Académique Documents
Professionnel Documents
Culture Documents
A. General
1. What is DHCP?
2. What is DHCP's purpose?
3. Who Created It? How Was It Created?
4. Can DHCP work with Appletalk or IPX?
5. How is it different than BOOTP or RARP?
6. How is it different than VLANs?
7. What protocol and port does DHCP use?
8. What is an IP address?
9. What is a MAC address?
10. What is a DHCP lease?
11. What is a Client ID?
12. Why shouldn't clients assign IP numbers without the use of a server?
13. Can DHCP support statically defined addresses?
14. How does DHCP and BOOTP handle other subnets?
15. Can a BOOTP client boot from a DHCP server?
16. Can a DHCP client boot from a BOOTP server?
17. Is a DHCP server "supposed to" be able to support a BOOTP client?
18. Is a DHCP client "supposed to" be able to use a BOOTP server?
19. Can a DHCP client or server make a DNS server update the client's DNS
entry to match the client's dynamically assigned address?
20. Can a DHCP server back up another DHCP server?
21. When will the server to server protocol be defined?
22. Is there a DHCP mailing list?
23. In a subnetted environment, how does the DHCP server discover what
subnet a request has come from?
24. If a single LAN has more than one subnet number, how can addresses be
served on subnets other than the primary one?
25. If a physical LAN has more than one logical subnet, how can different
groups of clients be allocated addresses on different subnets?
26. Where is DHCP defined?
27. What other sources of information are available?
28. Can DHCP support remote access?
29. Can a client have a home address and still float?
30. How can I relay DHCP if my router does not support it?
31. How do I migrate my site from BOOTP to DHCP?
32. Can you limit which MAC addresses are allowed to roam?
33. Is there an SNMP MIB for DHCP?
34. What is DHCP Spoofing?
35. How long should a lease be?
36. How can I control which clients get leases from my server?
37. How can I prevent unauthorized laptops from using a network that uses
DHCP for dynamic addressing?
38. What are the Gotcha's?
B. Info on Implementations
1. What features or restrictions can a DHCP server have?
2. What freeware DHCP servers are available?
3. What commercial DHCP servers are available?
4. What freeware DHCP clients are available?
5. Which vendors of client software currently support DHCP?
6. What are the DHCP plans of major client-software vendors?
7. What Routers forward DHCP requests?
8. What Routers include DHCP servers?
9. What Routers use DHCP to configure their IP addresses?
10. What Servers forward DHCP requests?
11. Which implementations support or require the broadcast flag?
12. What servers support secondary subnet numbers?
13. What servers support RFC-based dynamic DNS update?
14. How can I run Windows 95 without a DHCP server?
15. Do any servers limit the MAC addresses that may roam?
16. What analyzers decode DHCP?
17. What administration tools administer DHCP configurations?
18. How do I make a client give up its lease?
19. What are the Gotcha's specific to various implementations?
Answers
A. General
1. What is DHCP?
No, it is too tied to IP. Furthermore, they don't need it since they have
always had automated mechanisms for assigning their own network
addresses.
RARP is a protocol used by Sun and other vendors that allows a computer
to find out its own IP number, which is one of the protocol parameters
typically passed to the client system by DHCP or BOOTP. RARP doesn't
support other parameters and using it, a server can only serve a single
LAN. DHCP and BOOTP are designed so they can be routed.
DHCP and VLANs, which are very different in concept, are sometimes
cited as different solutions to the same problem. While they have a goal in
common (easing moves of networked computers), VLANs represent a
more revolutionary change to a LAN than DHCP. A DHCP server and
forwarding agents can allow you to set things up so that you can unplug a
client computer from one network or subnet and plug it into another and
have it come alive immediately, it having been reconfigured
automatically. In conjunction to Dynamic DNS, it could automatically be
given its same name in its new place. VLAN-capable LAN equipment
with dynamic VLAN assignment allows you to configure things so a client
computer can be plugged into any port and have the same IP number (as
well as name) and be on the same subnet. The VLAN-capable network
either has its own configuration that lists which MAC addresses are to
belong to each VLAN, or it makes the determination from the source IP
address of the IP packets that the client computer sends. Some differences
in the two approaches:
There is an issue with trying to use DHCP (or BOOTP) and VLANs at the
same time, in particular, with the scheme by which the VLAN-capable
network determines the client's VLAN based upon the client computer's
source IP address. Doing so assumes the client computer is already
configured, which precludes the use of network to get the configuration
information from a DHCP or BOOTP server.
DHCP, like BOOTP runs over UDP, utilizing ports 67 and 68.
