科技行者

行者学院 转型私董会 科技行者专题报道 网红大战科技行者

知识库

知识库 安全导航

至顶网网络频道DHCP(动态主机配置协议)基本信息

DHCP(动态主机配置协议)基本信息

  • 扫一扫
    分享文章到微信

  • 扫一扫
    关注官方公众号
    至顶头条

动态主机配置协议 (DHCP) 是 RFC 1541(已被 RFC 2131 取代)定义的标准协议,该协议允许服务器向客户端动态分配 IP 地址和配置信息。

作者:论坛整理 来源:zdnet网络安全 2008年3月27日

关键字: DHCP DHCP协议 DHCP服务器 网络协议

  • 评论
  • 分享微博
  • 分享邮件

  概要

  动态主机配置协议 (DHCP) 是 RFC 1541(已被 RFC 2131 取代)定义的标准协议,该协议允许服务器向客户端动态分配 IP 地址和配置信息。通常,DHCP 服务器至少向客户端提供以下基本信息:

   • IP 地址

  • 子网掩码

  • 默认网关

  它还可以提供其他信息,如域名服务 (DNS) 服务器的地址和 Windows Internet 名称服务 (WINS) 服务器的地址。系统管理员配置 DHCP 服务器分配给客户端的选项。

  当客户端被配置为接收 DHCP 信息后首次初始化时,它将启动与服务器的对话。

  以下是客户端和服务器之间对话的摘要表,最后一列是数据包级的过程说明:

  Source Dest Source Dest Packet

  MAC addr MAC addr IP addr IP addr Description

  -----------------------------------------------------------------

  Client Broadcast 0.0.0.0 255.255.255.255 DHCP Discover

  DHCPsrvr Broadcast DHCPsrvr 255.255.255.255 DHCP Offer

  Client Broadcast 0.0.0.0 255.255.255.255 DHCP Request

  DHCPsrvr Broadcast DHCPsrvr 255.255.255.255 DHCP ACK

  

  DHCP 客户端和 DHCP 服务器之间的详细对话如下:

  DHCPDISCOVER

  客户端发送 DHCPDISCOVER 数据包。以下内容摘自网络监视器的捕获信息,显示了 DHCPDISCOVER 数据包中的 IP 和 DHCP 部分。在 IP 部分,可以看到 Destination 地址是 255.255.255.255,而 Source 地址是 0.0.0.0。DHCP 部分将数据包标识为 Discover 数据包,并使用网卡的物理地址在两处标识客户端。注意 CHADDR 字段和 DHCP 中的值:Client Identifier 字段是相同的。

  IP:ID = 0x0; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 0 (0x0)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x39A6

  IP:Source Address = 0.0.0.0

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:Discover (xid=21274A1D)

  DHCP:Op Code (op) = 1 (0x1)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 556223005 (0x21274A1D)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 0.0.0.0

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie= [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP Discover

  DHCP:Client-identifier = (Type:1) 08 00 2b 2e d8 5e

  DHCP:Host Name = JUMBO-WS

  DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

  DHCP:End of this option field

  

  DHCPOFFER

  DHCP 服务器通过发送 DHCPOFFER 数据包作出响应。在以下摘录捕获信息的 IP 部分中,Source 地址现在是 DHCP 服务器 IP 地址,而 Destination 地址是广播地址255.255.255.255。DHCP 部分将数据包标识为 Offer。YIADDR 字段用服务器提供给客户端的 IP 地址填充。注意,CHADDR 字段仍然包含发出请求的客户端的物理地址。另外,在 DHCP Option Field 部分,可以看到由服务器随 IP 地址一起发送的各种选项。在这种情况下,服务器发送的是子网掩码、默认网关(路由器)、租约时间、WINS 服务器地址(NetBIOS 名称服务)和 NetBIOS 节点类型。

  IP:ID = 0x3C30; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 15408 (0x3C30)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x2FA8

  IP:Source Address = 157.54.48.151

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:Offer (xid=21274A1D)

  DHCP:Op Code (op) = 2 (0x2)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 556223005 (0x21274A1D)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 157.54.50.5

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie = [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP Offer

