addresses 172.18.3.1
and 172.18.3.2 need to access the HTTP server on external host 25.8.3.2.
Now consider the translation table below
Private
address
172.18.3.1
172.18.3.2

Private port
1400
1401

External
address
25.8.3.2
25.8.3.2

External port
80
80

Transport
protocol
TCP
TCP

When response from HTTP comes back, the combination of source address
(25.8.3.2) and destination port address (1401) defines the private network host to which the
response should be directed.
Note : for this translation to work, the ephemeral port address (1400 and 1401) must be unique.

DNS (Domain Name System)

The Domain Name System (DNS) translates Internet domain and host names to IP
addresses and vice versa
DNS follows a client/server network model. Client send requests to and receive responses from
DNS servers. Requests containing a name that result in an IP address being returned from the
server are called forward DNS lookups. Requests containing an IP address and resulting in a
name, called reverse DNS lookups, are also supported.

Example Connecting to a file transfer server

1. The user passes the host name to the file transfer client.
2. The file transfer client passes the host name to DNS client
3. Each computer, after being booted, knows the address of one DNS server. The DNS client
sends a message to a DNS server with a query that gives the file transfer server name using
the known IP address of the DNS server.
4. The DNS server responds with the IP address of the desired file transfer server.
5. The DNS client passes the IP address to the file transfer server.
6. The file transfer client now uses the received IP address to access the file transfer server.
Domain Name Space
To have a hierarchical name space, a domain name space was designed. In this design,
the names are defined in an inverted-tree structure with the root at the top. The tree can have
only 128 levels: level 0 to level 127
Label: Each node in a tree has a label, which is a string with maximum of 63 characters. The
root label is a null string. DNS requires that children of a node have different labels, which
guarantees the uniqueness of the domain names.
Domain Name: Each node in the tree has a domain name. A full domain name is a sequence
of labels separated by dots. The domain names are always read from the node up to the root.

DNS Messages
To retrieve information about hosts, DNS uses two types of messages: query and response.
Both types have the same format as shown below

Resolution

Mapping a name to an address is called name-address resolution.

A host that needs to map an address to a name or a name to an address calls a DNS
client called a resolver.
The resolver access the closest DNS server with a mapping request. If the server has
the information, it satisfies the resolver
After the resolver receives the mapping, it interprets the response to see if it is a real
resolution or an error, and finally delivers the result to the process that requested it.
A resolution can be either recursive or iterative.

Recursive Resolution

In Recursive name query, the DNS client requires that the DNS server respond to the client
with either the requested resource record or an error message i.e. the record or domain name
doesnt exist.

If DNS server is not able to resolve the requested query then it forwards the query to another
DNS server until it gets an answer or the query fails. Well take very simple example to
explain it, lets assume that you call either yellow pages or just dial to get the information
about all the good restaurants near your locality. In this example, Just dial or Yellow pages
are working on behalf to get you the required information.

Recursive query is made to DNS server by DNS client or by DNS server that is configured
to pass unresolved query to another DNS Server. By default recursive query is enabled but
it can be disabled if you dont want to use it in your environment.

Burden is on Server to resolve the query.

Iterative Resolution

An iterative name query is one in which a DNS client allows the DNS server to return the
best answer it can give based on its cache or zone data. If the queried DNS server does not
have an exact match for the queried name, the best possible information it can return is a

referral (that is, a pointer to a DNS server authoritative for a lower level of the domain
namespace).

The DNS client can then query the DNS server for which it obtained a referral. It continues
this process until it locates a DNS server that is authoritative for the queried name, or until
an error or time-out condition is met.

Burden is on Client to resolve the query.