Dynamic host configuration protocol (DHCP) is widely used by Systems and network administrators for the automatic IP assignment to the network devices. Modern DHCP servers support both IPV4 and IPV6. All latest operating system, and network devices including routers and firewalls provide DHCP services.
DHCP Server Advantages
- The biggest benefit of having DHCP server in network is that all devices can get IP addressed automatically and manual configuration is no longer required. It saves administrators time.
- Better control and IP management across the network. Hence clean documentation of all subnet, IP scheme, devices connected. Free and in use IP addresses in each subnet etc.
- When a user roam around the office (change subnet/VLAN), they get appropriate IP address automatically according to network infrastructure.
- IP duplication/waste is strictly controlled by the DHCP server.
- With a centralized IP/MAC database, administrators can quickly track the devices.
- Block bad devices through their MAC address.
- When a machine does not connect to the network for a longer period of time (called lease time), its IP address is reclaimant for the use of other network devices.
- It gives the liberty to administrators to reserve the IP address. This is usually required for servers, network devices and specific workstations where IP change is an option.
- Helps BOOTP clients for getting initial network setting even before a proper operating system is installed.
- IP assignment log/history is well maintained by DHCP server.
DHCP Server Disadvantages
- DHCP is single point of failure. If down, clients will no logger be able to find their IP addresses. Although now we have redundancy features available in some DHCP servers.
- After using DHCP server in the network your clients become more vulnerable DHCP attacks. One example is DHCP spoofing.
- IP addresses change will take time. New IP will only be assigned when pervious lease time expires.
- Incase of multiple subnets and multiple sites, additional network configuration is required for DHCP infrastructure. Relay agents needed to be setup accordingly.
IP Lease Process – DORA
A dynamic host configuration protocol IP assignment process has four steps discover, offer, request acknowledge. Its abbreviated as DORA.
- Discover: When a client machine is connected over the network, it immediately broadcast over the network to discover if there is a server available to offer the IP address.
- Offer: Once a request is received by a server. DHCP servers responds and offer the client machine to lease and IP address from it.
- Request: In the third step the client machine requests the server to assign an IP address.
- Acknowledge: Finally DHCP server confirm the client that IP address and leased (typically for 8 days in windows). Also it updates its internal database.
Because of bad network configuration it is possible that DHCP client and server may not be able to communicate with each other. As a result of that DHCP disavower request is timeout. Once it happens the client machine obtains a automatic private IP address abbreviated as APIPA. This could be any IP address 169.254.0.1 to 19.254.255.254. Subnet mask for APIPA is 255.255.0.0. If you want to learn more about it. You can read our article “APIPA – Automatic Private IP address“.
DHCP IP Renewal Process
Once 50% lease time T1 is passed (which is 4 days by default), client machine initiates a IP renewal request called DHCPREQUEST. Unlike broadcast that client used in the discovery process, this time its a straight unicast message directly to DHCP server. Server will check its internal IP database. If the DHCP is willing to renew this lease it will send a positive acknowledgement called DHCPACK. This renews the the lease. From client prospective it means, yes you can keep the same IP for another 8 days. Incase of negative acknowledgement called DHCPNAK, the client machine will release its TCP/IP settings and initiate a process to get a new IP address from scratch. However if there is no response received, the client will retain the existing IP address.
Now if 87.5% lese time T2 is passed (7 days by default), client machine will repeat the renewal process and wait for DHCPACK or DHCPNAK. Based upon the acknowledgement status, lease will be either renewed or canceled. Finally if 100% time is passed, both DHCP client and server know time is up. IP is released and DORA process reinitiated.
Since 100% lease time is passed and there no DHCP server is not willing to give IP, the client machine will generate a self assigned IP to itself called automatic private IP address (APIPA). It looks like 169.254.X.X. Visit our article “APIPA Address 169.254“ to learn more about it. Further more if you want to learn how to install DHCP server, we have another detailed step by step by article or you Install and Configure DHCP Server.
-
DHCP Spoofing
DHCP or dynamic host configuration protocol is responsible for IP assignment in the network. DHCP spoofing is a type of…
-
APIPA Address 169.254
Have you ever seen IP address 169.254.X.X appearing on your computer network card. Full form of APIPA is automatic private…
Leave a Reply