Dynamic Host Configuration Protocol

Dynamic Host Configuration Protocol

CISC 856: TCP/IP and Upper Layer Protocols

Manoj Pillay ()

Handed out on October 25, 2007

Due on November 1, 2007

Exercises

Exercise I

Answer questions 1,2,5,6, 8, 10, 12-15 from Chapter 16 of the textbook.

Exercise II

Answer the online quiz for Chapter 16 – DHCP. Email Professor Amer if you find any.

Exercise III

Based on the client state diagram, a DHCPREQUEST PDU may be sent by the client while in any of the following states.

i. INIT-REBOOT (Please refer class lecture slides to learn more about this state)

ii. SELECTING

iii. BOUND

iv. RENEWING

For each instance of the DHCPREQUEST issued, identify the following.

1. Is the DHCPREQUEST PDU broadcast or unicast in the IP layer?

2. Is the client IP address field in each PDU 0.0.0.0?

Exercise IV

In this exercise, you will use your own computer to analyze DHCP PDU’s. You would need a packet capture program such as Wireshark, Ethereal, tcpdump or Windump. (My recommendation is Wireshark, but you are free to use the packet capture program that you are most comfortable with.)

A few things to remember are:

·  Your computer may have multiple network interfaces. Identify the interface through which you are connected to the Internet. For the command-line versions of packet capturing programs, you need to find the Ethernet address of connecting interface. You can find this by observing the output of the following command on a Windows machine command prompt.

ipconfig/all

The *NIX variant of this command is

ifconfig

·  If you are using a command line based packet analyzer, you may have to restrict it to exclusively monitor traffic on the DHCP/BOOTP ports (67 and 68).

An example of doing this with Ethereal is shown below:

ether host ethernet_address and (port 67 and port 68)

·  If you are using Wireshark, you may have to add the following string to your display filter.

bootp || dhcpfo || dhcpv6

With the capture program running, execute the command to have your computer release and obtain an IP address. Commands and syntax vary across distributions of Linux/Unix and even across versions of Windows. This table shows the most common pairs of commands:

Windows / Linux/Unix
ipconfig /release
ipconfig /renew
ipconfig /release_all
ipconfig /renew_all / ifconfig interface down
ifconfig interface up
ifconfig interface dhcp release
ifconfig interface dhcp start

Once you have successfully captured the DHCP-PDU’s associated with releasing and obtaining an IP address, print a transcript of the capture session as described below and answer the following questions.

·  Printing the transcript using Wireshark

The best solutions to all questions in this exercise requires you to print the bytes in each of the application layer PDU’s that are exchanged between the client and server(s). To do this, the following steps are advised. After you have completed this experiment and stopped capturing,

1.  From menu select File> Export>File. A new menu titled: Wireshark: Export File will appear.

2.  On the Wireshark: Export File menu do the following:

-  Uncheck Captured radio button/ check Displayed radio button.

-  Uncheck Packet Details Check Box

-  Check Packet Bytes Check Box

-  Make sure that the Packet Summary Line Checkbox and the All packets radio button are checked.

3.  Make all annotations directly on the bytes.

You can compare the bytes in your output to the fields in the DHCP PDU handout to better understand the operation of DHCP.

Substantiate your answers by highlighting in color the relevant portions of the dump output (Packet summary line & Packet Bytes).

i)  Identify the different DHCP PDU’s that that were transmitted/received. In each DHCP PDU that you analyze, show evidence for its type.

ii)  Identify the magic cookie in all its occurrences among the DHCP PDU’s.

iii)  Did your client machine request a specific IP address? Was that address granted to your machine by the DHCP server?

iv)  Record the transaction id’s of all the DHCP PDU’s. If any of them are same, explain why that is so. If any of them are different from the others, explain that.

v)  How many bytes of padding have been added in the DHCPRELEASE and DHCPACK PDU’s?

vi)  A host uses DHCP to obtain an IP address, among other things. But a host’s IP address is not confirmed until the end of the four-message exchange! If the IP address is not fixed before the DHCPACK PDU is sent, then what values of IP addresses are used in the IP PDU’s containing the DHCP PDU’s exchanged before the DHCPACK? For each of these DHCP PDU’s (Discover/Offer/Request), indicate the source and destination IP addresses that are carried in the encapsulating IP PDU.

vii)  What was the lease time for the newly assigned IP address?