Upload
salah-amean
View
422
Download
2
Tags:
Embed Size (px)
DESCRIPTION
This presentation is great introduction to the dynamic host configuraton protocol "DHCP". It also provides more protocol based details together with the comparison to BOOTP protocol.
Citation preview
04/13/2023 1
Advanced data communication
Dynamic Host Configuration Proto-col DHCP and Auto configuration
BY
SALAH AMEAN AHMMED
04/13/2023 2
Overview
Introduction
Basics
Case - We play DHCP Server◦ Problems ◦ Tasks◦ Solutions
Autoconfiguration ◦ Basics◦ Design goals ◦ Problems ◦ Solution◦ Example protocols
Discussion◦ Packet tracer demo
Conclusion
Questions and Answers
04/13/2023 3
DHCP Architecture
DHCP contains:◦ DHCP clients◦ DHCP servers◦ DHCP relay agents on a network
clients interact with servers using DHCP messages ◦ To obtain and renew IP address leases.
04/13/2023 4
Configuration need To be able to make use of TCP/IP protocol suite,
◦ Each host,and router need certain amount of configuration information ◦ Configuration information is used to assign local names to systems, and identifiers(IP) to interfaces◦ DNS and mobile IP agents
Many attempts to provides these info
Local broadcast
Outside communication(require routing)
04/13/2023 5
Reasons for such DHCP First , hosts move more likely than routers and servers
◦ Mechanisms are required to assign and reassign configuration for hosts
Second, server are expected to be autonomus in term of users movement◦ More confidentiality since configuration information is not dependant on other network services
Third,since devices are more than routers, ◦ Less error-prone
Fourth, in term of users experience,◦ Simple
04/13/2023 6
DHCP parts Address management:
◦ Handles the allocation of IP address and the lease to clients◦ Handles the address management
Delivery of configuration data:◦ DHCP protocol messages format and state machines
04/13/2023 7
DHCP Allocation Methods Dynamic allocation
◦ given IP address is revocable◦ IP address is given from a Pool (range of IP addresses) at the server
Automatic allocation◦ Same method is used in getting the address◦ Given IP address is never revoked
Manual allocation:◦ The address is allocated based on the user’s request◦ The address could be out of the DHCP allocated pool
Based on the identity of the node and the possibility of revoking the above methods differ
04/13/2023 8
Address pool and lease DHCP client requests IP
DHCP server responses with address from DHCP pool◦ Lease duration defines the time the user can utilize the address◦ When expired, user may request extension ◦ Can be few minutes to days
Lease time is tradeoff between the number of expected clients, the size of the address pool, and the desired stability of addresses
◦ Longer duration of lease, ◦ More stable ◦ But deplete the DHCP pool
Clients begin trying to renew lease tome after half time of the lease has passed
04/13/2023 9
Address pool and lease DHCP Client sends request of IP address
◦ Name of the client◦ Lease duration ◦ Copy of address it is using or last used◦ Other parameters
Server response with the IP address together with the lease duration◦ MAC address◦ Time ◦ Interface
Server maintain the address in non-volatile memory ◦ So configuration of host wont get lost if server shutdown
04/13/2023 10
DHCP & BOOTP Message For-mat
DHCP extends BOOTP
Compatibility is maintained
BOOTP relay agents can process DHCP messages,◦ BOOTP clients can use DHCP servers
04/13/2023 11
Similarities between BOOTP and DHCP
The format structure each uses to exchange messages between the server and clients
BOOTP and DHCP use nearly identical request messages (sent by clients) and reply messages (sent by servers). Messages in either of these protocols use a single User Datagram Protocol (UDP) datagram of 576 bytes to enclose each protocol message. Message headers are the same for both BOOTP and DHCP with one exception: the final message header field used to carry optional data. For BOOTP, this optional field is called the vendor-specific area and is limited to 64 octets. For DHCP, this area is called the options field and can carry up to 312 octets of DHCP options information.
