DHCP Operation

DHCP is a client/server protocol used to assign configuration(ip, gateway, dns, options etc.) to hosts dynamically. It is an extension of BOOTP protocol and backward compatibility is maintained. DHCP essentially uses BOOTP message format added with some options filed using UDP(Port 67 & 68). Clients/Hosts send request to DHCP servers for IP address and Server respond with a free IP address from it’s IP pool. A IP Pool is a contiguous range of IPs allocated for DHCP use. Server/Client perform the sanity check for the IP offered/allocated by sending a ARP request. Server also inform the client about how much time it can use the allocated IP, it’s called lease duration. Once the lease duration is expired, a client can extend the lease by requesting a renew of that address from the server.

DHCP Message Formats

In a general scenario DHCP mainly uses Discover, Offer, Request and Acknowledge messages, it’s called DORA operation. Also DHCP has other messages, DHCPNak, DHCPDecline, DHCPRelease & DHCPInform. DHCP messages are encapsulated in UDP Datagram. DHCP client uses port 68 and server uses port 67. All messages has a common header which is used for compatibility with BOOTP. DHCP uses options(TLV) to exchange parameters like Message Type, DNS Server, Domain Name, Subnet Mask, Lease TIme etc. A DHCP message is identified by it’s transaction ID from the header and message type from the options. DHCP client always initiate a DHCP transaction with a Discover message(S-Port 68 and D-Port 67) with a unique transaction ID created by itself. Client and Server use the same Transaction ID for the entire process(D-O-R-A). It does so to identify DHCP messages among concurrent requests being exchanged by other devices. Unless there is a DHCP Relay configured, any DHCP messages are confined in a broadcast domain, which means the S-MAC and D-MAC are two important parameters during the transmission of UDP datagrams across the broadcast. DHCP Discover is a L2 broadcast and rest of the other messages are L2 unicast, however in terms of IP Address the DHCP Client uses L3 Broadcast (limited broadcast) and Server uses L3 unicast or local broadcast, which is not significant within the same broadcast domain.

DHCP Discover Message

Example DHCPDISCOVER message

Ethernet: source=sender’s MAC; destination=FF:FF:FF:FF:FF:FF

IP: source=0.0.0.0; destination=255.255.255.255
UDP: source port=68; destination port=67

Octet 0 Octet 1 Octet 2 Octet 3
OP HTYPE HLEN HOPS
0x01 0x01 0x06 0x00
XID (Transaction ID)
0x3903F326
SECS FLAGS
0x0000 0x0000
CIADDR (Client IP address)
0x00000000
YIADDR (Your IP address)
0x00000000
SIADDR (Server IP address)
0x00000000
GIADDR (Gateway IP address)
0x00000000
CHADDR (Client hardware address)
0x00053C04
0x8D590000
0x00000000
0x00000000
192 octets of 0s, or overflow space for additional options; BOOTP legacy.
Magic cookie
DHCP
DHCP options
Option 53(Message Type): 1 (DHCP Discover)
Option 12(HOSTNAME): VPCS1
Option 61(Client ID): 0x01(Ethernet) 00.50.79.66.68.02(Private MAC)
Option 255(Endmark)

DHCP Offer Message

DHCPOFFER message

Ethernet: source=Server’s MAC(aabb.cc00.0100); destination=client mac address(00.50.79.66.68.02)

IP: source=192.168.100.1; destination=192.168.100.3
UDP: source port=67; destination port=68

XID
0x3903F326
YIADDR (Your IP address)
0xC0A80164 (192.168.100.3)
Magic cookie
0x63825363
DHCP options
53: 2 (DHCP Offer)
1 (subnet mask): 255.255.255.0
3 (Router): 192.168.100.2
51 (IP address lease time): 86400s (1 day)
54 (DHCP server): 192.168.1.1
6 (DNS servers):
  • 4.2.2.2

