DHCP in detail
【Reminder】Need information or need to enter the group to communicate to the bottom
Introduction to DHCP
DHCP(Dynamic Host Configuration Protocol,动态主机配置协议),是一个应用层协议,通常被应用在大型的局域网络环境中,主要作用是集中的管理、分配IP地址,使网络环境中的主机动态的获得IP地址、Gateway地址、DNS服务器地址等信息,并能够提升地址的使用率。
DHCP协议采用客户端/服务器模型,主机地址的动态分配任务由网络主机驱动。当DHCP服务器接收到来自网络主机申请地址的信息时,才会向网络主机发送相关的地址配置等信息,以实现网络主机地址信息的动态配置。
DHCP workflow
1 DH CP Client discovery phase The phase where the
DHCP client searches for the DHCP server. The DHCP client sends DHCP discover information to find the DHCP server in a broadcast mode (because the IP address of the DHCP server is unknown to the client). The source address is 0.0.0.0 and the destination address is 255.255.255.255. Every host on the network installed with the TCP/IP protocol will receive this broadcast message, but only the DHCP server will respond.
2 The DHCP Server provides the phase in which the
DHCP server provides the IP address. The DHCP server that receives the DHCP discover information in the network will respond. It selects an IP address that has not yet been leased and assigns it to the DHCP client, and sends a DHCP offer containing the leased IP address and other settings to the DHCP client. information.
3 DHCP Client selection phase The phase in which the
DHCP client selects the IP address provided by a certain DHCP server. If multiple DHCP servers provide information to the DHCP offer sent by the DHCP client, the DHCP client only accepts the information provided by the first received DHCP offer, and then it responds to a DHCP request request information by broadcast. It contains the content of requesting an IP address from the DHCP server selected by it. The reason for the broadcast answer is to inform all DHCP servers that he will choose the IP address provided by a certain DHCP server.
4 DHCP Server Confirmation Phase The phase in which the
DHCP server confirms the IP address provided. When the DHCP server receives the DHCP request information that the DHCP client answers, it sends a DHCP ack confirmation message containing the IP address and other settings it provides to the DHCP client, telling the DHCP client that it can use the information it provides. IP address. Then the DHCP client binds its TCP/IP protocol with the network card.
In addition, except for the server selected by the DHCP client, all other DHCP servers will withdraw their previous IP addresses.
5 DHCP Client re-login
After each time the DHCP client re-login to the network, it does not need to send the DHCP discover discovery information, but directly sends the DHCP request request information containing the IP address assigned the previous time. When the DHCP server receives this information, it will try to let the DHCP client continue to use the original IP address and answer a DHCP ack confirmation message. If the IP address can no longer be assigned to the original DHCP client (for example, the IP address has been assigned to other DHCP clients), the DHCP server will reply to the DHCP client with a DHCP nack message. When the original DHCP client receives the DHCP nack denial information, it must resend the DHCP discover information to request a new IP address.
6 DHCP Client Renewal of Lease
The IP address leased by the DHCP server to the DHCP client generally has a lease period. After the expiration, the DHCP server will reclaim the leased IP address. If the DHCP client wants to extend its IP lease, it must renew its IP lease. When the DHCP client is started and half of the IP lease period expires, the DHCP client will automatically send to the DHCP server a message to renew its IP lease.
DHCP message
1 Message content
Op: Message type, divided into two categories: Request (1) and Reply (2)
HW Type: Hardware type, generally Ethernet: 1
HW Len: Hardware address length, unit byte. Corresponding Ethernet: 6 (mac address length is 6 bytes and 48 bits)
Transaction ID: Transaction ID, random number, generated by the client, and when the server responds, it will copy the Transaction in the Request to the Reply message.
Secs: The number of seconds since the first IP request or Renew request was sent
Flags: Flag bit, currently only the first bit is used, set to 1 to indicate broadcast
Client IP Address: the IP address of the current client, if the current client does not have an IP address, set to 0
Your IP Address: When the server wants the client to provide an IP address, it will fill in the IP address in this field
(Next) Server IP Address: The IP address of another server that the client needs when booting
Gateway (Relay) IP Address: Gateway (relay) IP address, filled in when a DHCP repeater is forwarding DHCP messages
Server Name: Server name, 64 bytes, generally not used, filled with 0
Boot File name: the path of the boot file, 128 bytes, generally not used, filled with 0
Option: Option, variable length.
