Skip to content

Instantly share code, notes, and snippets.

@zealfire

zealfire/dhcp.md

Created May 10, 2018 21:54
Show Gist options
  • Save zealfire/ecf1eedbb4ca01da01352e14c78a26be to your computer and use it in GitHub Desktop.
Save zealfire/ecf1eedbb4ca01da01352e14c78a26be to your computer and use it in GitHub Desktop.
Download ZIP
Raw
dhcp.md

The DHCP lease renewal process is the process by which the DHCP client renews or updates its IP address configuration data with the DHCP server.

The DHCP client renews its IP configuration data prior to the expiration of the lease time. If the lease period expires and the DHCP client has not yet renewed its IP configuration data, then the DHCP client loses the IP configuration data and begins the DHCP lease generation process again.

The lease renewal process is the result of the lease period value. The lease period value ensures that DHCP maintains the IP address information and that clients regularly update or renew their IP address configuration data. Having DHCP maintain this information means that you can manage IP addressing from the DHCP server.

The client must renew its IP configuration data before the lease period expires. At specific intervals, a DHCP client attempts to renew its lease to ensure that it has up-to-date configuration information.

At any time during the lease period, the DHCP client can send a DHCPRELEASE packet to the DHCP server to release the IP address configuration data and to cancel any remaining lease.

A DHCP client automatically attempts to renew its lease as soon as 50 percent of the lease duration has expired. The DHCP client will also attempt to renew its IP address lease each time that the computer restarts. To attempt a lease renewal, the DHCP client sends a DHCPREQUEST packet directly to the DHCP server from which the client obtained the lease.

If the DHCP server is available, it renews the lease and sends the client a DHCPACK packet with the new lease duration and any updated configuration parameters. The client updates its configuration when it receives the acknowledgment. If the DHCP server is unavailable, the client continues to use its current configuration parameters.

If the DHCP client fails to renew its lease the first time, then the DHCP client broadcasts a DHCPDISCOVER packet to update its address lease when 87.5 percent of the current lease duration expires. At this stage, the DHCP client accepts a lease that any DHCP server has issued.

Note If a client requests an invalid or duplicate address for the network, a DHCP server can respond with a DHCP denial message (DHCPNAK packet). This forces the client to release its IP address and obtain a new, valid address.

If the DHCP client restarts on a network where no DHCP server responds to the DHCPREQUEST packet, the DHCP client will attempt to connect to the configured default gateway. If the attempt to connect to the default gateway fails, the client will cease using the leased address.

If a DHCP server responds with a DHCPOFFER packet to update the client's current lease, the client can renew its lease based on the server that offered the message and continue operation.

If the lease expires, the client must immediately discontinue its use of the current IP address. The DHCP client then begins the DHCP lease discovery process in an attempt to lease a new IP address. If the DHCP client fails to receive an address, the client will assign itself an address by using automatic IP address assignment in the 169.254.0.0 range.

Manual lease renewal You can renew an IP lease manually if you need to update DHCP configuration information immediately. (For example: if you want DHCP clients to obtain immediately the address of a newly installed router from a DHCP server, renew the lease from the client to update its information.)

The DHCP client broadcasts a DHCPDISCOVER packet

The DHCP lease generation process is the process by which the DHCP client receives IP addressing configuration data from the DHCP server.

The DHCP client broadcasts a DHCPDISCOVER packet to locate a DHCP server. A DHCPDISCOVER packet is a message that DHCP clients send the first time that they attempt to log onto the network and request IP address information from a DHCP server.

There are two ways that the lease generation process can begin. The first occurs when a client computer either starts up or initializes TCP/IP for the first time. The second occurs when a client attempts to renew its lease and is denied. (For example, a client can be denied a renewal when you move it to another subnet.)

The DHCP server broadcasts a DHCPOFFER packet

The DHCP client broadcasts a DHCPREQUEST packet

The DHCP server broadcasts a DHCPACK packet The DHCP server broadcasts a DHCPOFFER packet to the client. A DHCPOFFER packet is a message that DHCP servers use to offer the lease of an IP address to a DHCP client when it starts on the network.

Each responding DHCP server reserves the offered IP address in order not offer it to another DHCP client before the requesting client's acceptance.

If the client does not receive an offer after four requests, it uses an IP address in the reserved range from 169.254.0.1 to 169.254.255.254. The use of one of these auto-configured IP addresses ensures that clients located on a subnet with an unavailable DHCP server are able to communicate with each other. The DHCP client continues to attempt to find an available DHCP server every five minutes. When a DHCP server becomes available, clients receive valid IP addresses, allowing those clients to communicate with hosts both on and off their subnet.

The DHCP client broadcasts a DHCPREQUEST packet. A DHCPREQUEST packet is a message that a client sends to the DHCP server to request or renew the lease of the client's IP address.

The DHCP client responds to the first DHCPOFFER packet that it receives by broadcasting a DHCPREQUEST packet to accept the offer. The DHCPREQUEST packet includes the identification of the server whose offer the client accepted. All other DHCP servers then retract their offers and retain their IP addresses for other IP lease requests.

The DHCP server broadcasts a DHCPACK packet to the client. A DHCPACK packet is a message that the DHCP server sends to a client to acknowledge and complete a client's request for leased configuration. This message contains a valid lease for the IP address and other IP configuration data.

When the DHCP client receives the acknowledgment, TCP/IP initializes by using the IP configuration data that the DHCP server provides. The client also binds the TCP/IP protocol to the network services and network adapter, permitting the client to communicate on the network.

The DHCP server sends a DHCP negative acknowledgement (DHCPNAK packet) if the IP address that was offered is no longer valid or is now in use by another computer. The client must then begin the lease process again.

Important A DHCP server and a DHCP client communicate by using User Datagram Protocol (UDP) ports 67 and 68. Some switches do not properly forward DHCP broadcasts by default. For DHCP to function correctly, you may need to configure these switches to forward broadcasts over these ports.

@tcpdump-examples
Copy link

DHCP operations fall into four phases: server discovery, IP lease offer, IP lease request, and IP lease acknowledgment. These stages are often abbreviated as DORA for discovery, offer, request, and acknowledgment.

We can use tcpdump to capture dhcp packets like this.

tcpdump -i eth0 udp port 67 or port 68 -vvv

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment