CS计算机代考程序代写 dns database DHCP cache Slide 1

Slide 1

Networking

DHCP
© Janice Regan, 2006-2013

© Janice Regan, 2006-2013
2
Bootstrapping Autoconfiguration
Bootstrapping is a process by which a client (diskless or with limited storage) can obtain information ranging from IP addresses to bootloading files (from a server or servers)
Bootstrapping uses this information to load OS into volatile storage and customize the environment for a particular host (configure the host)

At one time configuration of host specific information like addresses, was done manually as each host was added to a network or network information was updated.
Autoconfiguration allows us to automate this procedure, or isolate the need for updates to one or more configuration servers. Automation of these procedures is now also important for supporting mobility of hosts.

© Janice Regan, 2006-2013
3
Protocols: 1
Protocols used for bootstrapping include RARP and BOOTP (BOOTstrap Protocol).
RARP, Reverse Address Resolution Protocol, (RFC 903) is limited, supplying only IP address of the booting host. This is adequate only on very simple networks
RARP was superceded by BOOTP which could supply more information (RFC 951, 1542, 2132), but was appropriate only when
workstations rarely move from network to network
Each workstation had its own fixed IP address

© Janice Regan, 2006-2013
4
Protocols: 2
Networks today do not conform to either of these constraints.
Workstations are commonly moved from network to network
Workstations will want an IP address from the network they are attached to, not a static IP address
To extend the functionality of BOOTP, DHCP (Dynamic Host Configuration Protocol) was developed
DHCP is fully backward compatible with BOOTP, providing necessary extensions to that protocol.

© Janice Regan, 2006-2013
5
DHCP configuration
Hosts of a particular hardware type will have a common operating system/environment. They will also need host specific configuration information
In addition to the IP address BOOTP and DHCP servers can supply other configuration information including netmask (prefix length), gateway address, desired IP address, DNS server address, bootstrap file name and other information (some vendor specific)
BOOTP and DHCP messages are encapsulated in UDP packets which are in turn encapsulated in IP packets

© Janice Regan, 2006-2013
6
Encapsulation BOOTP or DHCP
BOOTP or DHCP message
BOOTP or DHCP message
BOOTP or DHCP message

UDP header
UDP header
IP header
BOOTP or DHCP message

UDP header
IP header
Ethernet header

© Janice Regan, 2006-2013
7
Uses
BOOTP / DHCP can be used to boot a host with very little non volatile (permanent) memory.
A minimal version of the OS can be stored in the permanent memory and used at boot to request a full boot image and configuration
BOOTP / DHCP can be used on a host which requires only configuration information
Host had complete OS and all common required software elements.
Host needs host specific configuration information

© Janice Regan, 2006-2013
8
Sending the DHCP request
DHCP messages are sent in IP packets through port 67
DHCP is being used to determine the IP address of the booting host
Therefore, DCHP requests must be broadcast to the local network
The DHCP server will receive the request if it is on the local network
The DHCP server need not be on the local network segment. DHCP relay agents (routers or multihomed hosts) can forward DHCP requests and replies to other network segments

© Janice Regan, 2006-2013
9
Sending the DHCP reply
The DHCP server knows the IP address of the booting host, so it can address a unicast IP packet to that host
The booting host does not know its own IP address and IP specifies (RFC 1122) that a host should drop packets not destined for one of its own IP addresses.
This seems to imply that the reply must also be broadcast. However, RFC 1122 does not specifically state what should happen if the host does not know its own IP address
The later BOOTP specification (RFC 1542) does specify that IP packets should not be ignored if the host does not yet know its own IP address
BOOTP and DHCP replies are usually unicast, but can be broadcast. They are sent through port 68

© Janice Regan, 2006-2013
10
But how does IP layer get a packet not sent to its IP address?
The host sending the DHCP reply will
know the IP address of the host that sent the DHCP request
assign the IP address for this host (so now it knows both the IP and Ethernet addresses of the requesting host)
In most cases insert the IP/ethernet address information into the ARP cache of the machine constructing the DHCP reply
Be able to unicast a reply to the requesting host

© Janice Regan, 2006-2013
11
But how does IP layer get a packet not sent to its IP address?
When the DHCP reply is received
The Ethernet address the reply is delivered to is the host making the DHCP request
The Ethernet packet has its header removed and the remaining data is passed to the IP layer
The IP destination address in the DHCP request is the IP of the requesting machine but the requesting machine does not know this yet.

