Dynamic Host Configuration Protocol (DHCP) Negotiation
Published: 01/08/2010
Reference trace files:
Something we all take for granted but always forget the basics of: Dynamic Host Configuration Protocol (DHCP). Here we configure a Cisco router as a DHCP server with the following parameters:
no ip dhcp conflict logging ip dhcp excluded-address 10.0.0.1 ip dhcp pool mypool01 network 10.0.0.0 255.255.255.0 domain-name corp.mydomain.com dns-server 10.0.0.101 netbios-node-type h-node default-router 10.0.0.1 lease 0 0 10 |
Remember, until you actually get an IP address (or statically assign one to your interface with an address that fits in the locally-used address space), you're not going to be able to route to other networks.
In this example, a Windows 7 Enterprise edition machine bridges onto the network for the first time in its life and the operating system sends out a DHCP Discover packet to the broadcast address (255.255.255.255). The packet has a Transaction ID (0x18aa7539) so the DHCP server and other network clients doing the same thing around the same time won't get confused between multiple similar requests on the wire. The Discover packet also contains things like the client hostname (MyClientPC01) and the various configuration parameters it's looking for.
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x18aa7539
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Usi_e0:f9:1c (00:16:41:e0:f9:1c)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Discover
Option: (53) DHCP Message Type
Length: 1
Value: 01
Option: (t=61,l=7) Client identifier
Option: (61) Client identifier
Length: 7
Value: 01001641E0F91C
Hardware type: Ethernet
Client MAC address: Usi_e0:f9:1c (00:16:41:e0:f9:1c)
Option: (t=12,l=12) Host Name = "MyClientPC01"
Option: (12) Host Name
Length: 12
Value: 4D79436C69656E7450433031
Option: (t=60,l=8) Vendor class identifier = "MSFT 5.0"
Option: (60) Vendor class identifier
Length: 8
Value: 4D53465420352E30
Option: (t=55,l=12) Parameter Request List
Option: (55) Parameter Request List
Length: 12
Value: 010F03062C2E2F1F2179F92B
1 = Subnet Mask
15 = Domain Name
3 = Router
6 = Domain Name Server
44 = NetBIOS over TCP/IP Name Server
46 = NetBIOS over TCP/IP Node Type
47 = NetBIOS over TCP/IP Scope
31 = Perform Router Discover
33 = Static Route
121 = Classless Static Route
249 = Private/Classless Static Route (Microsoft)
43 = Vendor-Specific Information
End Option
Padding
|
The DHCP server eventually responds with an DHCP Offer packet. Note that this also contains the same Transaction ID, as well as the proposed IP address offered to the client, lease time (10 minutes, although typically this is usually more like 24 hours), lease renewal interval (half of the lease time), default gateway (10.0.0.1), DNS domain suffix (corp.mydomain.com), and the NetBIOS node type (h-node, which indicates for NetBIOS transactions perform a WINS query first before a NetBIOS broadcast). Some of these parameters may not be configured on every DHCP server. The Offer packet is sent via unicast to the proposed IP address, although the Ethernet header has the destination MAC address of the client.
Bootstrap Protocol
Message type: Boot Reply (2)
Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x18aa7539
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 10.0.0.3 (10.0.0.3)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Usi_e0:f9:1c (00:16:41:e0:f9:1c)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Offer
Option: (53) DHCP Message Type
Length: 1
Value: 02
Option: (t=54,l=4) DHCP Server Identifier = 10.0.0.1
Option: (54) DHCP Server Identifier
Length: 4
Value: 0A000001
Option: (t=51,l=4) IP Address Lease Time = 10 minutes
Option: (51) IP Address Lease Time
Length: 4
Value: 00000258
Option: (t=58,l=4) Renewal Time Value = 5 minutes
Option: (58) Renewal Time Value
Length: 4
Value: 0000012C
Option: (t=59,l=4) Rebinding Time Value = 8 minutes, 45 seconds
Option: (59) Rebinding Time Value
Length: 4
Value: 0000020D
Option: (t=1,l=4) Subnet Mask = 255.255.255.0
Option: (1) Subnet Mask
Length: 4
Value: FFFFFF00
Option: (t=15,l=17) Domain Name = "corp.mydomain.com"
Option: (15) Domain Name
Length: 17
Value: 636F72702E6D79646F6D61696E2E636F6D
Option: (t=6,l=4) Domain Name Server = 10.0.0.101
Option: (6) Domain Name Server
Length: 4
Value: 0A000065
Option: (t=46,l=1) NetBIOS over TCP/IP Node Type = H-node
Option: (46) NetBIOS over TCP/IP Node Type
Length: 1
Value: 08
Option: (t=3,l=4) Router = 10.0.0.1
Option: (3) Router
Length: 4
Value: 0A000001
End Option
|
The client then makes an formal request for the proposed IP address reflected in the Offer packet by sending out a DHCP Request packet to the broadcast address. The Request Packet is similar to the original Discovery packet, except in the Request a few more items are added such as the requested IP address, an option which identifies the DHCP server, as well as an option for the client's fully qualified domain name.
