DHCP, Dynamic Host Configuration Protocol, is simply the process of obtaining an IP address by the host, and belongs to the application layer protocol.
DHCP uses UDP ports 68 (client) and 67 (server) for communication.
[Process] The
DHCP process is mainly DHCP Discover-> DHCP Offer-> DHCP Request-> DHCP Ack.
Use Wireshark to capture DHCP data packets during the IP process.
1. Open Wireshark to capture packets
2. The PC currently has an IP, use the cmd command to release the IP (ipconfig / release), and reacquire the IP (ipconfig / renew)
3. Stop packet capture and use bootp to filter packets.
4. You can see the five messages in the figure, of which the DHCP Release message is the message sent when the PC releases the IP.
When acquiring the IP, the PC will send a DHCP Discover broadcast message. Since the current PC does not have an IP, the source IP is 0.0.0.0; it is particularly important to note that the PC will randomly give out a Transaction ID if the Offer message received later The Transaction ID in is different from that simulated by the PC, and the PC will directly discard the Offer message.
DHCP Offer message
DHCP Request message
DHCP Ack message
[The process and precautions of the offer message sent by the simulated server]
1. Ensure the connectivity between the server and the client
2. Prepare an offer message (editable)
3. Use Wireshark to grab the Discover message sent by the client to determine the current Random Transaction ID from the client
4. Change the Transaction ID in the Offer message to be the same as in the Discover message
5. Use the package sending software to send the Offer message
注:Transaction ID
[Address Lease
Period ] Each IP address provided by the DHCP server has a corresponding lease period, which can be seen in the IP Address Lease Time in the Offer message. If the lease time of the address is too long, the address resources will be occupied for a long time, and if the lease time is too short, it will cause too many DHCP request packets and increase the network burden. It also needs to be set according to the current usage scenario. Generally speaking, for places with a large number of DHCP clients and frequent disconnection of the network, such as airports and shops, the DHCP lease period is generally configured to be shorter, so that the IP address can be recovered quickly.
[IP Lease Renewal Process] The
client will send a DHCP Request message to the DHCP server when the address lease period is still 1/2; if the server's DHCP Ack is received, the client's IP address lease period will be renewed.
If you do not receive Ack, you can continue to use the IP, and send a second Request message when the lease period is still 1/4; if you receive Ack, the lease period expires;
if you do not receive Ack, there is still a lease period The third Request message is sent at 1/8, if the Ack is received, the lease expires.
If the Ack is not received, the IP is recovered after the lease expires.