Dynamic Host Configuration Protocol
The Dynamic Host Configuration Protocol (DHCP) provides a mechanism to automatically and dynamically assign an IP address to a host. DHCP is based on the Bootstrap Protocol (BOOTP). However, the IP address assigned to a given host by BOOTP is always done statically, with the host always being assigned the same IP address.
DHCP is more flexible. It defines three address allocation mechanisms, listed below:
- Dynamic allocation means that the server assigns an IP address to a host on a temporary basis. The host can keep this IP address for some period of time (called the lease) or until it explicitly releases the address.
- Automatic allocation means that the server assigns a permanent IP address to a host. In this case, the host has asked for an infinite lease.
- Manual allocation means that a host’s IP address is assigned by a network administrator and the DHCP server is used simply to convey this address to the host. This is essentially the same as BOOTP.
Dynamic address allocation is the only one of the three mechanisms that allows automatic reuse of IP addresses. It is ideally suited to networks with many roaming systems; a laptop, for example, can be assigned an IP address from one location of the corporation’s address space on one day, then receive an IP address from another location’s address space on the next day. Additionally, dynamic address allocation causes the user’s IP address to change periodically, making it more difficult for a hacker to find or keep track of an individual host machine.
There are two caveats in the use of dynamic address assignments via DHCP. First, DHCP is not intended for addresses assigned to routers. Second, DHCP is currently incompatible with the standard Domain Name System (DNS). However, other protocols address this incompatibility (i.e. RFC 2136: Dynamic Updates in the Domain Name System and RFC 3007: Secure Domain System Dynamic Update). DNS is the Internet’s distributed database that stores the mapping between Internet host names and IP addresses. This database, however, is maintained manually. Since DHCP assigns addresses dynamically, there is currently no way to keep the DNS databases up-to-date with DHCP-assigned addresses. For this reason, it is important that network servers not be dynamic DHCP clients (since most network servers are listed in the DNS database so they can be found by name). DHCP and DNS can, however, coexist in the same network. The addresses used by the DHCP are blocked out for use by the DNS, or assigned manually in DHCP.
DHCP Dynamic Address Assignment
The accompanying visual shows the process by which DHCP automatically assigns an address to a host system. In the vernacular of DHCP, the host needing the address is the client and the systems that can dynamically assign addresses are the servers. A given network may have more than one DHCP server.
When a host system needs an IP address, it is in the initialization state. The client broadcasts a DHCPDISCOVER message on the local network, which contains the client’s hardware (i.e., MAC) address and name. A relay agent might forward the request to a DHCP server. All DHCP servers on the network respond to the client with a DHCPOFFER message. The client then selects one of the servers from which to request an address; this request is contained in a DHCPREQUEST message directed to one of the servers. The server responds with a DHCPACK message, containing (among other things) the assigned IP address and the lease period. The lease period is indicated as a number of seconds; the minimum lease period is one hour and the maximum is approximately 135 years.
The DHCP client maintains two timers, called T1 and T2. After the T1 timer expires, the client enters a renewing state. During this state, the client will attempt to renew the lease by sending a DHCPREQUEST message to the DHCP server that assigned the address. When the server responds with the DHCPACK message, the lease period is extended by the indicated amount of time, and T1 and T2 are reset. If the server does not respond, the client may periodically retransmit DHCPREQUEST messages.
If the T2 timer expires, the client enters a rebinding state. At this point, the client wants to extend its lease and will accept the extension from any DHCP server on the network. The client, then, broadcasts a DHCPREQUEST message and accepts the lease extension (and possible address reassignment) from any DHCP server. If no response is forthcoming, the client may periodically retransmit DHCPREQUEST messages.
If the lease expires, the client must immediately stop any activity using the IP address, and it returns to the initialization state. The T1 and T2 timers are configurable by the server. By default, T1 has a duration of 50% of the lease period and T2 has a duration of 87.5% of the lease period. Multiple DHCP servers can be set up for redundancy purposes, but the multiple servers will not coordinate in any way. When redundancy is desired, separate IP address ranges should be assigned to each server.
Dynamic Host Configuration Protocol Deployment
The accompanying visual portrays a typical Dynamic Host Configuration Protocol (DHCP) architecture for a routed intranet. For reliability reasons, multiple DHCP servers are usually deployed.
In this example, two are deployed, one at each of the two networks. Clients—C1 through C4—are configured for dynamic address assigned via DHCP. The routers—R1 and R2—and servers—S1, S2, S3, and S4—have static addresses.
To take advantage of the multiple DHCP servers in this example, R1 must be configured to forward DHCP messages between the 184.108.40.206 network and the 220.127.116.11 network. DHCP messages are broadcast, which the routers, by default, do not forward. Once R1 is configured to forward the DHCP broadcasts, S2 sees C1 and C2 DHCP messages and S1 sees C3 and C4 messages. In this example S1 and S2 are each configured with two pools of address—one pool for the 18.104.22.168 network and another for the 22.214.171.124 network.
Let’s examine a scenario where C1 has just sent a DHCP message and S1 is currently down. R1 is configured to forward the message to the DHCP S2 IP address. In this scenario, R1 records the network 126.96.36.199 where the message was received and forwards the message to DHCP S2. By examining the network number where the DHCP message originated, DHCP S2 knows to allocate an IP address from the 188.8.131.52 pool. In this example no communication exists between the two DHCP servers, S1 and S2. Thus, S1 and S2 should be configured with non-overlapping pools. For example, if S1 is configured to assign addresses 184.108.40.206–220.127.116.11 to clients on the 18.104.22.168 network, S2 should be configured to use a different range, such as 22.214.171.124–126.96.36.199. Overlapping pools work as long as both servers are up and listening to all DHCP messages. However, if one server goes offline, the servers become out of synchronization (i.e., no server-to-server communication exists to enable them to become synchronized).
<mp3>http://podcast.hill-vt.com/podsnacks/2007q1/dhcp.mp3%7Cdownload</mp3> | Dynamic Host Configuration Protocol (DHCP)