DHCP

dhcp.md

DHCP

Disclaimer: ChatGPT generated document.

Below is an exhaustive, deeply detailed, and comprehensive explanation of DHCP and related networking concepts, designed to cover everything from basic foundations to advanced mechanisms and edge-case behavior. Since you prefer long-form, thorough technical breakdowns, this will be structured progressively—from fundamental IP networking concepts to advanced DHCP options, troubleshooting, and real-world implementations.

---

📡 Dynamic Host Configuration Protocol (DHCP) – Complete Deep Dive

---

🔹 1. Foundation: Why DHCP Exists

Before DHCP, administrators configured static IP addresses manually on every device. This was inefficient and error-prone. DHCP automates the assignment of:

Parameter	Purpose
IP address	Identifies the device on the network
Subnet mask	Defines same-network boundaries
Default gateway	Path to other networks
DNS servers	Resolves hostnames
NTP servers, PXE boot, vendor configs, etc.

---

🔹 2. Related Underlying Concepts to Understand

📍 2.1 IP Addressing

• IPv4 example: 192.168.1.10, typically private ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16
• Subnetting: Defines local broadcast domain (e.g., /24)
• Network vs Host bits

🖧 2.2 Broadcasts

DHCP heavily relies on broadcasts initially:

• IPv4 broadcast address: 255.255.255.255 (local network only)
• Because client has no IP yet, it must broadcast to all.

💾 2.3 MAC Addresses & ARP

• DHCP uses the MAC address (Layer 2) to identify clients.
• ARP is used once IP is assigned to confirm no duplication.

📦 2.4 UDP Transport

Protocol	Port
Server listens on	UDP 67
Client communicates on	UDP 68

---

🔹 3. DHCP Lifecycle: The DORA Process

DHCP operates through a 4-step sequence called DORA.

Step	Message	Sent by	Purpose
1	Discover	Client	"I need config" (broadcast)
2	Offer	Server	Suggests IP + config
3	Request	Client	Asks to use that IP
4	Acknowledgement	Server	Confirms lease

Client (no IP) ---> DHCPDISCOVER (broadcast)
Server ---------> DHCPOFFER (to client MAC)
Client ---------> DHCPREQUEST
Server ---------> DHCPACK

---

🔹 4. DHCP Lease & Expiration

A lease defines how long a client may use the assigned IP.

• Typical range: 1 hour – several days
• Before lease expiry, client sends DHCPREQUEST to renew.
• If server unavailable:
  • T1 (50% of lease): first renewal attempt
  • T2 (87.5%): another attempt
  • If lease expires → client must restart DORA.

---

🔹 5. DHCP in Different Network Situations

📌 5.1 Same subnet (normal case)

• Broadcasts reach server directly.

📌 5.2 Different subnet

• Requires DHCP Relay Agent (often router).
• Uses IP Helper Address or RFC 1542 mechanism.
• Forwards broadcasts as unicast to DHCP server.

Client → Switch → Router Acting as Relay → DHCP Server (even in another network)

---

🔹 6. DHCP Options (RFC 2132)

Options are metadata provided in DHCPACK/DHCPOFFER.

Option	Description
1	Subnet Mask
3	Default Gateway
6	DNS Servers
15	DNS Domain Name
42	NTP Servers
66/67	TFTP Server / Boot File (PXE Boot)
119	Domain Search List
121	Classless Static Routes
82	Relay Agent Information (security/tracking)

---

🔹 7. DHCP Reservations vs Static IP

• Reservation: Server assigns a fixed IP based on MAC.
• Static: Client is manually set, not via DHCP.

Feature	DHCP Reservation	Static IP
Config managed centrally	✔	✖
Requires local config	✖	✔
Can specify additional DHCP options	✔	✖

---

🔹 8. DHCP in IPv6 (DHCPv6 vs SLAAC)

Feature	IPv4 DHCP	IPv6 SLAAC	IPv6 DHCPv6
Stateless auto-assign	✖	✔	✖
Stateful control	✔	✖	✔
Uses router advertisements	✖	✔	✔ (with flag)

IPv6 addresses can be assigned via:

• SLAAC (Stateless Address Auto Configuration) using prefix from routers
• DHCPv6 similar to DHCPv4
• Often combined

---

🔹 9. DHCP Security

⚠ Risks:

