Dynamic Host Configuration

Protocol -DHCP
What is DHCP ?

• A communication protocol that lets network administrators manage

centrally and automate the assignment of Internet Protocol addresses in an
organization’s network.
• An application-layer protocol in the TCP/IP model.
• Built on a client-server model
• Supports three modes of IP-Address allocation
Automatic
Manual
Dynamic
• Basically it frees a network administrator from having to manually
configure each host connected to network
Purpose

• To deliver host-specific configuration parameters from a DHCP server

to a host.
• Allocation of network addresses to hosts.
• Used for dynamic allocation of IP addresses
• used for hosts that run only client applications
• DHCP can also be used to convey permanent IP address assignments
to hosts
• Server interfaces need permanent addresses because clients need to be able
to reach them
• Also, router interfaces should have permanent addresses for stability of
routing data
• Since class B and class C address spaces have been exhausted, service
providers and enterprises use dynamically allocated IP addresses
• DHCP is an extension of the Bootstrap protocol (BOOTP).

• BOOTP was designed for manual pre-configuration of the host

information in a server database.
DHCP uses BOOTP
• Based on BOOTP
• Uses BOOTP format for messages
• Uses BOOTP relay agents to avoid having one DHCP server per network
segment
• BOOTP used to bootstrap hosts
• First operation, get Ethernet and IP address for itself and the address of a
server and bootfile name (diskless client)
• Second operation, uses TFTP to download bootfile
• BOOTP uses UDP
• 67 for the server port
• 68 for the client port
Differences between
BOOTP and DHCP
• Two differences
• DHCP specifies a “lease time” for IP address usage allowing for allocation of
the same address to another client upon lease expiry
• DHCP can acquire all IP-related configuration information, more than in
BOOTP
• BOOTP clients can talk to DHCP servers
(backward compatibility)
• DHCP is an extension of BOOTP
• Message format similar
• Four Key benefits to DHCP:
• Centralized administration of IP configuration.
• Dynamic host configuration.
• Seamless IP host configuration.
• Flexibility and scalability.
Disadvantages of DHCP
• When DHCP server is unavailable, client is unable to access
enterprises network
• Your machine name does not change when you get a new IP address
• Uses UDP, an unreliable and insecure protocol.
• DNS cannot be used for DHCP configured hosts.
Security problem
• DHCP is an unauthenticated protocol
When connecting to a network, the user is not required to provide credentials
in order to obtain a lease
Malicious users with physical access to the DHCP-enabled network can instigate
a denial-of-service attack on DHCP servers by requesting many leases from the
server, thereby depleting the number of leases that are available to other DHCP
clients
Limitations
• Some machines on your network need to be at fixed addresses, for
example servers and routers
• You need to be able to assign a machine to run the DHCP server
continually as it must be available at all times when clients need IP
access
Characteristics of DHCP
• All communication initiated by the client
• Uses UDP on port 67 for client, port 68 for server
• Uses unicast when client has IP address, [and client is not in REBINDING
state]; broadcast otherwise
• Addresses offered from
• address pools, or
• Fixed addresses allocated to particular computers
Leases
• Server offers IP address and network parameters for a limited time (called a lease)
• In practice, leases may very from 30 minutes to a week or so
• Short lease:
• clients get updated parameters quickly
• Essential if have more clients than addresses
• Long lease:
• more reliable (clients may continue to operate for a week after DHCP server fails)
Components
• DHCP client: a host using DHCP to obtain an IP address and other
configuration information
• DHCP server: a host that returns IP addresses and other configuration
information
• BOOTP relay agents: host or router that passes DHCP messages
between DHCP clients and DHCP servers
BOOTP/DHCP Message Format
OpCode (1 = Req, 2 = Hardware Type (1 = Hardware Address
Hop Count
Reply) Ethernet) Length
Unused (in BOOTP)
Number of Seconds
Flags (in DHCP)
Transaction ID

Client IP address

Your IP address

Server IP address

Gateway IP address

Client hardware address (16 bytes)

Server host name (64 bytes)

Boot file name (128 bytes)

Options

(There are >100 different options)

