DHCP Managed Configuration of TCP/IP Hosts

Outline
DHCP purpose and goals Background and history of DHCP Case Study Operational details Using DHCP

Purpose of DHCP
From RFC2131: The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing configuration information to hosts on a TCP/IP network. DHCP consists of two components: a protocol for delivering hostspecific configuration parameters from a DHCP server to a host and a mechanism for allocation of network addresses to hosts.

DHCP functional goals

A host without a valid IP address locates and communicates with a DHCP server A DHCP server passes configuration parameters, including an IP address, to the host The DHCP server may dynamically allocate addresses to hosts and reuse addresses

DHCP functional goals

Hosts can detect when they require a new IP address Unavailability of DHCP server has minimal effect on operation of hosts

What does DHCP do?

Provides protocol stack, application and other configuration parameters to hosts Eliminates need for individual, manual configuration for hosts Includes administrative controls for network administrators

What does DHCP do?

Backward compatible packet format for BOOTP interoperation (RFC 1542) Can coexist with hosts that have preassigned IP addresses and hosts that do not participate in DHCP

Design Goals
Eliminate manual configuration of hosts Prevent use of any IP address by more than one host Should not require a server on every subnet Allow for multiple servers

Design Goals
Provide a mechanism, not a policy Provide same configuration - including IP address - to a host whenever possible

What can you do with DHCP

Plug-and-play Move desktop PCs between offices Renumber Other restructuring - change subnet masks Mobile IP - laptops Moving equipment - cartable

What DHCP doesnt do

Support multiple addresses per interface Inform running host that parameters have changed Propagate new addresses to DNS Support inter-server communication Provide authenticated message delivery

What DHCP doesnt do

Configure routers and other network equipment Design network addressing plan Determine other configuration parameters Locate other servers

Outline
DHCP purpose and goals Background and history of DHCP Case Study Operational details Using DHCP

What is DHCP and where does it come from?

Internet Engineering Task Force (IETF) Dynamic Host Configuration Working Group (DHC WG) BOOTP

IETF standards
Formal process for development, review and acceptance of TCP/IP protocol suite standards Initial specifications published as Internet Drafts (I-Ds) Accepted specifications published as Request for Comments (RFCs)

Protocol status
DHCP has been accepted as a Draft Standard; the specifications are published in:
RFC 2131: Dynamic Host Configuration Protocol RFC 2132: DHCP Options and BOOTP Vendor Extensions

Several additional options are in development

Implementation status
DHCP is an open standard, with freely available specifications Can be (and has been) implemented entirely from the specification Commercial implementations are widely available Non-commerical implementations are also available

DHCP Resources

Compilation of DHCP-related WWW links and other information:

http://www.dhcp.org

DHCP FAQ (maintained by John Wobus) dhcp-v4@bucknell.edu mailing list (admin requests to listserv@bucknell.edu)

DHCP Resources
IETF information can be retrieved from:
http://www.ietf.cnri.reston.va.us

I-Ds and RFCs can also be retrieved from:

http://www.rfc-editor.org

Related work
RARP/DRARP TFTP ICMP Router Discovery Mobile IP Wireless/cellular IP

Outline
DHCP purpose and goals Background and history of DHCP Case Study Operational details Using DHCP

Planning for DHCP

Preparation for DHCP requires careful planning IP addressing strategy
Consider current needs Allow for growth

Network architect configures rules for addressing strategy into DHCP server

Newly installed computer

Newly installed computer locates DHCP server Server consults address scheme rules
Picks an address Determines other configuration parameters

Plug-and-play

Newly installed computer

Router 201.157.7.198 DHCP server

201.157.7.96

New computer

Relocated computer
Computer retains address When restarted, computer checks with server to confirm address If address OK, computer retains old address If computer attached to different subnet, obtains new address

Using DHCP with legacy equipment

DHCP server not required to make every address on a subnet available for allocation DHCP server not required to answer every incoming request Network architect can configure server to reserve (not allocate) addresses

DHCP and new computers

DHCP server will hand out all available addresses Limited number of addresses can be shared (if all computers not on simultaneously) Eventually, network architect will have to allocate more addresses

Reusing addresses
Server can reuse abandoned addresses
Address initially allocated for fixed time called a lease Client can extend lease

If lease expires, server can reallocate Reallocation only when necessary (e.g., LRU) is a good idea

Reconfiguring the server for multiple networks

Server configuration file defines multiple subnets and address pools on one physical segment Server chooses address from pools for the segment Server checks DHCP client address against all subnets on the segment

Growth changing subnet masks

In some cases, subnet growth can be managed with a change to the subnet mask
201.157.7.128/27 and 201.157.7.160/27 can be combined into 201.157.7.128/26 Network infrastructure must accommodate VLSMs

Must change subnet masks on attached clients

Passing new subnet masks to clients

At next reboot, DHCP client will contact server Server returns new subnet mask with acknowledgment Client records and uses new mask

Using DHCP for renumbering

Set up plan for renumbering
New network architecture Network addresses, server addresses Timing of cutovers

Force DHCP clients to contact server for notification about new address
Set short leases Require all clients be rebooted

Using DHCP for renumbering

Rebooting, although not elegant, probably most reliable Schedule subnet cutover for overnight or weekend, force reboot through alternate protocol (e.g.., email to all users)

Outline
DHCP purpose and goals Background and history of DHCP Case Study Operational details Using DHCP

Server manages client configurations

Provide a variety of mechanisms for controlled configuration Can override default parameters from Host Requirements