  DHCP:Subnet Mask = 255.255.240.0

  DHCP:Renewal Time Value (T1) = 8 Days, 0:00:00

  DHCP:Rebinding Time Value (T2) = 14 Days, 0:00:00

  DHCP:IP Address Lease Time = 16 Days, 0:00:00

  DHCP:Server Identifier = 157.54.48.151

  DHCP:Router = 157.54.48.1

  DHCP:NetBIOS Name Service = 157.54.16.154

  DHCP:NetBIOS Node Type = (Length: 1) 04

  DHCP:End of this option field

  

  DHCPREQUEST

  客户端通过发送 DHCPREQUEST 响应 DHCPOFFER。在以下捕获信息的 IP 部分中,客户端的 Source 地址仍然是 0.0.0.0,数据包的 Destination 仍然是 255.255.255.255。由于客户端还没有从服务器收到可以开始使用所提供地址的确认,所以客户端仍然保留 0.0.0.0。由于可能有多个 DHCP 服务器已经作出响应,并可能预订了为客户端产生的 Offer,所以 Destination 地址仍然被广播出去。这使得其他 DHCP 服务器知道:它们可以释放已提供的地址,并将这些地址返回到可用地址池中。DHCP 部分将数据包标识为 Request,并使用 DHCP:Requested Address 字段确认所提供的地址。DHCP:Server Identifier 字段显示提供租约的 DHCP 服务器的 IP 地址。

  IP:ID = 0x100; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 256 (0x100)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x38A6

  IP:Source Address = 0.0.0.0

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:Request (xid=21274A1D)

  DHCP:Op Code (op) = 1 (0x1)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 556223005 (0x21274A1D)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 0.0.0.0

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie = [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP Request

  DHCP:Client-identifier = (Type:1) 08 00 2b 2e d8 5e

  DHCP:Requested Address = 157.54.50.5

  DHCP:Server Identifier = 157.54.48.151

  DHCP:Host Name = JUMBO-WS

  DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

  DHCP:End of this option field

  

  DHCPACK

  DHCP 服务器用 DHCPACK 响应 DHCPREQUEST,以此完成初始化周期。Source 地址是 DHCP 服务器 IP 地址,Destination 地址仍然是 255.255.255.255。YIADDR 字段包含客户端的地址,而 CHADDR 和 DHCP:Client Identifier 字段是发出请求的客户端中网卡的物理地址。DHCP Option 部分将数据包标识为 ACK。

  IP:ID = 0x3D30; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 15664 (0x3D30)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x2EA8

  IP:Source Address = 157.54.48.151

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:ACK (xid=21274A1D)

  DHCP:Op Code (op) = 2 (0x2)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 556223005 (0x21274A1D)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 157.54.50.5

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie = [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP ACK

  DHCP:Renewal Time Value (T1) = 8 Days, 0:00:00

  DHCP:Rebinding Time Value (T2) = 14 Days, 0:00:00

  DHCP:IP Address Lease Time = 16 Days, 0:00:00

  DHCP:Server Identifier = 157.54.48.151

  DHCP:Subnet Mask = 255.255.240.0

  DHCP:Router = 157.54.48.1

  DHCP:NetBIOS Name Service = 157.54.16.154

  DHCP:NetBIOS Node Type = (Length: 1) 04

  DHCP:End of this option field

  

  如果客户端以前有 DHCP 分配的 IP 地址并且客户端被重新启动,则客户端将在特殊的 DHCPREQUEST 数据包中特定地请求以前租用过的 IP 地址。Source 地址是 0.0.0.0,Destination 地址是广播地址 255.255.255.255。Microsoft客户端将用以前分配的地址填充 DHCP Option Field DHCP:Requested Address 字段。严格符合 RFC 的客户端将用请求的地址填充 CIADDR Field。对这两种情况 Microsoft DHCP 服务器都将接受。

  IP:ID = 0x0; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 0 (0x0)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x39A6

  IP:Source Address = 0.0.0.0

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:Request (xid=2757554E)

  DHCP:Op Code (op) = 1 (0x1)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 660034894 (0x2757554E)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 0.0.0.0

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie = [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP Request

  DHCP:Client-identifier = (Type:1) 08 00 2b 2e d8 5e

  DHCP:Requested Address = 157.54.50.5

  DHCP:Host Name = JUMBO-WS

  DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

  DHCP:End of this option field

  

