DHCP – Managed Configuration of TCP/IP Hosts

7/31/2019 DHCP Managed Configuration of TCP/IP Hosts

1/73

DHCPManaged Configuration of

TCP/IP Hosts


2/73

Outline

DHCP purpose and goals

Background and history of DHCP

Case Study

Operational details

Using DHCP


3/73

Purpose of DHCP

From RFC2131: The Dynamic Host Configuration

Protocol (DHCP) provides a framework for

passing configuration information to hosts on a

TCP/IP network. DHCP consists of two

components: a protocol for delivering host-

specific configuration parameters from a DHCP

server to a host and a mechanism for allocation ofnetwork addresses to hosts.


4/73

DHCP functional goals A host without a valid IP address locates and

communicates with a DHCP server

A DHCP server passes configuration

parameters, including an IP address, to the host

The DHCP server may dynamically allocate

addresses to hosts and reuse addresses


5/73

DHCP functional goals

Hosts can detect when they require a new IP

address Unavailability of DHCP server has minimal

effect on operation of hosts


6/73

What does DHCP do?

Provides protocol stack, application and

other configuration parameters to hosts Eliminates need for individual, manual

configuration for hosts

Includes administrative controls for networkadministrators


7/73

What does DHCP do?

Backward compatible packet format for

BOOTP interoperation (RFC 1542) Can coexist with hosts that have pre-

assigned IP addresses and hosts that do not

participate in DHCP


8/73

Design Goals

Eliminate manual configuration of hosts

Prevent use of any IP address by more thanone host

Should not require a server on every subnet

Allow for multiple servers


9/73

Design Goals

Provide a mechanism, not a policy

Provide same configuration - including IPaddress - to a host whenever possible


10/73

What can you do with DHCP

Plug-and-play

Move desktop PCs between offices

Renumber

Other restructuring - change subnet masks

Mobile IP - laptops

Moving equipment - cartable


11/73

What DHCP doesntdo Support multiple addresses per interface

Inform running host that parameters have

changed

Propagate new addresses to DNS

Support inter-server communication

Provide authenticated message delivery


12/73

What DHCP doesntdo

Configure routers and other network

equipment Design network addressing plan

Determine other configuration parameters

Locate other servers


13/73

Outline



Case Study

Operational details

Using DHCP


14/73

What is DHCP and where does itcome from?

Internet Engineering Task Force (IETF)

Dynamic Host Configuration WorkingGroup (DHC WG)

BOOTP


15/73

IETF standards

Formal process for development, review and

acceptance of TCP/IP protocol suitestandards

Initial specifications published as Internet

Drafts (I-Ds) Accepted specifications published as

Request for Comments (RFCs)


16/73

Protocol status

DHCP has been accepted as a Draft

Standard; the specifications are publishedin:

RFC 2131: Dynamic Host Configuration

Protocol

RFC 2132: DHCP Options and BOOTP Vendor

Extensions

Several additional options are in

development


17/73

Implementation status

DHCP is an open standard, with freely

available specifications Can be (and has been) implemented entirely

from the specification

Commercial implementations are widelyavailable

Non-commerical implementations are also

available


18/73


19/73

DHCP Resources

IETF information can be retrieved from:

http://www.ietf.cnri.reston.va.us

I-Ds and RFCs can also be retrieved from:

http://www.rfc-editor.org


20/73

Related work

RARP/DRARP

TFTP

ICMP

Router Discovery

Mobile IP

Wireless/cellular IP


21/73

Outline



Case Study

Operational details

Using DHCP


22/73

Planning for DHCP

Preparation for DHCP requires careful

planning IP addressing strategy

Consider current needs

Allow for growth

Network architect configures rules for

addressing strategy into DHCP server


23/73


24/73


25/73

Relocated computer

Computer retains address

When restarted, computer checks withserver to confirm address

If address OK, computer retains old address

If computer attached to different subnet,

obtains new address


26/73

Using DHCP with legacyequipment

DHCP server notrequired to make every

address on a subnet available for allocation DHCP server notrequired to answer every

incoming request

Network architect can configure server toreserve (not allocate) addresses


27/73

DHCP and new computers

DHCP server will hand out all available

addresses Limited number of addresses can be shared

(if all computers not on simultaneously)

