By: Netanel Ben-Shushan, CSA/JNCIA-SSL/MCP/MCSA/MCSE/MCTS/MCITP
This article will help you to learn everything that you need to know as a systems administrator (or SysAdmin) about this protocol and what can you do with him.
What's DHCP? And why it's recommended to use it?
Imagine that you're working as a SysAdmin for a large company with 500 desktop computers; you need to set to each desktop computer IP address, subnet mask, default gateway, DNS servers, and other network settings. How could you do that?
If you'll try to perform this task manually you're probably going to waste a lot of time on sitting on each computer 5-10 minutes, beside time, you can for example accidently enter wrong IP address to few clients, or to type the same IP address to few clients too.
In order to solve these "problems" you can use Dynamic Host Configuration Protocol (or DHCP) in your network.
DHCP allows you manage the networks' IP addresses scopes and other TCP/IP settings like DNS, Default Gateway, etc. from central place, this central place called DHCP server. Beside the management, if there's any problem you don't need to run between your clients, you just need to connect to your server and to check the DHCP settings, as I mentioned – the DHCP works from central place, so if there's a problem, it's probably from the server, so you know where to go in case of problem and your saving time.
The DHCP server can provide easily IP addresses to clients automatically so you don't even need to configure and set options in the client side, all you need is to setup DHCP server, configure scope options and some other TCP/IP settings in the server side and that's it. You can provide to your clients IP addresses from the selected range that you've configured and some other TCP/IP options.
Note: DHCP in my opinion can called "The next generation of BOOTP", because the BOOTP came first before the DHCP, and today we're using BOOTP in order to deploy operating systems by booting from the network. Beside this, DHCP was developed in order to support in large networks – something that BOOTP can't provide.
How DHCP works?
Without entering to the related technical information (DORA process) the DHCP client request from the DHCP server IP address for a while, the length of time that the DHCP client can use the dynamic IP address that the DHCP server provided can be called lease, just like the name: lease means that the client "rent" an IP address for a specific time from the DHCP server, if the client want to continue using the specific IP address the client needs to re-assign the address by renew the lease, this will happen before the expiration time of the lease if the client is still in the network.
More in depth, the DHCP service works by using the DORA (Discover, Offer, Request and Acknowledgment) process (you can trace on the whole process using a network monitor utility):
1. DHCPDISCOVER – The client broadcast a DHCPDISCOVER packet in order to locate a DHCP server in the network, in some cases that the DHCP server isn't in the same subnet of the client, you'll need to configure in your network devices (usually routers) a DHCP Relay Agent, in order to transfer the DHCPDISCOVER packet to the DHCP server.
2. DHCPOFFER – The DHCP server broadcast a DHCPOFFER packet to the client which includes an offer to use a unique IP address for the client.
3. DHCPREQUEST – The client broadcast a DHCPREQUEST packet to the DHCP server with an answer, and "asks" from the server to "rent" the unique address that the server offer to her.
4. DHCPACK – The DHCP server broadcast a DHCPACK packet to the client, in this packet the server acknowledge the request from the client to use the IP address, and provide to the client the IP address lease and other details such as DNS servers, default gateway, etc. if the server cannot provide the requested IP address or from some reasons the address is not valid the server sends DHCPNACK packet in stand of DHCPACK, more information about DHCPNACK is under the specific subject – DHCPNACK.
Note: DHCP service uses port 67/UDP in the DHCP server, and 68/UDP at the DHCP clients.
It's recommended to check that your firewall doesn't block these ports in order to able the DHCP server and clients to communicate, and also check that your network devices supports DHCP Relay Agent in case that some of your clients are in different physical subnet.
In some cases you'll notice another DHCP messages like these:
1. DHCPDECLINE – If the client recognizes that the IP address that the DHCP server offer to her in use, the client will generate a new request to another IP address (in the DHCPREQUEST step).
2. DHCPRELEASE – This message is commonly in use when the client "give up" and release IP address.
3. DHCPRENEW – This is the request packet to renew and continue "renting" the IP address lease.
4. DHCPINFORM – The DHCPINFORM is packet that the client send to the DHCP server in order to get more details from the server, for example DHCPINFORM can be send in order to locate another DHCP servers in the network.
The DHCPNACK or Negative Acknowledgment is a packet that the server sends if the IP address is not available in stand of DHCPACK (in use on other client for example) or the address is no longer valid. In case of DHCPNACK the client must restart the lease process in order to get an IP address.
DHCP Scopes, Exclude and Reservation
DHCP Scope is a range of IP addresses that you configure in your DHCP server as range of addresses that designed for distribution to the clients.
For example, if you set a scope with a range from 10.0.0.100-10.0.0.200, you can easily provide only from this range IP addresses to your clients.
You can also create more than one scope, but it's recommended to check that your scopes aren't duplicating one with each other's. At the scope creation process you can add some more TCP/IP parameters such as subnet mask, IP addresses lease time, router (default gateway), DNS servers, etc. so when the clients gets the IP addresses they'll get also the other parameters from the scope.
In some cases, you'll need to prevent the client using some addresses, for example if your scope is from 10.0.0.1 up to 10.0.0.100, and your servers using 10.0.0.1-10.0.0.10, you can exclude these IP addresses from the scope and exclude the DHCP to distribute them to the clients, in most of the DHCP servers this option called exclude.
Reservation is a great option if you're planning to provide specific dynamic IP address from the DHCP server to unique DHCP client. If for example in the 10.0.0.1-10.0.0.100 scope you want to provide for specific client a unique address that will be always of the client, you can easily set reservation for the client using a unique identifier – the MAC address, the MAC of Media Access Control is a unique hexadecimal physical address for network adapters.
DHCP & DNS
When you're installing DHCP server you can configure the DHCP server to set DNS updates to any DNS server that support dynamic updates. More information about the combination between DHCP and DNS you can find right here.
Active Directory & DHCP Servers
In Microsoft Windows Server with Active Directory you need to authorize your server in order to work with the DHCP service.
In the past you could install few DHCP servers – as you wish, this action occurs problems like server crashing, etc.
In the new Windows 2000 Server/Server 2003/2008 you must authorize your server in order to start the DHCP server, if there's an authorized DHCP server in the Active Directory environment and a non-authorized server trying to start the DHCP service in order to distribute IP address, the server will failed in this task and the DHCP service in the local computer will stop.
DHCP Relay Agent
DHCP Relay Agent is any kind of host (usually a router or server) that listen to DHCP/BOOTP broadcast from clients on subnets without local DHCP servers.
The DHCP Relay Agent forwards the packets from the clients and the DHCP server that sitting on different physical subnets to each other in order to supply 'connection' between the DHCP Server to the clients, and opposite (from the clients to the server).
Using DHCP service can easily help you as a System/Network Administrator to manage you clients by assigning, tracking and re-assigning IP addresses.
About the author
Netanel Ben-Shushan is an IT Consultant & Trainer from Israel, who works mainly with Microsoft, networking and information security systems. He's the creator of www.ben-shushan.net, a personal website in Hebrew with technical guides and articles. Beside he's website, Netanel is also writing a Hebrew weblog at Microsoft Israel's blogging community.