Date post: | 26-Dec-2015 |
Category: |
Documents |
Upload: | godwin-dennis |
View: | 215 times |
Download: | 0 times |
1
CMPT 471Networking II
DHCP
© Janice Regan, 2006-2013
© Janice Regan, 2006-2013 2
Bootstrapping Autoconfiguration
Bootstrapping is a process by which a client (diskless or with limited storage) can obtain information ranging from IP addresses to bootloading files (from a server or servers)
Bootstrapping uses this information to load OS into volatile storage and customize the environment for a particular host (configure the host)
At one time configuration of host specific information like addresses, was done manually as each host was added to a network or network information was updated.
Autoconfiguration allows us to automate this procedure, or isolate the need for updates to one or more configuration servers. Automation of these procedures is now also important for supporting mobility of hosts.
© Janice Regan, 2006-2013 3
Protocols: 1 Protocols used for bootstrapping include RARP and
BOOTP (BOOTstrap Protocol). RARP, Reverse Address Resolution Protocol, (RFC
903) is limited, supplying only IP address of the booting host. This is adequate only on very simple networks
RARP was superceded by BOOTP which could supply more information (RFC 951, 1542, 2132), but was appropriate only when workstations rarely move from network to network Each workstation had its own fixed IP address
© Janice Regan, 2006-2013 4
Protocols: 2 Networks today do not conform to either of these
constraints. Workstations are commonly moved from network to network Workstations will want an IP address from the network they are
attached to, not a static IP address To extend the functionality of BOOTP, DHCP (Dynamic
Host Configuration Protocol) was developed DHCP is fully backward compatible with BOOTP,
providing necessary extensions to that protocol.
© Janice Regan, 2006-2013 5
DHCP configuration Hosts of a particular hardware type will have a common
operating system/environment. They will also need host specific configuration information
In addition to the IP address BOOTP and DHCP servers can supply other configuration information including netmask (prefix length), gateway address, desired IP address, DNS server address, bootstrap file name and other information (some vendor specific)
BOOTP and DHCP messages are encapsulated in UDP packets which are in turn encapsulated in IP packets
© Janice Regan, 2006-2013 6
Encapsulation BOOTP or DHCP
BOOTP or DHCP message
BOOTP or DHCP message
BOOTP or DHCP messageUDP header
UDP headerIP header
BOOTP or DHCP messageUDP headerIP headerEthernet header
© Janice Regan, 2006-2013 7
Uses BOOTP / DHCP can be used to boot a host with
very little non volatile (permanent) memory. A minimal version of the OS can be stored in the
permanent memory and used at boot to request a full boot image and configuration
BOOTP / DHCP can be used on a host which requires only configuration information Host had complete OS and all common required
software elements. Host needs host specific configuration information
© Janice Regan, 2006-2013 8
Sending the DHCP request DHCP messages are sent in IP packets through
port 67 DHCP is being used to determine the IP
address of the booting host Therefore, DCHP requests must be broadcast to
the local network The DHCP server will receive the request if it is
on the local network The DHCP server need not be on the local
network segment. DHCP relay agents (routers or multihomed hosts) can forward DHCP requests and replies to other network segments
© Janice Regan, 2006-2013 9
Sending the DHCP reply The DHCP server knows the IP address of the booting
host, so it can address a unicast IP packet to that host The booting host does not know its own IP address and
IP specifies (RFC 1122) that a host should drop packets not destined for one of its own IP addresses.
This seems to imply that the reply must also be broadcast. However, RFC 1122 does not specifically state what should happen if the host does not know its own IP address
The later BOOTP specification (RFC 1542) does specify that IP packets should not be ignored if the host does not yet know its own IP address
BOOTP and DHCP replies are usually unicast, but can be broadcast. They are sent through port 68
© Janice Regan, 2006-2013 10
But how does IP layer get a packet not sent to its IP address? The host sending the DHCP reply will
know the IP address of the host that sent the DHCP request
assign the IP address for this host (so now it knows both the IP and Ethernet addresses of the requesting host)
In most cases insert the IP/ethernet address information into the ARP cache of the machine constructing the DHCP reply
Be able to unicast a reply to the requesting host
© Janice Regan, 2006-2013 11
But how does IP layer get a packet not sent to its IP address? When the DHCP reply is received
The Ethernet address the reply is delivered to is the host making the DHCP request
The Ethernet packet has its header removed and the remaining data is passed to the IP layer
The IP destination address in the DHCP request is the IP of the requesting machine but the requesting machine does not know this yet.
© Janice Regan, 2006-2013 12
Two step boot process The DHCP server maintains a static database of network
information that can be sent to the booting host in the DHCP reply
The DHCP reply provides information necessary to obtain a boot image, not the boot image itself.
DHCP allows this information to be used to access and download a boot image.