© Janice Regan, 2006-2013
12
Two step boot process
The DHCP server maintains a static database of network information that can be sent to the booting host in the DHCP reply
The DHCP reply provides information necessary to obtain a boot image, not the boot image itself.
DHCP allows this information to be used to access and download a boot image.
Boot image may reside on the DHCP server or on another host
Allows configuration of multiple groups of machines with similar hardware or software needs (ie different kernel)

© Janice Regan, 2006-2013
14
DHCP message structure: 1
OP field is 1 for BOOTP request, 2 for BOOTP reply
HTYPE (hardware type as for ARP), HLEN (in octets), and Client address specify the booting hosts hardware address
Hops is set to 0 by the booting host and incremented by the DHCP relay agent before forwarding to an adjacent network
Transaction id is used to match requests and replies
Secs is the # of seconds since the first DHCP request
Only one flag is used. It determines if the reply is to be broadcast or unicast (default is unicast)
Client IP address is either 0.0.0.0 or an IP address being requested by the booting client

© Janice Regan, 2006-2013
15
DHCP message structure: 2
Your ip address is the IP address supplied by the server (may not be the requested address). Must be included since it cannot be recovered if the reply is broadcast
Server IP address is used to indicate where the boot image can be obtained
Router IP address is used by a relay agent. Booting host sets to 0.0.0.0, first relay agent inserts its own IP address before forwarding to adjacent network. DHCP server returns reply to first relay agent which is responsible for unicast or broadcast on the local network segment.

© Janice Regan, 2006-2013
16
BOOTP message structure: 3
Server Name is used if a response is requested from a specific BOOTP server
Boot file name, booting host specifies type of boot file, server sends address of image
Vendor Specific Information Field: Includes options. This is where netmask, server addresses (DNS, NIS,…), and actual vendor specific data is inserted. Maximum length of field is 64 bytes. If more than 64 bytes of options are needed the BOOTP server can specify a file containing the option and vendor specific information. Each option in the field or the file is given as a tag, a length, and the data

51
Structure of options: samples
Message type

Option code

Option length (octets)
Option data

1
Option data

4
Subnet mask

4
DNS server IP address

4
requested IP address
255

8
1st and 2nd router IP address

4
Lease time

© Janice Regan, 2006-2013
18
Message type
The message type is specified as an option.
The option has option code 53, length 1, and data
DHCPOFFER 2
DHCPPACK 5
DHCPREQUEST 3
DHCPDISCOVER 1
DHCPDECLINE 4
DHCPNAK 6
DHCPRELEASE 7
DHCPINFORM 8
The IP type field indicates DHCP, not the type of DHCP message

© Janice Regan, 2006-2013
19
Dynamic Configuration
BOOTP is based upon a static database configured by the network administrator
To make the system work in networks where hosts are added or removed frequently or in large networks you really want a dynamic, automatically updated system. In such a system the administrator no longer needs to manually update the system each time a change occurs.
DHCP is the extension to BOOTP that allows dynamic configuration.

