DHCP

We all have heard about the DORA process, but for interviews that isn't enough. Lets dive deeper.

Consider a scenario where a host requests an ip address from a dhcp server which lies in the same network(192.168.1.0/24) as that of the hosts. How will the process work?

Initially when you configure a host to receive an ip dynamically, it will generate a DHCP Discover message. Lets check out the imp fields in this packet.

?

DHCP DISCOVER:

Dst mac: Broadcast

Src mac: Host A's Mac Address

Dst IP: Broadcast(To discover all the dhcp servers in the network)

Src IP: 0.0.0.0

Src Port: 68

Dst Port: 67(Server's port)

Bootp Flag: Broadcast/Unicast(If this field is broadcast, it means that client is telling the server to provide all the reply packets as broadcast because it is not capable of handling unicast packet until an ip address has been assigned).

Client IP: 0.0.0.0(This is the ip which you are requesting from dhcp server)

Your(client) IP: 0.0.0.0(This is the IP address which the server will try to allocate.)

Server IP: 0.0.0.0(IP address of the server)(This field will tell that currently you are having a session with this particular dhcp server)

Relay Agent IP: 0.0.0.0(This is used when your dhcp server is in different subnet).

Client MAC address: Host A's MAC address.(This field will be used when dhcp server replies back to reach the actual host)

?

DHCP OFFER:

When the server receives the dhcp discover message, it will allocate an ip address available from the pool which the host belongs to. This comes handy when you have a relay agent when your server and hosts are in different subnet. The relay agent would be in the same subnet as that of the host, and therefore with the help of that address server can assign an ip from that particular pool. After the allocation, an icmp packet would be generated by the server to check whether it is receiving any reply from the network for the allocated ip address. If that reply is unsuccessful, than it will send a dhcp offer packet. If it is successful, than it understands that this ip is being used by any other host and it will abandon that particular ip from the pool, it will try to assign the next ip from the pool to the host. If none of the ip address are available than it wont send a reply.

?

Now, the server is sending a DHCP Offer message, let's see some imp fields in it.

Dst mac: Broadcast

Src mac: Server's Mac Address

Dst IP: Broadcast(Because of the bootp flag)

Src IP: DHCP Server's IP

Src Port: 67

Dst Port: 68

Client IP: 0.0.0.0(This is the ip which you are requesting from dhcp server)

Your(client) IP: 192.168.1.13(Let's assume server is trying to allocate this ip address to the host)

Server IP: 192.168.1.1(IP address of the server)(This field will tell that currently you are having a session with this particular dhcp server)

Relay Agent IP: 0.0.0.0(This is used when your dhcp server is in different subnet).

Client MAC address: Host A's MAC address.(With this field it will reach to the correct host though the eth dst is broadcast)

?

NOTE: Lets say we have multiple dhcp servers in the subnet, all the servers will receive the dhcp discover message and will reply back with dhcp offer message. Client will choose a server based on the offer which it receives first.

?

DHCP REQUEST:

After the host receive the offer message, it will generate a dhcp request message to get the offered IP address.?

Dst mac: Broadcast

Src mac: Host A's Mac Address

Dst IP: Broadcast

Src IP: 0.0.0.0

Src Port: 68

Dst Port: 67(Server's port)

Bootp Flag: Broadcast

Client IP: 0.0.0.0(This is the ip which you are requesting from dhcp server)

Your(client) IP: 0.0.0.0(This is the IP server will try to allocate.)

Server IP: 0.0.0.0(IP address of the server)(This field will tell that currently you are having a session with this particular dhcp server)

Relay Agent IP: 0.0.0.0(This is used when your dhcp server is in different subnet).

Client MAC address: Host A's MAC address.(This field will be used when dhcp server replies back to reach the actual host)

Option 50(Requested IP): 192.168.1.13

The point to note here is that we already have the ip address of DHCP server,than why are we still broadcasting? The reason being, we are letting all other dhcp servers know that currently I am having an active session with one particular dhcp server(option 50).

?

DHCP ACK

Dst mac: Broadcast

Src mac: Server's Mac Address

Dst IP: Broadcast(Because of the bootp flag)

Src IP: DHCP Server's IP

Src Port: 67

Dst Port: 68

Client IP: 0.0.0.0(This is the ip which you are requesting from dhcp server)

Your(client) IP: 192.168.1.13(Let's assume server is trying to allocate this ip address to the host)

Server IP: 192.168.1.1(IP address of the server)(This field will tell that currently you are having a session with this particular dhcp server)

Relay Agent IP: 0.0.0.0(This is used when your dhcp server is in different subnet).

Client MAC address: Host A's MAC address.(With this field it will reach to the correct host though the eth dst is broadcast)

Once this message is received by the host A, it will generate a gratuitous arp to verify that if that particular allocated ip is not used by any other device on that network. Once it verifies it, It assigns itself with that IP.

?

Who would have thought that getting an IP address would be this difficult, but it is.

?

Thank you everyone for reading this and I hope you learnt something new.?

Feel free to comment with questions or additional insights! Let's keep learning together.

?

#Networking #DHCP

?