Boot image may reside on the DHCP server or on another host
Allows configuration of multiple groups of machines with similar hardware or software needs (ie different kernel)
© Janice Regan, 2006-2013 13
DHCP message structure
Comer 2000: fig 23.5
© Janice Regan, 2006-2013 14
DHCP message structure: 1 OP field is 1 for BOOTP request, 2 for BOOTP reply HTYPE (hardware type as for ARP), HLEN (in octets),
and Client address specify the booting hosts hardware address
Hops is set to 0 by the booting host and incremented by the DHCP relay agent before forwarding to an adjacent network
Transaction id is used to match requests and replies Secs is the # of seconds since the first DHCP request Only one flag is used. It determines if the reply is to be
broadcast or unicast (default is unicast) Client IP address is either 0.0.0.0 or an IP address
being requested by the booting client
© Janice Regan, 2006-2013 15
DHCP message structure: 2 Your ip address is the IP address supplied by the server
(may not be the requested address). Must be included since it cannot be recovered if the reply is broadcast
Server IP address is used to indicate where the boot image can be obtained
Router IP address is used by a relay agent. Booting host sets to 0.0.0.0, first relay agent inserts its own IP address before forwarding to adjacent network. DHCP server returns reply to first relay agent which is responsible for unicast or broadcast on the local network segment.
© Janice Regan, 2006-2013 16
BOOTP message structure: 3 Server Name is used if a response is requested from a
specific BOOTP server Boot file name, booting host specifies type of boot file,
server sends address of image Vendor Specific Information Field: Includes options.
This is where netmask, server addresses (DNS, NIS,…), and actual vendor specific data is inserted. Maximum length of field is 64 bytes. If more than 64 bytes of options are needed the BOOTP server can specify a file containing the option and vendor specific information. Each option in the field or the file is given as a tag, a length, and the data
© Janice Regan, 2006-2013 17
51
Structure of options: samples
Message type
Option code Option length (octets) Option data
53 1 Option data
1 4 Subnet mask
6 4 DNS server IP address
50 4 requested IP address
255
3 8 1st and 2nd router IP address
4 Lease time
© Janice Regan, 2006-2013 18
Message type The message type is specified as an option. The option has option code 53, length 1, and data
DHCPOFFER 2 DHCPPACK 5 DHCPREQUEST 3 DHCPDISCOVER 1 DHCPDECLINE 4 DHCPNAK 6 DHCPRELEASE 7 DHCPINFORM 8
The IP type field indicates DHCP, not the type of DHCP message
© Janice Regan, 2006-2013 19
Dynamic Configuration BOOTP is based upon a static database
configured by the network administrator To make the system work in networks where
hosts are added or removed frequently or in large networks you really want a dynamic, automatically updated system. In such a system the administrator no longer needs to manually update the system each time a change occurs.
DHCP is the extension to BOOTP that allows dynamic configuration.
© Janice Regan, 2006-2013 20
Lifetime of Dynamic Entries Three timers are used within DHCP
Lease time: the length of time for which the assigned IP address will remain valid (seconds)
Renewal time: length of time before the client should request an extension of the lease time from its chosen DHCP server (seconds). Default is 50% of Lease time.
Rebinding time: length of time before the client should request an extension of lease from all accessible DHCP servers (seconds). Default is 87.5% of Lease time
© Janice Regan, 2006-2013 21
DHCP: use of renewal timer If client’s renewal time expires
Client requests extension from it’s DHCP server (Request unicast to DHCP server) if no reply is received request is transmitted with
exponential backoff (4, 8, 16, …, 64 seconds) until a response is received or a set number of retransmission occur
If lease extension is granted update lease time, renewal time and rebinding time to reflect extension
If lease is not extended terminate lease (send DHCPRELEASE message
© Janice Regan, 2006-2013 22
Use of rebinding timer If client’s rebinding timer expires
Client broadcasts an extension request to all DHCP servers if no reply is received request is transmitted with
exponential backoff (4, 8, 16, … 64 seconds) until a response is received or until a set number of retransmission occurs
If lease extension is granted update lease time, renewal time, rebinding time and identity of selected DHCP server to reflect extension granted by a different server
If lease is not extended terminate lease (send DHCPRELEASE message)
© Janice Regan, 2006-2013 23
DHCP state machine
Comer 2000: fig 23.4
INIT REBOOT
DHCPREQUEST
DHCPNAK
© Janice Regan, 2006-2013 24
Initial configuration: Summary Client begins in INITIALIZE, if it boots without a valid IP
address (no address, expired address or invalid address)
© Janice Regan, 2006-2013 25
Initial configuration: Summary Four messages are exchanged.
A DHPDISCOVER message is broadcast by the host Each server/relay client finds an IP address for the
host and sends it to the host in a DHCPOFFER message
The host chooses a server from received offer messages (usually takes the first) then broadcasts a DHCPREQUEST
When the server receives the DHCPREQUEST message it confirms the IP address assignment by sending a DHCPACK back to the host.