© Janice Regan, 2006-2013
20
Lifetime of Dynamic Entries
Three timers are used within DHCP
Lease time: the length of time for which the assigned IP address will remain valid (seconds)
Renewal time: length of time before the client should request an extension of the lease time from its chosen DHCP server (seconds). Default is 50% of Lease time.
Rebinding time: length of time before the client should request an extension of lease from all accessible DHCP servers (seconds). Default is 87.5% of Lease time

© Janice Regan, 2006-2013
21
DHCP: use of renewal timer
If client’s renewal time expires
Client requests extension from it’s DHCP server (Request unicast to DHCP server)
if no reply is received request is transmitted with exponential backoff (4, 8, 16, …, 64 seconds) until a response is received or a set number of retransmission occur
If lease extension is granted update lease time, renewal time and rebinding time to reflect extension
If lease is not extended terminate lease (send DHCPRELEASE message

© Janice Regan, 2006-2013
22
Use of rebinding timer
If client’s rebinding timer expires
Client broadcasts an extension request to all DHCP servers
if no reply is received request is transmitted with exponential backoff (4, 8, 16, … 64 seconds) until a response is received or until a set number of retransmission occurs
If lease extension is granted update lease time, renewal time, rebinding time and identity of selected DHCP server to reflect extension granted by a different server
If lease is not extended terminate lease (send DHCPRELEASE message)

DHCPREQUEST

DHCPNAK

© Janice Regan, 2006-2013
24
Initial configuration: Summary
Client begins in INITIALIZE, if it boots without a valid IP address (no address, expired address or invalid address)

© Janice Regan, 2006-2013
25
Initial configuration: Summary
Four messages are exchanged.
A DHPDISCOVER message is broadcast by the host
Each server/relay client finds an IP address for the host and sends it to the host in a DHCPOFFER message
The host chooses a server from received offer messages (usually takes the first) then broadcasts a DHCPREQUEST
When the server receives the DHCPREQUEST message it confirms the IP address assignment by sending a DHCPACK back to the host.

© Janice Regan, 2006-2013
26
Initial configuration: 1
A DHPDISCOVER message is broadcast so it reaches all DHCP servers or relay clients on the attached network
Ethernet: destination address all 1’s, source address is ethernet address of host making DHCP request
IP: source address 0.0.0.0, destination address 255.255.255.255
UDP : source port 68, destination port 67
Client address and your address 0.0.0.0, client hardware address is the Ethernet address of the host making the DHCP request
Options: needs Message type and parameter request list

© Janice Regan, 2006-2013
27
Initial configuration: 2
Each server/relay client finds an IP address for the host and sends it to the host in a DHCPOFFER message
Ethernet: destination address is the client Ethernet address, source address is Ethernet address of replying DHCP server
IP: source address is the address of the replying server, destination address is the client address (or broadcast)
UDP : source port 68, destination port 67
Client address 0.0.0.0 and your address is set, client hardware address as for DHCPDISCOVER packet
Options: needs Message type, lease time, renewal time, server IP address, rebinding time, any subnet mask

© Janice Regan, 2006-2013
28
Initial configuration: 3
The client chooses a server from received offer messages (usually takes the first) then broadcasts a DHCPREQUEST including the server address and suggested least time and rebinding time
The chosen server chooses an IP address, places the address and configuration information into its database and replies with a DHCPACK containing the information
It is recommended that the server probe the IP address it is assigning to the client
Other servers know that they have not been chosen and release the IP address they offered for later use.
When the client receives the DHCPACK it is recommended that it should use an ARP request to confirm its assigned address is not in use.

client

DHCP DISCOVER
DHCP OFFER
DHCP DISCOVER
DHCP REQUEST
DHCP OFFER
DHCP REQUEST
DHCP PACK
Offered Address returned to pool

client

Selected router

unselected router

INIT REBOOT

DHCPREQUEST

DHCPNAK

© Janice Regan, 2006-2013
32
Rebooting before lease expires
When a client is rebooted or turned on and it has recorded a previous lease
It checks to see if the has expired
If the lease has expired it goes to INIT state and begins negotiating a new IP address
If the lease has not expired it goes into INIT-REBOOT state and attempts to confirm the lease is still valid
The client broadcasts a DHCPREQUEST, including the IP address to be confirmed as a requested IP address in the options
When the server receives the request it checks that the address is available and is on the correct network then sends a DHCPACK if it is.
When the client receives the DHCPACK it is recommended that it should use an ARP request to confirm its assigned address is not in use.

