Escolar Documentos
Profissional Documentos
Cultura Documentos
A. General
1. What is DHCP?
2. What is DHCP's purpose?
3. Who Created It? How Was It Created?
4. Can DHCP work with Appletalk or IPX?
5. How is it different than BOOTP or RARP?
6. How is it different than VLANs?
7. What protocol and port does DHCP use?
8. What is an IP address?
9. What is a MAC address?
10. What is a DHCP lease?
11. What is a Client ID?
12. Why shouldn't clients assign IP numbers without the use of a server?
13. Can DHCP support statically defined addresses?
14. How does DHCP and BOOTP handle other subnets?
15. Can a BOOTP client boot from a DHCP server?
16. Can a DHCP client boot from a BOOTP server?
17. Is a DHCP server "supposed to" be able to support a BOOTP client?
18. Is a DHCP client "supposed to" be able to use a BOOTP server?
19. Can a DHCP client or server make a DNS server update the client's DNS entry to
match the client's dynamically assigned address?
20. Can a DHCP server back up another DHCP server?
21. When will the server to server protocol be defined?
22. Is there a DHCP mailing list?
23. In a subnetted environment, how does the DHCP server discover what subnet a
request has come from?
24. If a single LAN has more than one subnet number, how can addresses be served
on subnets other than the primary one?
25. If a physical LAN has more than one logical subnet, how can different groups of
clients be allocated addresses on different subnets?
26. Where is DHCP defined?
27. What other sources of information are available?
28. Can DHCP support remote access?
29. Can a client have a home address and still float?
30. How can I relay DHCP if my router does not support it?
31. How do I migrate my site from BOOTP to DHCP?
32. Can you limit which MAC addresses are allowed to roam?
33. Is there an SNMP MIB for DHCP?
34. What is DHCP Spoofing?
35. How long should a lease be?
36. How can I control which clients get leases from my server?
37. How can I prevent unauthorized laptops from using a network that uses DHCP
for dynamic addressing?
38. What are the Gotcha's?
B. Info on Implementations
1. What features or restrictions can a DHCP server have?
2. What freeware DHCP servers are available?
3. What commercial DHCP servers are available?
4. What freeware DHCP clients are available?
5. Which vendors of client software currently support DHCP?
6. What are the DHCP plans of major client-software vendors?
7. What Routers forward DHCP requests?
8. What Routers include DHCP servers?
9. What Routers use DHCP to configure their IP addresses?
10. What Servers forward DHCP requests?
11. Which implementations support or require the broadcast flag?
12. What servers support secondary subnet numbers?
13. What servers support RFC-based dynamic DNS update?
14. How can I run Windows 95 without a DHCP server?
15. Do any servers limit the MAC addresses that may roam?
16. What analyzers decode DHCP?
17. What administration tools administer DHCP configurations?
18. How do I make a client give up its lease?
19. What are the Gotcha's specific to various implementations?
Answers
A. General
1. What is DHCP?
No, it is too tied to IP. Furthermore, they don't need it since they have always
had automated mechanisms for assigning their own network addresses.
DHCP was created by the Dynamic Host Configuration Working Group of the
Internet Engineering Task Force (IETF; a volunteer organization which defines
protocols for use on the Internet). As such, it's definition is recorded in an
Internet RFC and the Internet Activities Board (IAB) is asserting its status as to
Internet Standardization. As of this writing (June 1998), DHCP is an Internet
Draft Standard Protocol and is Elective. BOOTP is an Internet Draft Standard
Protocol and is recommended. For more information on Internet standardization,
see RFC2300 (May 1998)
RARP is a protocol used by Sun and other vendors that allows a computer to find
out its own IP number, which is one of the protocol parameters typically passed
to the client system by DHCP or BOOTP. RARP doesn't support other parameters
and using it, a server can only serve a single LAN. DHCP and BOOTP are
designed so they can be routed.
