Advanced data communication Dynamic Host Configuration Protocol DHCP

Advanced data communication Dynamic Host Configuration Protocol DHCP and Auto configuration BY SALAH AMEAN AHMMED 2018 -02 -08 1

Motivation Putting a host in any internetwork, requires configuration to be followed The configuration might include ◦ ◦ IP address The address of default router on the local network Network mask that the host should use DNS, MTU of local network, TTL , etc. inefficiency of manual host configuration Sometimes it might be unfeasible to manually configure devices Automation of configuration ◦ Configuration protocols 2018 -02 -08 2

Configuration need To be able to make use of TCP/IP protocol suite , ◦ Each host, and router need certain amount of configuration information ◦ Configuration information is used to assign local names to systems, and identifiers(IP) to interfaces ◦ DNS and mobile IP agents Many attempts to provides communication parameters(require routing) 2018 -02 -08 3

BOOTP Bootstrap Protocol (BOOTP) ◦ From 1985 ◦ Successor of RARP ◦ Overlay ◦ Host can configure its IP parameters at boot time. ◦ 3 services. ◦ IP address assignment. ◦ Detection of the IP address for a serving machine. ◦ The name of a file to be loaded and executed by the client machine (boot file name) ◦ Not only assign IP address, but also default router, network mask, etc. ◦ Sent as UDP messages (UDP Port 67 (server) and 68 (host)) ◦ Use limited broadcast address (255. 255): ◦ These addresses are never forwarded 2018 -02 -08 4

DHCP & BOOTP Message Format DHCP extends BOOTP Compatibility is maintained BOOTP relay agents can process DHCP messages, ◦ BOOTP clients can use DHCP servers 2018 -02 -08 5

Why UDP not TCP? UDP is a lot less complex than TCP ◦ Works in request/reply manner just like UDP Host does not the IP address Yet, UDP support broadcast on the local network, ◦ UDP supports broadcast unlike TCP 2018 -02 -08 6

Scenario(1) The protocol is used by Device A ◦ Broadcast is sent to the local network ◦ The server receives broadcast from the device A ◦ Replies with the IP address IPA 2018 -02 -08 7

Scenario(2) The protocol is used by Device A ◦ Broadcast is delivered to the server’s subnet 2018 -02 -08 8

Reasons for DHCP First , hosts move more likely than routers and servers ◦ Mechanisms are required to assign and reassign configuration for hosts Second, server are expected to be autonomus in term of users movement ◦ More confidentiality since configuration information is not dependant on other network services Third, since devices are more than routers, ◦ Less error-prone Fourth, in term of users experience, ◦ Simple 2018 -02 -08 9

DHCP Architecture DHCP contains: ◦ DHCP clients ◦ DHCP servers ◦ DHCP relay agents on a network clients interact with servers using DHCP messages ◦ To obtain and renew IP address leases. 2018 -02 -08 10

DHCP parts Address management: ◦ Handles the allocation of IP address and the lease to clients ◦ Handles the address management Delivery of configuration data: ◦ DHCP protocol messages format and state machines 2018 -02 -08 11

DHCP Allocation Methods Dynamic allocation ◦ given IP address is revocable ◦ IP address is given from a Pool (range of IP addresses) at the server Automatic allocation ◦ Same method is used in getting the address ◦ Given IP address is never revoked Manual allocation: ◦ The address is allocated based on the user’s request ◦ The address could be out of the DHCP allocated pool Based on the identity of the node and the possibility of revoking the above methods differ 2018 -02 -08 12

Address pool and lease DHCP client requests IP DHCP server responses with address from DHCP pool ◦ Lease duration defines the time the user can utilize the address ◦ When expired, user may request extension ◦ Can be few minutes to days Lease time is tradeoff between the number of expected clients, the size of the address pool, and the desired stability of addresses ◦ Longer duration of lease, ◦ More stable ◦ But deplete the DHCP pool Clients begin trying to renew lease tome after half time of the lease has passed 2018 -02 -08 13

Address pool and lease DHCP Client sends request of IP address ◦ ◦ Name of the client Lease duration Copy of address it is using or last used Other parameters Server response with the IP address together with the lease duration ◦ MAC address ◦ Time ◦ Interface Server maintain the address in non-volatile memory ◦ So configuration of host wont get lost if server shutdown 2018 -02 -08 14

BOOTP and DHCP BOOTP DHCP Designed prior to DHCP. Designed after BOOTP. Intended to configure diskless workstations with limited boot capabilities. Intended to configure frequently relocated networked computers (such as portables) that have local hard drives and full boot capabilities. Supports a limited number of client configuration parameters called Supports a larger and extensible set of client configuration parameters vendor extensions. called options. Describes a two-phase bootstrap configuration process, as follows: • Clients contact BOOTP servers to perform address determination and boot file name selection. Describes a single-phase boot configuration process whereby a DHCP client negotiates with a DHCP server to determine its IP address and obtain any other initial configuration details it needs for network operation. • Clients contact Trivial File Transfer Protocol (TFTP) servers to perform file transfer of their boot image. BOOTP clients do not rebind or renew configuration with the BOOTP DHCP clients do not require a system restart to rebind or renew configuration with server except when the system restarts. the DHCP server. Instead, clients automatically enter a rebinding state at set timed intervals to renew their leased address allocation with the DHCP server. This process occurs in the background and is transparent to the user. 2018 -02 -08 15