INIT REBOOT

DHCPREQUEST

DHCPNAK

© Janice Regan, 2006-2013
35
Moving to a new network
When a client is rebooted or turned on and it has recorded a previous lease
It checks to see if the has expired
If the lease has not expired it goes into INIT-REBOOT state and attempts to confirm the lease is still valid
The client broadcasts a DHCPREQUEST, including the IP address to be confirmed as a requested IP address in the options
When the server receives the request it checks if the address is on the correct network since the host has moved it is not
The server sends a DCHPNAK to the client
The client moves into the INIT state and start a new initialization

INIT REBOOT

DHCPREQUEST

DHCPNAK

© Janice Regan, 2006-2013
37
Extending a lease: 1
When the client negotiates the lease a renewal time and a rebinding time can be set (default is ½ lease time and 87.5% of lease time)
At the renewal time is reached the client sends a DHCPREQUEST message to the specified server requesting that the lease be extended
If the server agrees it sends a DHCPACK back to the client to extend the lease
If the server disagrees it sends a DHCPNAK and the client must disconnect from the network terminating the lease

© Janice Regan, 2006-2013
38
Extending a lease: 2
If the server does not reply to the DHCPREQUEST sent to renew the lease
the client will retransmit (unicast) with exponential backoff (after 4, 8, 16, … seconds).
Eventually the client will enter rebind state
then DHCPREQUESTS are broadcast to all servers.
If another server can extend the lease that server will respond an renew the lease and move the client back to the bound state
If no server responds and the lease expires the client returns to the initialize state

INIT REBOOT

DHCPREQUEST

DHCPNAK

INIT REBOOT

DHCPREQUEST
DHCPNAK

© Janice Regan, 2006-2013
41
DHCP software
A commonly used DHCP package used on linux networks is the ISC (Internet software consortium) DHCP package
To help understand how this package is used read the linux documentation for
The DHCP relay agent, dhcrelay (posted)
The DHCP client, dhclient
The DHCP server, dhcpd

© Janice Regan, 2006-2013
42
DHCP software
A commonly used DHCP package used on linux networks is the ISC (Internet software consortium) DHCP package
To help understand how this package is used read the linux documentation for
The DHCP relay agent, dhcrelay (posted)
The DHCP client, dhclient
The DHCP server, dhcpd

© Janice Regan, 2006-2013
43
DHCP relay agents
Two types
One runs on IP routers (some dedicated routers include embedded DHCP relay agents for example Cisco router routers)
One runs on general purpose hosts (may be operating as routers)
Relay agents can replace a DHCP server on some segments of a multisegment network installation
Each segment of a network running DHCP must contain either (or both)
At least 1 DHCP server
At least 1 DHCP relay agent (usually associated with the routers attached to the segment)

© Janice Regan, 2006-2013
44
DHCP relay agents
Relay agents forward DHCP messages from clients on a network segment with no DHCP server to a DHCP server on another network segment
Remember that the original DHCPDISCOVER message is broadcast on the network segment containing the source host. It must reach either a DHCP server or a DHCP relay agent.
If it reaches a relay agent then it will be forwarded to a DHCP server on another network segment or to another relay agent.
To forward a DCHP message the relay agent needs
the information in the DHCP message
One or more IP address that all DHCP messages it receives are forwarded to. (>1 if more than 1 DHCP server)

© Janice Regan, 2006-2013
45
DHCP Relay agent operation
It increments the hop count in the DHCP message
Inserts the IP address of the relay agent into the router IP address field if the router (gateway) IP address is 0.0.0.0
The router IP address will be set to 0.0.0.0 when a DHCPDISCOVER message is created.
The router IP address will thus record the IP address of the first relay agent on the path to the DHCP server
Appends any relay agent options
The end option will be moved to follow any appended options
Sends the packet the DHCP server or next relay agent

© Janice Regan, 2006-2013
46
DHCP servers and Relay Agents
The server will receive and process the request, adding the configuration information to the message
The server will unicast the response message (encapsulated in an IP datagram) to the address extracted from the router address field. The response passes through only one relay agent, the first relay agent encountered by the request.
When the packet reaches the host running the relay agent it will be sent to the relay agent