Use of well-known UDP ports for client/server communication
Both BOOTP and DHCP use the same reserved protocol ports for sending and receiving messages between servers and clients. Both BOOTP and DHCP servers use UDP port 67 to listen for and receive client request messages. BOOTP and DHCP clients typically reserve UDP port 68 for accepting message replies from either a BOOTP server or DHCP server.
Because DHCP and BOOTP messages use nearly identical format types and packet structures, and typically use the same well-known service ports, BOOTP or DHCP re -lay agent programs usually treat BOOTP and DHCP messages as essentially the same message type, without differentiating between them.
IP address distribution as an integral part of configuration service
Although both BOOTP and DHCP allocate IP addresses to clients during startup, they use different methods of allocation. BOOTP typically provides fixed allocation of a single IP address for each client, permanently reserving this address in the BOOTP server database. DHCP typically provides dynamic, leased allocation of available IP addresses, reserving each DHCP client address temporarily in the DHCP server database.
04/13/2023 12
BOOTP and DHCP
BOOTP DHCP
Designed prior to DHCP. Designed after BOOTP.
Intended to configure diskless workstations with limited boot capabilities. Intended to configure frequently relocated networked computers (such as portables) that have local hard drives and full boot capabilities.
Dynamic BOOTP has a default 30-day expiration on IP address leases. DHCP has a default eight-day expiration on IP address leases.
Supports a limited number of client configuration parameters calledvendor extensions. Supports a larger and extensible set of client configuration parameters called options.
Describes a two-phase bootstrap configuration process, as follows:•Clients contact BOOTP servers to perform address determination and boot file name selection.
•Clients contact Trivial File Transfer Protocol (TFTP) servers to perform file transfer of their boot image.
Describes a single-phase boot configuration process whereby a DHCP client negotiates with a DHCP server to determine its IP address and obtain any other initial configuration details it needs for network operation.
BOOTP clients do not rebind or renew configuration with the BOOTP server except when the system restarts.
DHCP clients do not require a system restart to rebind or renew configuration with the DHCP server. In-stead, clients automatically enter a rebinding state at set timed intervals to renew their leased address allocation with the DHCP server. This process occurs in the background and is transparent to the user.
04/13/2023 13
Differences Between BOOTP and DHCP BOOTP supports a limited number of client configuration parameters called vendor extensions , while DHCP supports a larger and extensible set of client configuration parameters called options.
BOOTP uses a two-phase bootstrap configuration process in which clients contact BOOTP servers to perform address determination and boot file name selection, and clients contact Trivial File Transfer Protocol (TFTP) servers to perform file transfer of their boot image. DHCP uses a single-phase boot configuration process whereby a DHCP client negotiates with a DHCP server to determine its IP address and obtain any other initial configuration details it needs for network operation.
BOOTP clients do not rebind or renew configuration with the BOOTP server except when the system restarts, while DHCP clients do not require a system restart to re-bind or renew configuration with the DHCP server. Instead, clients automatically en-ter the Rebinding state at set timed intervals to renew their leased address alloca-tion with the DHCP server. This process occurs in the background and is transparent to the user.
04/13/2023 14
BOOTP BOOTstrap Protocol (BOOTP)
◦ From 1985◦ Host can configure its IP parameters at boot time. ◦ 3 services.
◦ IP address assignment. ◦ Detection of the IP address for a serving machine. ◦ The name of a file to be loaded and executed by the client machine (boot file name)
◦ Not only assign IP address, but also default router, network mask, etc. ◦ Sent as UDP messages (UDP Port 67 (server) and 68 (host))◦ Use limited broadcast address (255.255.255.255):
◦ These addresses are never forwarded
04/13/2023 15
DHCP Dynamic Host Configuration Protocol (DHCP)
◦ From 1993◦ An extension of BOOTP, very similar to DHCP◦ Same port numbers as BOOTP ◦ Extensions:
◦ Supports temporary allocation (“leases”) of IP addresses◦ DHCP client can acquire all IP configuration parameters needed to operate
◦ DHCP is the preferred mechanism for dynamic assignment of IP addresses◦ DHCP can interoperate with BOOTP clients.
