DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) Dynamic Host Configuration Protocol is a local area network network protocol. Refers to a range of IP addresses controlled by the server, and the client can automatically obtain the IP address and subnet mask assigned by the server when logging in to the server. First, the DHCP server must be a computer with Windows 2000 Server/Advanced Server installed; secondly, the computer serving as the DHCP server needs to install the TCP/IP protocol, and set a static IP address, subnet mask, default gateway, etc. content. By default, DHCP as a service component of Windows 2000 Server is not automatically installed by the system, it must be added.
DHCP was developed and designed by the IETF (Internet Task Force) and became a standard protocol in October 1993. Its predecessor was the BOOTP protocol. The current DHCP definition can be found in RFC 2131, while the proposed standard based on IPv6 (DHCPv6) can be found in RFC 3315.
DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) is a protocol designed by the IETF to realize the automatic configuration of IP. It can automatically assign IP addresses, subnet masks, default gateways, and IP addresses of DNS servers to clients. TCP/IP parameters. Understanding how DHCP works can help us troubleshoot problems with the DHCP service. The DHCP protocol is an application based on the UDP layer (that is to say, in the process of snort detection, only UDP packets can be seen). dhcp uses udp to carry packets, and udp is encapsulated in ip packets to send. dhcp packet format
OP: If the packet sent by the client to the server is set to 1, the reverse is 2;
Htype: hardware type, ethernet is 1;
Hlen: hardware length, ethernet is 6;
Hops: If the data packet needs to be transmitted through the router, add 1 to each station, if it is in the same network, it is 0;
Transaction ID: The transaction ID, which is a random number, is used to match requests and corresponding messages between clients and servers;
Seconds: The time specified by the user, which refers to the time after the start of address acquisition and update;
Flags: From 0-15bits, when the leftmost 1bit is 1, it means that the server will broadcast the packet to the client, and the rest have not been used;
Ciaddr: user IP address;
Yiaddr: client IP address;
Siaddr: IP address used in the bootstrap process;
Giaddr: forward proxy (gateway) IP address;
Chaddr: the hardware address of the client;
Sname: optional server name, ending with 0x00;
File: startup file name;
Options: Vendor ID, optional parameter field
DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) is a local area network network protocol, using the UDP protocol to work, mainly for two purposes: to automatically assign IP addresses to internal networks or network service providers, to users or internal network administrators As a means of central management of all computers, it is described in detail in RFC 2131. DHCP has 3 ports, of which UDP67 and UDP68 are normal DHCP service ports, which are used as service ports for DHCP Server and DHCP Client respectively; port 546 is used for DHCPv6 Client instead of DHCPv4, which is for DHCP failover service, which is required A specially enabled service, DHCP failover, is used for "dual-system hot backup".
The DHCP protocol adopts a client/server model, and the task of dynamically assigning host addresses is driven by network hosts. When the DHCP server receives the address information from the network host, it will send the relevant address configuration and other information to the network host, so as to realize the dynamic configuration of the address information of the network host. DHCP has the following functions:
1. Ensure that any IP address can only be used by one DHCP client at a time.
2. DHCP should be able to assign permanent fixed IP addresses to users.
3. DHCP should be able to coexist with hosts that obtain IP addresses by other methods (eg, hosts that manually configure IP addresses).
4. The DHCP server should serve existing BOOTP clients.
DHCP has three mechanisms for assigning IP addresses:
1) Automatic Allocation: The DHCP server assigns a permanent IP address to the host. Once the DHCP client successfully leases the IP address from the DHCP server for the first time, it can use the address permanently.
2) Dynamic Allocation: The DHCP server assigns a time-limited IP address to the host. When the time expires or the host expressly gives up the address, the address can be used by other hosts.
3) Manual Allocation, the IP address of the client is specified by the network administrator, and the DHCP server just tells the client host the specified IP address.