Format of a DHCP message
• Op - message op code / message type
• 1 = BootRequest,2 = BootReply
• htype - hardware address type
• hlen - hardware address length (i.e. ‘6’ for 10mbps Ethernet)
• hops - client sets to 0, optionally used by relay agents when booting via a relay agent
• xid - transaction ID, a random number chosen by the client, used by the client and server to
associate messages and responses between a client and a server
• secs – filled in by the client, seconds elapsed since client began address acquisition or renewal
process
• flags – “broadcast flag” used if client cannot accept unicast IP packets before IP layer is configured
(“chicken-and-egg” problem)
• destination IP address in IP header is a broadcast IP address instead of yiaddress and destination MAC
address is all ones; then set this flag to “broadcast” mode. Server receiving this flag in Bootrequest will
know to send the Bootreply in broadcast mode
Format of a DHCP message
• ciaddr – client IP address; only filled in if client is in BOUND, RENEW or
REBINDING state and can respond to ‘ARP’ requests
• yiaddr – ‘your’ (client) IP address (set in DHCPOFFER)
• siaddr – IP address of next server to use in bootstrap; returned in DHCPOFFER,
DHCPACK by server
• giaddr – relay agent IP address, used in booting via a relay agent
• chaddr – client hardware addresses
• sname – optional server host name, null terminated string
• file – Boot file name, null terminated string; “generic” name or null in
DHCPDISCOVER, fully qualified directory-path name in DHCPOFFER
• options – optional parameters field
DHCP options
• DHCP Message Type (must in
all messages)
• Requested IP Address
• Server identifier
• IP Address Lease Time
• Renewal Time Value (T1)
• Rebinding Time Value (T2)
• Client identifier
For all other options refer to RFC 2132
• DNS (Domain Name Server) option
• specifies IP addresses of DNS servers
available to client
• Router option
• specifies IP addresses of routers on
the client’s subnet
• Max Datagram Reassembly
• Subnet Mask
• Client Hostname
DHCP Message Type
• Message type is sent as an option. Value Message Type

1 DHCPDISCOVER

2 DHCPOFFER

3 DHCPREQUEST

4 DHCPDECLINE

5 DHCPACK

6 DHCPNAK

7 DHCPRELEASE

8 DHCPINFORM
DHCP Messages
• DHCPDISCOVER — from client
• client has no address, asking for a new one - Client broadcast to locate available servers
• DHCPOFFER — from server
• Offer of address and other parameters- Server to client in response to DHCPDISCOVER with
offer of configuration parameters.
• DHCPREQUEST — from client
• Client asks if can use the offered address- Client message to servers either (a) requesting
offered parameters from one server and implicitly declining offers from all others, (b)
confirming correctness of previously allocated address after, e.g., system reboot, or (c)
extending the lease on a particular network address.
• DHCPACK — from server - Server to client with configuration parameters, including committed
network address. i.e. Server says “yes, go ahead, the address is yours; the lease starts now.”
DHCP Messages
• DHCPNAK — from server
• “Server to client indicating client's notion of network address is incorrect (e.g., client has
moved to new subnet) or client's lease as expired
• no, you may not have that address; go to the INIT state”
• DHCPDECLINE — from client
• Client to server indicating network address is already in use. i.e. Client has detected another
machine is using the offered address
• DHCPRELEASE — from client
• Client to server relinquishing network address and canceling remaining lease
• Server expires the lease immediately
• DHCPINFORM — from client
• Client to server, asking only for local configuration parameters; client already has externally
configured network address
• Client already has a fixed IP address, but wants other network settings from the server
How does DHCP work?
• When a client needs to start up TCP/IP operations, it broadcasts a request for address
information.
• The DHCP server receives the request, assigns a new address for a specific time period (called a
lease period) and sends it to the client together with the other required configuration
information.
• This information is acknowledged by the client, and used to set up its configuration.
• The DHCP server will not reallocate the address during the lease period and will attempt to return
the same address every time the client requests an address.
• The client may extend its lease with subsequent requests, and may send a message to the server
before the lease expires telling it that it no longer needs the address so it can be released and
assigned to another client on the network.
The Client-Server Protocol

Client-server interaction - allocating a network address

Client-server interaction - reusing a previously allocated network

address
Steps-initialization and allocation of network address

• Client begins in INIT state.

• DHCPDISCOVER
• ciaddr=0x00000000
• parameter request list
• network addr, lease time
• chaddr
• client identifier
• transaction ID-xid
• After DHCPACK, client moves to BOUND state.
Steps-initialization with known network address

• Client begins in INIT-REBOOT state

• Sends DHCPREQUEST

• After DHCPACK, it moves to BOUND state

Allocating a network address

SERVER CLIENT SERVER

DHCPDISCOVER DHCPDISCOVER

DHCPOFFER DHCPOFFER

DHCPREQUEST
DHCPREQUEST

DHCPACK

DHCPRELEASE
 Allocating new address
Server (not selected) Client Server (selected)
Sent on Ethernet
DHCP DISC. DHCP DISC.
broadcast address

Client selects
Collects replies configuration;
Also broadcast DHCP REQ. DHCP REQ.
in DCHP REQ
it accepts one
server’s offer
Initialization Complete (server identifier
option)
Graceful Shutdown
and implicitly
DHCPRELEASE reject rest
Discard lease
Step-by-step

