DHCP Basics 2002

8/8/2019 DHCP Basics 2002

1/84

CEENET #8 8.2002 1

DHCP Managed Configuration ofTCP/IP Hosts

Richard Perlman

[email protected]


2/84

CEENET #8 8.2002 2

Outline

DHCP purpose and goals

Background and history of DHCP Case Study

Operational details

Using DHCP


3/84

CEENET #8 8.2002 3

Purpose of DHCPFrom RFC2131: The Dynamic Host Configuration

Protocol (DHCP) provides a framework for

passing configuration information to hosts on aTCP/IP network. DHCP consists of two

components: a protocol for delivering host-

specific configuration parameters from a DHCP

server to a host and a mechanism for allocation of

network addresses to hosts.


4/84

CEENET #8 8.2002 4

DHCP functional goals A host without a valid IP address locates and

communicates with a DHCP server

A DHCP server passes configuration

parameters, including an IP address, to the host

The DHCP server may dynamically allocate

addresses to hosts and reuse addresses


5/84

CEENET #8 8.2002 5

DHCP functional goals

Hosts can detect when they require a new IP

address

Unavailability of DHCP server has minimal

effect on operation of hosts


6/84

CEENET #8 8.2002 6

What does DHCP do?

Provides protocol stack, application and

other configuration parameters to hosts

Eliminates need for individual, manual

configuration for hosts

Includes administrative controls for network

administrators


7/84

CEENET #8 8.2002 7

What does DHCP do?

Backward compatible packet format for

BOOTP interoperation (RFC 1542)

Can coexist with hosts that have pre-

assigned IP addresses and hosts that do not

participate in DHCP


8/84

CEENET #8 8.2002 8

Design Goals

Eliminate manual configuration of hosts

Prevent use of any IP address by more thanone host

Should not require a server on every subnet

Allow for multiple servers


9/84

CEENET #8 8.2002 9

Design Goals

Provide a mechanism, not a policy

Provide same configuration - including IPaddress - to a host whenever possible


10/84

CEENET #8 8.2002 10

What can you do with DHCP

Plug-and-play

Move desktop PCs between offices Renumber

Other restructuring - change subnet masks

Mobile IP - laptops Moving equipment - cartable


11/84

CEENET #8 8.2002 11

What DHCP doesntdo Support multiple addresses per interface

Inform running host that parameters have

changed

Propagate new addresses to DNS

Support inter-server communication

Provide authenticated message delivery


12/84

CEENET #8 8.2002 12

What DHCP doesntdo

Configure routers and other network

equipment

Design network addressing plan

Determine other configuration parameters

Locate other servers


13/84

CEENET #8 8.2002 13

Outline



Operational details

Using DHCP


14/84

CEENET #8 8.2002 14

What is DHCP and where does itcome from?

Internet Engineering Task Force (IETF)

Dynamic Host ConfigurationW

orkingGroup (DHC WG)

BOOTP


15/84

CEENET #8 8.2002 15

IETF standards

Formal process for development, review and

acceptance of TCP/IP protocol suite

standards

Initial specifications published as Internet

Drafts (I-Ds)

Accepted specifications published as

Request for Comments (RFCs)


16/84

CEENET #8 8.2002 16

Protocol status DHCP has been accepted as a Draft

Standard; the specifications are published

in: RFC 2131: Dynamic Host Configuration

Protocol

RFC 2132: DHCP Options and BOOTP Vendor

Extensions

Several additional options are in

development


17/84

CEENET #8 8.2002 17

Implementation status

DHCP is an open standard, with freely

available specifications

Can be (and has been) implemented entirely

from the specification

Commercial implementations are widely

available

Non-commerical implementations are also

available


18/84

CEENET #8 8.2002 18

DHCP Resources Compilation of DHCP-related WWW links and

other information:http://www.dhcp.org

DHCP FAQ (maintained by John Wobus)

[email protected] mailing list

(admin requests [email protected])