04/13/2023 16
Message Format
Vendor specific is replaced with options
17
DHCP Message Type Message type is sent as an option. Value Message Type
1 DHCPDISCOVER
2 DHCPOFFER
3 DHCPREQUEST
4 DHCPDECLINE
5 DHCPACK
6 DHCPNAK
7 DHCPRELEASE
8 DHCPINFORM
04/13/2023 18
Message Types DHCPDISCOVER: Broadcast by a client to find available DHCP servers.
DHCPOFFER: Response from a server to a DHCPDISCOVER and offering IP address and other parameters.
DHCPREQUEST: Message from a client to servers that does one of the following:◦ Requests the parameters offered by one of the servers and declines all other offers.◦ Verifies a previously allocated address after a system or network change (a reboot for
example).◦ Requests the extension of a lease on a particular address.
04/13/2023 19
Contd. DHCPACK: Acknowledgement from server to client with parameters,
including IP address.
DHCPNACK: Negative acknowledgement from server to client, indicating that the client's lease has expired or that a requested IP address is incorrect.
DHCPDECLINE: Message from client to server indicating that the offered address is already in use.
DHCPRELEASE: Message from client to server canceling remainder of a lease and relinquishing network ad-dress.
DHCPINFORM: Message from a client that already has an IP address (manually configured for example), re-questing further configuration parameters from the DHCP server.
04/13/2023 20
DHCP operation Client discover server and address offered by them
Client uses broadcast to request address
The selected server will respond to the client(others will be rejected)
If the client knows the address the process in simplified by ◦ Starting with REQUEST and ACK messages
The offer msg includes the lease upper bound to renew its address◦ T1=t/2◦ T2=7T/8
DHCPREQUEST is broadcast to all servers and only one server will respond
04/13/2023 21
DHCP operation Several servers could be there
Client choose any server
Other servers declined
04/13/2023 22
DHCP state machine DHCP client have few states
◦ INIT: no address yet◦ Selecting: processing address◦ Requesting: after selecting◦ Bound address with T1 and T2
T1 client attempt renewing address
T1 expires client reacquires address from a server
04/13/2023 23
DHCP OperationDHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCPDISCOVERSent to 255.255.255.255
DHCP Server
DCHP DISCOVER
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPOFFER
DHCPOFFER
DCHP OFFER
04/13/2023 24
DHCP OperationDHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPREQUEST
DHCPACKDCHP DISCOVER
At this time, the DHCP client can start to use the IP address
DHCP Client00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPREQUEST
DHCPACKRenewing a Lease(sent when 50% of lease
has expired)If DHCP server sends DHCPNACK, then ad-dress is released.
04/13/2023 25
DHCP OperationDHCP Client
00:a0:24:71:e4:44 DHCP Server
DHCP Server
DHCPRELEASE
DCHP RELEASE
At this time, the DHCP client has released the IP address
04/13/2023 26
Client Server Interactions The client broadcasts a DHCPDISCOVER message on its local physical subnet.
◦ The DHCPDISCOVER message may include some options such as network address sugges-tion or lease duration.
Each server may respond with a DHCPOFFER message that includes an available net-work address (your IP address) and other configuration options.
◦ The servers record the address as offered to the client to prevent the same address being of-fered to other clients in the event of further DHCPDISCOVER messages being received before the first client has completed its configuration.
04/13/2023 27
Contd. The client receives one or more DHCPOFFER messages from one or more servers.
◦ The client chooses one based on the configuration parameters offered and broad-casts a DHCPREQUEST message that includes the server identifier option to indicate which message it has selected and the requested IP address option, taken from your IP address in the selected offer.
◦ In the event that no offers are received, if the client has knowledge of a previous net-work address, the client may reuse that address if its lease is still valid, until the lease expires.
04/13/2023 28
Contd. The servers receive the DHCPREQUEST broadcast from the client.
◦ Those servers not selected by the DHCPREQUEST message use the message as notification that the client has declined that server's offer.