Among the three address allocation methods, only dynamic allocation can reuse addresses that clients no longer need
working principle
The DHCP protocol uses UDP as the transmission protocol. The host sends a request message to port 67 of the DHCP server, and the DHCP server responds with a reply message to port 68 of the host.
1. The DHCP Client sends a DHCP Discover message by broadcasting.
2. All DHCP Servers can receive the DHCP Discover message sent by the DHCP Client, and all DHCP Servers will respond and send a DHCP Offer message to the DHCP Client.
The "Your(Client) IP Address" field in the DHCP Offer message is the IP address that the DHCP Server can provide to the DHCP Client, and the DHCP Server will put its own IP address in the "option" field so that the DHCP Client can distinguish different DHCP Server. After the DHCP Server sends this message, there will be a record of the assigned IP address.
3. The DHCP Client can only process one of the DHCP Offer messages. The general principle is that the DHCP Client processes the DHCP Offer message received first.
The DHCP Client will send a broadcast DHCP Request message, and the IP address of the selected DHCP Server and the required IP address will be added to the option field.
4. After receiving the DHCP Request message, the DHCP Server determines whether the IP address in the option field is the same as its own. If they are not the same, the DHCP Server will only clear the corresponding IP address allocation records without any processing; if they are the same, the DHCP Server will respond to the DHCP Client with a DHCP ACK message and add the IP address lease information in the option field.
5. After the DHCP Client receives the DHCP ACK message, it checks whether the IP address assigned by the DHCP Server can be used. If it can be used, the DHCP Client successfully obtains an IP address and automatically starts the renewal process according to the IP address lease period; if the DHCP Client finds that the assigned IP address has been used, the DHCP Client sends a DHCP Decline message to the DHCP Server to notify the DHCP Server Disable this IP address, and then the DHCP Client starts a new address request process.
6. After the DHCP Client successfully obtains an IP address, it can release its IP address at any time by sending a DHCP Release message. After the DHCP Server receives the DHCP Release message, it will reclaim the corresponding IP address and reassign it.
When the lease period exceeds 50%, the DHCP client will send a DHCPRequest message to the DHCP server in unicast form to renew the IP address. If the DHCP Client successfully receives the DHCP ACK message sent by the DHCP Server, it will extend the IP address lease period according to the corresponding time; if it does not receive the DHCP ACK message sent by the DHCP Server, the DHCP Client will continue to use the IP address.
When the lease period exceeds 87.5%, the DHCP client will send a DHCPRequest message to the DHCP server in the form of broadcast to renew the IP address. If the DHCP Client successfully receives the DHCP ACK message sent by the DHCP Server, it will extend the IP address lease period according to the corresponding time; if it does not receive the DHCP ACK message sent by the DHCP Server, the DHCP Client will continue to use the IP address until the IP address When the lease period expires, the DHCP client sends a DHCP Release message to the DHCP server to release the IP address and start a new IP address application process.
It should be noted that a DHCP client can receive DHCPOFFER packets from multiple DHCP servers, and then may accept any DHCPOFFER packet, but the client usually only accepts the first DHCPOFFER packet received. In addition, the address specified in [1] in the DHCP server DHCPOFFER is not necessarily the address that is finally allocated. Normally, the DHCP server will reserve the address until the client sends a formal request.
Formally requesting the DHCP server to assign an address DHCPREQUEST uses a broadcast packet, so that all other DHCP servers that send DHCPOFFER packets can also receive the packet, and then release the IP address that has been OFFER (pre-allocated) to the client.
If the address sent to the DHCP client is already used by other DHCP clients, the client will send a DHCPDECLINE packet to the server to refuse to accept the assigned address information.
During the negotiation process, if the address information in the REQUEST message sent by the DHCP client is incorrect, such as the client has migrated to a new subnet or the lease has expired, the DHCP server will send a DHCPNAK message to the DHCP client, asking the client to restart Initiate the address request process.