Interesting DHCP chat

[[386236]]

In this article, we will talk about the DHCP protocol. Before we talk, let's imagine a scenario.

You are now standing on the subway or sitting in the office. Your mobile phone or computer has an IP address. If you enter this IP address manually, you need to write the following things...

It’s OK to configure these on a computer, and you can do it in a snap. If you are using a mobile phone, you need to click on the IP address, enter the IP address, click on the subnet mask, enter the subnet mask, click on the default route, enter the route, click on the DNS server, enter the DNS server… This is so troublesome. Just when you have finished the configuration, your boss calls you to a meeting, and the address you just configured is wasted. You change the environment and need to reconfigure the IP address, so you repeat the above steps again. At this time, the meeting is over, and you are confused…

We also save you the possibility of misconfiguration.

The most annoying thing about the above description is that you need to manually configure the IP address. Woc, why can't it be set to automatically configure the IP address? Who says it can't be done? You can! That is to use DHCP, which is what we are going to talk about below.

Understanding DHCP

DHCP stands for Dynamic Host Configuration Protocol. DHCP can automatically set IP addresses and centrally manage IP address allocation. This means that whether you are in a meeting or working at your desk, you don't have to manually configure IP addresses. At the same time, DHCP also greatly reduces the chance of errors caused by manually allocating IP addresses.

DHCP is closely related to IP. It is a protocol used on IP networks. If you want to use DHCP to provide services, a DHCP server is required on the entire communication link. Devices connected to the network use the DHCP protocol to request an IP address from the DHCP server. The DHCP server will assign a unique IP address to the device.

In addition to the IP address, the DHCP server will also tell you the subnet mask, default route, and DNS server.

DHCP Server

Now, you do not need to manually configure IP addresses, and you no longer need to manage IP addresses. Management has been transferred to the DHCP server, which maintains the IP address pool and leases addresses to DHCP-enabled clients when they boot up on the network.

Because IP addresses are dynamic (temporarily assigned) rather than static (permanently assigned), IP addresses that are no longer in use are automatically returned to the IP address pool for reallocation.

So who maintains the DHCP server?

The network administrator is responsible for setting up the DHCP server and providing address configurations to DHCP-enabled clients in the form of leases. Ah, since I don't need to manage it, it's very comfortable~

OK, now you can develop comfortably. You use postman to configure an interface 192.168.1.4/x/x for request. The request can be carried out smoothly, but after a while, you find that the request of the interface 192.168.1.4/x/x is not working. Why? Then you use ipconfig to check your IP address and find that the IP address has become 192.168.1.7. How come my IP address has changed while I am using it? DHCP is rubbish, a broken thing!!@#¥%¥%……¥%

In fact, this is also a function of a DHCP server, which usually assigns a unique dynamic IP address to each client, and the address will be changed when the client lease of the IP address expires.

The only thing it means is that if you manually set a static IP and the DHCP server assigns a dynamic IP, and this dynamic IP is the same as the static IP, then one of the clients will inevitably be unable to access the Internet.

I have encountered this situation. The static IP I configured with my virtual machine was 192.168.1.8. My mobile phone also used DHCP to configure the IP address of 192.168.1.8. At this time, my virtual machine was not connected to the network. When I connected to the network, I could not connect to the virtual machine. I checked and found that the IP address conflicted...

Although the DHCP server can provide IP addresses, how does it know which IP addresses are free and which IP addresses are in use?

In fact, all this information is configured in the database. Let's take a look at what information the DHCP server maintains.

• All valid TCP/IP configuration parameters on the network

These parameters mainly include host name, DHCP client, domain name, IP address, gateway (Netmask), broadcast address, and default rooter.

• Valid IP addresses and excluded IP addresses are stored in the IP address pool and are waiting to be assigned to clients.
• Reserved addresses for certain DHCP clients. These addresses are static IP addresses, so that a single IP address can be consistently assigned to a single DHCP client.

OK, now you know what information a DHCP server needs to save, and after reading the above content, you should know what components a DHCP has. Now let's talk about the components in DHCP, and none of these components can be missing.

Components of DHCP

When using DHCP, it is important to understand all the components. Below I have listed some of the DHCP components and what they do.