◦ The server selected in the DHCPREQUEST message commits the binding for the client to persistent storage and responds with a DHC-PACK message containing the configuration parameters for the re-questing client.
04/13/2023 29
Contd. The combination of client hardware and assigned network address constitute a unique identifier for the client's lease and are used by both the client and server to identify a lease referred to in any DHCP messages.
The your IP address field in the DHCPACK messages is filled in with the selected net-work address.
04/13/2023 30
Contd. The client receives the DHCPACK message with configuration parameters.
◦ The client performs a final check on the parameters, for example with ARP for allo-cated network address, and notes the duration of the lease and the lease identifica-tion cookie specified in the DHCPACK message. At this point, the client is configured.
◦ If the client detects a problem with the parameters in the DHCPACK message (the address is already in use on the network, for example), the client sends a DHCPDE-CLINE message to the server and restarts the configuration process.
04/13/2023 31
Contd. The client should wait a minimum of ten seconds before restarting the configuration process to avoid excessive network traffic in case of looping.
On receipt of a DHCPDECLINE, the server must mark the offered address as unavail-able (and possibly inform the system administrator that there is a configuration problem).
If the client receives a DHCPNAK message, the client restarts the configuration process.
04/13/2023 32
Contd. The client may choose to relinquish its lease on a network address by sending a DHCPRELEASE message to the server.
The client identifies the lease to be released by including its network address and its hardware address.
04/13/2023 33
Lease Renewal When a server sends the DHCPACK to a client with IP address and configuration parameters, it also registers the start of the lease time for that address.
This lease time is passed to the client as one of the options in the DHCPACK message, together with two timer values, T1 and T2.
The client is rightfully entitled to use the given address for the duration of the lease time.
04/13/2023 34
Contd. On applying the receive configuration, the client also starts the timers T1 and T2. At this time, the client is in the BOUND state.
Times T1 and T2 are options configurable by the server but T1 must be less than T2, and T2 must be less than the lease time.
According to RFC 2132, T1 defaults to (0.5 * lease time) and T2 defaults to (0.875 * lease time).
04/13/2023 35
Contd. When timer T1 expires, the client will send a DHCPREQUEST (unicast) to the server that offered the address, asking to extend the lease for the given configuration. The client is now in the RENEWING state
The server would usually respond with a DHCPACK message indicating the new lease time, and timers T1 and T2 are reset at the client accordingly.
The server also resets its record of the lease time.
Under normal circumstances, an active client would continually renew its lease in this way indefinitely, without the lease ever expiring.
04/13/2023 36
Contd. If no DHCPACK is received until timer T2 expires, the client enters the REBINDING state.
Client now broadcasts a DHCPREQUEST message to extend its lease.
This request can be confirmed by a DHCPACK message from any DHCP server on the network.
04/13/2023 37
Contd. If the client does not receive a DHCPACK message after its lease has expired, it has to stop using its current TCP/IP configuration.
The client may then return to the INIT state, issuing a DHCPDISCOVER broadcast to try and obtain any valid address.
04/13/2023 38
Reusing a Previously allocated address
The client broadcasts a DHCPREQUEST message on its local subnet.◦ The DHCPREQUEST message includes the client's previously used network address.
If the client’s lease is still current, the server with knowledge of the client's configuration parameters responds with a DHCPACK message to the client, renewing the lease at the same time.
◦ The client must then proceed to test for the IP address.
If the client's lease has expired, the server with knowledge of the client responds with DHCPNACK.
◦ The client then must initiate a new IP address allocation process.
04/13/2023 39
DHCP Pros It relieves the network administrator of a great deal of manual configuration work.
The ability for a device to be moved from network to network and to automatically obtain valid configuration parameters for the current network can be of great benefit to mobile users.
Because IP addresses are only allocated when clients are actually active, it is possible, by the use of reasonably short lease times and the fact that mobile clients do not need to be allocated more than one address, to reduce the total number of addresses in use in an organization.
04/13/2023 40
Ipv6 auto configuration
IPv6 supports the following types of auto-configuration:
Stateful auto-configuration.