Eventually, network architect will have toallocate more addresses


28/73

Reusing addresses

Server can reuse abandoned addresses

Address initially allocated for fixed time calleda lease

Client can extend lease

If lease expires, server can reallocate Reallocation only when necessary (e.g.,

LRU) is a good idea


29/73

Reconfiguring the server formultiple networks

Server configuration file defines multiple

subnets and address pools on one physicalsegment

Server chooses address from pools for the

segment Server checks DHCP client address against

all subnets on the segment


30/73

Growthchanging subnet masks In some cases, subnet growth can be managed

with a change to the subnet mask

201.157.7.128/27 and 201.157.7.160/27 can becombined into 201.157.7.128/26

Network infrastructure must accommodateVLSMs

Must change subnet masks on attached clients


31/73

Passing new subnet masks toclients

At next reboot, DHCP client will contact

server Server returns new subnet mask with

acknowledgment

Client records and uses new mask


32/73

Using DHCP for renumbering

Set up plan for renumbering

New network architectureNetwork addresses, server addresses

Timing of cutovers

Force DHCP clients to contact server fornotification about new address

Set short leases

Require all clients be rebooted


33/73

Using DHCP for renumbering

Rebooting, although not elegant, probably

most reliable Schedule subnet cutover for overnight or

weekend, force reboot through alternate

protocol (e.g.., email to all users)


34/73

Outline



Case Study

Operational details

Using DHCP


35/73

Server manages clientconfigurations

Provide a variety of mechanisms for

controlled configuration Can override default parameters from Host

Requirements


36/73

Address allocation

Static (BOOTP): client must be pre-

configured into database Automatic: server can allocate new address

to client

Dynamic: server can allocate and reuseaddresses


37/73

Leases

Dynamic addresses are allocated for a period

of time known as the lease Client is allowed to use the address until the

lease expires


38/73

Leases

Client MUST NOT use the address after the

lease expires, even if there are activeconnections using the address

Server MUST NOT reuse the address before

the lease expires


39/73

Motivation for leases

An IP internet may not always be

completely operational; there may notalways be connectivity between any two

hosts, so:

Cant use distributed (client-based) assignmentof addresses

Cant use address defense before server reuse

of addresses


40/73

Motivation for leases

Leases guarantee an agreement as to when

an address may be safely reused even if theserver cant contact the client


41/73

Address reuse

Server MAY choose to reuse an address by

reassigning it to a different client after thelease has expired

Server can check using ICMP echo to see if

the address is still in use (but no response isnot a definitive answer!)


42/73

Address reuse

Allows address sharing

From old computers replaced by new onesAmong a pool of computers not always using

TCP/IP

For transient hosts like laptops


43/73

Address allocation details

Clients check on address validity at reboot

time (renumbering) Clients can extend the lease on an address at

startup time


44/73

Address allocation details

Clients can extend the lease on an address as

expiration time approaches (without closingand restarting existing connections)

Clients with addresses that have been

configured manually can use DHCP toobtain other configuration parameters


45/73

Four ways a client uses DHCP INIT - acquire an IP address and

configuration information

INIT-REBOOT - confirm validity ofpreviously acquired address andconfiguration

RENEWING - extend a lease from theoriginal server

REBINDING - extend a lease from anyserver


46/73

Obtaining an initial address

Client broadcasts DISCOVER to locate

servers Server chooses address and replies

Client selects a server and sends REQUEST

for address Server commits allocation and returns ACK


47/73

Rebooting client

Client puts address in REQUEST and

broadcasts Server checks validity and returns ACK with

parameters

If client address is invalide.g., client isattached to a new networkserver replies