Address allocation
Static (BOOTP): client must be preconfigured into database Automatic: server can allocate new address to client Dynamic: server can allocate and reuse addresses

Leases
Dynamic addresses are allocated for a period of time known as the lease Client is allowed to use the address until the lease expires

Leases
Client MUST NOT use the address after the lease expires, even if there are active connections using the address Server MUST NOT reuse the address before the lease expires

Motivation for leases

An IP internet may not always be completely operational; there may not always be connectivity between any two hosts, so:
Cant use distributed (client-based) assignment of addresses Cant use address defense before server reuse of addresses

Motivation for leases

Leases guarantee an agreement as to when an address may be safely reused even if the server cant contact the client

Address reuse
Server MAY choose to reuse an address by reassigning it to a different client after the lease has expired Server can check using ICMP echo to see if the address is still in use (but no response is not a definitive answer!)

Address reuse
Allows address sharing
From old computers replaced by new ones Among a pool of computers not always using TCP/IP For transient hosts like laptops

Address allocation details

Clients check on address validity at reboot time (renumbering) Clients can extend the lease on an address at startup time

Address allocation details

Clients can extend the lease on an address as expiration time approaches (without closing and restarting existing connections) Clients with addresses that have been configured manually can use DHCP to obtain other configuration parameters

Four ways a client uses DHCP

INIT - acquire an IP address and configuration information INIT-REBOOT - confirm validity of previously acquired address and configuration RENEWING - extend a lease from the original server REBINDING - extend a lease from any server

Obtaining an initial address

Client broadcasts DISCOVER to locate servers Server chooses address and replies Client selects a server and sends REQUEST for address Server commits allocation and returns ACK

Rebooting client
Client puts address in REQUEST and broadcasts Server checks validity and returns ACK with parameters If client address is invalid e.g., client is attached to a new network server replies with NAK and client restarts

Extending a lease
Client puts requested lease extension in REQUEST and sends to server Server commits extension and returns ACK with parameters

DHCP options
Options carry additional configuration information to client
DHCP message type Subnet mask, default routers, DNS server Many others

Carried as fields in DHCP message

Configuration with options

Network architect configures server to select and return options and values Client can explicitly request specific options

Relay agents
Using hardware and IP broadcast still limits DHCP message from client to single physical network Relay agent, on same subnet as client, forwards DHCP messages between clients and servers

Relay agents

Relay agent and server exchange messages using unicast UDP

Servers can be located anywhere on intranet Servers can be centrally located for ease of administration

Very simple in function, implementation Usually, but not necessarily, located in routers

Outline
DHCP purpose and goals Background and history of DHCP Case Study Operational details Using DHCP

Using multiple servers

Clients must be implemented for multiple servers; e.g., receiving multiple OFFER messages Using multiple servers can provide increased reliability through redundancy

Using multiple servers

All coordination must be managed by DHCP administrator
Distributed database Off-line batch updates Manually

Strategies for using multiple servers

Split address pool for each subnet among servers Coordinate leases off-line Reallocate addresses when needed

Lease times and strategies

Choice of lease times made by DHCP administrator Long lease times decrease traffic and server load, short lease times increase flexibility

Lease times and strategies

Should choose lease time allow for server unavailability
Allows clients to use old addresses For example, long enough to span weekends

Can assign different leases to desktop computers, cartable systems and laptops

Changing other configuration parameters

Other configuration parameters such as print servers may change Reconfigure DHCP server with new parameters At next reconfirmation, clients will get new addresses

Moving a client to a new location

User may get moved to a new location on a different subnet User may arrange to move computer system without contacting network administrator DHCP will allocate address for new location

Moving a client to a new location

What about old lease?
New server can notify network administrator about address allocation Client can issue RELEASE before moving from old location

Or, might be appropriate to leave old lease in place

Replacing a system
User may get new computer on desktop Network administrator wants to allocate same IP address to the new computer but, new computer will have different hardware address Use client id as system identifier and transfer to new system

Limitations to DHCP
Opportunities for enhancement

Coordination among multiple servers DHCP interaction with DNS Security/authentication New options IPv6

Coordination among multiple servers

Becomes a distributed database problem Several strategies have been proposed Failover protocol now in development

Dynamic DNS

When client is allocated a new address, DNS records need to be updated

A record: Name to IP address PTR record: IP address to name

DHCP to be extended to allow coordination between client and server

Which does updates? Error conditions?

Security/Authentication
Unauthorized either intentional or accidental server can cause denial of service problems Some sites may want to limit IP address allocation to authorized client

Security/Authentication
Authentication based on shared secret key, an authentication ticket and a message digest Assures source of message is valid and message hasnt been tampered with en route Schiller/Huitema/Droms/Arbaugh proposal in process

New options acceptance

New options must have nonoverlapping option codes Codes handed out by Internet Assigned Numbers Authority (IANA) New mechanism will approve each new option as a separate RFC (like TELNET)

IPv6
IP Version 6 (aka IPv6 or IPng) is a new internet protocol to replace IP Includes new features for host configuration:
Router advertisement Autoconfiguration Link-local addresses

IPv6
To accommodate sites that want centralized management of addresses, DHCP for IPv6 (DHCPv6) is being developed by the DHC WG.

Summary
DHCP works today as a tool for automatic configuration of TCP/IP hosts It is an open Internet standard and interoperable client implementations are widely available

Summary
Provides automation for routine configuration tasks, once network architect has configured network and addressing plan Ongoing work will extend DHCP with authentication, DHCP-DNS interaction and inter-server communication