DHCP

From Network Security Wiki
Jump to navigation Jump to search


Basics

What are the ports used in DHCP?[1]
[Client]-------------------[Server]
          Request
 [68]  ------------------>  [67]
       <-----------------  
           Reply

All are UDP ports

What packets are exchanged in DHCP?[2] Which packets are unicast or broadcast in DHCP?[1]
  • Usually 4 messages are involved:
D = Discover     =  Broadcast
O = Offer        =  May be broadcast or unicast depending upon implementation
R = Request      =  Broadcast
A = Acknowledge  =  May be broadcast or unicast depending upon implementation
  • A DHCP Server listens on port number UDP 67 and client uses source port UDP 68.
  • The message from client is encapsulated in a UDP datagram, using the destination port number 67 and the source port number 68.
  • This UDP datagram is encapsulated in an IP datagram.
  • Now the question is how a client can send an IP datagram when it knows neither its own IP address nor the server’s IP address (the destination address).
  • The client uses all 0s as the source address and all 1s as the destination address.
  • The server responds with either a broadcast or a unicast message using UDP source port number 67 and destination port number 68.
  • The response can be unicast because the server knows the IP address of the client.
  • It also knows the physical address of the client, which means it does not need the services of ARP for logical to physical address mapping.
  • However, some systems do not allow the bypassing of ARP, resulting in the use of the broadcast address.


DHCP Headers

   Paste.png     This section is under construction.


DHCP Relay Agent

PC-----Switch-------------Router------DHCP Server
          |
          |
     Relay Agent
|-------->|----------------->|------------->|
 Broadcast      Unicast          Unicast
  • The DHCP request is broadcast because the client does not know the IP address of the server.
  • A broadcast IP datagram cannot pass through any router.
  • To solve the problem, there is a need for an intermediary.
  • One of the hosts (or a router) can be used as a relay agent.
  • The relay agent knows the unicast address of a DHCP server and listens for broadcast messages on port 67.
  • It encapsulates the message in a unicast datagram and sends the request to the DHCP server.
  • The packet is routed by any router and reaches the DHCP server.
  • The DHCP server knows the message comes from a relay agent because one of the fields in the request message defines the IP address of the relay agent.
  • The relay agent, after receiving the reply, sends it to the DHCP client.



References
  1. 1.0 1.1 www.bt.com/in
  2. www.convergys.com


blog comments powered by Disqus