DHCP - Dynamic Host Configuration Protocol
What is DHCP?
Dynamic Host Control Protocol is concerned with the set of rules to provide an IP address automatically to a Client.
Why DHCP?
In order to connect to a network, a host/client needs an IP address. To communicate with other networks a client must know the default gateway and subnet mask of the network. Client also needs the address resolution service to be provided from a DNS (Domain Name Server). All this information can be either manually enter into each client which would be a tedious job or else DHCP can be employed to take care of this dynamically which reduces the workload and time consumption drastically.
About DHCP
DHCP used to provide IP addresses to different Hosts or Client machines present in a Network. DHCP basically works on DORA. DORA is a sequence of messages exchanged between the DHCP server and the client. DORA stands for:
- Discover
- Offer
- Request
- Acknowledgement
Now we ll take a topology to understand the DORA Process. All following content and packet captures are discussed in context with the below topology. On a specific note we have taken the DORA process between Windows PC and DHCP Server.
Discover Packet/Message
When a computer is started, it has a built-in Ethernet or other link layer address embedded in the NIC, but no IP address. Much like ARP, the computer broadcasts a request for an IP address on its network. It does this by using a DHCP DISCOVER packet. This packet must reach the DHCP server. This is the first packet that is broadcasted by the client once it enters a network. The packet details are explained below with the help of wireshark packet capture below
The packet sequence of DORA can be seen in the image above. The Discover packet is a broadcast packet. More details about Discover can be brought to light by examining the Payload and Layer II header details of Discover.
The bootstrap protocol will give us the information about payload of the Discover packet. It contains following information.
- Client IP Address : 0.0.0.0 – As the client does not have any IP address it assumes a temporary IP address 0.0.0.0.
- Client Mac Address: It will display the MAC address of the Client who is requesting for IP.
- Parameter Request List: This will contain the list of information requested by the client to the DHCP server in order to connect to the network.
The Internet Protocol Version 4 tab will provide with the Source and Destination IP address. Here the source is the Client and as it doesn’t have any IP address assigned to it, so its temporary IP Address 0.0.0.0 is displayed. The destination is a broadcast IP address i.e, 255.255.255.255
The Layer II protocol i.e., Ethernet II contain details of the Source and Destination MAC address. Here the Source MAC address is provided as 50:00:22:22:22:22 and the Destination MAC address is the broadcast MAC address ff:ff:ff:ff:ff:ff. (MAC address is 48 bits and is represented in hexadecimal ).
Offer Packet
When the server receives the request (Discover Packet), it allocates a free IP address and sends it to the host in a DHCP OFFER packet. To be able to do this work even when hosts do not have IP addresses, the server identifies a host using its Ethernet address (which is carried in the DHCP DISCOVER packet).
The offer Message/Packet is sent from DHCP server to the Client. The offer packet is unicast i.e., it is sent only to the Client. The details of the offer packet are provided below
The payload of the offer packet will contain the following information
- Client IP Address: 0.0.0.0 – This is the temporary IP address that the client has assumed.
- Your (Client) IP address: 192.168.1.2 – This field will indicate the offered IP address by DHCP to the client.
- Client MAC Address: This field will display the MAC address of the Client which in our case here is 50:00:22:22:22:22.
- It will contain all the information requested by the Client in the Discover packet along with the other necessary parameter
- DHCP Server Identifier: This is the IP address of the DHCP server.
- IP address Lease Time: This is one of the important parameter that defines the lease time of the IP address to the Client. No IP address are allocated permanently to the Clients, they will be allocated for a specific time period called Lease time.
- Renewal Time: This parameter will specify the time period by which the Client can request the same IP address to be assigned to it. Renewal time is 50% of the IP address lease time and it cannot be changed from 50% to other value.
- Subnet Mask: It is the subnet mask of the network in which the client is requesting the IP address.
- Router: It will have the IP Address of the default router/gateway of the network.
- Domain Name Server : This field will contain the detail of DNS sever which will be used for address resolution in the network.