DHCP Request Message

DHCPREQUEST message

Ethernet: source=sender’s MAC; destination=Server’s MAC or FFFF:FFFF:FFFF

IP: source=0.0.0.0; destination=255.255.255.255;[a]
UDP: source port=68; destination port=67

XID
0x3903F326
SIADDR (Server IP address)
192.168.100.1
192 octets of 0s; BOOTP legacy.
Magic cookie
0x63825363
DHCP options
53: 3 (DHCP Request)
50: 192.168.100.3 requested
54 (DHCP server): 192.168.100.1

DHCP Acknowledge Message

DHCPACK message

Ethernet: source=sender’s MAC; destination=client’s MAC

IP: source=192.168.100.1; destination=192.168.100.3
UDP: source port=67; destination port=68

XID
0x3903F326
YIADDR (Your IP address)
0xC0A80164 (192.168.1.100)
SIADDR (Server IP address)
0xC0A80101 (192.168.1.1)
192 octets of 0s. BOOTP legacy
Magic cookie
0x63825363
DHCP options
53: 5 (DHCP ACK) or 6 (DHCP NAK)
1 (subnet mask): 255.255.255.0
3 (Router): 192.168.100.1
51 (IP address lease time): 86400s (1 day)
54 (DHCP server): 192.168.100.1
6 (DNS servers):
  • 4.2.2.2

DHCP Protocol Operation

  • DHCP client sends a DHCP Discover broadcast on the network for finding a DHCP server. These message are sent from IP 0.0.0.0 & Port 68 to limited broadcast IP address 255.255.255.255 & Port 67.
  • If there is no response from a DHCP server, the client assigns itself an Automatic Private IPv4 address (APIPA).
  • Otherwise DHCP servers on a network that receive a DHCP Discover message respond with a DHCP Offer message. It takes a free ip from it’s DHCP pool and verify the ip is free in the network by sending an ARP request. If success, the Server offers the client that IPv4 address lease as well as the lease parameters(T), renewal time(T1) and rebinding time(T2). Otherwise it choose another IP from the pool. These messages are sent from server’s unicast address to local broadcast number, however cisco uses unicast.
  • Clients accept the first offer received by broadcasting(limited broadcast) a DHCP Request message for the offered IPv4 address.
  • If the IPv4 address requested by the DHCP client cannot be used (another device may be using this IPv4 address), the DHCP server responds with a DHCPNak (Negative Acknowledgment) packet. After this, the client must begin the DHCP lease process again.
  • Otherwise the server accepts the request by sending the client a DHCP Acknowledgment message which contains all configuration parameters for the host(IP, Gateway, Mask, DNS, Lease Time, VOIP Parameters, TFTP Parameters etc.).
  • Client verify the recommended IP and other parameters. If it determines the offered TCP/IP configuration parameters are invalid, it sends a DHCPDecline packet to the server. After this, the client must begin the DHCP lease process again.
  • Otherwise the client hardcode the configuration parameters in it’s hardware and send a gratuitous ARP for that IP from it’s interface to perform ACD(address conflict detection)
  • Once the DORA is accomplished, the client remain idle unless it requires a change in configuration options or renew it’s lease. Client uses a DHCPInform to obtain DHCP options.
  • If a client decides to release it’s lease, it sends a DHCPRelease  message to the server.

DHCP State & Timers (T, T1, T2)

DHCP has six state in which one state is stable and others are transitional. It maintains three(T, T1, T2) timers for it’s IP binding.