DHCP Dynamic Host Configuration Protocol (DHCP) ◦ ◦ From 1993 An extension of BOOTP, very similar to DHCP Same port numbers as BOOTP Extensions: ◦ Supports temporary allocation (“leases”) of IP addresses ◦ DHCP client can acquire all IP configuration parameters needed to operate ◦ DHCP is the preferred mechanism for dynamic assignment of IP addresses ◦ DHCP can interoperate with BOOTP clients. 2018 -02 -08 16

Message Format Vendor specific is replaced with options 2018 -02 -08 17

DHCP Message Type Message type is sent as an option. Value Message Type 1 DHCPDISCOVER 2 DHCPOFFER 3 DHCPREQUEST 4 DHCPDECLINE 5 DHCPACK 6 DHCPNAK 7 DHCPRELEASE 8 DHCPINFORM 18

Message Types DHCPDISCOVER: Broadcast by a client to find available DHCP servers. DHCPOFFER: Response from a server to a DHCPDISCOVER and offering IP address and other parameters. DHCPREQUEST: Message from a client to servers that does one of the following: ◦ Requests the parameters offered by one of the servers and declines all other offers. ◦ Verifies a previously allocated address after a system or network change (a reboot for example). ◦ Requests the extension of a lease on a particular address. 2018 -02 -08 19

Contd. DHCPACK: Acknowledgement from server to client with parameters, including IP address. DHCPNACK: Negative acknowledgement from server to client, indicating that the client's lease has expired or that a requested IP address is incorrect. DHCPDECLINE: Message from client to server indicating that the offered address is already in use. DHCPRELEASE: Message from client to server canceling remainder of a lease and relinquishing network address. DHCPINFORM: Message from a client that already has an IP address (manually configured for example), requesting further configuration parameters from the DHCP server. 2018 -02 -08 20

DHCP operation Client discover server and address offered by them Client uses broadcast to request address The selected server will respond to the client(others will be rejected) If the client knows the address the process in simplified by ◦ Starting with REQUEST and ACK messages The offer msg includes the lease upper bound to renew its address ◦ T 1=t/2 ◦ T 2=7 T/8 DHCPREQUEST is broadcast to all servers and only one server will respond 2018 -02 -08 21

DHCP time sequence Several servers could be there Client choose any server Other servers declined 2018 -02 -08 22

DHCP Operation DCHP DISCOVER DCHP OFFER 2018 -02 -08 23

DHCP Operation DCHP DISCOVER At this time, the DHCP client can start to use the IP address Renewing a Lease (sent when 50% of lease has expired) If DHCP server sends DHCPNACK, then address is released. 2018 -02 -08 24

DHCP Operation DCHP RELEASE At this time, the DHCP client has released the IP address 2018 -02 -08 25

DHCP Request Client switched networks and ◦ Attempts to request its old address ◦ It has switched networks ◦ 172. 16. 1. 34 is old address Depends on server’s response 2018 -02 -08 26

DHCPNAK DHCP server address 10. 0. 0. 1 Server rejects the request for address ◦ Request IP address: 172. 16. 1. 34 ◦ The client should not attempt to request for it Transaction ID uniquify client’s request ◦ So the response reaches the specific client 2018 -02 -08 27

DHCPDISCOVER Client is trying to re-request address 2018 -02 -08 28

DHCP DISCOVER This Message contains rich info ◦ Parameters ◦ Configuration the client seeks ◦ Auto configuration enquiry 2018 -02 -08 29

DHCP OFFER DHCP offer is sent from server 10. 0. 0. 1 ◦ Offering IP 10. 0. 0. 57 for up to 12 hours 2018 -02 -08 30

DHCP REQUEST Requesting configuration 2018 -02 -08 31

DHCP ACK Then the server ◦ Ackowledges the configuration 2018 -02 -08 32

DHCP state machine DHCP client have few states ◦ ◦ INIT: no address yet Selecting: processing address Requesting: after selecting Bound address with T 1 and T 2 T 1 client attempt renewing address T 1 expires client reacquires address from a server 2018 -02 -08 33

Lease Renewal When a server sends the DHCPACK to a client with IP address and configuration parameters, it also registers the start of the lease time for that address. This lease time is passed to the client as one of the options in the DHCPACK message, together with two timer values, T 1 and T 2. The client is rightfully entitled to use the given address for the duration of the lease time. 2018 -02 -08 34

Contd. On applying the receive configuration, the client also starts the timers T 1 and T 2. At this time, the client is in the BOUND state. Times T 1 and T 2 are options configurable by the server but T 1 must be less than T 2, and T 2 must be less than the lease time. According to RFC 2132, T 1 defaults to (0. 5 * lease time) and T 2 defaults to (0. 875 * lease time). 2018 -02 -08 35

