dhcp – managed configuration of tcp/ip hosts
TRANSCRIPT
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
1/73
DHCPManaged Configuration of
TCP/IP Hosts
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
2/73
Outline
DHCP purpose and goals
Background and history of DHCP
Case Study
Operational details
Using DHCP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
3/73
Purpose of DHCP
From RFC2131: The Dynamic Host Configuration
Protocol (DHCP) provides a framework for
passing configuration information to hosts on a
TCP/IP network. DHCP consists of two
components: a protocol for delivering host-
specific configuration parameters from a DHCP
server to a host and a mechanism for allocation ofnetwork addresses to hosts.
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
4/73
DHCP functional goals A host without a valid IP address locates and
communicates with a DHCP server
A DHCP server passes configuration
parameters, including an IP address, to the host
The DHCP server may dynamically allocate
addresses to hosts and reuse addresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
5/73
DHCP functional goals
Hosts can detect when they require a new IP
address Unavailability of DHCP server has minimal
effect on operation of hosts
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
6/73
What does DHCP do?
Provides protocol stack, application and
other configuration parameters to hosts Eliminates need for individual, manual
configuration for hosts
Includes administrative controls for networkadministrators
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
7/73
What does DHCP do?
Backward compatible packet format for
BOOTP interoperation (RFC 1542) Can coexist with hosts that have pre-
assigned IP addresses and hosts that do not
participate in DHCP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
8/73
Design Goals
Eliminate manual configuration of hosts
Prevent use of any IP address by more thanone host
Should not require a server on every subnet
Allow for multiple servers
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
9/73
Design Goals
Provide a mechanism, not a policy
Provide same configuration - including IPaddress - to a host whenever possible
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
10/73
What can you do with DHCP
Plug-and-play
Move desktop PCs between offices
Renumber
Other restructuring - change subnet masks
Mobile IP - laptops
Moving equipment - cartable
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
11/73
What DHCP doesntdo Support multiple addresses per interface
Inform running host that parameters have
changed
Propagate new addresses to DNS
Support inter-server communication
Provide authenticated message delivery
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
12/73
What DHCP doesntdo
Configure routers and other network
equipment Design network addressing plan
Determine other configuration parameters
Locate other servers
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
13/73
Outline
DHCP purpose and goals
Background and history of DHCP
Case Study
Operational details
Using DHCP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
14/73
What is DHCP and where does itcome from?
Internet Engineering Task Force (IETF)
Dynamic Host Configuration WorkingGroup (DHC WG)
BOOTP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
15/73
IETF standards
Formal process for development, review and
acceptance of TCP/IP protocol suitestandards
Initial specifications published as Internet
Drafts (I-Ds) Accepted specifications published as
Request for Comments (RFCs)
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
16/73
Protocol status
DHCP has been accepted as a Draft
Standard; the specifications are publishedin:
RFC 2131: Dynamic Host Configuration
Protocol
RFC 2132: DHCP Options and BOOTP Vendor
Extensions
Several additional options are in
development
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
17/73
Implementation status
DHCP is an open standard, with freely
available specifications Can be (and has been) implemented entirely
from the specification
Commercial implementations are widelyavailable
Non-commerical implementations are also
available
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
18/73
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
19/73
DHCP Resources
IETF information can be retrieved from:
http://www.ietf.cnri.reston.va.us
I-Ds and RFCs can also be retrieved from:
http://www.rfc-editor.org
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
20/73
Related work
RARP/DRARP
TFTP
ICMP
Router Discovery
Mobile IP
Wireless/cellular IP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
21/73
Outline
DHCP purpose and goals
Background and history of DHCP
Case Study
Operational details
Using DHCP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
22/73
Planning for DHCP
Preparation for DHCP requires careful
planning IP addressing strategy
Consider current needs
Allow for growth
Network architect configures rules for
addressing strategy into DHCP server
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
23/73
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
24/73
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
25/73
Relocated computer
Computer retains address
When restarted, computer checks withserver to confirm address
If address OK, computer retains old address
If computer attached to different subnet,
obtains new address
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
26/73
Using DHCP with legacyequipment
DHCP server notrequired to make every
address on a subnet available for allocation DHCP server notrequired to answer every
incoming request
Network architect can configure server toreserve (not allocate) addresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
27/73
DHCP and new computers
DHCP server will hand out all available
