实验目的:
•了解DHCP协议和DHCP中继的应用场景
•掌握DHCP服务器和DHCP中继的基本配置方法
•掌握配置和检测DHCP客户端的方法
本次实验的拓扑图如下:
开启PC的DHCP
这时候我们查看pc的ip地址可以查看到电脑的ip如下所示,地址为0.0.0.0,说明并没有被分配ip地址。
配置全局
先通过命令“dhcp enable”开启dhcp。再创建一个名为net的IP池,并配置网段、网关、DNS等,这里的ip pool是用来配置Sub-VLAN的IP地址池。
配置端口
配置端口使用interface这个命令配置端口,这里我们把ip地址设置为192.168.1.1 24.这里的24是指我们的局域网是前24位,也就是我们的网络号。具体配置如下所示:
测试动态分配结果
可以通过ipconfig获取到分配的地址,这里可以发现分配给pc1的ip地址为192.168.1.253。
同样使用ipconfig这个命令查看剩余的两个pc的ip地址如下:
第二台pc ip地址
第三台pc ip地址
可以发现第二台ip的地址是192.168.1.252.第三台的ip地址是192.168.1.254.这就表明ip地址的分配是由大到小分配的,这个原因可能和我设置的网关地址有关。
抓包分析
DHCP抓包
为了动态获取并使用一个合法的IP地址,需要经历以下几个阶段:
(1) 发现阶段:即DHCP客户端寻找DHCP服务器的阶段。
(2) 提供阶段:即DHCP服务器提供IP地址的阶段。
(3)选择阶段:即DHCP客户端选择某台DHCP服务器提供的IP地址的阶段。
(4) 确认阶段:即DHCP服务器确认所提供的IP地址的阶段
发现阶段(客户端广播寻找DHCP服务器)
Client端在局域网内发起一个DHCP Discover包,目的是想发现能够给它提供IP的DHCPServer。
Here you can see that the Mac address of the broadcast address is ff:ff:ff:ff:ff:ff, using ports 67 and 68 of the udp protocol, and the hops here indicate that there is no proxy. At the same time, the client's ip address is 0.0.0.0, and the client's Mac address (54:89:98: b2:79:1a)
Offer phase (DHCP server sends available IP details)
The DHCP server that receives the DHCP-DISCOVER message in the network will select an appropriate IP address, and send it to DHCP through the DHCP-OFFER message together with the IP address lease period and other configuration information (such as gateway address, domain name server address, etc.) client.
The DHCP server saves the available IP addresses and other configuration information through the address pool. When the DHCP server receives the DHCP request message, it will obtain an idle IP address and other parameters from the IP address pool and send it to the DHCP client.
The order of priority for the DHCP server to assign IP addresses to clients is as follows:
(1) The IP address statically bound to the client MAC address or client ID;
(2) The IP address once assigned to the client recorded by the DHCP server;
(3) The IP address specified in the Option 50 field in the DHCP-DISCOVER message sent by the client;
(4) In the DHCP address pool, search for the IP addresses that can be allocated in sequence, and find the IP address first;
(5) If no available IP address is found, the IP addresses whose lease has expired and conflicts have occurred are inquired in turn, and if found, they will be allocated, otherwise they will not be processed.
When the DHCP server assigns an IP address to the client, the server first needs to confirm that the assigned IP is not used by other devices on the network. The DHCP server detects the assigned IP by sending an ICMP Echo Request (ping) message. If there is no response within the specified time, the server will send the ping message again. After reaching the specified number of times, if there is still no response, the assigned IP address is available. Otherwise, record the detected IP address as a conflicting address, and re-select the IP address for allocation.
Here the port numbers are still 67 and 68. Messagetype is the message sent by the server. The ipaddress here is the address that the server can provide is 192.168.1.252. The leasetime below is the address lease period, here is one day.
Selection phase (select IP and broadcast to other DHCP servers)
If multiple DHCP servers respond to the DHCP-OFFER message to the DHCP client, the DHCP Client can only process one of the DHCP Offer messages. The general principle is that the DHCP Client processes the first received DHCP Offer message. The DHCP Client will send a broadcast DHCP Request message, and the IP address of the selected DHCP Server and the required IP address will be added in the option field. This message contains Option 54 (server identification option), that is, the IP address information of the DHCP server selected by it.
Sending the DHCP-REQUEST request message in broadcast mode is to notify all DHCP servers that it will select the IP address provided by the DHCP server identified in Option 54, and other DHCP servers can reuse the provided IP address.
The ip address used by the client here is still 0.0.0.0, and no available ip is used, and the destination port is broadcast. Tell all servers the ip address he chooses. The request (3) here indicates that it is the selection phase. The following option is to indicate the ip selected by the client.
Confirmation phase (broadcast ARP to detect whether other hosts use this IP)
After receiving the DHCP-REQUEST request message sent by the DHCP client, the DHCP server checks whether there is a corresponding lease record according to the MAC address carried in the DHCP-REQUEST message. If so, send a DHCP-ACK message as a response to notify the DHCP client that the assigned IP address can be used.
After receiving the DHCP-ACK confirmation message returned by the DHCP server, the DHCP client will broadcast a free ARP message to detect whether there is a host using the IP address assigned by the server. If no response is received within the specified time, Clients use this address. Otherwise, the client will send a DHCP-DECLINE message to the DHCP server to notify the DHCP server that the address is unavailable and apply for an IP address again.
If the DHCP server does not find the corresponding lease record after receiving the DHCP-REQUEST message, or cannot normally allocate an IP address for some reason, it will send a DHCP-NAK message as a response to notify the DHCP client that it cannot allocate a suitable IP address. The DHCP client needs to resend the DHCP-DISCOVER message to request a new IP address.
The message type ack(5) here indicates the ack type. You can see that the destination port here has been replaced with the address assigned by the server.