DHCP and VLANs, which are very different in concept, are sometimes cited as
different solutions to the same problem. While they have a goal in common
(easing moves of networked computers), VLANs represent a more revolutionary
change to a LAN than DHCP. A DHCP server and forwarding agents can allow you
to set things up so that you can unplug a client computer from one network or
subnet and plug it into another and have it come alive immediately, it having
been reconfigured automatically. In conjunction to Dynamic DNS, it could
automatically be given its same name in its new place. VLAN-capable LAN
equipment with dynamic VLAN assignment allows you to configure things so a
client computer can be plugged into any port and have the same IP number (as
well as name) and be on the same subnet. The VLAN-capable network either has
its own configuration that lists which MAC addresses are to belong to each VLAN,
or it makes the determination from the source IP address of the IP packets that
the client computer sends. Some differences in the two approaches:
There is an issue with trying to use DHCP (or BOOTP) and VLANs at the same
time, in particular, with the scheme by which the VLAN-capable network
determines the client's VLAN based upon the client computer's source IP
address. Doing so assumes the client computer is already configured, which
precludes the use of network to get the configuration information from a DHCP
or BOOTP server.
7. What protocol and port does DHCP use?
DHCP, like BOOTP runs over UDP, utilizing ports 67 and 68.
8. What is an IP address?
A DHCP lease is the amount of time that the DHCP server grants to the DHCP
client permission to use a particular IP address. A typical server allows its
administrator to set the lease time.
What is termed the Client ID for the purposes of the DHCP protocol is whatever
is used by the protocol to identify the client computer. By default, DHCP
implementations typically employ the client's MAC address for this purpose, but
the DHCP protocol allows other options. Some DHCP implementations have a
setup option to specify the client ID you want. One alternative to the MAC
address is simply a character string of your choice. In any case, in order for
DHCP to function, you must be certain that no other client is using the client ID
you choose, and you must be sure the DHCP server will accept it.
12. Why shouldn't clients assign IP numbers without the use of a server?
Yes. At least there is nothing in the protocol to preclude this and one expects it
to be a feature of any DHCP server. This is really a server matter and the client
should work either way. The RFC refers to this as manual allocation.
For the situations where there is more than one LAN, each with its own subnet
number, there are two ways. First of all, you can set up a seperate server on
each subnet. Secondly, a feature of some routers known as "BOOTP forwarding"
to forward DHCP or BOOTP requests to a server on another subnet and to
forward the replies back to the client. The part of such a router (or server acting
as a router) that does this is called a "BOOTP forwarding agent". Typically you
have to enable it on the interface to the subnet to be served and have to
configure it with the IP address of the DHCP or BOOTP server. On a Cisco router,
the address is known as the "UDP Helper Address".
Only if the DHCP server is specifically written to also handle BOOTP queries.
Only if the DHCP client were specifically written to make use of the answer from
a BOOTP server. It would presumably treat a BOOTP reply as an unending lease
on the IP address.
In particular, the TCP/IP stack included with Windows 95 does not have this
capability.
8. Can a DHCP client or server make a DNS server update the client's DNS entry to
match the client's dynamically assigned address?
RFCs 2136 and 2137 indicate a way in which DNS entries can be updated
dynamically. Using this requires a DNS server that supports this feature and a
DHCP server that makes use of it. The RFCs are very recent (as of 5/97) and
implementations are few. In the mean time, there are DNS and DHCP servers
that accomplish this through proprietary means.
You can have two or more servers handing out leases for different addresses. If
each has a dynamic pool accessible to the same clients, then even if one server
is down, one of those clients can lease an address from the other server.
List Purpose
---- -------
dhcp-v4@bucknell.edu General discussion: a good list for
server administrators.
dhcp-bake@bucknell.edu DHCP bakeoffs
dhcp-impl@bucknell.edu Implementations
dhcp-serve@bucknell.edu Server to server protocol
dhcp-dns@bucknell.edu DNS-DHCP issues
dhcp-v6@bucknell.edu DHCP for IPv6
The lists are run by listserv@bucknell.edu which can be used to subscribe and
sign off. Archives for the dhcp-v4 list (which used to be called the host-conf list)
are stored at ftp://ftp.bucknell.edu/pub/dhcp/.
12. In a subnetted environment, how does the DHCP server discover what subnet a
request has come from?
DHCP client messages are sent to off-net servers by DHCP relay agents, which
are often a part of an IP router. The DHCP relay agent records the subnet from
which the message was received in the DHCP message header for use by the
DHCP server.
Note: a DHCP relay agent is the same thing as a BOOTP relay agent, and
technically speaking, the latter phrase is correct.