8. What is an IP address?
A DHCP lease is the amount of time that the DHCP server grants to the
DHCP client permission to use a particular IP address. A typical server
allows its administrator to set the lease time.
What is termed the Client ID for the purposes of the DHCP protocol is
whatever is used by the protocol to identify the client computer. By
default, DHCP implementations typically employ the client's MAC
address for this purpose, but the DHCP protocol allows other options.
Some DHCP implementations have a setup option to specify the client ID
you want. One alternative to the MAC address is simply a character string
of your choice. In any case, in order for DHCP to function, you must be
certain that no other client is using the client ID you choose, and you must
be sure the DHCP server will accept it.
12. Why shouldn't clients assign IP numbers without the use of a server?
Yes. At least there is nothing in the protocol to preclude this and one
expects it to be a feature of any DHCP server. This is really a server
matter and the client should work either way. The RFC refers to this as
manual allocation.
For the situations where there is more than one LAN, each with its own
subnet number, there are two ways. First of all, you can set up a seperate
server on each subnet. Secondly, a feature of some routers known as
"BOOTP forwarding" to forward DHCP or BOOTP requests to a server on
another subnet and to forward the replies back to the client. The part of
such a router (or server acting as a router) that does this is called a
"BOOTP forwarding agent". Typically you have to enable it on the
interface to the subnet to be served and have to configure it with the IP
address of the DHCP or BOOTP server. On a Cisco router, the address is
known as the "UDP Helper Address".
Only if the DHCP client were specifically written to make use of the
answer from a BOOTP server. It would presumably treat a BOOTP reply
as an unending lease on the IP address.
In particular, the TCP/IP stack included with Windows 95 does not have
this capability.
The RFC on such interoperability (1534) is clear: "A DHCP client MAY
use a reply from a BOOTP server if the configuration returned from the
BOOTP server is acceptable to the DHCP client." (section 3). The word
"MAY" indicates such support, however useful, is left as an option.
8. Can a DHCP client or server make a DNS server update the client's DNS
entry to match the client's dynamically assigned address?
RFCs 2136 and 2137 indicate a way in which DNS entries can be updated
dynamically. Using this requires a DNS server that supports this feature
and a DHCP server that makes use of it. The RFCs are very recent (as of
5/97) and implementations are few. In the mean time, there are DNS and
DHCP servers that accomplish this through proprietary means.
You can have two or more servers handing out leases for different
addresses. If each has a dynamic pool accessible to the same clients, then
even if one server is down, one of those clients can lease an address from
the other server.
List Purpose
---- -------
dhcp-v4@bucknell.edu General discussion: a good
list for
server administrators.
dhcp-bake@bucknell.edu DHCP bakeoffs
dhcp-impl@bucknell.edu Implementations
dhcp-serve@bucknell.edu Server to server protocol
dhcp-dns@bucknell.edu DNS-DHCP issues
dhcp-v6@bucknell.edu DHCP for IPv6
12. In a subnetted environment, how does the DHCP server discover what
subnet a request has come from?
DHCP client messages are sent to off-net servers by DHCP relay agents,
which are often a part of an IP router. The DHCP relay agent records the
subnet from which the message was received in the DHCP message
header for use by the DHCP server.
Note: a DHCP relay agent is the same thing as a BOOTP relay agent, and
technically speaking, the latter phrase is correct.
13. If a single LAN has more than one subnet number, how can addresses be
served on subnets other than the primary one?
A single LAN might have more than one subnet number applicable to the
same set of ports (broadcast domain). Typically, one subnet is designated
as primary, the others as secondary. A site may find it necessary to support
addresses on more than one subnet number associated with a single
interface. DHCP's scheme for handling this is that the server has to be
configured with the necessary information and has to support such
configuration & allocation. Here are four cases a server might have to
handle:
The other two cases are the same capabilities during manual allocation. It
is possible that a particular server-implementation can handle some of
these cases, but not all of them. See section below listing the capabilities
of some servers.
14. If a physical LAN has more than one logical subnet, how can different
groups of clients be allocated addresses on different subnets?
One way to do this is to preconfigure each client with information about
what group it belongs to. A DHCP feature designed for this is the user
class option. To do this, the client software must allow the user class
option to be preconfigured and the server software must support its use to
control which pool a client's address is allocated from.
In Internet RFCs.
