What is DHCP?


What is DHCP?

What is DHCP?

In a world where everything is hyperconnected, the ability to network devices quickly is important, and that’s where DHCP comes in. DHCP is important when it comes to making sure that all of your devices can be configured accurately and that all the devices can join the networks.

DHCP is a network service that automatically configures computers, allowing them to connect to the Internet or other networks.

When a computer starts up, it needs three things:

  1. An IP address
  2. Subnet mask and
  3. Default gateway (router address).

This information tells the receiving computers how to communicate with them. A DHCP server manages the address pool, handing out permanent addresses to computers that will be connected to the network permanently (i.e., a computer that always connects through DHCP). Dynamic Host Configuration Protocol provides a framework for passing configuration information to hosts on a TCP/IP network.

The DHCP server listens on the network and responds to requests from DHCP clients. The requesting client broadcasts a request packet that includes its hostname, IP address, requested parameter values, and a lease time of up to six months. 

The DHCP server is responsible for selecting an appropriate address pool for assignment, based on the availability of the resources, but the process is handled by the DHCP service. The server manages its internal pools of IP addresses using an assignment algorithm that ensures efficient utilization and some degree of fairness.

What Is An IP Address?

An IP address is an identifier assigned to every computer/network interface for communications on an IP network. For human users, it is usually translated to a name using DNS (Domain Name System) services.

For networks with only one subnet, DHCP may be used within that subnet to allocate local IP addresses or provide other configuration parameters such as the local subnet mask, local routers (default gateways), and so on.

What Is A Subnet Mask

The subnet mask is the number of bits in the subnet mask which is also a network mask. The DHCP server will hand out an IP address and a subnet mask which together contain enough information for a client to use TCP/IP services on that network.

The subnet mask is also used to determine whether a given IP address belongs to a certain subnetwork Class. If the IP address and the subnet mask for this network are known then it is possible to check whether an IP address is valid for a certain subnetwork (on-link) or not (off-link).

Default Gateway (Router Address)

The default gateway, also known as the router or gateway of last resort, is a network address or host address through which data can be sent to other networks. The default gateway allows for communication between different subnets within the same network and provides access to external networks such as the Internet.

A default gateway can be configured statically or dynamically. You can configure a device to use the same gateway for all traffic by using 0.0.0.0/32 as the destination in the route entry on Windows, Linux, BSD, and other Unix-like operating systems.

APIPA (Automatic Private IP Addressing)

When the DHCP server is not available, the client starts to follow the APIPA mechanism. This is provided by Windows operating systems. The computer has an IP address in its local network and uses 169.254.0.1 as its default gateway (the APIPA range is 169.254.0.0 to 169.254.255.255).

History of APIPA

Initially, the Internet Engineering Task Force (IETF) has reserved the IPv4 address block 169.254.0.0/16 (169.254.0.0 – 169.254.255.255) for link-local addressing. Due to the simultaneous use of IPv4 addresses of different scopes, traffic overload becomes high. The link-local addresses are allocated to the interface i.e., stateless such that communication will be established when not getting a response from DHCP Server. After that Microsoft refers to this address autoconfiguration method as “Automatic Private IP Addressing (APIPA)”.

Automatic Configuration and Service Checks

It starts when the user(client) is unable to find the data/information, then uses APIPA to configure the system with an IP address automatically(ipconfig). The APIPA provides the configuration to check for the presence of a DHCP server(in every five minutes, stated by Microsoft). If APIPA detects a DHCP server on the network configuration area, it stops and lets the DHCP server replace APIPA with dynamically allocated addresses.

How DHCP Network Works

The DHCP network service provides TCP/IP configuration parameters such as IP addresses to dynamically assigned clients when they initialize, requiring less effort on the part of system administrators. The DHCP (DHCP daemon) DHCP server reads a list of required configuration information from its configuration file (/etc/DHCP.conf by default).

DORA Process

DHCP uses a four-message exchange process known as the DORA (DHCP Offer/Request) protocol to offer and request IP addresses from clients.

Process of DHCP

  • When a DHCP client starts up, it broadcasts a special “DHCP Discover” message to the local network.
  • The DHCP server receives the DHCP Discover message and offers an IP address in return.
  • The DHCP client then sends a “DHCP Request” to accept the terms of this offer.  
  • The DHCP server responds with a “DHCP Acknowledgment.” Both DHCP clients have now been configured automatically.

DHCP Server

The DHCP server sends out DHCPOFFER messages which are broadcasted over the network after it has finished the configuration of its local interfaces. If you want to manually release or renew an IP address, type ipconfig /release in Command Prompt and ipconfig/renew if your computer does not obtain a new IP address automatically.

DHCP Local Server

On a local network, the DHCP server allocates IP addresses to computers that request them. It is possible to configure a Linux system as a DHCP server for an internal network. The configuration file of the DHCP daemon (/etc/dhcpd.conf) specifies which subnets are served by which DHCP servers and how clients should be configured. 

In this way, it is possible to set up more complex networks with multiple subnets and different classes or groups of clients using different configurations on one single physical network, without having an actual dedicated DHCP server for each subnet.