addresses Limited number of addresses can be shared
(if all computers not on simultaneously)
Eventually, network architect will have toallocate more addresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
28/73
Reusing addresses
Server can reuse abandoned addresses
Address initially allocated for fixed time calleda lease
Client can extend lease
If lease expires, server can reallocate Reallocation only when necessary (e.g.,
LRU) is a good idea
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
29/73
Reconfiguring the server formultiple networks
Server configuration file defines multiple
subnets and address pools on one physicalsegment
Server chooses address from pools for the
segment Server checks DHCP client address against
all subnets on the segment
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
30/73
Growthchanging subnet masks In some cases, subnet growth can be managed
with a change to the subnet mask
201.157.7.128/27 and 201.157.7.160/27 can becombined into 201.157.7.128/26
Network infrastructure must accommodateVLSMs
Must change subnet masks on attached clients
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
31/73
Passing new subnet masks toclients
At next reboot, DHCP client will contact
server Server returns new subnet mask with
acknowledgment
Client records and uses new mask
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
32/73
Using DHCP for renumbering
Set up plan for renumbering
New network architectureNetwork addresses, server addresses
Timing of cutovers
Force DHCP clients to contact server fornotification about new address
Set short leases
Require all clients be rebooted
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
33/73
Using DHCP for renumbering
Rebooting, although not elegant, probably
most reliable Schedule subnet cutover for overnight or
weekend, force reboot through alternate
protocol (e.g.., email to all users)
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
34/73
Outline
DHCP purpose and goals
Background and history of DHCP
Case Study
Operational details
Using DHCP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
35/73
Server manages clientconfigurations
Provide a variety of mechanisms for
controlled configuration Can override default parameters from Host
Requirements
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
36/73
Address allocation
Static (BOOTP): client must be pre-
configured into database Automatic: server can allocate new address
to client
Dynamic: server can allocate and reuseaddresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
37/73
Leases
Dynamic addresses are allocated for a period
of time known as the lease Client is allowed to use the address until the
lease expires
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
38/73
Leases
Client MUST NOT use the address after the
lease expires, even if there are activeconnections using the address
Server MUST NOT reuse the address before
the lease expires
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
39/73
Motivation for leases
An IP internet may not always be
completely operational; there may notalways be connectivity between any two
hosts, so:
Cant use distributed (client-based) assignmentof addresses
Cant use address defense before server reuse
of addresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
40/73
Motivation for leases
Leases guarantee an agreement as to when
an address may be safely reused even if theserver cant contact the client
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
41/73
Address reuse
Server MAY choose to reuse an address by
reassigning it to a different client after thelease has expired
Server can check using ICMP echo to see if
the address is still in use (but no response isnot a definitive answer!)
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
42/73
Address reuse
Allows address sharing
From old computers replaced by new onesAmong a pool of computers not always using
TCP/IP
For transient hosts like laptops
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
43/73
Address allocation details
Clients check on address validity at reboot
time (renumbering) Clients can extend the lease on an address at
startup time
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
44/73
Address allocation details
Clients can extend the lease on an address as
expiration time approaches (without closingand restarting existing connections)
Clients with addresses that have been
configured manually can use DHCP toobtain other configuration parameters
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
45/73
Four ways a client uses DHCP INIT - acquire an IP address and
configuration information
INIT-REBOOT - confirm validity ofpreviously acquired address andconfiguration
RENEWING - extend a lease from theoriginal server
REBINDING - extend a lease from anyserver
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
46/73
Obtaining an initial address
Client broadcasts DISCOVER to locate
servers Server chooses address and replies
Client selects a server and sends REQUEST
for address Server commits allocation and returns ACK
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
47/73
Rebooting client
Client puts address in REQUEST and
broadcasts Server checks validity and returns ACK with
parameters
If client address is invalide.g., client isattached to a new networkserver replies
with NAK and client restarts
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
48/73
Extending a lease
Client puts requested lease extension in
REQUEST and sends to server Server commits extension and returns ACK
with parameters
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
49/73
DHCP options
Options carry additional configuration
information to clientDHCP message type
Subnet mask, default routers, DNS server
Manyothers Carried as fields in DHCP message