Contd. When timer T 1 expires, the client will send a DHCPREQUEST (unicast) to the server that offered the address, asking to extend the lease for the given configuration. The client is now in the RENEWING state The server would usually respond with a DHCPACK message indicating the new lease time, and timers T 1 and T 2 are reset at the client accordingly. The server also resets its record of the lease time. Under normal circumstances, an active client would continually renew its lease in this way indefinitely, without the lease ever expiring. 2018 -02 -08 36

Contd. If no DHCPACK is received until timer T 2 expires, the client enters the REBINDING state. Client now broadcasts a DHCPREQUEST message to extend its lease. This request can be confirmed by a DHCPACK message from any DHCP server on the network. 2018 -02 -08 37

Contd. If the client does not receive a DHCPACK message after its lease has expired, it has to stop using its current TCP/IP configuration. The client may then return to the INIT state, issuing a DHCPDISCOVER broadcast to try and obtain any valid address. 2018 -02 -08 38

Reusing a Previously allocated address The client broadcasts a DHCPREQUEST message on its local subnet. ◦ The DHCPREQUEST message includes the client's previously used network address. If the client’s lease is still current, the server with knowledge of the client's configuration parameters responds with a DHCPACK message to the client, renewing the lease at the same time. ◦ The client must then proceed to test for the IP address. If the client's lease has expired, the server with knowledge of the client responds with DHCPNACK. ◦ The client then must initiate a new IP address allocation process. 2018 -02 -08 39

DHCP Pros It relieves the network administrator of a great deal of manual configuration work. The ability for a device to be moved from network to network and to automatically obtain valid configuration parameters for the current network can be of great benefit to mobile users. Because IP addresses are only allocated when clients are actually active, it is possible, by the use of reasonably short lease times and the fact that mobile clients do not need to be allocated more than one address, to reduce the total number of addresses in use in an organization. 2018 -02 -08 40

Ipv 6 auto configuration IPv 6 supports the following types of auto-configuration: Stateful auto-configuration. This type of configuration requires a certain level of human intervention because it needs a Dynamic Host Configuration Protocol for IPv 6 (DHCPv 6) server for the installation and administration of the nodes. The DHCPv 6 server keeps a list of nodes to which it supplies configuration information. It also maintains state information so the server knows how long each address is in use, and when it might be available for reassignment. Stateless auto-configuration. This type of configuration is suitable for small organizations and individuals. In this case, each host determines its addresses from the contents of received router advertisements. Using the IEEE EUI -64 standard to define the network ID portion of the address, it is reasonable to assume the uniqueness of the host address on the link. Regardless of how the address is determined, the node must verify that its potential address is unique to the local link. This is done by sending a neighbor solicitation message to the potential address. If the node receives any response, it knows that the address is already in use and must determine another address. 2018 -02 -08 41

Address Polling/defense Mechanism for discovery of addresses that are already in use. ARP is used by the client to check the uniqueness of it provided address ◦ Avoid duplicate address 2018 -02 -08 42

Attacks on DHCP An Authorised users/devices connection to the network ◦ DOS: ◦ Involve resource exhaustion of netwok resources ◦ Requesting all the IP addresses in the server’s pocket ◦ So when the authorised user comes ◦ » Sold out « IP was designed based on trust Defence WPA 2 DHCP Snooping ◦ Counter bogus DHCP Server ◦ Clients are attached on the trusted ports , ◦ DHCP offer, DHCP ACK, DHCP NAK are dropped at these ports 2018 -02 -08 43

DHCP provided address and Leases 2018 -02 -08 44

Packet tracer configuration en conf t ip dhcp pool ip 10 host name R 1 net 192. 168. 10. 0 255. 0 inte fa 0/0 default 192. 168. 10. 1 ip address 192. 168. 10. 1 255. 0 exit no shutdown ip dhcp execlude 192. 168. 10. 10 exit copy run star 2018 -02 -08 45

2018 -02 -08 46

With DHCP not enabled Assuming that no DHCP is enabled, ◦ Request from any hosts will result in failure 2018 -02 -08 47

Binding addresses 2018 -02 -08 48

Life capture DHCP packet ◦ https: //www. cloudshark. org/captures/0009 d 5398 f 37 ◦ https: //www. cloudshark. org/captures/000731192129 ◦ https: //www. cloudshark. org/analysis/000731192129/conversations? proto=udp&window=false Lease query ◦ https: //www. cloudshark. org/captures/0004 fd 9466 b 7 2018 -02 -08 49

References [1] Fall, K. R. and Stevens, W. R. . (2011). TCP/IP Illustrated, Volume 1: The Protocols. ddison-Wesley Professional Computing Series, Pearson Education. http: //books. google. co. kr/books? id=a 23 OAn 5 i 8 R 0 C [2](n. d. ). BOOTP and DHCP. Microsoft Technet. accessed on 10/03/2014 from http: //technet. microsoft. com/en-us/library/cc 781243(v=ws. 10). aspx [3] Droms, R. ( March, 1997). “Dynamic Host Configuration Protocol ”, RFC 2131. [4]dhcpcd. http: //roy. marples. name/man/html 8/dhcpcd. html []Kozierok, C. M. : TCP/IP Guide, 1 st edn. No Starch Press (October 2005) 2018 -02 -08 50