T – Lease Time, the time a host/client can use the offered IP.
T1 – Renewal Time, within this period the client should request for an extension of lease from it’s binded DHCP server.
T2 – Rebinding Time, within this period the client should request for an extension of lease from any DHCP server.
T1 = T/2
T2 = 7T/8

  • Init – DHCP Triggered by config and sending a discovery.
  • Selecting – Collecting offers from DHCP servers.
  • Requesting – Sending request to selected server.
  • Bound – Ack received and hardcoded the IP and other parameters. it is a stable state.
  • Renewing – T1 expired, requesting to the server for extension lease.
  • Rebinding – T2 expired, requesting for new IP binding

Configuration Example

R1 – Configuration

 !
 hostname R1
 !
ip dhcp excluded-address 192.168.100.1
 !
 ip dhcp pool VLAN100
  network 192.168.100.0 255.255.255.0
  dns-server 4.2.2.2
  default-router 192.168.100.1
 !
 interface Ethernet0/0
  no ip address
  ip helper-address 12.0.0.2
  no cdp enable
  no shut
 !
 interface Ethernet0/0.100
  encapsulation dot1Q 100
  ip address 192.168.100.1 255.255.255.0
  no cdp enable
 !
 interface Ethernet0/0.200
  encapsulation dot1Q 200
  ip address 192.168.200.1 255.255.255.0
  ip helper-address 12.0.0.2
  no cdp enable
 !
 interface Ethernet0/1
  ip address 12.0.0.1 255.255.255.0
  no cdp enable
  no shut
 !

R2 – Configuration

 !
 hostname R2
 !
ip dhcp excluded-address 192.168.200.1
 !
 ip dhcp pool VLAN200
  network 192.168.200.0 255.255.255.0
  default-router 192.168.200.1
  dns-server 8.8.8.8 4.2.2.2
 !
 interface GigabitEthernet0/0
  ip address 12.0.0.2 255.255.255.0
  ip nat inside
  ip virtual-reassembly in
  duplex auto
  speed auto
  media-type rj45
  no cdp enable
 !
ip route 192.168.200.0 255.255.255.0 GigabitEthernet0/0 12.0.0.1
 !

SW – Configuration

 !
 interface Ethernet0/0
  switchport trunk encapsulation dot1q
  switchport trunk allowed vlan 1,100,200
  switchport mode trunk
  duplex auto
 !
 interface Ethernet0/1
  switchport access vlan 200
  switchport mode access
  duplex auto
 !
 interface Ethernet1/1
  switchport access vlan 100
  switchport mode access
  duplex auto
 !
 interface Ethernet1/2
  switchport access vlan 200
  switchport mode access
  duplex auto
 !

Verification & Packet Capture

From VPCS-1, we will initiate a DHCP request, a renew request and a release request.