© Janice Regan, 2006-2013
47
DHCP Relay Agent operation
Relay agent receives the message from the DHCP server
Relay agent checks the router address field to determine the network interface over which the message should be sent
The router address will indicate which interface the original message arrived through
Relay agent checks the broadcast flag to see if the packet should be broadcast or unicast the host that sent the request
Relay agent sends the message to the host that sent the request

© Janice Regan, 2006-2013
48
Avoiding DHCP message collisions
If a network is shut down (like in a power failure) and all hosts come up at the same time the server may not be able to deal with all the resulting discover messages
Each client is required to delay its initial DHCP message by a random time between 0 and 10 seconds
The delay time between retransmissions is randomized by -1 to +1 seconds

© Janice Regan, 2006-2013
49
DHCP configuration
Host or router running the DHCP server will have a configuration file at a default location of /etc/dhcpd.conf
Defines the operation of DHCP in the network
Specifies basic network architecture
Specifies lease times and other necessary information
For details of configuration refer to reference
The DHCP Handbook, Droms and Lemon

© Janice Regan, 2006-2013
50
Subnet declarations
Defines scope: range of addresses in network
# Subnet 1
subnet 192.168.11.0 netmask 255.255.255.0
{
# subnet declarations
}

# Subnet 2
subnet 192.168.0.0 netmask 255.255.128.0
{
# subnet declarations
}

# subnet 1
subnet 192.168.11.0 netmask 255.255.255.0
{
range 192.168.11.1 192.168.11.251
# 192.168.11.252 reserved for DHCP server
# 192.168.11.253 reserved for DNS server
# 192.168.11.254 reserved for router
}

# Subnet 1
subnet 192.168.11.0 netmask 255.255.255.0
{
range 192.168.11.1 192.168.1.251
# 192.168.11.252 reserved for DHCP server
# 192.168.11.253 reserved for DNS server
# 192.168.11.254 reserved for router
option domain-name-servers 192.169.11.253
}

# Subnet 1
subnet 192.168.11.0 netmask 255.255.255.0
{
range 192.168.11.1 192.168.1.251
#default lease 30 days, maximum 45 days
default-lease-time 2592000
maximum-lease-time 3888000
minimum-lease-time 600
}

© Janice Regan, 2006-2013
56
Lease times
Can be specified by client as an option in DHCP messages
If specified time is less the min-lease-time, min-lease-time will be used
If specified time is greater the max-lease-time, max-lease-time will be used

© Janice Regan, 2006-2013
57
Static Allocation using DHCP
Can statically allocate addresses for particular hosts
Microsoft DHCP uses the term reservation rather than static allocation
Can use all static addresses
Can mix static and dynamic addresses
For example static addresses for fixed wired clients, dynamic addresses for mobile client

# Subnet 1
Subnet 192.168.11.0 netmask 255.255.255.0
{
range 192.168.11.1 192.168.1.251
default-lease-time 2592000
}
host dhcpserver
{
fixed address 192.168.1.252
hardware ethernet 00:20:78:10:c8:12
default-lease-time 1000
}

© Janice Regan, 2006-2013
59
Host statements
Used for static ip addresses and enhanced security
Any request from a client that matches (same ethernet address) a host statement is considered to be from a “known” client.
Other requests are from “unknown” clients
The name in the host statement is used only to identify the host statement it is not the clients hostname
Can use host statements to make the dhcp server treat some addresses differently from other

© Janice Regan, 2006-2013
60
Using pools
Can use host statements to make the dhcp server treat some addresses differently from other
Example: permit only known clients to obtain leases from the specified range of addresses. Provide a small range for any clients

pool
{
deny unknown clients
range 192.168.11.23 192.168.11.128
}
pool
{
allow unknown clients
range 192.168.11.129 192.168.11.150
}

/docProps/thumbnail.jpeg

Related Posts