Upload
blake-haynes
View
231
Download
0
Tags:
Embed Size (px)
Citation preview
DHCP
Dynamic Host Configuration Protocol
CIS 856: TCP/IP and Upper Layer ProtocolsPresented by Kyle Getz
October 20, 2005
Motivation for DHCP Configuration parameters for network
hosts IP address Router Subnet Mask Many more…
Before DHCP Manual assignment RARP BOOTP
DHCP Features Protocol for providing configuration
parameters to hosts over network Dynamic allocation of IP addresses Minimal human intervention
Sample Network
Router
Internet
DHCP Server
UDP Port 68
UDP Port 68
UDP Port 68
UDP Port 67
DHCP Clients
Preliminaries (DHCP) Message = DHCP-PDU (A-PDU) Client = DHCP Client Server = DHCP Server Well-known port numbers
DHCP Server: UDP port 67 DHCP Client: UDP port 68 No ephemeral ports
Broadcast and unicast used for PDU’s in both directions “Broadcast”: link and IP addresses are
broadcast “Unicast”: link and IP addresses are unicast
Initial Message FlowServer A Client Server B
Client attempts to discover available DHCP serversDHCPDISCOVE
RDHCPDISCOVE
R
Servers reply with offersDHCPOFFE
RDHCPOFFE
RClient collects offers and decides which offer to accept
Client broadcasts request for one of the received offersDHCPREQUES
TDHCPREQUES
T
Server acknowledges client’s use of IP addressDHCPAC
KConfiguration complete
Client explicitly releases use of IP addressDHCPRELEAS
E
Graceful shutdown
DHCP Message Types
DHCP Message
Use
DHCPDISCOVER Client broadcast to locate available servers
DHCPOFFER Server to client response offering configuration parameters
DHCPREQUEST Client broadcast requesting offered parameters
DHCPDECLINE Client to server notification that IP address is in use
DHCPACK Server to client response confirming a request
DHCPNAK Server to client response denying a request
DHCPRELEASE Client to server request to relinquish IP address
DHCPINFORM Client to server request for configuration parameters
Lease Renewal Times (Client)
T1 < T2 < Lease time T1 default value = 1/2 of lease time T2 default value = 7/8 of lease time Communicated via DHCPOFFER, DHCPACK Client actions when times elapse
T1: client must renew address with the DHCP server
T2: client must renew address with any DHCP server
Lease time: client must stop using IP address
Renewal Message FlowServer A Client Server B
Client unicasts request to continue using IP addressDHCPREQUES
TServer acknowledges request and updates leaseDHCPACK
Client broadcasts request to continue using IP addressDHCPREQUES
TDHCPREQUES
TServer acknowledges request and updates leaseDHCPAC
K
Configuration complete
T1 elapses
T1 elapses
Client unicasts request to continue using IP addressDHCPREQUES
TT2 elapses
Configuration complete
Client FSM (Simplified)
INIT
SELECTING
-/DHCPDISCOVE
R
DHCPOFFER/ Process offer
REQUESTING
Select offer/DHCPREQUEST
BOUND
DHCPACK/Set T1,T2
DHCPACK/Set T1,T2
DHCPACK/Set T1,T2
RENEWING
T1/ Unicast
DHCPREQUEST
REBINDING
T2/Broadcast DHCPREQUEST
DHCPNAK/ Stop using IP
addressDHCPNAK, Lease
expires/ Stop using IP address
DHCPACK (in use)/
DHCPDECLINE
DHCPNAK/ Discard
offer
Retransmissions Client responsible for all retransmissions Retransmission strategy
Exponential backoff Randomized
Recommendations Base delay doubled for each retransmission Random number picked from [-1,+1] Maximum base delay: 64 seconds
Server Storage Permanent storage
Pool of available IP addresses Local configuration parameters Mapping between clients and leases
Flexibility concerning storage update When DHCPOFFER sent When DHCPACK sent
Server Logic (Simplified)
Event Action Taken DHCPDISCOVER
If current lease for client exists, send DHCPOFFERElse, if IP address available, send DHCPOFFERElse, do nothing
DHCPREQUEST If IP address available, send DHCPACKElse, send DHCPNAK
DHCPDECLINE Mark IP address unavailable, notify network administrator
DHCPRELEASE Mark IP address available, delete lease
DHCPINFORM Send DHCPACK with configuration parameters
Lease expiration
Mark IP address available, delete lease
DHCP PDU Format32 Bits
Operation Code Hardware Type Hardware Length Hop Count
Transaction ID
Seconds Elapsed B Must Be Zero (MBZ)
Client IP address
Your IP address
Server IP address
Relay agent IP address
Client hardware address(16 bytes)
Server host name(64 bytes)
Boot file name(128 bytes)
Options(up to 312 bytes)
Magic Cookie
DHCP Options
255 End of options
Code Length Data1 byte 1 byte Length
bytes
0 Padding
1 4 255 255 255 0
Subnet Mask:
99 130 83 99Magic Cookie:
Option format:
One-byte options:
4 bytes
Another Sample Network
Router
Internet
DHCP Server
DHCP Clients
Relay Agent within
Relay Agents Remove restriction of having DHCP
server on every network Listen for DHCP messages and transmit
them to appropriate machine Client to server relay
Broadcast from client Unicast to server(s) Server to client relay
Broadcast from server Broadcast to client Unicast from server Unicast to client
Demonstration
Advanced Topics Lease times Dynamic DNS Reliability Security
Lease Times Anywhere from 15 minutes – 1 year Common lease times & rationales
15 minutes: Maximum number of addresses free
3 days: Microsoft default 4 months: Students can keep lease over
summer Tradeoff
Dynamic DNS If IP address changes due to DHCP, DNS
entry is wrong Client or server can update DNS Option 81: Client FQDN
81 Length Flags rcode1 rcode2 Name…1 byte 1 byte “Length”
bytes
Reliability Two synchronized DHCP servers on the same
network: Primary, Secondary Permanent storage constantly communicated Failure: Secondary server takes over
Secondary Server
DHCP Clients
Primary
Server
Security Potentially unauthorized clients Malicious client could exhaust address
pool Malicious server (Rogue server)
Supply incorrect configuration parameters Supply malicious configuration parameters