19/84

CEENET #8 8.2002 19

DHCP Resources

IETF information can be retrieved from:

http://www.ietf.cnri.reston.va.us

I-Ds and RFCs can also be retrieved from:

http://www.rfc-editor.org


20/84

CEENET #8 8.2002 20

Related work

RARP/DRARP

TFTP ICMP

Router Discovery

Mobile IP Wireless/cellular IP


21/84

CEENET #8 8.2002 21

Outline



Operational details

Using DHCP


22/84

CEENET #8 8.2002 22

Generic Startup, Inc. GSI

GSI is a mediumsized startup with about

200 employees

Internal TCP/IP network intranet

Network Architect is responsible for

network design, planning and operation


23/84

CEENET #8 8.2002 23

Intranet architecture

Intranet uses Ethernet throughout

5 internal Ethernet segments 4 segments for desktops

1 segment for servers

Connected through single router


24/84

CEENET #8 8.2002 24

TCP/IP addressing

Network architect has obtained Class C

network address 201.155.7.0 for GSI

Subnetted for segments

/27 subnet mask

8 possible subnets, 32 hosts per subnet


25/84

CEENET #8 8.2002 25

201.157.7.32

Intranet addressing

201.157.7.64

201.157.7.128

201.157.7.96

201.157.7.192Router


26/84

CEENET #8 8.2002 26

DHCP on the GSI intranet

Network architect plans addressing scheme

and locations of servers

DHCP server attached to 201.157.7.192

subnet

Desktop clients contact server at startup for

IP address and configuration parameters


27/84

CEENET #8 8.2002 27

GSI uses DHCP to

Configure new computers

Reconfigure relocated computers Accommodate laptops

Renumber network


28/84

CEENET #8 8.2002 28

Planning for DHCP

Preparation for DHCP requires careful

planning

IP addressing strategy

Consider current needs

Allow for growth

Network architect configures rules for

addressing strategy into DHCP server


29/84

CEENET #8 8.2002 29

Newly installed computer

Newly installed computer locates DHCP

server

Server consults address scheme rules

Picks an address

Determines other configuration parameters

Plug-and-play


30/84

CEENET #8 8.2002 30

Newly installed computer

201.157.7.96

201.157.7.198Router

New computer

DHCP

server


31/84

CEENET #8 8.2002 31

Relocated computer Computer retains address

W

hen restarted, computer checks withserver to confirm address

If address OK, computer retains old address

If computer attached to different subnet,

obtains new address


32/84

CEENET #8 8.2002 32

Relocated computer

201.157.7.64

201.157.7.96

201.157.7.198Router

201.157.7.98

DHCP

server


33/84

CEENET #8 8.2002 33

Using DHCP with legacy equipment DHCP servernotrequired to make every

address on a subnet available for allocation

DHCP servernotrequired to answer every

incoming request

Network architect can configure server to

reserve (not allocate) addresses


34/84

CEENET #8 8.2002 34

Growth new computers on a subnet So GSI grows and hires new employees

Each gets a new computer; new computersare allocated addresses from DHCP pool

Suppose addresses in a subnet are all

allocated?


35/84

CEENET #8 8.2002 35

DHCP and new computers DHCP server will hand out all available

addresses

Limited number of addresses can be shared

(if all computers not on simultaneously)

Eventually, network architect will have to

allocate more addresses


36/84

CEENET #8 8.2002 36

Reusing addresses Server can reuse abandoned addresses

Address initially allocated for fixed time called

a lease

Client can extend lease

If lease expires, server can reallocate

Reallocation only when necessary (e.g.,

LRU) is a good idea


37/84

CEENET #8 8.2002 37

Growth multiple IP networks on asubnet

/27 subnet accommodates only 30

computers

Suppose application development group

grows to 40?

