 INTRODUCTION

Dynamic Host Configuration Protocol is a network protocol used to automate

the process of assigning IP addresses and other network configuration
parameters to devices (such as computers, smartphones, and printers) on a
network. Instead of manually configuring each device with an IP address,
DHCP allows devices to connect to a network and receive all necessary
network information, like IP address, subnet mask, default gateway, and DNS
server addresses, automatically from a DHCP server.
This makes it easier to manage and maintain large networks, ensuring devices
can communicate effectively without conflicts in their network settings. DHCP
plays a crucial role in modern networks by simplifying the process of
connecting devices and managing network resources efficiently.

 ABSTRACT

Dynamic Host Configuration Protocol (DHCP) is a network management

protocol used to automate the process of configuring devices on IP networks. It
allows servers to dynamically assign IP addresses and other network
configuration parameters to client devices, enabling them to communicate
effectively within a network.

Key components of DHCP include the DHCP server, which manages a pool of
IP addresses; the DHCP client, which requests configuration information; and
the lease mechanism, which defines the duration an IP address is assigned to a
client. The protocol operates through a series of messages exchanged between
clients and servers, including DHCPDISCOVER, DHCPOFFER,
DHCPREQUEST, and DHCPACK.

DHCP enhances network efficiency by reducing manual configuration errors

and simplifying the administration of IP address management, making it
essential for both small and large networks. Its use contributes to seamless
connectivity and network scalability, accommodating the dynamic nature of
modern network environments.
 What is DHCP?

DHCP stands for Dynamic Host Configuration Protocol. It is the critical

feature on which the users of an enterprise network communicate. DHCP helps
enterprises to smoothly manage the allocation of IP addresses to the end-user
clients’ devices such as desktops, laptops, cellphones, etc. is an application
layer protocol that is used to provide: DHCP is based on a client-server
model and based on discovery, offer, request, and ACK.

 Why Do We Use DHCP?

DHCP helps in managing the entire process automatically and centrally.

DHCP helps in maintaining a unique IP Address for a host using the
server. DHCP servers maintain information on TCP/IP configuration and
provide configuration of address to DHCP-enabled clients in the form of a
lease offer.

 Components of DHCP

The main components of DHCP include:

 DHCP Server: DHCP Server is a server that holds IP Addresses and other
information related to configuration.

 DHCP Client: It is a device that receives configuration information from

the server. It can be a mobile, laptop, computer, or any other electronic
device that requires a connection.

 DHCP Relay: DHCP relays basically work as a communication channel

between DHCP Client and Server.

 IP Address Pool: It is the pool or container of IP Addresses possessed by

the DHCP Server. It has a range of addresses that can be allocated to
devices

 Subnets: Subnets are smaller portions of the IP network partitioned to keep

networks under control.
 Lease: It is simply the time that how long the information received from
the server is valid, in case of expiration of the lease, the tenant must have to
re-assign the lease.

 DNS Servers: DHCP servers can also provide DNS (Domain Name
System) server information to DHCP clients, allowing them to resolve
domain names to IP addresses.

 Default Gateway: DHCP servers can also provide information about

the default gateway, which is the device that packets are sent to
when the destination is outside the local network.

 Options: DHCP servers can provide additional configuration options

to clients, such as the subnet mask, domain name, and time server
information.

 Renewal: DHCP clients can request to renew their lease before it

expires to ensure that they continue to have a valid IP address and
configuration information.

 Failover: DHCP servers can be configured for failover, where two

servers work together to provide redundancy and ensure that clients
can always obtain an IP address and configuration information, even
if one server goes down.

 Dynamic Updates: DHCP servers can also be configured to

dynamically update DNS records with the IP address of DHCP
clients, allowing for easier management of network resources.

 Audit Logging: DHCP servers can keep audit logs of all DHCP
transactions, providing administrators with visibility into which
devices are using which IP addresses and when leases are being
assigned or renewed.
 DHCP Packet Format

 Hardware Length: This is an 8-bit field defining the length of the physical
address in bytes. e.g for Ethernet the value is 6.

 Hop count: This is an 8-bit field defining the maximum number of hops
the packet can travel.
 Transaction ID: This is a 4-byte field carrying an integer. The transcation
identification is set by the client and is used to match a reply with the
request. The server returns the same value in its reply.