DHCP Relay

A DHCP relay uses a router as a proxy between clients and an external DHCP server. DHCP messages from the client have to cross this router before being sent to the external DHCP server. A common use of a dynamic host configuration protocol is for internal networks which are protected using NAT. In such cases, one or more hosts may require interaction with systems on the other side of the network address translation (NAT) device.

DHCP Relay Agent

In a network with Network Address Translation, DHCP messages from the client have to cross the router before being sent to an external DHCP server. In such cases, one or more hosts may require interaction with systems on the other side of the NAT device. 

The DHCP Relay Agent is a feature in Windows that allows a computer to forward DHCP requests from clients in a private network (i.e., not directly connected to the Internet) across a router and receive responses from a remote DHCP server for those clients. To ensure correct operation, you must configure your router’s port forwarding table appropriately.

Domain Name System

The process of assigning domain names and mapping those names to IP addresses is handled by the domain name system (DNS). The DNS propagates changes in a distributed fashion without requiring a central authority or coordinating power. This is achieved through local caching, where each keeps its cache file containing recent entries, and by periodically checking for changes.

The domain name system associates many different types of information with domain names. The most common is the establishment of a simple mapping between an alphabetical string, such as www.example.com, to an Internet Protocol address that identifies the computer hosting the server for this site.

DHCP Client

DHCP clients are computers that use DHCP to obtain an IP address. These machines may also be called “bootstrap” or “initialization” servers, depending on the bootstrap program being used by the client machine’s operating system (e.g., when using PXE, they are “PXE bootstrap” or “TFTP Initialization Servers”). DHCP must be implemented in both clients and servers to enable the dynamic allocation of IP addresses.

A DHCP client obtains its configuration information from a DHCP server. For example, it can be assigned an IP address and network mask, the address of at least one name server, and optionally domain-name servers (DNS) and WINS servers. A computer may act as both a DHCP client and a DHCP server to other computers on the same subnet or LAN.

DHCP Configuration File

The complete list of parameters for each interface must be set out in the /etc/dhcpd.conf file on Debian systems. This is where you configure your settings for what clients are allowed on that network, which network they go on, etc. The files below are also used in some cases to carry out extra configuration for specific purposes.

DHCP Managed VLAN

A VLAN (virtual LAN) is a broadcast domain that is partitioned and isolated in the switch fabric. A DHCP-managed VLAN allows an administrator to provide clients on different physical segments with different IP addresses and/or parameters based on their physical location.

DHCPDISCOVER

The client broadcasts this packet when it wishes to acquire or extend an IP address lease, or reboot and continue operation. This packet contains the MAC address of the client, its network mask, and potential routers from which it can learn about other subnets; this allows the server to differentiate between several clients using the same address. If a router replies offering a new lease on an address that is already in use, the client accepts this offer if it has a higher router priority than its current one.

DHCPOFFER

This packet is sent by any server willing to provide an address to the requesting client. The DHCPACK message includes the lease duration for all offered addresses, so no other requests are needed. If several different servers are responding with different offers, each will be placed in a queue and processed in sequence by the clients; typically, not more than one or two offers can be waiting simultaneously at any point in time (connection-control policy for users of certain types).

DHCPACK

This is sent by a server when it has successfully leased an IP address to a client. It confirms that the client may use the address for the time specified in the lease. If the client requests an infinite lease, the server will confirm this and tell the client what its new DHCP address is.

DHCPNAK

The DHCPNACK message is sent by a server when it does not offer an IP address to a requesting client or if the IP address offered is invalid (e.g., because the client already has that address).

DHCPRELEASE

The DHCPRELEASE message may be sent by a client after it has deactivated an IP address or when it no longer needs to use its IP address. It is then passed on to the server, which marks this IP address as available for reuse.

DHCPINFORM

This message is sent by a DHCP client when it needs configuration information to complete its task, but not an IP address (eg., because the network does not use static IP addresses or DHCP has not been configured). A DHCP server sends this response back with any extra information that may be needed by the client.

Weakness Of DHCP

Man-In-The-Middle Attack

An attacker who intercepts a DHCP server’s reply can then broadcast incorrect configuration information to DHCP clients that may be utilizing the same subnet.

Default Gateway Spoofing

Because of the trust between the DHCP client and server, an attacker could trick a victim into sending traffic to itself by impersonating the default gateway. In a MITM attack, this could result in the attacker gaining access to information such as login credentials and sensitive data being sent from the client without their knowledge.

In addition to these basic commands, DHCP also provides capabilities for DNS updates, management of network boot files (i.e., loading an operating system or another configuration), and lease rebind (renewing an existing IP address lease on behalf of the client).

Conclusion

DHCP is a network service that automatically configures computers, allowing them to connect to the Internet or other networks. DHCP is designed for operation in an IP-based network but was initially developed for TCP/IP networks.

DHCP provides configuration parameters specific to the type of network device and its network address, thus relieving users from manually configuring each device on the local area network (LAN) segment. A DHCP server manages the address pool, handing out permanent addresses to computers that will be connected to the network permanently (i.e., a computer that always connects through DHCP). Dynamic Host Configuration Protocol provides a framework for passing configuration parameters such as IP addresses.

Recent Posts