• DHCP Server, DHCP server, everyone must know this, because we have been discussing the content of DHCP server above. To use DHCP, you must have a DHCP server, otherwise who will provide you with services?
• DHCP Client, everyone should know this. After all, it is not enough to have only one server. Without a client, who can you serve? DHCP clients can be computers, mobile devices, or any other devices that need to connect to the network. By default, most are configured to receive DHCP information.
• Ip address pool: You need to have an IP address pool. Although you provide DHCP services, you also need tools. What can you do without tools? The IP address pool is the address range available to DHCP clients. This address range is usually sent in order from lowest -> highest.
• Subnet: This component is a subnet. An IP network can be divided into segments of subnets. Subnets are more helpful for network management.
• Lease: This indicates the renewal period of the IP address, and also represents the length of time the client retains the IP address information. Generally, when the lease expires, the client must renew it.
• DHCP relay: This is usually hard to think of. A DHCP relay is usually a router or a host. A DHCP relay usually deals with the situation where the DHCP server and the DHCP client are no longer in the same network segment. If the DHCP server and the DHCP client are in the same network segment, the client can correctly obtain the dynamically assigned IP address; if not, a DHCP relay is needed to act as a relay agent.

Now that you understand the components of DHCP, I will talk to you about how DHCP works.

How DHCP works

Before we talk about the DHCP working mechanism, let's take a look at the DHCP message.

• DHCP messages There are the following types of DHCP messages:
• DHCP DISCOVER: The packet sent by the client to start the DHCP process, which is the beginning of the DHCP protocol
• DHCP OFFER: The response from the server after receiving DHCPDISCOVER, which includes the expiration time of the IP lease given to the client, the server identifier, and other information
• DHCP REQUEST: The client's response to the DHCPOFFER sent by the server. It is also used when renewing the lease.
• DHCP ACK: A successful confirmation message sent by the server after receiving the DHCPREQUEST from the client. When establishing a connection, the client will confirm that the IP and other information assigned to it can be used only after receiving this message.
• DHCP NAK: The opposite message of DHCPACK, indicating that the server rejects the client's request.
• DHCP RELEASE: Usually appears when the client is shut down or offline. This message will cause the DHCP server to release the IP address of the client that sent this message.
• DHCP INFORM: A message sent by the client to request some information from the server.
• DHCP DECLINE: When the client finds that the IP address assigned by the server cannot be used (such as when there is an IP address conflict), it will send this message to notify the server to prohibit the use of the IP address.
• The working mechanism of DHCP is relatively simple. It is nothing more than the process that the client rents an IP from the server and the server provides the IP to the client. Well, you are very smart. It is roughly like this, but there are some details that need to be paid attention to. Let me talk to you through two pictures.

The process of obtaining an IP address from DHCP is mainly divided into two stages.

The first phase is the DHCP lookup packet phase

The search packet phase is mainly divided into two steps: the first step is the DHCP discovery packet, and the second step is the DHCP offer packet.

The DHCP client initiates a broadcast on the communication link to see if there is a server on the link that can provide DHCP packets. Then each node on the communication link will check whether it can provide DHCP packets. At this time, the DHCP server says it can provide DHCP packets, and then DHCP sends a DHCP packet back to the DHCP client along the communication link.

The second phase is the DHCP request phase.

The DHCP request packet is also divided into two steps: the first step is the DHCP request packet, and the second step is the DHCP confirmation packet.

The DHCP client initiates a DHCP request packet on the communication link. The request packet mainly tells the DHCP server that it wants to use the network settings provided in the previous step. Then the DHCP server sends a confirmation packet to the DHCP client, indicating that the DHCP client is allowed to use the network settings sent in the second step.

At this point, the DHCP network settings are completed, and TCP/IP communication can then be performed between hosts on the communication link.

When the IP address is no longer needed, a DHCP release packet (DHCP RELEASE) can be sent to release it. In addition, there is usually a lease time setting in the DHCP settings. The DHCP client can send a DHCP request packet within this time limit to notify that it wants to extend this period.

DHCP State Machine

We know above that DHCP will send several request packets. We know that actions are always accompanied by changes in state. The same is true for DHCP. When DHCP sends/receives various packets, its state also changes accordingly. The DHCP protocol can run state machines on the client and server. The state determines the type of message that the protocol will process next.

The transitions between states (arrows) occur due to receiving and sending messages or timer expiration. Below is the DHCP state rotation diagram.

The client has no message at the beginning and is in the INIT state. Then the client initiates a broadcast DHCP DISCOVER on the communication link.

In the Selecting state, the client collects DHCPOFFER messages until it determines the address and server to use.

Once the DHCP client has made its choice, it sends a DHCPREQUEST message and enters the Requesting state. In this state, it is likely to receive an unwanted ACK response. If no suitable address is found in this state, the client sends a DHCPDECLINE and returns to the INIT state, but the probability of this happening is relatively small.

The client in the Requesting state is likely to accept the DHCPACK message sent, obtain the timeout periods T1 and T2, and then enter the Bound binding state, in which the address can be used until it expires.

