Вы находитесь на странице: 1из 9

DORA process of DHCP, Unicast or

Dynamic Host Configuration Protocol (DHCP) provides IP address and
other configuration information like subnet mask, default gateway,
WINS and DNS server address to network clients. DHCP allocates IP
addresses dynamically to the clients, known as a lease for a period
called lease period.

DHCP lease-generation is 4 step process called DORA which expands

as below:

D – Discover

O – Offer

R – Request

A – Acknowledgement

The working process is as under:

1. The DHCP client broadcasts a DHCPDISCOVER packet in the


2. Once DHCP Server receives DISCOVER packet, it replies

with DHCPOFFER packet. This packet is broadcast and contains a
potential IP address for the client.The client might receives
DHCPOFFER packet from multiple DHCP servers ( if they exist in

3. The client then broadcasts a DHCPREQUEST that contains a server

identifier. Since this broadcast packet reaches all DHCP servers, they
come to know which server’s DHCPOFFER the client has chosen to
accept. In case client received multiple DHCPOFFER, it selects the
server that made the fastest response to its DHCPDISCOVER which
typically is the DHCP server closest to the client.

4. Once DHCP servers receive the DHCPREQUEST they use server

identifier to know if their offer is accepted or not. The chosen server
stores the IP address client information in the DHCP database and
broadcasts DHCPACK message. If for some reason, the DHCP server
cannot provide the address that was offered in the initial DHCPOFFER,
the DHCP server sends a DHCPNAK message.

I will discuss about conditions resulting DHCPNAK in some other blog.

Let’s discuss these steps in more detail. For sake of clarity I am using
diagram below:

As per diagram let’s take example of DHCP server whose IP address

is A and MAC address is AA (I am using A and AA for sake of simplicity
to avoid writing 4 octets of IP and 12 Hexadecimal bits for MAC
address). There is a client looking for IP address so don’t have any IP
but its MAC address is BB. Steps of DORA process are as under:

1. Client will broadcast DISCOVER packet to which is

broadcast IP. It will use as source IP because it doesn’t has any
IP yet. On frame it will use broadcast MAC address FF-FF-FF-FF-FF-
FF as destination while use its own MAC address as source.
2. Once DHCP server receives DISCOVER packet, it will broadcast
OFFER packet on IP as client don’t have any IP.
Since server has received MAC address of client from DISCOVER
packet it will use it as destination MAC. So, as per our example it will
be BB. Hence, OFFER frame is unicast.

With OFFER packet several other information also come as per

configuration like DHCP server identifier, potential IP and others

3. Once client receives OFFER it broadcasts REQUEST packet on It uses destination MAC as FF-FF-FF-FF-FF-FF. In
case, multiple DHCP servers have sended OFFER packet, REQUEST
packet will reach to all of them. This packet has DHCP server identifier
which is used by servers to verify whether their IP is chosen or not.
However, there is a chance that the transaction related to offer selected
by client couldn’t complete successfully. The client then try to send a
REQUEST to different Server Identifier. So, “rejected” servers will wait
for a while before offering a previously-offered lease to another client.

4. Once Server receives REQUEST packet, it will send ACK packet to

client. In destination address it will use broadcast IP address but unicast
MAC address i.e BB as per our example. Hence, will be received by
intended client only.

Here is the summary:





IP Broadcast Broadcast Broadcast Broadcast
MAC Broadcast BB Broadcast BB

LAYER Broadcast Broadcast Broadcast Broa

LAYER Broadcast Unicast Broadcast Unicast

Broadcast IP –

Broadcast MAC – FF-FF-FF-FF-FF-FF

So, this is all in this blog. Have a very nice day !!

Interview Question for Windows Administrator ( Windows 2008)
In this blog I am providing answers of questions asked generally from
Windows 2008 server in an interview. Have a look.... What is NOS?
NOS stand for network operating system. Operating system is of two
types- network operating system (NOS) and client operating system
(COS). NOS is used for servers…
In "General"
How WDS works - Inside Story
Hello friends Hope this post finds you in good health and spirit. This is
post is about how "Windows Deployment Service" works. I was
planning to write about it since long as its an important concept with
roots in Windows server and used often by other technologies like
SCCM for…
In "General"
IP conflict detection by DHCP server
Hi All Hope this post finds you in good health and spirit. Today we are
going to discuss IP address conflict detection by DHCP server and
process to configure it. Two machines should not have same address
within network and it can lead to address conflict. To solve this

Internet Control Message Protocol, ICMP, How ICMP Work, ICMP Header,
ICMP Message Header

When you send data from one device to another remote device, the IPv4 Datagram often travels through
one or more routers. There can be errors at routers while they try to forward the IPv4 Datagram to its final
destination. The Internet Control Message Protocol (ICMP) protocol is used to report problems with
delivery of IPv4 Datagrams within an IPv4 network. ICMP is also used for other diagnosis and
troubleshooting functions.

