![[Dynamic Host Configuration Protocol]](dhcpsmal.gif)
![[Previous]](previous.gif)
![[Next]](next.gif)
![[Contents]](toc.gif)
![[Glossary]](glossary.gif)
![[Quiz]](exam.gif)
Minor DHCP Aspects
(Some minor (but important) issues and problems concerning the
DHCP protocol.)
DHCP and Domain Names
DHCP, in his current definition, doesn't interact with
with the Domain Name System.
Therefore, when a client computer gets a new (Dynamic) IP
address from the DHCP server,
the DNS server isn't automatically notified,
and no automatic name-address rebinding takes place
(between the new IP address and the old name).
This leads to inconsistency with respect to the domain names given to
machines.
Currently, if a host
has a DNS name, it has to have a static IP
address and hence a static DHCP
reservation.
Researchers are currently working on ways for DHCP
to interact with the DNS and an Internet Draft have been published.
Waiting for that to happen,
some sites have developed their own
nonstandard mechanisms to change the DNS database.
Chicken and Egg Problems
The server and the client interchange frames during the
configuration process. But how can they do that if the
client has no IP address yet?
The client's answer is simply to forward the request using
an all-1's destination address (local-net broadcast) all-0's source address
(this computer).
The server's answer can be one of two:
- Send the frame using the hardware address (if they're on the same physical network).
- Broadcast the request too.
If the client does know his IP address (e.g. it was manually configured)
it'll put it in the 'ciaddr' field and the server will respond to that address.
Random backoff algorithm
A problem can occur if a lot of clients try to
access the same server at once (e.g., after a power failure).
To avoid the server being flooded with requests, each client waits a random amount
of time before transmitting a request.
Once the client has got its IP address
and the server's IP address,
it saves them on a permanent storage (cach).
The client uses the server's address for subsequent calls and
tries to validate its IP address on the next reboot.
Security
DHCP in its current form is
quite insecure.
First of all,
DHCP is built directly on UDP and IP which are, themselves,
insecure. Furthermore, DHCP is generally intended to make
maintenance of remote and/or diskless hosts easier. Configuring such hosts with passwords or keys
can be quite difficult, and a careless design can lead to an insecure communication mechanism.
Quiz
- Which of the above topics seems to hold the major problem in current DHCP ?
About the authors