When the first timer T1 expires, the client enters the renewing state and tries to establish the lease time again. If a new ACK message is received, it means that the renewal is successful, and then it returns to the Bound state.

If no ACK is received, T2 will eventually expire and enter the Rebinding state. The client entering this state will retry to obtain the address. If the final lease expires, the client must give up the leased address, and if there is no other address or network connection to use, the client will disconnect.

DHCP Conflicts

Now let's discuss the issue of DHCP conflict. DHCP conflict is actually IP duplication. When two or more hosts in a subnet are configured with the same IP address, an IP conflict will occur. The consequence of this situation may be that the two conflicting hosts are mixed together, and one host may receive data packets from another host.

So what is the reason for this situation?

There are many reasons for this situation. Here are two possible reasons:

• The first situation is that a host is configured with a static IP address. After the host is connected to the network, its IP address will not be in the DHCP server. Then another host is connected to the network, and the DHCP server automatically assigns the same IP address to the host. These two addresses cause an IP conflict.
• The second situation is that the client obtains an IP address from the DHCP server, and then the host goes offline. As the lease expires, DHCP will assign the IP address to another host. When the host comes back online, for some reason, the computer cannot access the DHCP server, which will cause an IP conflict.

When an IP conflict is detected, a pop-up window will usually pop up on Windows and Mac systems.

DHCP Relay Agent

Most regular home networks (except for the rich) have only one Ethernet, that is, a LAN segment, and one DHCP server can fully meet the needs of clients in the LAN. However, in more complex networks, such as enterprises or schools, one DHCP server is obviously not enough. Therefore, in this case, unified management of DHCP is often required. The specific implementation method can be to forward DHCP traffic through a DHCP relay agent, as shown in the following figure.

As shown in the figure above, there are two network segments A and B. The DHCP client and DHCP server are not in the same network segment, so we set up a relay agent on the communication link. The DHCP client accesses the DHCP server by accessing the relay agent.

Using this method, we no longer need to set up a DHCP server in each network segment, but only need to set up a relay agent in each network segment. It can set the IP address of the DHCP server, so that the allocation range of IP addresses can be registered on the DHCP server for each network segment.

The DHCP client sends a DHCP request packet to the DHCP relay agent, and after receiving the broadcast packet, the DHCP relay agent sends it to the DHCP server in unicast form. After receiving the packet, the server returns a response to the DHCP relay agent, and the DHCP relay agent sends the packet to the DHCP client.

DHCP Authentication

We always assume that everything will go smoothly and are afraid of problems. This may mean that I will always be just a junior programmer. The DHCP servers we discussed above are all reasonable and legal, but the Internet is a double-edged sword, and not everyone is a legal citizen. What if an unauthorized DHCP server is assumed? It is likely to affect the network.

To avoid these problems, a method for authenticating DHCP messages is specified in [RFC3118]. It defines a DHCP option, the Authentication option, as shown below

The main purpose of the authentication option is to determine whether the DHCP message comes from an authorized sender.

The value of the authentication code attribute is 90, and the length gives the number of bytes in the option (excluding the bytes of the code and length fields). If the protocol and algorithm attributes are set to 0, the authentication information field will hold a simple shared configuration token. As long as the configuration token matches on the client and server, the message will be accepted.

What we talked about above is just one of them. There is also a more secure method that involves the so-called delayed authentication. If both the protocol and algorithm are set to 1, it means that delayed authentication is used. In this case, the client's DHCPDISCOVER message or DHCPINFORM message includes an authentication option, and the server responds with the authentication information contained in its DHCPOFFER or DHCPACK message. This authentication information includes a message authentication code, which provides authentication of the sender and integrity verification of the message. RDM stands for relay detection. Relay detection includes a single-item incremental value. As long as it passes through a proxy relay, the value of the relay detection will be + 1.

Although DHCP authentication ensures security, it is not widely used for two reasons:

• First, this method requires that a shared secret be distributed between the DHCP server and each client that requires authentication.
• Second, the Authentication option was specified after DHCP had become widely used.

Summarize

In this article, I discussed with you a concept in computer networks that is easily overlooked. Why is it easy to overlook? Because we basically don't care about the configuration of IP addresses in our daily development process, that is, it will be used when setting up the environment. However, if you want to study computer networks systematically, the importance of DHCP cannot be ignored. DHCP includes working mechanism, DHCP message, DHCP state machine, DHCP authentication, etc. These are all things you need to understand and master.

This article is reprinted from the WeChat public account "Programmer cxuan", the author is embedded system. Please contact the programmer cxuan public account for reprinting this article.