Every device in a network will be identified by the IP – Address assigned to it. Manual allocation of IP – Addresses for the devices connected in large networks will not be that much easy to the network administrators and results to the IP – CONFLICTS. In addition to this, a track has to be kept for the assigned IP – Addresses to avoid these conflicts.
This problem will increase with the increase in the number of devices connected to a network. So, an automated process of allocating the network configuration parameters like IP-addresses to the devices in a network will be very helpful to the network administrators to reduce their burden.
The automatic allocation of network configuration parameters to the devices connected to a network can be done by the Dynamic Host Configuration Protocol (DHCP).
Dynamic Host Configuration Protocol is a networking protocol which is used to dynamically assign the network configuration parameters like IP – Addresses to the devices connected to a network. This protocol operates on the basis of Client – Server Architecture. Client computers request IP addresses and networking parameters automatically from a DHCP server, reducing the need for a network administrator or a user from having to configure these settings manually.
DHCP is a service which will be performed by a server which may be a configured Windows/Linux or a Router or a Modem provided by the Internet Service Provider. The DHCP server will provide the information of IP – Address, Subnet Mask, Default Gateway, DNS to the client computers when they connect to a network.
How DHCP works…?
When a computer or other network device connects to a network, its DHCP client software in the operating system sends a broadcast query requesting for necessary information. Any DHCP server on the network may service the request. The DHCP server manages a pool of IP addresses and information about client configuration parameters such as default gateway, domain name, the name servers, time servers.
On receiving a request, the server may respond with specific information for each client, as previously configured by an administrator, or with a specific address and any other information valid for the entire network, and the time period for which the allocation (lease) is valid.
A client typically queries for this information immediately after booting, and periodically thereafter before the expiration of the information. When an assignment is refreshed by the client computer, it initially requests the same parameter values, but may be assigned a new address from the server, based on the assignment policies set by administrators.
A DHCP server allocates the IP – Addresses to its clients in 3 ways:
Dynamic Allocation: The DHCP sever uses a range of IP addresses allocated by the administrator to issue them to the clients on a LEASE concept which enable the server to reclaim and reallocate the IP addresses that are not renewed.
Automatic Allocation: The DHCP server assigns a permanent IP address to the client from the table of past assigned IP address range defined by the administrator.
Static Allocation: The DHCP server allocates an IP address based on a preconfigured mapping to each client’s MAC address.
As mentioned earlier, DHCP has two requirements a server and a client.
In general, the router will have an inbuilt DHCP Sever which has to be configured by the network administrator and takes care of this automatic IP addresses allocation process to the clients connecting to the network.
The DHCP protocol is implemented with two UDP port numbers for its operations. UDP port number 67 is the destination port of a server and UDP port number 68 is used by the client.
DHCP operations fall into four phases: server discovery, IP lease offer, IP request, and IP lease acknowledgment. These stages are often abbreviated as DORA
D – Discovery
O – Offer
R – Request
A – Acknowledgment
Step 1: DHCP Discovery
In this step, the client searches for the DHCP server by sending a DHCP Discovery broadcast request to all the devices in the network using port number 68 as it does not know where the server is in the network.
Step 2: DHCP Offer
In this step, the DHCP server receives the DHCP Discovery request and sends a DHCP Offer broadcast request with a new IP address to all the devices in the network using port number 67 as it does not find the new client in the network. The server will offer an IP address to the client on the basis of LEASE concept.
Step 3: DHCP Request
In this step, the DHCP Client responds to the server’s DHCP Offer request by the sending a DHCP Request broadcast message to accept the new IP address given by the DHCP server.
Step 4: DHCP Acknowledgement
In this step, the DHCP server gives the confirmation to the client to start using the offered IP address for a specified amount of time i.e. lease time by sending a DHCP – Acknowledgement broadcast message.
After receiving the DHCP – ACK message from the server, the client will start using the allocated IP address to communicate with the devices in the network.
Like this with the 4-Step process called as DORA, the DHCP Server will allocate the IP addresses to the new clients connecting to the network.
Multiple DHCP Servers in a network:
When multiple DHCP – Severs are employed in the network, the client has the choice of choosing any of the DHCP-Offer proposed by the servers and the corresponding server will allocates that IP address to the client.
Simultaneous Requests from clients in a network:
There is also a possibility that two new clients will ask for the IP addresses simultaneously. To overcome this problem of simultaneous requests from different clients, the DHCP-Server uses transaction IDs to keep track of ongoing procedures and to distinguish them from one another.
IP Address Expiration:
Address Expiration because of Lease Time will leads to the change of IP address for the client in a network after the expiration of that lease time offered by the DHCP server. This is done by the DHCP server to recycle and reuse the unused IP address and to allocate them to the other clients connects to that network.
But clients can prevent retaking of the IP address by the DHCP server by renewing the lease for the same IP address.
DHCP protocol does not have any authentication mechanism and it is vulnerable to variety of attacks. These attacks fall into three main categories:
- Unauthorized DHCP servers (commonly called “rogue DHCP”) providing false information to clients.
- Unauthorized clients gaining access to resources.
- Resource exhaustion attacks from malicious DHCP clients.
- Denial-of-Service (DoS) attack, preventing the client from gaining access to network connectivity, or as a man-in-the-middle attack is the most prevalent attack.