This type of configuration requires a certain level of human intervention because it needs a Dynamic Host Con-figuration Protocol for IPv6 (DHCPv6) server for the installation and administration of the nodes. The DHCPv6 server keeps a list of nodes to which it supplies configuration information. It also maintains state information so the server knows how long each address is in use, and when it might be available for reassignment.
Stateless auto-configuration. This type of configuration is suitable for small organizations and individuals. In this case, each host determines its addresses from the contents of received router advertisements. Using the IEEE EUI-64 standard to define the network ID portion of the address, it is reasonable to assume the unique-ness of the host address on the link.
Regardless of how the address is determined, the node must verify that its potential address is unique to the local link. This is done by sending a neighbor solicitation message to the potential address. If the node receives any response, it knows that the address is already in use and must determine another address.
04/13/2023 41
Attacks on DHCP An Authorised users/devices connection to the network
◦ DOS :◦ Involve resource exhaustion of netwok resources◦ Requesting all the IP addresses in the server’s pocket
◦ So when the authorised user comes ◦ «Sold out»
IP was designed based on trust
WPA2
04/13/2023 42
Supplement-Packet tracer con-figuration
en
conf t
host name R1
inte fa0/0
ip address 192.168.10.1 255.255.255.0
no shutdown
exit
conf t
ip dhcp pool ip10
net 192.168.10.0 255.255.255.0
default 192.168.10.1
exit
ip dhcp execlude 192.168.10.1 192.168.10.10
exit
copy run star
04/13/2023 43
supplement Best practice
04/13/2023 44
04/13/2023 45
With DHCP not enabled Assuming that no DHCP is enabled,
◦ Request from any hosts will result in failure
04/13/2023 46
Binding addresses
04/13/2023 47
DHCP provided address an d Leases
04/13/2023 48
DHCPDISCOVER Client is trying to re-request address
04/13/2023 49
DHCP DISCOVER This Message contains rich info
◦ Parameters ◦ Configuration the client seeks◦ Auto configuration enquiry
04/13/2023 50
DHCPNAK DHCP server address 10.0.0.1
Server rejects the request for address◦ Request IP address: 172.16.1.34◦ The client should not attempt to request for it
Transaction ID uniquify client’s request◦ So the response reaches the specific client
04/13/2023 51
DHCP Request Client switched networks and
◦ Attempts to request its old address◦ It has switched networks◦ 172.16.1.34 is old address
Depends on server’s response
04/13/2023 52
DHCP OFFER DHCP offer is sent from server 10.0.0.1
◦ Offering IP 10.0.0.57 for up to 12 hours
04/13/2023 53
References[1] Fall, K.R. and Stevens, W.R..(2011). TCP/IP Illustrated, Volume 1: The Protocols. ddison-Wesley Professional Computing Series, Pearson Education. http://book -s.google.co.kr/books?id=a23OAn5i8R0C
[2](n. d.). BOOTP and DHCP. Microsoft Technet. accessed on 10/03/2014 from http://technet.microsoft.com/en-us/library/cc781243(v=ws.10).aspx
[3] Droms, R.( March,1997). “Dynamic Host Configuration Protocol ”, RFC 2131.
[4] dhcpcd.http://roy.marples.name/man/html8/dhcpcd.html
Droms, R., "Dynamic Host Configuration Protocol", RFC 2131, March 1997.
04/13/2023 54
Address Polling/defense Mecha-nism
Mechanism for discovery of addresses that are already in use.
ARP is used by the client to check the uniqueness of it provided address◦ Avoid duplicate address
04/13/2023 55
DHCP supports mechanisms
automatic allocation", DHCP assigns a permanent IP address to a
client. In "dynamic allocation", DHCP assigns an IP address to a
client for a limited period of time (or until the client explicitly
relinquishes the address). In "manual allocation", a client's IP
address is assigned by the network administrator, and DHCP is used
simply to convey the assigned address to the client. A particular
network will use one or more of these mechanisms, depending on the
policies of the network administrator.