 Number of Seconds: This is a 16-bit field that indicates the number of

seconds elapsed since the time the client started to boot.

 Flag: This is a 16-bit field in which only the leftmost bit is used and the
rest of the bit should be set to os. A leftmost bit specifies a forced broadcast
reply from the server. If the reply were to be unicast to the client, the
destination. IP address of the IP packet is the address assigned to the client.

 Client IP Address: This is a 4-byte field that contains the client IP

address . If the client does not have this information this field has a value of
0.

 Your IP Address: This is a 4-byte field that contains the client IP address.
It is filled by the server at the request of the client.

 Server IP Address: This is a 4-byte field containing the server IP address.

It is filled by the server in a reply message.

 Gateway IP Address: This is a 4-byte field containing the IP address of a

routers. IT is filled by the server in a reply message.

 Client Hardware Address: This is the physical address of the

client .Although the server can retrieve this address from the frame sent by
the client it is more efficient if the address is supplied explicity by the
client in the request message.

 Server Name: This is a 64-byte field that is optionally filled by the

server in a reply packet. It contains a null-terminated string consisting
of the domain name of the server. If the server does not want to fill this
filed with data, the server must fill it with all 0s.

 Boot Filename: This is a 128-byte field that can be optionally filled by

the server in a reply packet. It contains a null- terminated string
consisting of the full pathname of the boot file. The client can use this
path to retrieve other booting information. If the server does not want to
fill this field with data, the server must fill it with all 0s.
 Options: This is a 64-byte field with a dual purpose. IT can carry either
additional information or some specific vendor information. The field is
used only in a reply message. The server uses a number, called a
magic cookie, in the format of an IP address with the value of
99.130.83.99. When the client finishes reading the message, it looks
for this magic cookie. If present the next 60 bytes are options.

 Working of DHCP

DHCP works on the Application layer of the UDP Protocol. The main task of
DHCP is to dynamically assigns IP Addresses to the Clients and allocate
information on TCP/IP configuration to Clients. For more, you can refer to the
Article Working of DHCP.
The DHCP port number for the server is 67 and for the client is 68. It is a
client-server protocol that uses UDP services. An IP address is assigned from a
pool of addresses. In DHCP, the client and the server exchange mainly 4
DHCP messages in order to make a connection, also called the DORA process,
but there are 8 DHCP messages in the process.
 The 8 DHCP Messages

1. DHCP Discover Message: This is the first message generated in the

communication process between the server and the client. This message is
generated by the Client host in order to discover if there is any DHCP
server/servers are present in a network or not. This message is broadcasted to
all devices present in a network to find the DHCP server. This message is 342
or 576 bytes long.

As shown in the figure, the source MAC address (client PC) is

08002B2EAF2A, the destination MAC address(server) is FFFFFFFFFFFF, the
source IP address is 0.0.0.0(because the PC has had no IP address till now) and
the destination IP address is 255.255.255.255 (IP address used for
broadcasting). As they discover message is broadcast to find out the DHCP
server or servers in the network therefore broadcast IP address and MAC
address is used.
2. DHCP Offers A Message: The server will respond to the host in this
message specifying the unleased IP address and other TCP configuration
information. This message is broadcasted by the server. The size of the
message is 342 bytes. If there is more than one DHCP server present in the
network then the client host will accept the first DHCP OFFER message it
receives. Also, a server ID is specified in the packet in order to identify the
server.

Now, for the offer message, the source IP address is 172.16.32.12 (server’s IP
address in the example), the destination IP address is 255.255.255.255
(broadcast IP address), the source MAC address is 00AA00123456, the
destination MAC address is 00:11:22:33:44:55 (client’s MAC address). Here,
the offer message is broadcast by the DHCP server therefore destination IP
address is the broadcast IP address and destination MAC address is
00:11:22:33:44:55 (client’s MAC address)and the source IP address is the
server IP address and the MAC address is the server MAC address.
Also, the server has provided the offered IP address 192.16.32.51 and a lease
time of 72 hours(after this time the entry of the host will be erased from the
server automatically). Also, the client identifier is the PC MAC address
(08002B2EAF2A) for all the messages.
3. DHCP Request Message: When a client receives an offer message, it
responds by broadcasting a DHCP request message. The client will produce a
gratuitous ARP in order to find if there is any other host present in the network
with the same IP address. If there is no reply from another host, then there is
no host with the same TCP configuration in the network and the message is
broadcasted to the server showing the acceptance of the IP address. A Client
ID is also added to this message.