Add second IP subnet to existing Ethernet

segment


38/84

CEENET #8 8.2002 38

Multiple IP networks on a subnet

201.157.7.32

201.157.7.64

201.157.7.128

201.157.7.96

201.157.7.160

201.157.7.192Router


39/84

CEENET #8 8.2002 39

Reconfiguring the server for multiplenetworks

Server configuration file defines multiple

subnets and address pools on one physical

segment

Server chooses address from pools for the

segment

Server checks DHCP client address against

all subnets on the segment


40/84

CEENET #8 8.2002 40

Growth changing subnet masks In some cases, subnet growth can be managed

with a change to the subnet mask

201.157.7.128/27 and 201.157.7.160/27 can becombined into 201.157.7.128/26

Network infrastructure must accommodateVLSMs

Must change subnet masks on attached clients


41/84

CEENET #8 8.2002 41

Passing new subnet masks to clients At next reboot, DHCP client will contact

server

Server returns new subnet mask with

acknowledgment

Client records and uses new mask


42/84

CEENET #8 8.2002 42

Growth renumbering Eventually, GIS network architect obtains

second class C address: 202.5.77.0

Subnet numbers are reallocated among

network segments

Many computers now on wrong subnet


43/84

CEENET #8 8.2002 43

Renumbered GSI network

202.5.77.128

201.157.7.64

201.157.7.32

202.5.77.64

201.157.7.128Router

201.157.7.98


44/84

CEENET #8 8.2002 44

Using DHCP for renumbering Set up plan for renumbering

New network architecture

Network addresses, server addresses

Timing of cutovers

Force DHCP clients to contact server for

notification about new address

Set short leases

Require all clients be rebooted


45/84

CEENET #8 8.200245

Using DHCP for renumbering Rebooting, although not elegant, probably

most reliable

Schedule subnet cutover for overnight or

weekend, force reboot through alternate

protocol (e.g.., email to all users)


46/84

CEENET #8 8.200246

Outline DHCP purpose and goals

Background and history of DHCP

Case Study

Operational details

Using DHCP


47/84

CEENET #8 8.2002 47

Server manages client configurations

Provide a variety of mechanisms for

controlled configuration

Can override default parameters from Host

Requirements


48/84

CEENET #8 8.2002 48

Address allocation Static (BOOTP): client must be pre-

configured into database

Automatic: server can allocate new address

to client

Dynamic: server can allocate and reuse

addresses


49/84

CEENET #8 8.2002 49

Leases Dynamic addresses are allocated for a period

of time known as the lease

Client is allowed to use the address until the

lease expires


50/84

CEENET #8 8.2002 50

Leases Client MUST NOT use the address after the

lease expires, even if there are active

connections using the address

Server MUST NOT reuse the address before

the lease expires


51/84

CEENET #8 8.2002 51

Motivation for leases An IP internet may not always be

completely operational; there may not

always be connectivity between any two

hosts, so:

Cant use distributed (client-based) assignment

of addresses Cant use address defense before server reuse

of addresses


52/84

CEENET #8 8.2002 52

Motivation for leases Leases guarantee an agreement as to when

an address may be safely reused even if the

server cant contact the client


53/84

CEENET #8 8.2002 53

Address reuse Server MAY choose to reuse an address by

reassigning it to a different client after the

lease has expired

Server can check using ICMP echo to see if

the address is still in use (but no response is

not a definitive answer!)


54/84

CEENET #8 8.2002 54

Address reuse Allows address sharing

From old computers replaced by new ones

Among a pool of computers not always using

TCP/IP

For transient hosts like laptops


55/84

CEENET #8 8.2002 55

Address allocation details Clients check on address validity at reboot

time (renumbering)

Clients can extend the lease on an address at

startup time


56/84

CEENET #8 8.2002 56

Address allocation details Clients can extend the lease on an address as

expiration time approaches (without closing

and restarting existing connections)

Clients with addresses that have been

configured manually can use DHCP to

obtain other configuration parameters


57/84

CEENET #8 8.2002 57

Four ways a client uses DHCP INIT - acquire an IP address and

configuration information

INIT-REBOOT - confirm validity ofpreviously acquired address andconfiguration

RENEWING - extend a lease from theoriginal server

REBINDING - extend a lease from anyserver


58/84

CEENET #8 8.2002 58

Obtaining an initial address Client broadcasts DISCOVER to locate

servers

Server chooses address and replies

Client selects a server and sends REQUEST

for address

Server commits allocation and returns ACK


59/84

CEENET #8 8.2002 59

Rebooting client Client puts address in REQUEST and

broadcasts

Server checks validity and returns ACKwith

parameters

If client address is invalid e.g., client is

attached to a new network server replieswith NAKand client restarts


60/84

CEENET #8 8.2002 60

Extending a lease Client puts requested lease extension in

REQUEST and sends to server

Server commits extension and returns ACK

with parameters


61/84

CEENET #8 8.2002 61

DHCP options Options carry additional configuration

information to client

DHCP message type

Subnet mask, default routers, DNS server

Many others

Carried as fields in DHCP message


62/84

CEENET #8 8.2002 62

Configuration with options Network architect configures server to select

and return options and values

Client can explicitly request specific options


63/84

CEENET #8 8.2002 63

Relay agents Using hardware and IP broadcast still limits

DHCP message from client to single

physical network

Relay agent, on same subnet as client,

forwards DHCP messages between clients

and servers


64/84

CEENET #8 8.2002 64

Relay agents Relay agent and server exchange messages

using unicast UDP

Servers can be located anywhere on intranet Servers can be centrally located for ease of