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x18aa7539
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Usi_e0:f9:1c (00:16:41:e0:f9:1c)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Request
Option: (53) DHCP Message Type
Length: 1
Value: 03
Option: (t=61,l=7) Client identifier
Option: (61) Client identifier
Length: 7
Value: 01001641E0F91C
Hardware type: Ethernet
Client MAC address: Usi_e0:f9:1c (00:16:41:e0:f9:1c)
Option: (t=50,l=4) Requested IP Address = 10.0.0.3
Option: (50) Requested IP Address
Length: 4
Value: 0A000003
Option: (t=54,l=4) DHCP Server Identifier = 10.0.0.1
Option: (54) DHCP Server Identifier
Length: 4
Value: 0A000001
Option: (t=12,l=12) Host Name = "MyClientPC01"
Option: (12) Host Name
Length: 12
Value: 4D79436C69656E7450433031
Option: (t=81,l=15) Client Fully Qualified Domain Name
Option: (81) Client Fully Qualified Domain Name
Length: 15
Value: 0000004D79436C69656E7450433031
Flags: 0x00
0000 .... = Reserved flags: 0x00
.... 0... = Server DDNS: Some server updates
.... .0.. = Encoding: ASCII encoding
.... ..0. = Server overrides: No override
.... ...0 = Server: Client
A-RR result: 0
PTR-RR result: 0
Client name: MyClientPC01
Option: (t=60,l=8) Vendor class identifier = "MSFT 5.0"
Option: (60) Vendor class identifier
Length: 8
Value: 4D53465420352E30
Option: (t=55,l=12) Parameter Request List
Option: (55) Parameter Request List
Length: 12
Value: 010F03062C2E2F1F2179F92B
1 = Subnet Mask
15 = Domain Name
3 = Router
6 = Domain Name Server
44 = NetBIOS over TCP/IP Name Server
46 = NetBIOS over TCP/IP Node Type
47 = NetBIOS over TCP/IP Scope
31 = Perform Router Discover
33 = Static Route
121 = Classless Static Route
249 = Private/Classless Static Route (Microsoft)
43 = Vendor-Specific Information
End Option
|
Finally, the DHCP server sends an acknowledgement confirmation in the form of a DHCP ACK packet via unicast to the confirmed IP address. It contains essentially the same information as the Offer packet (except that the DHCP Message Type is different).
Bootstrap Protocol
Message type: Boot Reply (2)
Hardware type: Ethernet
Hardware address length: 6
Hops: 0
Transaction ID: 0x18aa7539
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 10.0.0.3 (10.0.0.3)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 0.0.0.0 (0.0.0.0)
Client MAC address: Usi_e0:f9:1c (00:16:41:e0:f9:1c)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP ACK
Option: (53) DHCP Message Type
Length: 1
Value: 05
Option: (t=54,l=4) DHCP Server Identifier = 10.0.0.1
Option: (54) DHCP Server Identifier
Length: 4
Value: 0A000001
Option: (t=51,l=4) IP Address Lease Time = 10 minutes
Option: (51) IP Address Lease Time
Length: 4
Value: 00000258
Option: (t=58,l=4) Renewal Time Value = 5 minutes
Option: (58) Renewal Time Value
Length: 4
Value: 0000012C
Option: (t=59,l=4) Rebinding Time Value = 8 minutes, 45 seconds
Option: (59) Rebinding Time Value
Length: 4
Value: 0000020D
Option: (t=1,l=4) Subnet Mask = 255.255.255.0
Option: (1) Subnet Mask
Length: 4
Value: FFFFFF00
Option: (t=15,l=17) Domain Name = "corp.mydomain.com"
Option: (15) Domain Name
Length: 17
Value: 636F72702E6D79646F6D61696E2E636F6D
Option: (t=6,l=4) Domain Name Server = 10.0.0.101
Option: (6) Domain Name Server
Length: 4
Value: 0A000065
Option: (t=46,l=1) NetBIOS over TCP/IP Node Type = H-node
Option: (46) NetBIOS over TCP/IP Node Type
Length: 1
Value: 08
Option: (t=3,l=4) Router = 10.0.0.1
Option: (3) Router
Length: 4
Value: 0A000001
End Option
|
Keep in mind that other DHCP server implementations may differ slightly in how the above works. For example, when interacting with a Microsoft DHCP server, the Offer and Acknowledge packets will be sent to the broadcast address, not the unicast one as the Cisco server does.
After the four-way DHCP handshake, the client may request additional information from the DHCP in the form of a DHCP Inform(ation) packet.
Go back to the main articles list.