13. If a single LAN has more than one subnet number, how can addresses be served
on subnets other than the primary one?
A single LAN might have more than one subnet number applicable to the same
set of ports (broadcast domain). Typically, one subnet is designated as primary,
the others as secondary. A site may find it necessary to support addresses on
more than one subnet number associated with a single interface. DHCP's scheme
for handling this is that the server has to be configured with the necessary
information and has to support such configuration & allocation. Here are four
cases a server might have to handle:
The other two cases are the same capabilities during manual allocation. It is
possible that a particular server-implementation can handle some of these cases,
but not all of them. See section below listing the capabilities of some servers.
14. If a physical LAN has more than one logical subnet, how can different groups of
clients be allocated addresses on different subnets?
One way to do this is to preconfigure each client with information about what
group it belongs to. A DHCP feature designed for this is the user class option. To
do this, the client software must allow the user class option to be preconfigured
and the server software must support its use to control which pool a client's
address is allocated from.
In Internet RFCs.
PPP has its own non-DHCP way in which communications servers can hand
clients an IP address called IPCP (IP Control Protocol) but doesn't have the same
flexibility as DHCP or BOOTP in handing out other parameters. Such a
communications server may support the use of DHCP to acquire the IP addresses
it gives out. This is sometimes called doing DHCP by proxy for the client. I know
that Windows NT's remote access support does this.
SLIP has no standard way in which a server can hand a client an IP address, but
many communications servers support non-standard ways of doing this that can
be utilized by scripts, etc. Thus, like communications servers supporting PPP,
such communications servers could also support the use of DHCP to acquire the
IP addressees to give out.
There is nothing in the protocol to keep a client that already has a leased or
permanent IP number from getting a(nother) lease on a temporary basis on
another subnet (i.e., for that laptop which is almost always in one office, but
occasionally is plugged in in a conference room or class room). Thus it is left to
the server implementation to support such a feature. I've heard that Microsoft's
NT-based server can do it.
18. How can I relay DHCP if my router does not support it?
A server on a net(subnet) can relay DHCP or BOOTP for that net. Microsoft has
software to make Windows NT do this.
I don't have an answer for this, but will offer a little discussion. The answer
depends a lot on what BOOTP server you are using and how you are maintaining
it. If you depend heavily on BOOTP server software to support your existing
clients, then the demand to support clients that support DHCP but not BOOTP
presents you with problems. In general, you are faced with the choice:
There is no standard MIB; creating one is on the list of possible activities of the
DHCP working group. It is possible that some servers implement private MIBs.
Ascend Pipeline ISDN routers (which attach Ethernets to ISDN lines) incorporate
a feature that Ascend calls "DHCP spoofing" which is essentially a tiny server
implementation that hands an IP address to a connecting Windows 95 computer,
with the intention of giving it an IP number during its connection process.
I've asked sites about this and have heard answers ranging from 15 minutes to
a year. Most administrators will say it depends upon your goals, your site's
usage patterns, and service arrangements for your DHCP server.
A very relevant factor is that the client starts trying to renew the lease when it is
halfway through: thus, for example, with a 4 day lease, the client which has lost
access to its DHCP server has 2 days from when it first tries to renew the lease
until the lease expires and the client must stop using the network. During a 2-
day outage, new users cannot get new leases, but no lease will expire for any
computer turned on at the time that the outage commences.
Another factor is that the longer the lease the longer time it takes for client
configuration changes controlled by DHCP to propogate.
Some examples of lease-times that sites have used & their rationals:
15 minutes
To keep the maximum number of addresses free for distribution in cases where there
will be more users than addresses.
6 hours
Long enough to allow the DHCP server to be fixed, e.g. 3 hours.
12 hours
If you need to take back an address, then you know that it will only take one night for
the users' lease to expire.
3 days
This is apparently Microsoft's default, thus many sites use it.
6 days
Long enough that a weekend server outage that gets fixed on Monday will not result in
leases terminating.
4 months
Long enough that students can keep their IP address over the summer hiatus. I believe
this rational is workable if the summer hiatus is no more than 2 months.
One year
If a user has not used their address in six months, then they are likely to be gone.
Allows administrator to recover those addresses after someone has moved on.