An Internet Control Message Protocol (ICMP) packet header is 8 Bytes long. The first four bytes always
have the same meaning, and the contents of the remaining four depend on the ICMP packet type. An ICMP
header follows the IP header in an IP datagram packet and Internet Control Message Protocol (ICMP) is
considered to be an integral part of IPv4.

The most common ICMP messages

Echo Request and Echo Reply: Internet Control Message Protocol (ICMP) is often used during test the
connectivity between devices. We can use the ping (Packet InterNet Grouper, a command-line utility used
to check the connectivity between two devices) command to check connectivity from one device with
another device and the ping command is using Internet Control Message Protocol (ICMP). Ping command
sends an IP datagram packet to the IPv4 address of the device we are trying to check the connectivity and
requests the destination device to return the data sent in a response datagram. Ping command uses
Internet Control Message Protocol (ICMP) Echo Request and Echo Reply.

Source Quench: If a device is sending large amounts of data to another remote device, the volume can
flood the router with data. The router can use Internet Control Message Protocol (ICMP) to send a Source
Quench message to the source IPv4 address to ask it to slow down the rate at which it is sending data.

Destination Unreachable: If a router receives a datagram that cannot be delivered, Internet Control
Message Protocol (ICMP) returns a Destination Unreachable message to the source IPv4 address.

Time Exceeded: Internet Control Message Protocol (ICMP) sends this message to the source IP if a
datagram is discarded because Time-to-Live (TTL) value reaches zero. One reason is the destination device
is too many router hops away to reach with the current Time-to-Live (TTL) value or a routing loop (An
undesirable condition when the IP Datagrams loop infinitely between the routers, without reaching the

Internet Control Message Protocol (ICMP) Message Header

Internet Control Message Protocol (ICMP) Header

Type and Code: The following table shows the values which are possible for the Type and Code fields in
the Internet Control Message Protocol (ICMP) header.

Type Code Description

0 0 Echo reply (used to ping)

1 and 2 Reserved

0 Destination network unreachable

1 Destination host unreachable

2 Destination protocol unreachable

3 Destination port unreachable

4 Fragmentation required, and DF set

5 Source route failed

6 Destination network unknown

7 Destination host unknown

8 Source host isolated

9 Network administratively prohibited

10 Host administratively prohibited

11 Network unreachable for Type Of Service

12 Host unreachable for Type of Service

13 Administratively prohibited

4 0 Traffic Congestion Control

0 Redirect Datagram for the Network

1 Redirect Datagram for the Host

2 Redirect Datagram for the Type of Service & network

3 Redirect Datagram for the Type of Service & host

6 Alternate Host Address

7 Reserved

8 0 Echo request

9 0 Router Advertisement

10 0 Router discovery/selection/solicitation

0 TTL expired
1 Fragment reassembly time exceeded

0 Pointer indicates the error

12 1 Missing a required option

2 Bad length

13 0 Timestamp

14 0 Timestamp reply

15 0 Information Request

16 0 Information Reply

17 0 Address Mask Request

18 0 Address Mask Reply

19 Reserved for security

20 through 29 Reserved for robustness experiment

30 0 Information Request

31 Datagram Conversion Error

32 Mobile Host Redirect

33 Where-Are-You

34 Here-I-Am

35 Mobile Registration Request

36 Mobile Registration Reply

37 Domain Name Request

38 Domain Name Reply

39 SKIP Algorithm Discovery Protocol

40 Photuris, Security failures

41 ICMP for experimental mobility protocols such as Seamoby

42 through 255 Reserved

Checksum: The checksum field in the Internet Control Message Protocol (ICMP) message contains error
checking data calculated from the Internet Control Message Protocol (ICMP) header+data, with value 0
for this field.

ID: The ID field in the Internet Control Message Protocol (ICMP) message contains an ID value, should be
returned in case of ECHO REPLY.

Sequence number: The sequence number field in the Internet Control Message Protocol (ICMP) message
is the sequence number for each host, generally this starts at 1 and is incremented by 1 for each packet.

You have learned Internet Control Message Protocol (ICMP), use of Internet Control Message Protocol
(ICMP), Internet Control Message Protocol (ICMP) message header and the fields in Internet Control
Message Protocol (ICMP) message. Click "Next" to continue.

Domain Name Servers

Domain Name Servers (DNS) are the Internet's equivalent of a phone book. They maintain a directory of domain
names and translate them to Internet Protocol (IP) addresses.

This is necessary because, although domain names are easy for people to remember, computers or machines,
access websites based on IP addresses.

Information from all the domain name servers across the Internet are gathered together and housed at the Central
Registry. Host companies and Internet Service Providers interact with the Central Registry on a regular schedule to
get updated DNS information.

When you type in a web address, e.g., www.jimsbikes.com, your Internet Service Provider views the DNS associated
with the domain name, translates it into a machine friendly IP address (for example is the IP for
jimsbikes.com) and directs your Internet connection to the correct website.

After you register a new domain name or when you update the DNS servers on your domain name, it usually takes
about 12-36 hours for the domain name servers world-wide to be updated and able to access the information. This
36-hour period is referred to as propagation.