Now, the request message is broadcast by the client PC therefore source IP

address is 0.0.0.0(as the client has no IP right now) and destination IP address
is 255.255.255.255 (the broadcast IP address) and the source MAC address is
08002B2EAF2A (PC MAC address) and destination MAC address is
FFFFFFFFFFFF.
4. DHCP Acknowledgment Message: In response to the request message
received, the server will make an entry with a specified client ID and bind the
IP address offered with lease time. Now, the client will have the IP address
provided by the server.

Now the server will make an entry of the client host with the offered IP
address and lease time. This IP address will not be provided by the server to
any other host. The destination MAC address is 00:11:22:33:44:55 (client’s
MAC address) and the destination IP address is 255.255.255.255 and the
source IP address is 172.16.32.12 and the source MAC address is
00AA00123456 (server MAC address).

5. DHCP Negative Acknowledgment Message: Whenever a DHCP server

receives a request for an IP address that is invalid according to the scopes that
are configured, it sends a DHCP Nak message to the client. Eg-when the
server has no IP address unused or the pool is empty, then this message is sent
by the server to the client.

6. DHCP Decline: If the DHCP client determines the offered configuration

parameters are different or invalid, it sends a DHCP decline message to the
server. When there is a reply to the gratuitous ARP by any host to the client,
the client sends a DHCP decline message to the server showing the offered IP
address is already in use.
7. DHCP Release: A DHCP client sends a DHCP release packet to the server
to release the IP address and cancel any remaining lease time.

8. DHCP Inform: If a client address has obtained an IP address manually then

the client uses DHCP information to obtain other local configuration
parameters, such as domain name. In reply to the DHCP inform message, the
DHCP server generates a DHCP ack message with a local configuration
suitable for the client without allocating a new IP address. This DHCP ack
message is unicast to the client.

 Security Considerations for Using DHCP

To make sure your DHCP servers are safe, consider these DHCP security
issues:

 Limited IP Addresses : A DHCP server can only offer a set number of IP

addresses. This means attackers could flood the server with requests,
causing essential devices to lose their connection.

 Fake DHCP Servers : Attackers might set up fake DHCP servers to give
out fake IP addresses to devices on your network.

 DNS Access : When users get an IP address from DHCP, they also get
DNS server details. This could potentially allow them to access more data
than they should. It’s important to restrict network access, use firewalls,
and secure connections with VPNs to protect against this.

 Protection Against DHCP Starvation Attack

A DHCP starvation attack happens when a hacker floods a DHCP server with
requests for IP addresses. This overwhelms the server, making it unable to
assign addresses to legitimate users. The hacker can then block access for
authorized users and potentially set up a fake DHCP server to intercept and
manipulate network traffic, which could lead to a man-in-the-middle attack.
 ADVANTAGES AND DISADVANTAGES OF DHCP

Advantages

 Centralized management of IP addresses.

 Centralized and automated TCP/IP configuration .
 Ease of adding new clients to a network.
 Reuse of IP addresses reduces the total number of IP addresses that are
required.
 The efficient handling of IP address changes for clients that must be
updated frequently, such as those for portable devices that move to
different locations on a wireless network.
 Simple reconfiguration of the IP address space on the DHCP server without
needing to reconfigure each client.
 The DHCP protocol gives the network administrator a method to configure
the network from a centralized area.
 With the help of DHCP, easy handling of new users and the reuse of IP
addresses can be achieved.

Disadvantages

 IP conflict can occur.

 The problem with DHCP is that clients accept any server. Accordingly,
when another server is in the vicinity, the client may connect with this
server, and this server may possibly send invalid data to the client.
 The client is not able to access the network in absence of a DHCP Server.
 The name of the machine will not be changed in a case when a new IP
Address is assigned.

 Conclusion

In conclusion, DHCP is a technology that simplifies network setup by

automatically assigning IP addresses and network configurations to devices.
While DHCP offers convenience, it’s important to manage its security
carefully. Issues such as IP address exhaustion, and potential data access
through DNS settings highlight the need for robust security measures like
firewalls and VPNs to protect networks from unauthorized access and
disruptions. DHCP remains essential for efficiently managing network
connections while ensuring security against potential risks.