24. How can I control which clients get leases from my server?
There is no ideal answer: you have to give something up or do some extra work.
You can put all your clients on a subnet of your own along with your own
DHCP server.
You can use manual allocation.
Perhaps you can find DHCP server software that allows you to list which
MAC addresses the server will accept. DHCP servers that support roaming
machines may be adapted to such use.
You can use the user class option assuming your clients and server
support it: it will require you to configure each of your clients with a user
class name. You still depend upon the other clients to respect your
wishes.
2. How can I prevent unauthorized laptops from using a network that uses DHCP for
dynamic addressing?
This would have to be done using a mechanism other than DHCP. DHCP does not
prevent other clients from using the addresses it is set to hand out nor can it
distinguish between a computer's permanent MAC address and one set by the
computer's user. DHCP can impose no restrictions on what IP address can use a
particular port nor control the IP address used by any client.
B. Info on Implementations
Following are some features related not to the functions that the server is
capable of carrying out, but to the way that it is administered.
Apple MacOS
MacTCP's successor, Open Transport, supports DHCP. Open Transport 1.1 ships with
System 7.5 Update 2.0 (which updates MacOS to version 7.5.3, released March 11,
1996) and supports any 68030, 68040, or PowerPC Macintosh. A shrink wrap version of
Open Transport is planned.
Microsoft Windows95
supports it and does not support BOOTP. I heard a rumor that BOOTP support will be
added.
Novell LAN Workplace for DOS
For supporting DOS/Windows 3.1, Client32 for DOS/Windows, due in June 1996, will
provide the TCP/IP stack functions and will support DHCP and BOOTP. For Windows 95
and Windows NT, the native stack will be used so that DHCP is supported.
IBM OS/2 Warp
supports it.
Note that in general, these routers probably already had BOOTP forwarding, but lacked
the support for the BOOTP broadcast flag (see "broadcast flag" under What are the
Gotcha's? above). It is likely that many other routers also support BOOTP forwarding.
DHCP requires disk storage (or some other form of reliable non-volatile storage),
making the task of DHCP service more compatible with servers than with
dedicated routers. The large-scale routers (i.e., those of Cisco, Bay, Fore) don't
an will probably never will have a DHCP server function.
But there are a number of types of servers that can be configured to route and
serve DHCP. This includes Novell servers and computers running Unix. There are
also units designed to handle two or more aspects of your Internet connection,
e.g. routing between a LAN and a leased line as well as doing other functions to
allow computers on the LAN to reach the Internet (or corporate intranet as the
case may be). One example is Farallon's Netopia Internet Router mentioned
above under commercial servers.
8. What Routers use DHCP to configure their IP addresses?
The DHCP RFC specifically says that DHCP is not intended for use in configuring
routers. The reason is that in maintaining and troubleshooting routers, it is
important to know its exact configuration rather than leaving that to be
automatically done, and also that you do not want your router's operation to
depend upon the working of yet another server.
The broadcast flag is an optional element of DHCP, but a client which sets it
works only with a server or relay that supports it.
Clients
Microsoft Windows NT
DHCP client support added with version 3.5 sets the broadcast flag. Version 3.51 and
later no longer set it. The exception is in the remote access support: it sets the flag
when it uses DHCP to acquire addresses to hand out to its PPP clients.
tcp/ip-32 for Microsoft Windows for Workgroups (WFW)
Version 3.11a sets it, but version 3.11B doesn't.
Microsoft Windows 95
Does not set the broadcast flag.
(These are not complete lists) The following servers can handle dynamic
allocation on secondary subnet numbers:
The following DHCP servers include the ability to make use of the RFC
2136/2137 DNS feature to make dynamic updates to the DNS. To make use of
this ability, you need a DNS server that supports this feature. A likely use is to
create temporary DNS records that associate a fully qualified DNS name derived
from the client's netbios name with the client's leased IP number. Another use
might be to associate DNS names with MAC addresses. These products might
support one or both of these uses.
Not really a DHCP question, but it has been asked a lot, particularly by sites for
which changing from BOOTP represents a lot of work. Some choices:
Use no server at all for the Windows 95 clients: set the addresses in each
client's setup.
Install a non-Microsoft TCP/IP stack for Windows 95 that supports
BOOTP.