RFC 2131
R. Droms, "Dynamic Host Configuration Protocol", 3/97. Supersedes RFC 1541
and RFC 1531. [Note that some of the references in this FAQ are to RFC 1541:
I'll update them when I get a chance. -- Author]
RFC 1534
R. Droms, "Interoperation Between DHCP and BOOTP", 10/08/1993.
RFC 2132
S. Alexander, R. Droms, "DHCP Options and BOOTP Vendor Extensions", 3/97.
Supersedes RFC 1533.
See the dhcp-v4 mailing list mentioned above as well as its archives.
PPP has its own non-DHCP way in which communications servers can
hand clients an IP address called IPCP (IP Control Protocol) but doesn't
have the same flexibility as DHCP or BOOTP in handing out other
parameters. Such a communications server may support the use of DHCP
to acquire the IP addresses it gives out. This is sometimes called doing
DHCP by proxy for the client. I know that Windows NT's remote access
support does this.
There is nothing in the protocol to keep a client that already has a leased
or permanent IP number from getting a(nother) lease on a temporary basis
on another subnet (i.e., for that laptop which is almost always in one
office, but occasionally is plugged in in a conference room or class room).
Thus it is left to the server implementation to support such a feature. I've
heard that Microsoft's NT-based server can do it.
19. How can I relay DHCP if my router does not support it?
I don't have an answer for this, but will offer a little discussion. The
answer depends a lot on what BOOTP server you are using and how you
are maintaining it. If you depend heavily on BOOTP server software to
support your existing clients, then the demand to support clients that
support DHCP but not BOOTP presents you with problems. In general,
you are faced with the choice:
I've asked sites about this and have heard answers ranging from 15
minutes to a year. Most administrators will say it depends upon your
goals, your site's usage patterns, and service arrangements for your DHCP
server.
A very relevant factor is that the client starts trying to renew the lease
when it is halfway through: thus, for example, with a 4 day lease, the
client which has lost access to its DHCP server has 2 days from when it
first tries to renew the lease until the lease expires and the client must stop
using the network. During a 2-day outage, new users cannot get new
leases, but no lease will expire for any computer turned on at the time that
the outage commences.
Another factor is that the longer the lease the longer time it takes for client
configuration changes controlled by DHCP to propogate.
Some examples of lease-times that sites have used & their rationals:
15 minutes
To keep the maximum number of addresses free for distribution in cases where
there will be more users than addresses.
6 hours
Long enough to allow the DHCP server to be fixed, e.g. 3 hours.
12 hours
If you need to take back an address, then you know that it will only take one night
for the users' lease to expire.
3 days
This is apparently Microsoft's default, thus many sites use it.
6 days
Long enough that a weekend server outage that gets fixed on Monday will not
result in leases terminating.
4 months
Long enough that students can keep their IP address over the summer hiatus. I
believe this rational is workable if the summer hiatus is no more than 2 months.
One year
If a user has not used their address in six months, then they are likely to be gone.
Allows administrator to recover those addresses after someone has moved on.
25. How can I control which clients get leases from my server?
You can put all your clients on a subnet of your own along with
your own DHCP server.
You can use manual allocation.
Perhaps you can find DHCP server software that allows you to list
which MAC addresses the server will accept. DHCP servers that
support roaming machines may be adapted to such use.
You can use the user class option assuming your clients and server
support it: it will require you to configure each of your clients with
a user class name. You still depend upon the other clients to
respect your wishes.
2. How can I prevent unauthorized laptops from using a network that uses
DHCP for dynamic addressing?
This would have to be done using a mechanism other than DHCP. DHCP
does not prevent other clients from using the addresses it is set to hand out
nor can it distinguish between a computer's permanent MAC address and
one set by the computer's user. DHCP can impose no restrictions on what
IP address can use a particular port nor control the IP address used by any
client.
B. Info on Implementations
Following are some features related not to the functions that the server is
capable of carrying out, but to the way that it is administered.
Apple MacOS
MacTCP's successor, Open Transport, supports DHCP. Open Transport 1.1 ships
with System 7.5 Update 2.0 (which updates MacOS to version 7.5.3, released
March 11, 1996) and supports any 68030, 68040, or PowerPC Macintosh. A
shrink wrap version of Open Transport is planned.
Microsoft Windows95
supports it and does not support BOOTP. I heard a rumor that BOOTP support
will be added.
Novell LAN Workplace for DOS
For supporting DOS/Windows 3.1, Client32 for DOS/Windows, due in June
1996, will provide the TCP/IP stack functions and will support DHCP and
BOOTP. For Windows 95 and Windows NT, the native stack will be used so that
DHCP is supported.
IBM OS/2 Warp
supports it.
Cisco
(from Cisco FAQ) Routers running GSYS version 9.21(4) and 10.0(3) as well as
later releases.