• Rogue DHCP servers assigning malicious configs
• DHCP starvation (DoS) via MAC spoofing
• MITM via malicious gateway/router

🔐 Mitigations:

• DHCP snooping (on switch)
• IP/MAC binding
• 802.1X network access control
• Use Option 82 for relay tracking

---

🔹 10. DHCP Logs & Troubleshooting

🔍 Common Issues

Problem	Typical Cause
No IP received	No DHCP server / relay failure
Duplicate IP	Rogue server / misconfig
Slow network login	DHCP lease delay
Client always gets new IP	Lease not retained / client ID changes

📟 Tools

• tcpdump | Wireshark (filter bootp)
• ipconfig /renew (Windows)
• dhclient -v (Linux)
• Switch/router logs (relay issues)

---

🔹 11. Advanced Usage

🖥 PXE Boot (Network Boot)

• Uses DHCP + TFTP
• Options 60 (vendor class), 66, 67

🛠 Split Scopes / Failover

• Multiple DHCP servers sharing load
• Failover via RFC 3074

🧪 IP Conflict Detection

• Server may ping before finalizing allocation

---

🔹 12. DHCP Packet Structure (Simplified)

+-------------------------------+
| Op (1 byte)  |  Message Type  |
| HTYPE (1)    |  Hardware Type |
| HLEN (1)     |  MAC Length    |
| HOPS (1)     |  Relay Counter |
| XID (4)      |  Transaction ID|
| SECS (2)     | Since Start    |
| FLAGS (2)    | Broadcast Bit  |
| CIADDR (4)   | Client IP      |
| YIADDR (4)   | 'Your' IP      |
| SIADDR (4)   | Server IP      |
| GIADDR (4)   | Relay IP       |
| CHADDR (16)  | Client MAC     |
| Server Hostname (64)         |
| Boot Filename (128)          |
| Magic Cookie (4)             |
| Options (Variable)           |
+-------------------------------+

---

🔹 13. ISC, Windows, and Cisco DHCP – Implementation Comparison

Feature	Linux (ISC/Kea)	Windows Server	Cisco IOS
Graphical UI	✖	✔	✖
Reservation support	✔	✔	✔
Failover support	✔	✔	✔
Option 82	✔	✔	✔
Configuration level	Text-based	GUI + CLI	Cisco CLI

---

🔹 14. Practical Demo Example (Cisco)

ip dhcp excluded-address 192.168.10.1 192.168.10.10
ip dhcp pool LAN
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1
 dns-server 8.8.8.8
 lease 2 12

---

🔹 15. Full DHCP Lifecycle Diagram

┌──────────────────────────┐
│ Client boots (no IP)     │
├──────────────────────────┤
│ DHCP Discover (broadcast)│
▼
DHCP Server
│ Offers IP (DHCPOFFER)    ▲
▼                          │
Client sends REQUEST       │
▼                          │
Server acknowledges (ACK)  │
└──────────────────────────┘

---

📚 Summary Table

Concept	Summary
DHCP	Dynamic IP configuration over UDP
Addressing	IPv4 & IPv6
DORA	Discover → Offer → Request → Acknowledge
Relay Agent	Enables DHCP across subnets
Lease	Temporary IP ownership
Options	Custom config (DNS, PXE, Routes)
Security	Install DHCP Snooping, block rogue servers
Troubleshooting	Use packet analysis, renewal commands
IPv6	SLAAC vs DHCPv6

---

🧠 Final Notes

• DHCP is stateless over UDP, but creates stateful lease tracking.
• IP uniqueness protection rarely implemented well.
• DHCP server failure does not immediately break clients, but eventually after lease expiration.

---

💬 If You’d Like to Go Deeper

I can additionally provide: ✔ DHCP packet analysis via Wireshark ✔ C++ implementation example for DHCP discovery requests ✔ Real network misconfiguration examples and debugging strategies ✔ Deep dive into PXE boot protocols ✔ DHCP in virtualized/cloud systems (e.g., VMware, Kubernetes)

---

Would you like to: 👉 See real Wireshark traces? 👉 Explore DHCP implementation code or pseudo-code? 👉 Compare DHCP vs. static addressing in enterprise networks? 👉 Move into network security topics like NAC and 802.1X?

Let me know where you'd like to dive next.