DHCP | DHCP DORA process

DHCP | DHCP DORA process

Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway. RFCs 2131 and 2132 define DHCP as an Internet Engineering Task Force (IETF) standard based on Bootstrap Protocol (BOOTP), a protocol with which DHCP shares many implementation details. DHCP allows hosts to obtain required TCP/IP configuration information from a DHCP server.

Windows Server 2016 includes DHCP Server, which is an optional networking server role that you can deploy on your network to lease IP addresses and other information to DHCP clients. All Windows-based client operating systems include the DHCP client as part of TCP/IP, and DHCP client is enabled by default.

Why use DHCP?

Every device on a TCP/IP-based network must have a unique unicast IP address to access the network and its resources. Without DHCP, IP addresses for new computers or computers that are moved from one subnet to another must be configured manually; IP addresses for computers that are removed from the network must be manually reclaimed.

With DHCP, this entire process is automated and managed centrally. The DHCP server maintains a pool of IP addresses and leases an address to any DHCP-enabled client when it starts up on the network. Because the IP addresses are dynamic (leased) rather than static (permanently assigned), addresses no longer in use are automatically returned to the pool for reallocation.

The network administrator establishes DHCP servers that maintain TCP/IP configuration information and provide address configuration to DHCP-enabled clients in the form of a lease offer. The DHCP server stores the configuration information in a database that includes:

  • Valid TCP/IP configuration parameters for all clients on the network.
  • Valid IP addresses, maintained in a pool for assignment to clients, as well as excluded addresses.
  • Reserved IP addresses associated with particular DHCP clients. This allows consistent assignment of a single IP address to a single DHCP client.
  • The lease duration, or the length of time for which the IP address can be used before a lease renewal is required.

A DHCP-enabled client, upon accepting a lease offer, receives:

  • A valid IP address for the subnet to which it is connecting.
  • Requested DHCP options, which are additional parameters that a DHCP server is configured to assign to clients. Some examples of DHCP options are Router (default gateway), DNS Servers, and DNS Domain Name.

Benefits of DHCP

DHCP provides the following benefits.

  • Reliable IP address configuration . DHCP minimizes configuration errors caused by manual IP address configuration, such as typographical errors, or address conflicts caused by the assignment of an IP address to more than one computer at the same time.
  • Reduced network administration . DHCP includes the following features to reduce network administration:
  • Centralized and automated TCP/IP configuration.
  • The ability to define TCP/IP configurations from a central location.
  • The ability to assign a full range of additional TCP/IP configuration values by means of DHCP options.
  • The efficient handling of IP address changes for clients that must be updated frequently, such as those for portable devices that move to different locations on a wireless network.
  • The forwarding of initial DHCP messages by using a DHCP relay agent, which eliminates the need for a DHCP server on every subnet.

DHCP DORA process

The DHCP employs a connectionless service model, using the User Datagram Protocol (UDP). It is implemented with two UDP port numbers for its operations which are the same as for the BOOTP protocol. UDP port number 67 is the destination port of a server, and UDP port number 68 is used by the client.

Discover: The client sends out a broadcast udp packet with a destination port of 67 looking for available DHCP all available servers. It will respond to the first DHCP server that responds.

Offer: When a DHCP server receives the Discover packet it will respond with an offer from it’s configured pool. More then one offer may be sent from other DHCP servers, the client will choose the first response. This frame is a unicast frame directed to the MAC of the client

According to some documentation the dst address will be a broadcast address since the client does not have have an IP address as of yet. Wireshark displays the offer IP int the Dst.

Request: The client receives the offer and then sends a broadcast request packet informing all DHCP servers that it has accepted the offer from server X, X being the server whose offer arrived first. This is a broadcast so the other servers know not to reserve any address for this client.

Ack: The final packet is an Ack from the server whose offer was accepted acknowledging that the IP has been allocated to the client.

Did you find this article valuable?

Support Cyber Security by becoming a sponsor. Any amount is appreciated!