Switch from your current BOOTP server to one that supports both BOOTP
and DHCP.
The 'billgPC' program uses BOOTP (instead of DHCP) to configure
Windows 95's native IP stack: http://www.panix.com/~perin/ (note: it
also works with Windows NT).
A Document that addresses this question is the Windows 95tm Networking FAQ,
http://www-leland.stanford.edu/~llurch/win95netbugs/faq.html
14. Do any servers limit the MAC addresses that may roam?
IBM's AIX and OS/2 WARP DHCP servers.
ISC.
15. What analyzers decode DHCP?
Release 5.0 of Network General Corporation's Sniffer software.
16. How do I make a client give up its lease?
This is a general question, but the answer is of necessity specific to the client-
implementation. Naturally, one way to avoid the problem is to keep leases short
enough that you are not obliged to do this.
In many cases, new releases have solved the problems that have been identified
with various DHCP implementations.
There are a number of issues regarding the patched bootp servers. These
have been reported to re DD2.4.3:
'When run from inetd, I had problems with "Could not bind port"
and DHCP request failure. I don't know why, and the problem
went away when bootpd is run as a daemon.'
'Unless you set "dl" to some value in the bootptab file, the DHCP
lease time, renewal time and prebinding time will be rubbish,
which will cause occasional renewal problems.' One symptom you
might see is Microsoft DHCP implementations using 5-minute
leases, which is their default. Other implementations may not run
at all.
Early Microsoft DHCP client implementations required the broadcast bit.
Current ones do not.
I have heard a vague complaints about the Microsoft implementations of
DHCP: that it does not follow the standards. I could use details.
Early Apple Open Transport implementations did not always fill out
packets to BOOTP's 300-byte minimum, thus BOOTP forwarding agents
that follow the BOOTP RFC and discard such packets end up discarding
such DHCP packets, causing some of the functions to fail. Open Transport
1.1 fixes this.
Pre 1.1 versions of Open Transport experienced interoperability problems
with the Microsoft NT DHCP server.
The very first announced release of Carnegie Mellon's server, dhcp-3.3.6,
circa March 1996 has shown signs of needing to be shaken out to be
more easily compiled outside of its development environment.
Windows NT server v3.51 allows the administrator to specify addresses
within its assignment range to be excluded, but does not always exclude
them.
Report: Novell's NetwareIP 2.2 server refuses to hand out dynamic bootp
assignments to hosts mentioned in the local /etc/hosts file, even if
configured to do so.
I've heard a report that some combinations of versions of Unix & the ISC
server will transmit packets to the subnet broadcast address rather than
the default broadcast address (255.255.255.255), which impedes
interoperability with some clients.
Windows 95 DHCP client answers pings from an IP address even after the
the client's lease has expired. Thus a server that uses ping to check to
see that an IP number is unused before reassigning it may find that it is
still in use.
Windows 95 DHCP client cannot handle a lease renewal offered by a
different server.
Some clients have no way to configure a class option, which can be a
showstopper if you need to use the class option to help decide what pool
of addresses the client uses.
I've heard reports that Windows 95, or at least some versions will use an
address after the lease has expired under some circumstances, even
when renewal requests have been turned down. With properly behaving
clients, an IP administrator can safely make the following statement: "As
long as all the clients are set to get their addresses through DHCP, I can
tell which addresses are not being used by the clients simply by checking
the server to see which IP addresses have no outstanding leases." The
reports suggest that Windows 95 implementations won't allow this
statement to be assumed.
Contents
• 1 Introduction
• 2 Overview
• 3 Extent of DHCP usage
• 4 IP address allocation
• 5 DHCP and firewalls
o 5.1 Example in ipfw firewall
o 5.2 Example in Cisco IOS Extended ACL
• 6 Technical details
o 6.1 DHCP discovery
o 6.2 DHCP offers
o 6.3 DHCP requests
o 6.4 DHCP acknowledgement
o 6.5 DHCP selection
o 6.6 DHCP information
o 6.7 DHCP releasing
o 6.8 Client configuration parameters
• 7 See also
• 8 External links
[edit] Introduction
DHCP is a protocol used by networked computers (clients) to obtain unique IP addresses, and
other parameters such as default router, subnet mask, and IP addresses for DNS servers from
a DHCP server. This protocol is used when computers are added to a network because these
settings are necessary for the host to participate in the network. This setting is periodically
refreshed (it expires, meaning the client must obtain another assignment) with typical intervals
ranging from one hour to several months, and can, if desired, be set to infinite (never expire).