Request Packet
This message is sent by Client as broadcast. The details of the packet are as follows
In this message, Client request to DHCP server for the offered IP address. The details in the payload are
- Client IP address : 0.0.0.0 – The IP address is still the temporary IP address of the client.
- Client MAC address: This is the Client MAC address , here -50:00:22:22:22:22.
- DHCP Message type: This shows the type of message – Request (3).
- Client Identifier: This displays the Client MAC Address.
- Requested IP Address: This is the IP address which was offered by DHCP and Client has requested the same IP Address – Here -192.168.1.2
- DHCP Server Identifier: It has the IP Address of the DHCP server – Here- 192.168.1.254.
This signifies that the message is unicast in network layer as the destination IP address as the IP address of DHCP server.
Below details contains the same offered parameter list which was offered by DHCP server is requested by the Client. Examining the Layer II protocol i.e., Ethernet II following information can be collected
In the layer II protocol i.e., Ethernet II, Source MAC address will be the Client’s MAC Address and destination MAC address is Broadcast i.e., ff:ff:ff:ff:ff:ff.
It can be observed that the request packet is the broadcast type in the layer II (i.e., Data Link Layer) protocol.
Acknowledgement Packet
Acknowledgment Packet is sent from the DHCP server to the Client and is a unicast packet. This packet is sent as confirmation to the client for the parameters offered by the DHCP server. The details of the payload of the Ack Packet are as below:
- Client IP address: 0.0.0.0: This is the temporary IP Address of the Client.
- Your (Client) IP address: 192.168.1.2 This is the IP address that the client will have from here on till the IP Lease time.
- Rest all the parameter is the same as in the offer packet.
After completion of the IP assignment by the DHCP server to the Client, the client will be able to retain the IP address till the expiry of the IP Lease time. In order to further retain the IP address longer the Client will send the request packet again at 50% of the IP lease time called as the IP renewal time. The IP Lease time period can change but the Renewal time period is always fixed at the 50% value of the IP Lease time. The protocol used for the exchange of messages is UDP – User Datagram Protocol and Port Number used here are 67 and 68.
Why Request Packet is to be broadcast?
The request packet is Broadcast message i.e., it is sent to all the nodes. The reason behind this is – If the network has more than one DHCP server than all the DHCP server will try to offer an IP address to the Client. The request packet being broadcast will be received by all the DHCP server and by examining the layer III DHCP Server Identifier (destination IP address of the DHCP server), other DHCP server will come to know whose offer is accepted.
How DHCP resolves IP Conflict?
The process of IP address assignment begins as soon as DHCP receives Discover Packet from the client. The DHCP server will look for free IP address which can be offered. But before offering the free IP address to the Client, the DHCP server will use ARP (Address Resolution Protocol) to know if the free IP address which has to be offered is already allocated to some Client or not. If there is no reply for the ARP then the DHCP server will proceed with the Offer packet to the Client. In case it receives the reply for ARP from some client, the DHCP server will realize that the IP address has been already allocated and cannot be assigned to the Client requesting for IP address. It will then check for next free IP address and follow the same ARP request to check if the free IP address is not assigned to any client. The process continues till DHCP server does not receive reply for ARP request and concludes that the IP address to be offered is not yet assigned to any Client.
How to configure DHCP Server in Cisco router?
The DHCP server can be configured in Cisco Router with the help of below commands
Router(config)#ip dhcp pool LAN
Router(dhcp-config)#network 192.168.1.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.1.1
Router(dhcp-config)#dns-server 8.8.8.8
Router(dhcp-config)#exit
Router(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.100
- ip dhcp pool LAN – Creates a DHCP address pool on the router and enters DHCP pool configuration mode. The name argument can be a string or an integer, Here-‘LAN’.
- network 192.168.1.0 255.255.255.0 - Defines Network address and subnet mask for the DHCP address pool
- default-router 192.168.1.1 – This command configures the default gateway for the Client.
- dns-server 8.8.8.8 – This configure the DNS server for the Client.