  这时,服务器可能响应,也可能不响应。Windows NTDHCP 服务器的行为取决于所使用的操作系统版本以及其他因素,如超级作用域。如果服务器决定客户端仍然可以使用该地址,它将保持静默或对 DHCPREQUEST 发出 ACK。如果服务器决定客户端不能拥有该地址,它将发送 NACK。

  IP:ID = 0x3F1A; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 16154 (0x3F1A)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x2CBE

  IP:Source Address = 157.54.48.151

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:NACK (xid=74A005CE)

  DHCP:Op Code (op) = 2 (0x2)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 1956644302 (0x74A005CE)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 0.0.0.0

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie = [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP NACK

  DHCP:Server Identifier = 157.54.48.151

  DHCP:End of this option field

  

  然后,客户端将开始发现进程,但 DHCPDISCOVER 数据包仍然尝试租用相同的地址。在许多情况下,tth 客户端将得到相同的地址,但也可能得不到。

  IP:ID = 0x100; Proto = UDP; Len: 328

  IP:Version = 4 (0x4)

  IP:Header Length = 20 (0x14)

  IP:Service Type = 0 (0x0)

  IP:Precedence = Routine

  IP:...0.... = Normal Delay

  IP:....0... = Normal Throughput

  IP:.....0.. = Normal Reliability

  IP:Total Length = 328 (0x148)

  IP:Identification = 256 (0x100)

  IP:Flags Summary = 0 (0x0)

  IP:.......0 = Last fragment in datagram

  IP:......0. = May fragment datagram if necessary

  IP:Fragment Offset = 0 (0x0) bytes

  IP:Time to Live = 128 (0x80)

  IP:Protocol = UDP - User Datagram

  IP:Checksum = 0x38A6

  IP:Source Address = 0.0.0.0

  IP:Destination Address = 255.255.255.255

  IP:Data:Number of data bytes remaining = 308 (0x0134)

  DHCP:Discover (xid=3ED14752)

  DHCP:Op Code (op) = 1 (0x1)

  DHCP:Hardware Type (htype) = 1 (0x1) 10Mb Ethernet

  DHCP:Hardware Address Length (hlen) = 6 (0x6)

  DHCP:Hops (hops) = 0 (0x0)

  DHCP:Transaction ID (xid) = 1053902674 (0x3ED14752)

  DHCP:Seconds (secs) = 0 (0x0)

  DHCP:Flags (flags) = 0 (0x0)

  DHCP:0............... = No Broadcast

  DHCP:Client IP Address (ciaddr) = 0.0.0.0

  DHCP:Your IP Address (yiaddr) = 0.0.0.0

  DHCP:Server IP Address (siaddr) = 0.0.0.0

  DHCP:Relay IP Address (giaddr) = 0.0.0.0

  DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

  DHCP:Server Host Name (sname) =

  DHCP:Boot File Name (file) =

  DHCP:Magic Cookie = [OK]

  DHCP:Option Field (options)

  DHCP:DHCP Message Type = DHCP Discover

  DHCP:Client-identifier = (Type:1) 08 00 2b 2e d8 5e

  DHCP:Requested Address = 157.54.51.5

  DHCP:Host Name = JUMBO-WS

  DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

  DHCP:End of this option field

  

  客户端从 DHCP 服务器获得的 DHCP 信息中将有与该信息关联的租约时间。租约时间定义了对于 DHCP 分配的信息,客户端可以使用多久。当租约时间达到某个特殊时刻时,客户端将尝试更新其 DHCP 信息。

  要在 Windows 或 Windows for Workgroups 客户端上查看 IP 信息,请使用 IPCONFIG 实用工具。如果客户端是 Windows 95,请使用 WINIPCFG。

    • 评论
    • 分享微博
    • 分享邮件
    VIP专区
    邮件订阅

    如果您非常迫切的想了解IT领域最新产品与技术信息,那么订阅至顶网技术邮件将是您的最佳途径之一。

    重磅专题
    往期文章
    最新文章

    业界热点:

    北京第二十六维信息技术有限公司(至顶网)版权所有. 京ICP备15039648号-7 京ICP证161336号 京公网安备 11010802021500号