© Janice Regan, 2006-2013 26
Initial configuration: 1 A DHPDISCOVER message is broadcast so it reaches
all DHCP servers or relay clients on the attached network Ethernet: destination address all 1’s, source address is
ethernet address of host making DHCP request IP: source address 0.0.0.0, destination address
255.255.255.255 UDP : source port 68, destination port 67 Client address and your address 0.0.0.0, client hardware
address is the Ethernet address of the host making the DHCP request
Options: needs Message type and parameter request list
© Janice Regan, 2006-2013 27
Initial configuration: 2 Each server/relay client finds an IP address for the host
and sends it to the host in a DHCPOFFER message Ethernet: destination address is the client Ethernet
address, source address is Ethernet address of replying DHCP server
IP: source address is the address of the replying server, destination address is the client address (or broadcast)
UDP : source port 68, destination port 67 Client address 0.0.0.0 and your address is set, client
hardware address as for DHCPDISCOVER packet Options: needs Message type, lease time, renewal time,
server IP address, rebinding time, any subnet mask
© Janice Regan, 2006-2013 28
Initial configuration: 3 The client chooses a server from received offer messages (usually
takes the first) then broadcasts a DHCPREQUEST including the server address and suggested least time and rebinding time
The chosen server chooses an IP address, places the address and configuration information into its database and replies with a DHCPACK containing the information It is recommended that the server probe the IP address it is assigning
to the client Other servers know that they have not been chosen and release
the IP address they offered for later use. When the client receives the DHCPACK it is recommended that it
should use an ARP request to confirm its assigned address is not in use.
© Janice Regan, 2006-2013 29
Initial configuration: 4client
DHCP DISCOVER
DHCP OFFER
DHCP DISCOVER
DHCP REQUEST
DHCP OFFERDHCP REQUEST
DHCP PACK
Offered Address returned to pool
client
Selected router
unselected router
© Janice Regan, 2006-2013 30
Initial configuration: transitions
Comer 2000: fig 23.4
INIT REBOO
T
DHCPREQUEST DHCPNAK
© Janice Regan, 2006-2013 31
DHCP message structure
Comer 2000: fig 23.5
© Janice Regan, 2006-2013 32
Rebooting before lease expires When a client is rebooted or turned on and it has
recorded a previous lease It checks to see if the has expired If the lease has expired it goes to INIT state and begins
negotiating a new IP address If the lease has not expired it goes into INIT-REBOOT state
and attempts to confirm the lease is still valid The client broadcasts a DHCPREQUEST, including the IP
address to be confirmed as a requested IP address in the options When the server receives the request it checks that the address
is available and is on the correct network then sends a DHCPACK if it is.
When the client receives the DHCPACK it is recommended that it should use an ARP request to confirm its assigned address is not in use.
© Janice Regan, 2006-2013 33
Reboot before lease expires: transitions
Comer 2000: fig 23.4
INIT REBOOT
DHCPREQUEST DHCPNAK
© Janice Regan, 2006-2013 34
DHCP message structure
Comer 2000: fig 23.5
© Janice Regan, 2006-2013 35
Moving to a new network When a client is rebooted or turned on and it has
recorded a previous lease It checks to see if the has expired If the lease has not expired it goes into INIT-REBOOT state
and attempts to confirm the lease is still valid The client broadcasts a DHCPREQUEST, including the IP
address to be confirmed as a requested IP address in the options
When the server receives the request it checks if the address is on the correct network since the host has moved it is not
The server sends a DCHPNAK to the client The client moves into the INIT state and start a new
initialization
© Janice Regan, 2006-2013 36
Moving to a new network: transitions
Comer 2000: fig 23.4
INIT REBOO
T
DHCPREQUESTDHCPNAK
© Janice Regan, 2006-2013 37
Extending a lease: 1 When the client negotiates the lease a renewal
time and a rebinding time can be set (default is ½ lease time and 87.5% of lease time)
At the renewal time is reached the client sends a DHCPREQUEST message to the specified server requesting that the lease be extended If the server agrees it sends a DHCPACK back to
the client to extend the lease If the server disagrees it sends a DHCPNAK and the
client must disconnect from the network terminating the lease
© Janice Regan, 2006-2013 38
Extending a lease: 2 If the server does not reply to the DHCPREQUEST sent
to renew the lease the client will retransmit (unicast) with exponential
backoff (after 4, 8, 16, … seconds). Eventually the client will enter rebind state
then DHCPREQUESTS are broadcast to all servers. If another server can extend the lease that server will
respond an renew the lease and move the client back to the bound state
If no server responds and the lease expires the client returns to the initialize state
© Janice Regan, 2006-2013 39
Extending a lease: transitions
Comer 2000: fig 23.4
INIT REBOO
T
DHCPREQUESTDHCPNAK
© Janice Regan, 2006-2013 40
Releasing a lease: transitions
Comer 2000: fig 23.4
INIT REBOO
T
DHCPREQUESTDHCPNAK
© Janice Regan, 2006-2013 41
DHCP software A commonly used DHCP package used
on linux networks is the ISC (Internet software consortium) DHCP package
To help understand how this package is used read the linux documentation for
The DHCP relay agent, dhcrelay (posted) The DHCP client, dhclient The DHCP server, dhcpd