DHCP Protocol Fundamentals
The Dynamic Host Configuration Protocol (DHCP) is both a client server application and a network management protocol. When a device (such as a workstation, tablet or smartphone) connects to a network, its DHCP client requests an IP address and other network configuration data from a DHCP server. The client and server communicate using the DHCP protocol to provision the end user device accordingly. This provides several vital benefits:
- End users do not need to perform manual configuration of their devices when they connect to a network.
- It simplifies the set up and operation of small office and home networks.
- On larger enterprise networks, centralizes allocation and reclamation of IP addresses, which prevents problems that can cause outages.
Like DNS, DHCP provides a mission critical service that operates transparently to end users but must be managed and maintained by IT operations personnel. This article provides a basic overview of DHCPv4 and DHCPv6 from a protocol, application and deployment perspective.
In this article you will learn:
- DHCP protocol and how DHCP works
- DHCP deployment architectures
- About DHCPv4 vs. DHCPv6 and SLAAC
- NS1 Enterprise DDI - DHCP, DNS and IPAM
How DHCP Works
When a device (client machine such as a PC) boots up on a network, it does not have an IP address. It also has no information on how to access other network services such as the gateway router and DNS. DHCP provides that critical bootstrap function of automatically configuring the device with the network parameters it needs to communicate with other devices and services on the network.
The basic steps are as follows:
Step 1: DHCP Discover. The client at this stage has no IP address and does not have the address of the DHCP server. The client sends the request to the ethernet broadcast address (FF.FF.FF.FF) to destination UDP port 67. Source port of client request is UDP port 68. Note that the DHCP server must be on the same subnet as the client because ethernet broadcast messages are not routed. (This restriction can be overcome by a function called DHCP relay, discussed below).
Step 2: DHCP Offer. The DHCP server is listening on port 67 and receives the discover request. The discover request contains the client MAC (or “hardware”) address and UDP source port 68. This enables the DHCP server to respond with a DHCP Offer to the sending client. The DHCP offer includes following information:
- The IP address that server is offering
- The subnet mask
- The lease duration (how long the client may use the IP address)
- The IP address of the DHCP server
- The IP address of the default gateway router
- IP addresses of DNS servers
Step 3: DHCP Request. The client responds to the server requesting the IP address that was offered.
Step 4: DHCP Acknowledge. The server sends an acknowledgement packet to the client, essentially confirming the IP address and configuration parameters provided to the client.
In small office and home networks, DHCP is typically integrated with the local router. Larger enterprise networks comprise multiple sites and it may be impractical to deploy, configure and monitor DHCP on every subnet across the enterprise. Many enterprises take a more centralized approach to architecting DHCP in the network. As mentioned above, DHCP Discover cannot be routed so a function called DHCP relay (often implemented on routers) is used to forward DHCP traffic across the network. The relay agent needs to be configured with the IP address of one or more DHCP servers. This allows the DHCP service to be available across a wide area network.
Many enterprises take a hybrid approach to DHCP architecture, deploying DHCP on dedicated servers at regional offices and HQ which supporting multiple branch locations in each region. Because DHCP is a mission critical service it is important to deploy it in a high availability (HA) configuration. This can comprise DHCP HA pairs in active-active (DHCP load balancing) or active–hot standby mode. It can also comprise HA configurations that work over a wide area network, so if a site providing DHCP services goes down, an alternate site is available to maintain service continuity. The backup DHCP server(s) need to know what IP addresses have been issued by the primary DHCP servers so when failover is invoked, the backup does not issue leases on IP addresses that are currently in use.
Managing DHCP – Scopes and Super Scopes
As described above, DHCP servers provision IP address and other network configuration parameters to clients. To do so the DHCP servers themselves must be configured accordingly. In a deployment model where the DHCP server supports multiple subnets, each subnet is allocated a unique, continuous range of IP addresses sufficient to ensure there will always be an available IP address for devices connecting on that subnet. That range of IP addresses is referred to as a DHCP Scope. The standard model therefore is a single scope per subnet. The server is configured to associate the correct scope to the network ID of the client making a DHCP request.
This model may not always be sufficient to meet all addressing requirements. For example, there may be a need to assign more than one scope (i.e. two non-contiguous IP address ranges) to clients on the same physical network which is divided into more than one logical networks (multinet). This is called a DHCP superscope.
Static IP vs Dynamically-Allocated IP
With DHCP, devices don’t have a permanent or “static” IP address instead, they lease IP addresses for a limited time. When the lease expires the device communicates with the DHCP server, and the server may renew its IP address or assign it a new one. This is a dynamically-allocated IP. Some devices, such as mobile phones, receive a new IP address each time they connect to a network.
Some devices need a static IP address because other devices or users frequently connect to them. A common example is a web server or a printer. IT administrators can reserve fixed IP addresses for these devices using DHCP, or their IP addresses can be manually configured.
DHCPv4, DHCPv6 and SLAAC
Internet Protocol Version 6 (IPv6) is a more recent version of the Internet Protocol (IP). It was was introduced to vastly increase the number of possible IP addresses. The previous version, IPv4, has a 32 bit address space which supports roughly 4 billion addresses. This is insufficient to support the number of internet connected devices. IPv6 introduced a 128 bit address space which for all practical purposes supports an unlimited number of IP addresses.
Example of IPv4 IP Address
Example of IPv6 IP Address
One of the innovations in the IPv6 protocol is Stateless Address Auto-configuration (SLAAC), a protocol that enables each node to self-configure its IP address. When a device connects to a network it uses the Neighbor Discovery Protocol (an IPv6 ICMP message) to determine the network it is on. It then configures its IPv6 address by combining the 64 bit network prefix with its MAC address (plus an additional 16 bits) to construct a globally unique 128 bit IP address. This greatly simplifies networking and, in some cases, may eliminate the need for DHCP servers.
There is a version of DHCP for IPv6 – DHCPv6. Its primary functions are to provide client configuration information not included in SLAAC and/or provide centralized control and auditing over IP address assignments. However, newer versions of the Neighbor Discovery Protocol are available that provide for discovery of recursive DNS servers so for many enterprises adopting IPv6, there may not be a need for DHCPv6 in future.