Wellfleet/Bay
(from Wellfleet FAQ) DHCP is supported by enabling BOOTP support (with
transmission and/or reception as needed). Starting with version 9.00 of their
routing software BayRs.
3Com Netbuilder
Version 7.2 software can support DHCP relaying through the use of its generic
UDP Helper service. Version 8.0 and later officially supports DHCP.
Xyplex
Version 5.5 of their routing software supports DHCP.
ALANTEC
The switches' "router" function has have been handling BOOTP forwarding since
around 1993. Support for the broadcast flag introduced in a maintenance release
of 2.5 of their software and is in version 2.6 and later.
IBM 2210
I've confirmed that Version 1 Release 2 has a BOOTP relay agent. I haven't found
out anything about support for the broadcast flag.
ACC
Version 7.2 (about 1994) and later support DHCP relaying.
Proteon/Digital
I'm not sure what is the first version that has this support.
Novell MPR
The same as for their server.
IBM 6611
Supports BOOTP forwarding.
DHCP requires disk storage (or some other form of reliable non-volatile
storage), making the task of DHCP service more compatible with servers
than with dedicated routers. The large-scale routers (i.e., those of Cisco,
Bay, Fore) don't an will probably never will have a DHCP server function.
But there are a number of types of servers that can be configured to route
and serve DHCP. This includes Novell servers and computers running
Unix. There are also units designed to handle two or more aspects of your
Internet connection, e.g. routing between a LAN and a leased line as well
as doing other functions to allow computers on the LAN to reach the
Internet (or corporate intranet as the case may be). One example is
Farallon's Netopia Internet Router mentioned above under commercial
servers.
The DHCP RFC specifically says that DHCP is not intended for use in
configuring routers. The reason is that in maintaining and troubleshooting
routers, it is important to know its exact configuration rather than leaving
that to be automatically done, and also that you do not want your router's
operation to depend upon the working of yet another server.
The broadcast flag is an optional element of DHCP, but a client which sets
it works only with a server or relay that supports it.
Clients
Microsoft Windows NT
DHCP client support added with version 3.5 sets the broadcast flag. Version 3.51
and later no longer set it. The exception is in the remote access support: it sets the
flag when it uses DHCP to acquire addresses to hand out to its PPP clients.
tcp/ip-32 for Microsoft Windows for Workgroups (WFW)
Version 3.11a sets it, but version 3.11B doesn't.
Microsoft Windows 95
Does not set the broadcast flag.
(These are not complete lists) The following servers can handle dynamic
allocation on secondary subnet numbers:
The following DHCP servers include the ability to make use of the RFC
2136/2137 DNS feature to make dynamic updates to the DNS. To make
use of this ability, you need a DNS server that supports this feature. A
likely use is to create temporary DNS records that associate a fully
qualified DNS name derived from the client's netbios name with the
client's leased IP number. Another use might be to associate DNS names
with MAC addresses. These products might support one or both of these
uses.
Not really a DHCP question, but it has been asked a lot, particularly by
sites for which changing from BOOTP represents a lot of work. Some
choices:
Use no server at all for the Windows 95 clients: set the addresses
in each client's setup.
Install a non-Microsoft TCP/IP stack for Windows 95 that supports
BOOTP.
Switch from your current BOOTP server to one that supports both
BOOTP and DHCP.
The 'billgPC' program uses BOOTP (instead of DHCP) to
configure Windows 95's native IP stack:
http://www.panix.com/~perin/ (note: it also works with Windows
NT).
18. Do any servers limit the MAC addresses that may roam?
IBM's AIX and OS/2 WARP DHCP servers.
ISC.
19. What analyzers decode DHCP?
Release 5.0 of Network General Corporation's Sniffer software.
I believe one of the free Unix implementations has included in its
distribution a program that captures and decodes BOOTP and
DHCP negotiations.
Microsoft's SMS includes a protocol analyzer called "Network
Monitor" that decodes DHCP. All NT software includes a remote
agent for it.
NetXRay, software that runs under Windows NT adn 95.
http://ngcwebgate.ngc.com/product_info/netxray/netxray.html
PacketView (LAN), SerialView (PPP and SLIP), and ISDNView
(PPP over ISDN) all are DOS programs that fully decode DHCP
packets. href="http://www.klos.com/
20. What administration tools administer DHCP configurations?
Quadritek's QIP network administration product includes an
interface to Competitive Automation's JOIN DHCP server and
IBM's DHCP server and their own server.
21. How do I make a client give up its lease?
In many cases, new releases have solved the problems that have been
identified with various DHCP implementations.