DHCP Offer
Operating Systems & Network Security Dr. Carl Pulley [email protected]
Wednesday, 11 February 2009
DHCP Dynamic Host Configuration Protocol transport layer protocol UDP packets client port is 68; server port 67 DHCP clients use protocol so that they can operate on an IP network Devices can be added to network with little or no administration
Wednesday, 11 February 2009
DHCP is an extension of BOOTP protocol.
DHCP DHCP clients send a DHCP broadcast when they first join a network DHCP server manages a pool of IP addresses along with options (for example): default gateway address domain name DNS settings Address allocation follows a Discovery, Offer, Requests, Acknowledgement pattern Wednesday, 11 February 2009
DHCPDiscover Client sends out broadcasts and attempts to locate a DHCP server if address is still free, might be allocated to client Client can suggest IP address (eg. their last allocated one) they’d like to use authoritative server refuses request. Client immediately asks for a new address ow server ignores request. Timeout by client and request for new address follows Wednesday, 11 February 2009
DHCPOffer DHCP Offer sent out to client when server receives a request offer contains an IP address that DHCP server has reserved for client Returned offer based on chaddr field (client hardware address) of discovery request yiaddr field (your IP address) of offer contains IP address that server offers
Wednesday, 11 February 2009
DHCPRequest DHCP client can receive requests from multiple servers only one is accepted transaction ID (ie. XID) ties conversations together between client and a specific server XID allows other servers to determine that a client has refused their offer any unrelated server (relative to XID value) returns address to pool Wednesday, 11 February 2009
DHCPAck DHCP Ack returned to client after server receives a DHCP Request from them Lease duration included with acknowledgement along with offers data ciaddr (client IP address) siaddr (server IP address) giaddr (gateway IP address) Expectation is that client will use offers to configure their network settings Wednesday, 11 February 2009
Address Allocation 4 modes for allocating IP addresses: dynamic: lease address to client automatic: permanent allocation static: MAC address determines allocation manual: client specifies address they wish to use
Wednesday, 11 February 2009
Dynamic Allocation DHCP server has a pool of IP addresses it may allocate client requests an IP address server grants an IP address IP address allocation is for a time period (ie. lease) Request-grant process allows expired IP addresses to be reused
Wednesday, 11 February 2009
Automatic Allocation Essentially, this is dynamic allocation Except, IP addresses are assigned preferentially ie. if you’ve had the address before, attempts are made to reallocate that address to you
Wednesday, 11 February 2009
Static Allocation DHCP server maintains a table of MAC and IP addresses MAC address is used to influence the IP address allocated to a client MAC/IP address table is configured by the network administrator
Wednesday, 11 February 2009
DHCPRelease DHCP client can release address at any time during its lease DHCP Release achieves this ipconfig /release (Windows) dhclient -r (*nix) Since client can just unplug from network, DHCP protocol doesn’t insist on such release requests
Wednesday, 11 February 2009
On linux, current leases that a DHCP server has assigned can be viewed in /var/lib/dhcpd/ eth0.dhcp.leases. For a DHCP client, the offers from a DHCP server can be found in /var/lib/ dhcp/dhclient.leases.
Rogue DHCP Servers DHCP server that’s not under administrative control of network staff Can use rogue servers for man-in-the-middle (MITM) attacks - see week 12 practicals No protection against rogue DHCP servers! IDS and switches can stop these attacks by dropping the packets can detect their presence (see practicals)
Wednesday, 11 February 2009
Wednesday, 11 February 2009
DHCP Dynamic Host Configuration Protocol transport layer protocol UDP packets client port is 68; server port 67 DHCP clients use protocol so that they can operate on an IP network Devices can be added to network with little or no administration
Wednesday, 11 February 2009
DHCP is an extension of BOOTP protocol.
DHCP DHCP clients send a DHCP broadcast when they first join a network DHCP server manages a pool of IP addresses along with options (for example): default gateway address domain name DNS settings Address allocation follows a Discovery, Offer, Requests, Acknowledgement pattern Wednesday, 11 February 2009
DHCPDiscover Client sends out broadcasts and attempts to locate a DHCP server if address is still free, might be allocated to client Client can suggest IP address (eg. their last allocated one) they’d like to use authoritative server refuses request. Client immediately asks for a new address ow server ignores request. Timeout by client and request for new address follows Wednesday, 11 February 2009
DHCPOffer DHCP Offer sent out to client when server receives a request offer contains an IP address that DHCP server has reserved for client Returned offer based on chaddr field (client hardware address) of discovery request yiaddr field (your IP address) of offer contains IP address that server offers
Wednesday, 11 February 2009
DHCPRequest DHCP client can receive requests from multiple servers only one is accepted transaction ID (ie. XID) ties conversations together between client and a specific server XID allows other servers to determine that a client has refused their offer any unrelated server (relative to XID value) returns address to pool Wednesday, 11 February 2009
DHCPAck DHCP Ack returned to client after server receives a DHCP Request from them Lease duration included with acknowledgement along with offers data ciaddr (client IP address) siaddr (server IP address) giaddr (gateway IP address) Expectation is that client will use offers to configure their network settings Wednesday, 11 February 2009
Address Allocation 4 modes for allocating IP addresses: dynamic: lease address to client automatic: permanent allocation static: MAC address determines allocation manual: client specifies address they wish to use
Wednesday, 11 February 2009
Dynamic Allocation DHCP server has a pool of IP addresses it may allocate client requests an IP address server grants an IP address IP address allocation is for a time period (ie. lease) Request-grant process allows expired IP addresses to be reused
Wednesday, 11 February 2009
Automatic Allocation Essentially, this is dynamic allocation Except, IP addresses are assigned preferentially ie. if you’ve had the address before, attempts are made to reallocate that address to you
Wednesday, 11 February 2009
Static Allocation DHCP server maintains a table of MAC and IP addresses MAC address is used to influence the IP address allocated to a client MAC/IP address table is configured by the network administrator
Wednesday, 11 February 2009
DHCPRelease DHCP client can release address at any time during its lease DHCP Release achieves this ipconfig /release (Windows) dhclient -r (*nix) Since client can just unplug from network, DHCP protocol doesn’t insist on such release requests
Wednesday, 11 February 2009
On linux, current leases that a DHCP server has assigned can be viewed in /var/lib/dhcpd/ eth0.dhcp.leases. For a DHCP client, the offers from a DHCP server can be found in /var/lib/ dhcp/dhclient.leases.
Rogue DHCP Servers DHCP server that’s not under administrative control of network staff Can use rogue servers for man-in-the-middle (MITM) attacks - see week 12 practicals No protection against rogue DHCP servers! IDS and switches can stop these attacks by dropping the packets can detect their presence (see practicals)
Wednesday, 11 February 2009