VPCS1 – Verify & Debug

Initiate DHCP
==============================================================================================
VPCS-1> show ip
 NAME        : VPCS-1[1]
 IP/MASK     : 0.0.0.0/0
 GATEWAY     : 0.0.0.0
 DNS         :
 MAC         : 00:50:79:66:68:00
 LPORT       : 10011
 RHOST:PORT  : 127.0.0.1:10012
 MTU:        : 1500
 VPCS-1> ip dhcp -d
D - Discover 
 Opcode: 1 (REQUEST)
 Client IP Address: 0.0.0.0
 Your IP Address: 0.0.0.0
 Server IP Address: 0.0.0.0
 Gateway IP Address: 0.0.0.0
 Client MAC Address: 00:50:79:66:68:00
 Option 53: Message Type = Discover
 Option 12: Host Name = VPCS-11
 Option 61: Client Identifier = Hardware Type=Ethernet MAC Address = 00:50:79:66:68:00
--------------------------------------------------------------------------------------
D - Discover
 Opcode: 1 (REQUEST)
 Client IP Address: 0.0.0.0
 Your IP Address: 0.0.0.0
 Server IP Address: 0.0.0.0
 Gateway IP Address: 0.0.0.0
 Client MAC Address: 00:50:79:66:68:00
 Option 53: Message Type = Discover
 Option 12: Host Name = VPCS-11
 Option 61: Client Identifier = Hardware Type=Ethernet MAC Address = 00:50:79:66:68:00
 -------------------------------------------------------------------------------------- 
O - Offer 
 Opcode: 2 (REPLY)
 Client IP Address: 0.0.0.0
 Your IP Address: 192.168.100.2
 Server IP Address: 0.0.0.0
 Gateway IP Address: 0.0.0.0
 Client MAC Address: 00:50:79:66:68:00
 Option 53: Message Type = Offer
 Option 54: DHCP Server = 192.168.100.1
 Option 51: Lease Time = 86400
 Option 58: Renewal Time = 43200
 Option 59: Rebinding Time = 75600
 Option 1: Subnet Mask = 255.255.255.0
 Option 6: DNS Server = 4.2.2.2
 Option 3: Router = 192.168.100.1
 -------------------------------------------------------------------------------------- 
R - Request
 Opcode: 1 (REQUEST)
 Client IP Address: 192.168.100.2
 Your IP Address: 0.0.0.0
 Server IP Address: 0.0.0.0
 Gateway IP Address: 0.0.0.0
 Client MAC Address: 00:50:79:66:68:00
 Option 53: Message Type = Request
 Option 54: DHCP Server = 192.168.100.1
 Option 50: Requested IP Address = 192.168.100.2
 Option 61: Client Identifier = Hardware Type=Ethernet MAC Address = 00:50:79:66:68:00
 Option 12: Host Name = VPCS-11
 -------------------------------------------------------------------------------------- 
A - ACK
 Opcode: 2 (REPLY)
 Client IP Address: 192.168.100.2
 Your IP Address: 192.168.100.2
 Server IP Address: 0.0.0.0
 Gateway IP Address: 0.0.0.0
 Client MAC Address: 00:50:79:66:68:00
 Option 53: Message Type = Ack
 Option 54: DHCP Server = 192.168.100.1
 Option 51: Lease Time = 86400(T)
 Option 58: Renewal Time = 43200(T1)
 Option 59: Rebinding Time = 75600(T2)
 Option 1: Subnet Mask = 255.255.255.0
 Option 6: DNS Server = 4.2.2.2
 Option 3: Router = 192.168.100.1
  --------------------------------------------------------------------------------------   
 IP 192.168.100.2/24 GW 192.168.100.1

 VPCS-1> show ip
 NAME        : VPCS-1[1]
 IP/MASK     : 192.168.100.2/24
 GATEWAY     : 192.168.100.1
 DNS         : 4.2.2.2
 DHCP SERVER : 192.168.100.1
 DHCP LEASE  : 86389, 86400(T)/43200(T1)/75600(T2)
 MAC         : 00:50:79:66:68:00
 LPORT       : 10011
 RHOST:PORT  : 127.0.0.1:10012
 MTU:        : 1500
 VPCS-1>

 Renew DHCP 
 ============================================================================================== 
VPCS-1> ip dhcp -r
 DORA IP 192.168.100.2/24 GW 192.168.100.1
 VPCS-1> show ip
 NAME        : VPCS-1[1]
 IP/MASK     : 192.168.100.2/24
 GATEWAY     : 192.168.100.1
 DNS         : 4.2.2.2
 DHCP SERVER : 192.168.100.1
 DHCP LEASE  : 86266, 86400/43200/75600
 MAC         : 00:50:79:66:68:00
 LPORT       : 10011
 RHOST:PORT  : 127.0.0.1:10012
 MTU:        : 1500
 VPCS-1>

  DHCP Release
 ============================================================================================== 
VPCS-1> ip dhcp -x
 VPCS-1> show ip
 NAME        : VPCS-1[1]
 IP/MASK     : 0.0.0.0/0
 GATEWAY     : 0.0.0.0
 DNS         : 4.2.2.2
 DHCP SERVER : 192.168.100.1
 DHCP LEASE  : 86199, 86400/43200/75600
 MAC         : 00:50:79:66:68:00
 LPORT       : 10011
 RHOST:PORT  : 127.0.0.1:10012
 MTU:        : 1500
 VPCS-1>
Wireshark Caprureopen in new tab  
Drag the arrow(⇲) button on the bottom righ corner of the box to resize the wirshark window as well as the container.
Next  

Leave a Reply