administration

Very simple in function, implementation

Usually, but not necessarily, located in routers


65/84

CEENET #8 8.2002 65

Outline DHCP purpose and goals

Background and history of DHCP

Case Study

Operational details

Using DHCP


66/84

CEENET #8 8.2002 66

Using multiple servers Clients must be implemented for multiple

servers; e.g., receiving multiple OFFER

messages

Using multiple servers can provide

increased reliability through redundancy


67/84

CEENET #8 8.2002 67

Using multiple servers All coordination must be managed by DHCP

administrator

Distributed database

Off-line batch updates

Manually


68/84

CEENET #8 8.2002 68

Strategies for using multiple servers Split address pool for each subnet among

servers

Coordinate leases off-line

Reallocate addresses when needed


69/84

CEENET #8 8.2002 69

Lease times and strategies Choice of lease times made by DHCP

administrator

Long lease times decrease traffic and server

load, short lease times increase flexibility


70/84

CEENET #8 8.2002 70

Lease times and strategies Should choose lease time allow for server

unavailability

Allows clients to use old addresses

For example, long enough to span weekends

Can assign different leases to desktop

computers, cartable systems and laptops


71/84

CEENET #8 8.2002 71

Changing other configuration parameters

Other configuration parameters such as print

servers may change

Reconfigure DHCP server with new

parameters

At next reconfirmation, clients will get new

addresses


72/84

CEENET #8 8.2002 72

Moving a client to a new location User may get moved to a new location on a

different subnet

User may arrange to move computer system

without contacting network administrator

DHCP will allocate address for new location


73/84

CEENET #8 8.2002 73

Moving a client to a new location What about old lease?

New server can notify network administrator

about address allocation

Client can issue RELEASE before moving from

old location

Or, might be appropriate to leave old leasein place


74/84

CEENET #8 8.2002 74

Replacing a system User may get new computer on desktop

Network administrator wants to allocate

same IP address to the new computer but,

new computer will have different hardware

address

Use client id as system identifier andtransfer to new system


75/84

CEENET #8 8.2002 75

Limitations to DHCP Coordination among multiple servers

DHCP interaction with DNS

Security/authentication

New options

IPv6

Opportunities for enhancement


76/84

CEENET #8 8.2002 76

Coordination among multipleservers

Becomes a distributed database problem

Several strategies have been proposed

Failover protocol now in development


77/84

CEENET #8 8.2002 77

Dynamic DNS When client is allocated a new address, DNS

records need to be updated

A record: Name to IP address

PTR record: IP address to name

DHCP to be extended to allow coordination

between client and serverWhich does updates?

Error conditions?


78/84

CEENET #8 8.2002 78

Security/Authentication Unauthorized either intentional or

accidental server can cause denial of

service problems

Some sites may want to limit IP address

allocation to authorized client


79/84

CEENET #8 8.2002 79

Security/Authentication Authentication based on shared secret key,

an authentication ticket and a message digest

Assures source of message is valid and

message hasnt been tampered with en route

Schiller/Huitema/Droms/Arbaugh proposal

in process


80/84

CEENET #8 8.2002 80

New options acceptance New options must have nonoverlapping

option codes

Codes handed out byInternet Assigned

Numbers Authority (IANA)

New mechanism will approve each new

option as a separate RFC (like TELNET)


81/84

CEENET #8 8.2002 81

IPv6 IP Version 6(aka IPv6 or IPng) is a new

internet protocol to replace IP

Includes new features for host configuration:

Router advertisement

Autoconfiguration

Link-local addresses


82/84

CEENET #8 8.2002 82

IPv6 To accommodate sites that want centralized

management of addresses,DHCP for IPv6

(DHCPv6) is being developed by the DHCWG.


83/84

CEENET #8 8.2002 83

Summary DHCP works today as a tool for automatic

configuration of TCP/IP hosts

It is an open Internet standard and

interoperable client implementations are

widely available


84/84

Summary Provides automation for routine

configuration tasks, once network architect

has configured network and addressing plan

Ongoing work will extend DHCP with

authentication, DHCP-DNS interaction and

inter-server communication

Documents

DHCP Basics 2002