• Client broadcasts DHCPDISCOVER

• Server respond with DHCPOFFER
• Server check for address
• Client broadcasts DHCPREQUEST
• Server selected commits binding, sends DHCPACK
• Server sends DHCPNAK Client responds to DHCPACK
• Client sends DHCPDECLINE if address in use
• Client responds to DHCPNAK
• No DHCPACK/DHCPNAK
• Client sends DHCPRELEASE
How the server selects a new address
• The client's current address as recorded in the client's current binding, ELSE
• The client's previous address as recorded in the client's (now expired or released)
binding, if that address is in the server's pool of available addresses and not
already allocated, ELSE
• The address requested in the 'Requested IP Address' option, if that address is
valid and not already allocated, ELSE
• A new address allocated from the server's pool of available addresses; the
address is selected based on the subnet from which the message was received (if
'giaddr' is 0) or on the address of the relay agent that forwarded the message
('giaddr' is not 0).
Obtaining an IP address
• If the client receives no DHCP offer before it times out, it retransmits
DHCPDISCOVER
• Client may wait for multiple replies and then choose one offer. It
broadcasts DHCPREQUEST with ‘server identifier’ option included
identifying the server whose offer it has accepted and ‘requested IP
address’ option
• Client SHOULD probe address with an ARP; if client detects that the
address is already in use, it issues DHCPDECLINE
Obtaining an IP address
• Servers other than the one selected in the DHCPREQUEST will release
their offered addresses, while the selected server will note the
binding
• If selected server cannot meet the needs of the DHCPREQ. it sends a
DHCPNAK
• If the client does not receive a DHCPACK or DHCPNAK before timeout
it resends DHCPREQ
• Retransmission attempts use exponential backoff times
Reuse of IP address
• DHCP REQUEST - client message to servers
• requesting offered parameters from one server and implicitly declining offers
from all others
• confirming correctness of previously allocated address after, e.g., system
reboot,
• extending the lease on a particular network address.
DHCPACK - Server to client with configuration parameters, including
committed network address.
Reusing a previously allocated network address

SERVER CLIENT SERVER

DHCPREQUEST DHCPREQUEST

DHCPACK DHCPACK

Initialization complete

Subsequent DHCPACKS
ignored
 Reuse of address
Server Client Server
DHCP REQ. DHCP REQ.

Locates Config. Locates Config.

DHCPACK DHCPACK
Servers with
knowledge of
the client's Initialization Complete
configuration
parameters
respond with a
DHCPACK (Subsequent DHCP Packets Ignored)
message to
the client.
Step-by-step

• Client broadcasts DHCPREQUEST

• Server responds with DHCPACK
• Server SHOULD NOT check for network address
• Client is configured
• Client detects address in use sends DHCPDECLINE
• Client receives DHCPNAK
• No DHCPACK/DHCPNAK
• Client sends DHCPRELEASE
Timers
• T1 is the time at which the client enters the RENEWING state and
attempts to contact the server that originally issued the client's
network address.
• T2 is the time at which the client enters the REBINDING state and
attempts to contact any server.
• T1 MUST be earlier than T2
• T2 MUST be earlier than the time at which the client's lease will
expire.
Reacquisition and expiration

• Times T1 and T2 to extend its lease

• At T1, client enters RENEWING state
• At T2, client enters REBINDING state
• T1<T2<lease expiration time
• In either of two states client sends DHCPREQUEST
• If lease expires before DHCPACK, client moves to INIT state
DHCP Client States
• INIT (client is booting)
• no IP address yet.
• next message from client will be a broadcast DHCPDISCOVER.
• INIT-REBOOT (has unexpired lease)
• has IP address, but is not using it
• client will next broadcast DHCPREQUEST
• Will move to BIND state if no response
• SELECTING (has received at least one DHCPOFFER)
• Waiting for any other DHCPOFFERS
• BOUND (Client has an address)
• Initiated by client receiving DHCPACK to DHCPREQUEST
• Send no more messages until T1 (renewal time, configured in client by the server)
DHCP Client States
• RENEWING (client has reached renewal time T1 in BOUND state)
• client unicasts DHCPREQUEST to server
• server unicasts DHCPACK to client
• T1 = lease time / 2
• REBINDING (client has reached rebinding time T2 without DHCPACK from server)
• client broadcasts DHCPREQUEST
• client is looking for another server
• T2 = lease time * 7/8
• If lease expires, client goes back to INIT state
• Any network connections lost—bad for users!! Don't let it happen to them!
Obtaining an initial configuration
• The client is booting, with no IP lease
Confirming an IP Address when restarting
• The client's lease has not expired
Extending a lease
• Lease is extended at T1 before expires
• Unicast, because address is valid
• T1 = leasetime/2
Moving a computer to new subnet
• Refuse old address, issue a new one