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
50/73
Configuration with options
Network architect configures server to select
and return options and values Client can explicitly request specific options
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
51/73
Relay agents
Using hardware and IP broadcast still limits
DHCP message from client to singlephysical network
Relay agent, on same subnet as client,
forwards DHCP messages between clientsand servers
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
52/73
Relay agents Relay agent and server exchange messages
using unicast UDP
Servers can be located anywhere on intranetServers can be centrally located for ease of
administration
Very simple in function, implementation
Usually, but not necessarily, located in routers
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
53/73
Outline
DHCP purpose and goals
Background and history of DHCP Case Study
Operational details
Using DHCP
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
54/73
Using multiple servers
Clients must be implemented for multiple
servers; e.g., receiving multiple OFFERmessages
Using multiple servers can provide
increased reliability through redundancy
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
55/73
Using multiple servers
All coordination must be managed by DHCP
administratorDistributed database
Off-line batch updates
Manually
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
56/73
Strategies for using multipleservers
Split address pool for each subnet among
servers Coordinate leases off-line
Reallocate addresses when needed
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
57/73
Lease times and strategies
Choice of lease times made by DHCP
administrator Long lease times decrease traffic and server
load, short lease times increase flexibility
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
58/73
Lease times and strategies
Should choose lease time allow for server
unavailabilityAllows clients to use old addresses
For example, long enough to span weekends
Can assign different leases to desktopcomputers, cartable systems and laptops
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
59/73
Changing other configurationparameters
Other configuration parameters such as print
servers may change Reconfigure DHCP server with new
parameters
At next reconfirmation, clients will get newaddresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
60/73
Moving a client to a new location
User may get moved to a new location on a
different subnet User may arrange to move computer system
without contacting network administrator
DHCP will allocate address for new location
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
61/73
Moving a client to a new location
What about old lease?
New server can notify network administratorabout address allocation
Client can issue RELEASE before moving from
old location
Or, might be appropriate to leave old lease
in place
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
62/73
Replacing a system
User may get new computer on desktop
Network administrator wants to allocatesame IP address to the new computerbut,
new computer will have different hardware
address Use client id as system identifier and
transfer to new system
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
63/73
Limitations to DHCP
Coordination among multiple servers
DHCP interaction with DNS Security/authentication
New options
IPv6
Opportunities for enhancement
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
64/73
Coordination among multipleservers
Becomes a distributed database problem
Several strategies have been proposed Failover protocol now in development
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
65/73
Dynamic DNS When client is allocated a new address, DNS
records need to be updated
A record: Name to IP addressPTR record: IP address to name
DHCP to be extended to allow coordination
between client and serverWhich does updates?
Error conditions?
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
66/73
Security/Authentication
Unauthorizedeither intentional or
accidentalserver can cause denial ofservice problems
Some sites may want to limit IP address
allocation to authorized client
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
67/73
Security/Authentication
Authentication based on shared secret key,
an authentication ticket and a message digest Assures source of message is valid and
message hasnt been tampered with en route
Schiller/Huitema/Droms/Arbaugh proposalin process
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
68/73
New options acceptance
New options must have nonoverlapping
option codes Codes handed out byInternet Assigned
Numbers Authority (IANA)
New mechanism will approve each newoption as a separate RFC (like TELNET)
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
69/73
IPv6
IP Version 6(aka IPv6 or IPng) is a new
internet protocol to replace IP Includes new features for host configuration:
Router advertisement
AutoconfigurationLink-local addresses
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
70/73
IPv6
To accommodate sites that want centralized
management of addresses,DHCP for IPv6(DHCPv6) is being developed by the DHC
WG.
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
71/73
Summary
DHCP works today as a tool for automatic
configuration of TCP/IP hosts It is an open Internet standard and
interoperable client implementations are
widely available
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
72/73
Summary
Provides automation for routine
configuration tasks, once network architecthas configured network and addressing plan
Ongoing work will extend DHCP with
authentication, DHCP-DNS interaction andinter-server communication
-
7/31/2019 DHCP Managed Configuration of TCP/IP Hosts
73/73