with NAK and client restarts


48/73

Extending a lease

Client puts requested lease extension in

REQUEST and sends to server Server commits extension and returns ACK

with parameters


49/73

DHCP options

Options carry additional configuration

information to clientDHCP message type

Subnet mask, default routers, DNS server

Manyothers Carried as fields in DHCP message


50/73

Configuration with options

Network architect configures server to select

and return options and values Client can explicitly request specific options


51/73

Relay agents

Using hardware and IP broadcast still limits

DHCP message from client to singlephysical network

Relay agent, on same subnet as client,

forwards DHCP messages between clientsand servers


52/73

Relay agents Relay agent and server exchange messages

using unicast UDP

Servers can be located anywhere on intranetServers can be centrally located for ease of

administration

Very simple in function, implementation

Usually, but not necessarily, located in routers


53/73

Outline


Background and history of DHCP Case Study

Operational details

Using DHCP


54/73

Using multiple servers

Clients must be implemented for multiple

servers; e.g., receiving multiple OFFERmessages

Using multiple servers can provide

increased reliability through redundancy


55/73

Using multiple servers

All coordination must be managed by DHCP

administratorDistributed database

Off-line batch updates

Manually


56/73

Strategies for using multipleservers

Split address pool for each subnet among

servers Coordinate leases off-line

Reallocate addresses when needed


57/73

Lease times and strategies

Choice of lease times made by DHCP

administrator Long lease times decrease traffic and server

load, short lease times increase flexibility


58/73

Lease times and strategies

Should choose lease time allow for server

unavailabilityAllows clients to use old addresses

For example, long enough to span weekends

Can assign different leases to desktopcomputers, cartable systems and laptops


59/73

Changing other configurationparameters

Other configuration parameters such as print

servers may change Reconfigure DHCP server with new

parameters

At next reconfirmation, clients will get newaddresses


60/73

Moving a client to a new location

User may get moved to a new location on a

different subnet User may arrange to move computer system

without contacting network administrator

DHCP will allocate address for new location


61/73

Moving a client to a new location

What about old lease?

New server can notify network administratorabout address allocation

Client can issue RELEASE before moving from

old location

Or, might be appropriate to leave old lease

in place


62/73

Replacing a system

User may get new computer on desktop

Network administrator wants to allocatesame IP address to the new computerbut,

new computer will have different hardware

address Use client id as system identifier and

transfer to new system


63/73

Limitations to DHCP

Coordination among multiple servers

DHCP interaction with DNS Security/authentication

New options

IPv6

Opportunities for enhancement


64/73

Coordination among multipleservers

Becomes a distributed database problem

Several strategies have been proposed Failover protocol now in development


65/73

Dynamic DNS When client is allocated a new address, DNS

records need to be updated

A record: Name to IP addressPTR record: IP address to name

DHCP to be extended to allow coordination

between client and serverWhich does updates?

Error conditions?


66/73

Security/Authentication

Unauthorizedeither intentional or

accidentalserver can cause denial ofservice problems

Some sites may want to limit IP address

allocation to authorized client


67/73

Security/Authentication

Authentication based on shared secret key,

an authentication ticket and a message digest Assures source of message is valid and

message hasnt been tampered with en route

Schiller/Huitema/Droms/Arbaugh proposalin process


68/73

New options acceptance

New options must have nonoverlapping

option codes Codes handed out byInternet Assigned

Numbers Authority (IANA)

New mechanism will approve each newoption as a separate RFC (like TELNET)


69/73

IPv6

IP Version 6(aka IPv6 or IPng) is a new

internet protocol to replace IP Includes new features for host configuration:

Router advertisement

AutoconfigurationLink-local addresses


70/73

IPv6

To accommodate sites that want centralized

management of addresses,DHCP for IPv6(DHCPv6) is being developed by the DHC

WG.


71/73

Summary

DHCP works today as a tool for automatic

configuration of TCP/IP hosts It is an open Internet standard and

interoperable client implementations are

widely available


72/73

Summary

Provides automation for routine

configuration tasks, once network architecthas configured network and addressing plan

Ongoing work will extend DHCP with

authentication, DHCP-DNS interaction andinter-server communication


73/73

Documents

DHCP – Managed Configuration of TCP/IP Hosts