DHCP packets

A: the DHCP protocol

● link layer header: bearer link layer packet header, a common format Ethernet_II, 802.1Q format, the IEEE802.3 format, link layer header format Token Ring and the like.
● IP header: standard IP protocol header, IPV4 length of 20bytes, including SrcIp (Source IP), DstIp (object IP) and other information.
● UDP header: 8bytes, including SrcPort (source port), DstPort (destination port), and the length of the packet UDP checksum and other information.
● DHCP messages: a specific DHCP message content.

Two, DHCP packets Type In Depth

1. DHCP Discover
   DHCP client requests an address, does not know the location of the DHCP server, so the DHCP client broadcasts a request packet within the local network, this message becomes Discover packet, the purpose is to find the network DHCP server All receive the Discover packets DHCP server will send a response packet, DHCP client thus can know the location of existing network DHCP server.

2. DHCP Offer
   after the DHCP server receives Discover packet, it will look for a suitable IP address in the address configured in the pool, plus the corresponding period of the lease and other configuration information (such as gateway, DNS servers, etc.), to construct a newspaper Offer text, sent to the user (broadcast can also be unicast), to inform users of this server can provide IP addresses. (Note that you can only tell the client provided is pre-allocated, but also through the ARP client detects whether the IP repeat)

3. DHCP Request
   客户端会在两种情况下发送DHCP Request
   1) DHCP客户端可能会收到来自DHCP服务器的很多Offer，所以必须在这些回应中选择一个。Client通常选择第一个回应Offer报文的服务器作为自己的目标服务器，并回应一个广播Request报文，通告选择的服务器。注意，"Client通常选择第一个回应Offer报文的服务器作为自己的目标服务器"这里存在一个安全问题，如果我们的伪DHCP服务器能比原始DHCP服务器先发送Offer数据包，就能达到欺骗的目的，从而劫持目标用户的流量
   2) 获取DHCP客户端成功获取IP地址后，在地址使用租期过去1/2时，会向DHCP服务器发送单播Request报文续延租期，如果没有收到DHCP ACK报文，在租期过去3/4时，发送广播Request报文续延租期。
4. DHCP ACK
   DHCP服务器收到Request报文后，根据Request报文中携带的用户MAC来查找有没有相应的租约记录(即之前的预分配过程中登记的那个MAC)，如果有则发送ACK报文作为回应，通知用户可以使用分配的IP地址。
   DHCP NAK
   如果DHCP服务器收到Request报文后，没有发现有相应的租约记录或者由于某些原因无法正常分配IP地址，则发送NAK报文作为回应，通知用户无法分配合适的IP地址。
5. DHCP Release
   当用户不再需要使用分配IP地址时，就会"主动"向DHCP服务器发送Release报文，告知服务器用户不再需要分配IP地址，DHCP服务器会释放被绑定的租约(在数据库中清除某个MAC对某个IP的租约记录，这样，这个IP就可以分配给下一个请求租约的MAC)
6. DHCP Decline
   After the DHCP client receives the DHCP server response ACK packet, the server assigned address conflicts found by an address conflict detection or for other reasons can not be used, then send Decline message notification server assigned IP address is not available, we set a static IP in the manual, or DHCP assignment sometimes encounter prompts "to detect IP conflict" because the client using the ARP mechanism to confirm whether the currently specified IP is already in use in the current intranet
7. DHCP Inform
   the DHCP client if required to obtain more detailed configuration information from a DHCP server, then send an Inform message request to the server, the server receives the message, according to the lease will look to find the appropriate configuration information, send an ACK response to the DHCP client