2 Option field
3 DHCP Message Type(53)
In the DHCP Option, we will focus on the DHCP Message Type (53). The DHCP Message Type identifies the type of the DHCP message. There are mainly the following types:
DHCP relay
DHCP客户使用IP广播来寻找同一网段上的DHCP服务器。当服务器和客户段处在不同网段,即被路由器分割开来时,路由器是不会转发这样广播包的。因此可能需要在每个网段上设置一个DHCP服务器,虽然DHCP只消耗很小的一部分资源的,但多个DHCP服务器,毕竟要带来管理上的不方便。DHCP中继的使用使得一个DHCP服务器同时为多个网段服务成为可能。
简单来说,DHCP中继就是帮DHCP客户端分配IP。比如百说有多个网络A,B,C,现在有一台DHCP服务器,在A网络里,由于DHCP获取IP是广播式,若度是B和C网络里的客户机要获取IP,所以B和C的DHCP请求问发不到A网络中的DHCP服务器,此时就要在B和C网络里加一台中继服务器,让中继服务以单播的行式向A网络中的DHCP服务器请答求IP。当然,DHCP服务器上得有对应版A,B和C三个网络里的地址池。一般来说,中继都权配置在交换机上面,不需要单独地建立一台服务器。
为了让路由器可以帮助转发广播请求数据包,使用ip help-address命令。通过使用该命令,路由器可以配置为接受广播请求,然后将其以单播方式转发个指定IP地址。缺省情况下ip help-address转发以下8种UDP服务:
1.Time2.Tacacs 3.DNS4.BOOTP/DHCP server 5. BOOTP/DHCP client 6.TFTP7.NetBios name service 8. NetBios datagram service
在DHCP广播情况下,客户在本地网段广播-个DHCP发现分组。网关获得这个分组, ex配置了帮助地址,就将DHCP分组转发到特定地址。
DCHP Relay Configuration
Step 1: Check whether the device supports IOS DHCPServer function
一般的Cisco路由 器或访问服务器,以及少部分安装有路由交换模块或多层交换功能卡的交换机都具有IOS DHCP Server功能。如果还没有确认你的设备是否具备这一功能,那么,你可以按如下方法在命令行界面(CLI) 下进行快速检测,步骤如下:
router>enable
Password:
router#conf t
router(config)#ip dhcp ?
If the following message appears, unfortunately, the device does not support the IOS DHCP Server function: %Unrecognized command
Otherwise, congratulations, your setup supports DHCP function.
第二步: DHCP服务器端配置(此处 用路由器来当DHCPserver.PC机上配置类似) :
route(config)#ip dhcp pool vlan10 //Configure an address pool, vlan10 is the name of the address pool,
route(dhcp-config)#network 192.1 68.10.0255.255. 255.0 // dynamically allocated address segment
route(dhcp-config)#default-router192.1 68.10.254 //Gateway address
route(dhcp-config)#dns-server XXXX //Configure the DNS server for the client
route(dhcp-config)#lease 1 //The address lease period is
route(dhcp-config)#exit
route(config)#ip dhcp excluded-address192.168.10.1 /The address is not assigned
route(config)#ip dhcp excluded-address192.1 68.10.254 //The address is not allocated
route(config)#ip dhcp pool vlan20 17 hundred C direct address pool vlan20, vlan30 address pool configuration is similar
route(dhcp-config)#network 192.1 68.20.0255.255.255. 0 // dynamically allocated address segment
route(dhcp-config)#default-router192.1 68.20.254 //Gateway address
route(dhcp-config)#dns-server XXXX 1/Configure the DNS server for the client
route(dhcp-config)#lease 1 //The address lease period is 1 day
route(dhcp-config)#exit
route(config)#ip dhcp excluded-address192.168.20.254 //The address is not allocated.
第三步:使用路由器做单臂路由时的DHCP配置:
int f0
no ip addressno shut
exit
int f0.10 //vlan10
ip address 192.168.10.254 255.255.255.0//vlan gateway
ip help-address 192.168.10.1 //DHCP fat controller address
no shut
exit
int f0.20 /vlan20, similar to multiple network segments
ip address 192.168.20.254 //vlan gateway
ip help-address 192.168.10.1 //Send to the DHCP server address in unicast form
no shut
exit
使用多层交换机的DHCP配置int vlan 10
ip address 192.168.10.254 255.255.255.0//vlan10 gateway
ip help-address 192.168.10.1 //DHCP server address
no shut
exit
int vlan 20
ip address 192.1 68.20.254 255.255.25//vlan10 gateway
ip help-address 192.168.10.1 //DHCP server address
no shut
exit
In order to better help you learn and understand network engineers, and other related content, I deliberately organize all the materials systematically, and share them here for free. Necessary information for everyone, including:
Huawei certification mind map (super fine);
Huawei certification essential knowledge document (pdf);
A collection of essential knowledge documents for net workers;
Essential Toolkit for NetWorkers;
Necessary experiment package for net workers;
Necessary video interview package for net workers.
……
There is a lot of information, I won’t list all of them, so I’ll write here first. If you have any questions, please leave a message and discuss private messages~