The length of time the address is available to the device it was assigned to is called a lease,
and is determined by the server.
The DHCP server ensures that all IP addresses are unique, that is, no IP address is assigned to
a second client while the first client's assignment is valid (its lease has not expired). Thus IP
address pool management is done by the server and not by a human network administrator.
DHCP emerged as a standard protocol in October 1993. As of 2006, RFC 2131 provides the
latest ([dated March 1997]) DHCP definition. DHCP functionally became a successor to the
older BOOTP protocol, whose leases were given for infinite time and did not support options.
Due to the backward-compatibility of DHCP, very few networks continue to use pure BOOTP.
The latest non-standard of the protocol, describing DHCPv6 (DHCP in an IPv6 environment),
appeared in July 2003 as RFC 3315.
[edit] Overview
The Dynamic Host Configuration Protocol (DHCP) automates the assignment of IP addresses,
subnet masks, default routers, and other IP parameters. The assignment usually occurs when
the DHCP configured machine boots up or regains connectivity to the network. The DHCP client
sends out a query requesting a response from a DHCP server on the locally attached network.
The query is typically initiated immediately after booting up and before the client initiates any
IP based communication with other hosts. The DHCP server then replies to the client with its
assigned IP address, subnet mask, DNS server and default gateway information.
The assignment of the IP address usually expires after a predetermined period of time, at
which point the DHCP client and server renegotiate a new IP address from the server's
predefined pool of addresses. Configuring firewall rules to accommodate access from machines
who receive their IP addresses via DHCP is therefore more difficult because the remote IP
address will vary from time to time. Administrators must usually allow access to the entire
remote DHCP subnet for a particular TCP/UDP port.
Most home routers and firewalls are configured in the factory to be DHCP servers for a home
network. An alternative to a home router is to use a computer as a DHCP server. ISPs
generally use DHCP to assign clients individual IP addresses.
DHCP is a broadcast-based protocol. As with other types of broadcast traffic, it does not cross
a router unless specifically configured to do so. Users who desire this capability must configure
their routers to pass DHCP traffic across UDP ports 67 and 68.
In the UK many broad-band ISP networks use DHCP, but xDSL providers make extensive use
of "infinite lease", which amounts to assigning semi-static IPs.
In addition, many routers and other gateway devices provide DHCP support for networks
running many computers being assigned private IP addresses.
Office networks also use DHCP, in particular when workers make extensive use of laptops
which link directly to the in-house network only occasionally .
Network routers and often multilayer switches employ a DHCP relay agent, which relays DHCP
"Discover" broadcasts from a LAN which does not include a DHCP server to a network which
does have one. These devices may be sometimes configured to append information about port
from which DHCP request originates (also known as option 82). One example of such a relay
agent is the UDP Helper Address command employed by Cisco routers.
Depending on implementation, the DHCP server has three methods of allocating IP-addresses:
• manual allocation, where the DHCP server performs the allocation based on a table with
MAC address - IP address pairs manually filled by the server administrator. Only
requesting clients with a MAC address listed in this table get the IP address according to
the table.
• automatic allocation, where the DHCP server permanently assigns to a requesting client
a free IP-address from a range given by the administrator.
• dynamic allocation, the only method which provides dynamic re-use of IP addresses. A
network administrator assigns a range of IP addresses to DHCP, and each client
computer on the LAN has its TCP/IP software configured to request an IP address from
the DHCP server when that client computer's network interface card starts up. The
request-and-grant process uses a lease concept with a controllable time period. This
eases the network installation procedure on the client computer side considerably.
This decision remains transparent to clients.
Some DHCP server implementations can update the DNS name associated with the client hosts
to reflect the new IP address. They make use of the DNS update protocol established with RFC
2136.
Firewalls usually have to permit DHCP traffic explicitly. Specification of the DHCP client-server
protocol describes several cases when packets must have the source address of 0x00000000
or the destination address of 0xffffffff. Anti-spoofing policy rules and tight inclusive firewalls
often stop such packets. Multi-homed DHCP servers require special consideration and further
complicate configuration.