Dynamic allocation is theonly one the three mechanisms that allows reuse of an address when this address in no longer needed by the client to which it was as-signed
Dynamic allocation is the only one of the three mechanisms that allows automatic reuse of an address that is no longer needed by the client to which it was assigned
04/13/2023 56
DHCP support mechanism Dynamic allocation
◦ Allows the reassignment of addresses if they are no longer used
Automatic allocation
Manual allocation
04/13/2023 57
DHCP supports mechanisms
dynamic allocation is particularly useful for assigning an address to a client that will be
connected to the network only temporarily or for sharing a limited
pool of IP addresses among a group of clients that do not need
permanent IP addresses. Dynamic allocation may also be a good choice
for assigning an IP address to a new client being permanently
connected to a network where IP addresses are sufficiently scarce
that it is important to reclaim them when old clients are retired.
04/13/2023 58
The manual configuration sometimes for some reason is neede
Manual allocation allows DHCP to be used to eliminate the error-prone process of manually configuring hosts with IP addresses in environments where (for whatever reasons) it is desirable to manage IP address assignment outside of the DHCP mechanisms.
04/13/2023 59
The format of DHCP messages is based on the format of BOOTP messages,
to capture the BOOTP relay agent behavior described as part of the
BOOTP specification [7, 21] and to allow interoperability of existing
BOOTP clients with DHCP servers. Using BOOTP relay agents eliminates
the necessity of having a DHCP server on each physical network
segment.
04/13/2023 60
Life capture
DHCP packet https://www.cloudshark.org/captures/0009d5398f37
https://www.cloudshark.org/captures/000731192129
https://www.cloudshark.org/analysis/000731192129/conversations?proto=udp&window=false
Lease query
https://www.cloudshark.org/captures/0004fd9466b7
04/13/2023 61
BOOTP and RARP Client and server
RARP can solve the IP address. Why do we need BOOTP?
The RARP client and server must be in the same network.The BOOTP client and server can be in the different networks.
Client and Server in the same network
Destination IP addressSource IP address
Port number
04/13/2023 62
Client and server in the same network
Operations of BOOTP for client and server in the same network:1. The BOOTP server issues a passive open command on UDP port number
67 and waits for a client. 2. A booted client issues an active open command on port number 68. The
message is encapsulated in a UDP user datagram, using the destination and source port number 67 and 68. The UDP user datagram is encapsulatedin an IP datagram. The client uses all 0s as the source IP address and all 1s as the destination IP address.
3. The server responds with either a broadcast or a unicast messageusing a UDP source and destination port numbers 67 and 68.
04/13/2023 63
Client and server on two different networks
An IP address with all 1s is broadcast within a network. A host or a router needs to be configured as a relay agent to relay the message to other networks.The relay agent knows the unicast address of the BOOTP server. When therelay agent receives a broadcast request message, it sends the message tothe BOOTP server and send the reply back when it gets the replay message from the server.
04/13/2023 64
BOOTP packet format
Operation code definesthe BOOTP packet type:(1) request(2) reply
04/13/2023 65
DHCP for IPv6 DHCPv6
04/13/2023 66
Link-local address
04/13/2023 67
Zero-configuration networking
Bonjour
UPnP
04/13/2023 68
DHCP in linux dhcpcd is an implementation of the DHCP client.
dhcpcd gets the host information (IP address, routes, etc) from a DHCP server and configures the network interface of the machine on which it is running
04/13/2023
Dynamic Host Configuration Protocol (DHCP)
69
04/13/2023 70
Dynamic Assignment of IP ad-dresses
Dynamic assignment of IP addresses is desirable for several reasons:◦ IP addresses are assigned on-demand◦ Avoid manual IP configuration◦ Support mobility of laptops
71
Solutions for dynamic assignment of IP addresses
Reverse Address Resolution Protocol (RARP)◦ Works similar to ARP◦ Broadcast a request for the IP address associated with a given MAC address◦ RARP server responds with an IP address◦ Only assigns IP address (not the default router and subnetmask)
RARP
Ethernet MACaddress(48 bit)
ARPIP address(32 bit)