- ip dhcp excluded-address 192.168.1.1 192.168.1.100 – This commands will configure the DHCP server to not allocated the excluded address or address range as specified.
- show ip dhcp binding – This command will display the automatic IP address assigned to the Clients.
If the DHCP server is not on the same network as of the client then the IP address assignment and communication between DHCP server and the Client can be done using DHCP Relay Agent. In order to better understand this scenario the following consider the following topology. The central DHCP server is not in the same network as of the Client and yet the central DHCP server will allocate the IP address.
As it can be observed that the Central DHCP Server is not in the same network of the clients i.e., 2.0 and 1.0. When the Client will send the Discover packet as broadcast, it will reach the router. Router will not forward a broadcast packet and hence the packet will be lost. This gives rise to the challenge of dynamic assignment of the IP address by central DHCP server.
In order to facilitate the Discover packet to be forwarded by the router to the Central DHCP server we have to use DHCP relay
The concept of DHCP Relay
Let’s say that windows 7 PC whose MAC address is 50:00:22:22:22:22 is trying to obtain an IP address. It will broadcast the Discover Packet. The Discover packet should reach Central DHCP server so that it can assign an IP address. However when the packet reaches the Router, it will drop the packet as the router doesn’t forward broadcast packets. In order to take care of this situation we have take help of helper-address command. The helper-address command needs to be configured in the interface of the router which is here – g0/0.
The Central DHCP server will then send the offer packet. The Source IP address of the offer packet will 192.168.3.2 and the Destination IP address will be of the router interface g0/0 – 192.168.1.1 from which the Discover packet was relayed. Once the offer packet reaches the router it will be transferred to g0/0 and here the source and destination IP address in the offer packet will be changed. The Source IP address will be of router interface g0/0 -192.168.1.1 and the destination IP address will be of the Client Windows 7 PC – 192.168.1.2 (offered IP address by DHCP server) , however the packet will be routed via the MAC address of the Client Windows 7 PC (Destination MAC Address 50:00:22:22:22:22).
The Client Windows 7 will send the Request packet which is Broadcast Packet (Source IP address 0.0.0.0 and Destination IP address 255.255.255.255) which will received by router interface g0/0. The router interface will once again forward the request packet to the central DHCP server by replacing the Source IP address as the IP address of interface g0/0 and Destination IP address as the IP address of the Central DHCP server which was configured using the helper-address command.
In the similar fashion the Acknowledgement Packet will be sent by the central DHCP server with the destination IP address of the router interface g0/0 -192.168.1.1 which will be further forwarded by the router interface by replacing the source and destination IP address as 192.168.1.1 and 192.168.1.2 (Acknowledged IP address for the Client) respectively.
When the requests from two different client from two different network arrives at the Central DHCP server it will identify which address to be assigned to which Client by examining the source IP address or Relay agent IP address. The Relay agent IP address will allow Central DHCP server to decide which IP address has to be allocated to the Clients.
For Example : Say Central DHCP server has 2 IP DHCP pool – LAN1 & LAN2
For LAN1
Router(config)#ip dhcp pool LAN1
Router(dhcp-config)#network 192.168.1.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.1.1
Router(dhcp-config)#dns-server 8.8.8.8
Router(dhcp-config)#exit
For LAN2
Router(config)#ip dhcp pool LAN2
Router(dhcp-config)#network 192.168.2.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.2.1
Router(dhcp-config)#dns-server 8.8.8.8
Router(dhcp-config)#exit
If the Discover packet comes from network 192.168.1.0 i.e., a Client connected to router interface 192.168.1.1 is requesting IP address then the central DHCP server will allocate it the IP address from the pool of LAN1. Similarly if a client which is connected to g0/1 – (192.168.2.1) is requesting IP address then the central DHCP server will allocated it the IP address from pool LAN2
Commands to Configure Cisco Router as Relay agent is as follows
Router(config)#int g0/0
Router(dhcp-config)#ip helper-address 192.168.3.2
Router(dhcp-config)#exit