To allow DHCP, network administrators need to allow several types of packets through the
server-side firewall. All DHCP packets travel as UDP datagrams; all client-sent packets have
source port 68 and destination port 67; all server-sent packets have source port 67 and
destination port 68. For example, a server-side firewall should allow the following types of
packets:
where dhcp-ip represents any address configured on a DHCP server host and dhcp-pool stands
for the pool from which a DHCP server assigns addresses to clients
To give an idea of how a configuration would look in production, the following rules for a
server-side ipfirewall to allow DHCP traffic through. Dhcpd operates on interface rl0 and
assigns addresses from 192.168.0.0/24 :
The following entries are valid on a Cisco 3560 switch with enabled DHCP service. The ACL is
applied to a routed interface, 10.32.73.129, on input. The subnet is 10.32.73.128/26.
DHCP uses the same two IANA assigned ports as BOOTP: 67/udp for the server side, and
68/udp for the client side.
DHCP operations fall into four basic phases. These phases are IP lease request, IP lease offer,
IP lease selection, and IP lease acknowledgement.
[edit] DHCP discovery
The client broadcasts on the local physical subnet to find available servers. Network
administrators can configure a local router to forward DHCP packets to a DHCP server on a
different subnet. This client-implementation creates a UDP packet with the broadcast
destination of 255.255.255.255 or subnet broadcast address and also requests its last-known
IP address (in the example below, 192.168.1.100) although the server may ignore this
optional parameter....
When a DHCP server receives an IP lease request from a client, it extends an IP lease offer.
This is done by reserving an IP address for the client and broadcasting a DHCPOFFER message
across the network. This message contains the client's MAC address, followed by the IP
address that the server is offering, the subnet mask, the lease duration, and the IP address of
the DHCP server making the offer.
The server determines the configuration, based on the client's hardware address as specified in
the CHADDR field. Here the server, 192.168.1.1, specifies the IP address in the YIADDR field.
Whenever a computer comes on line, it checks to see if it currently has an IP address leased. If
it does not, it requests a lease from a DHCP server. Because the client computer does not
know the address of a DHCP server, it uses 0.0.0.0 as its own IP address and 255.255.255.255
as the destination address. Doing so allows the client to broadcast a DHCPDISCOVER message
across the network. Such a message consists of the client computer's Media Access Control
(MAC) address (the hardware address built into the network card) and its NetBIOS name.
The client selects a configuration out of the DHCP "Offer" packets it has received and
broadcasts it on the local subnet. Again, this client requests the 192.168.1.100 address that
the server specified. In case the client has received multiple offers it specifies the server from
which it has accepted the offer.
When the DHCP server receives the DHCPREQUEST message from the client, it initiates the
final phase of the configuration process. This acknowledgement phase involves sending a
DHCPACK packet to the client. This packet includes the lease duration and any other
configuration information that the client might have requested. At this point, the TCP/IP
configuration process is complete.
The server acknowledges the request and sends the acknowledgement to the client. The
system as a whole expects the client to configure its network interface with the supplied
options.
When the client PC receives an IP lease offer, it must tell all the other DHCP servers that it has
accepted an offer. To do this, the client broadcasts a DHCPREQUEST message containing the IP
address of the server that made the offer. When the other DHCP servers receive this message,
they withdraw any offers that they might have made to the client. They then return the
address that they had reserved for the client back to the pool of valid addresses that they can
offer to another computer. Any number of DHCP servers can respond to an IP lease request,
but the client can only accept one offer per network interface card.
[edit] DHCP information
The client sends a request to the DHCP server: either to request more information than the
server sent with the original DHCPACK; or to repeat data for a particular application - for
example, browsers use DHCP Inform to obtain web proxy settings via WPAD. Such queries do
not cause the DHCP server to refresh the IP expiry time in its database.
The client sends a request to the DHCP server to release the DHCP and the client unconfigures
its IP address. As clients usually do not know when users may unplug them from the network,
the protocol does not define the sending of DHCP Release as mandatory.
A DHCP server can provide optional configuration parameters to the client. RFC 2132 defines
the available DHCP options, which are summarized here.