Internet Protocol Analysis/Address Assignment

This lesson introduces dynamic addressing and looks at the Bootstrap Protocol (BOOTP) and the Dynamic Host Configuration Protocol for IPv4 (DHCP) and IPv6 (DHCPv6). Activities include using Wireshark to examine BOOTP, DHCP, and DHCPv6 network traffic.

Readings edit

  1. Wikipedia: Link-local address
  2. Wikipedia: Bootstrap Protocol
  3. Wikipedia: Dynamic Host Configuration Protocol
  4. Wikipedia: DHCPv6
  5. Wikipedia: Prefix delegation

Multimedia edit

  1. YouTube: DHCP Addressing Overview - CompTIA Network+ N10-005: 2.3
  2. YouTube: The DHCP Process in Wireshark
  3. YouTube: Understanding APIPA - CompTIA Network+ N10-005: 1.3

Activities edit

  1. View and test a link-local address.
  2. Use Wireshark to capture and analyze Dynamic Host Configuration Protocol (DHCP) traffic.
  3. Use Wireshark to capture and analyze DHCPv6 traffic.
  4. Consider situations in which a packet analyzer might be used to troubleshoot address assignment traffic.

Lesson Summary edit

  • A link-local address is an Internet Protocol address that is intended only for communications within the segment of a local network (a link) or a point-to-point connection that a host is connected to.[1]
  • Routers do not forward packets with link-local addresses.[2]
  • Link-local addresses for IPv4 are defined in the address block 169.254.0.0/16.[3]
  • Link-local addresses for IPv6 are defined with the prefix fe80::/64.[4]
  • Unlike IPv4, IPv6 requires a link-local address to be assigned to every network interface on which the IPv6 protocol is enabled, even when one or more routable addresses are also assigned.[5]
  • The IPv6 link-local address is required for sublayer operations of the Neighbor Discovery Protocol (NDP) and DHCPv6.[6]
  • The Bootstrap Protocol, or BOOTP, is a network protocol used by a network client to obtain an IP address from a configuration server.[7]
  • The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for the same purpose as BOOTP and has superseded the use of BOOTP.[8] DHCP is an extension of BOOTP and uses the same datagram format.[9]
  • Most DHCP servers also function as BOOTP servers.[10]
  • The BOOTP protocol replaced the Reverse Address Resolution Protocol (RARP).[11]
  • BOOTP, and therefore DHCP, supports the use of a relay agent, which allows BOOTP packets to be forwarded from the local network so that one central BOOTP server can serve hosts on many subnets.[12]
  • The Dynamic Host Configuration Protocol (DHCP) is a network protocol that is used to configure network devices so that they can communicate on an IP network.[13]
  • DHCP servers maintain a database of available IP addresses and configuration information.[14]
  • Network links without a DHCP server can use DHCP relay agents to receive messages from DHCP clients and forward them to DHCP servers. DHCP servers send responses back to the relay agent, and the relay agent then sends these responses to the DHCP client on the local network link.[15]
  • DHCP servers typically grant IP addresses to clients only for a limited interval. DHCP clients are responsible for renewing their IP address before that interval has expired, and must stop using the address once the interval has expired, if they have not been able to renew it.[16]
  • By default, clients attempt to renew their lease using unicast (directed) traffic starting at one half of lease time, also known as renewal time (T1).[17]
  • By default, clients attempt to renew their lease using broadcast traffic starting at 87.5% of lease time, also known as rebinding time (T2).[18]
  • DHCP servers assign addresses through either dynamic or automatic allocation, or thorough static allocation (address reservations).[19]
  • DHCPv4 operations fall into four basic phases: IP discovery, IP lease offer, IP request, and IP lease acknowledgement. These points are often abbreviated as DORA (Discovery, Offer, Request, Acknowledgement).[20]
  • DHCPv4 options provided to clients include subnet mask, router (default gateway), domain name server, domain name, NetBIOS name servers (WINS), lease time, renewal time (T1), rebinding time (T2), and others.[21]
  • The base DHCP protocol does not include any mechanism for authentication. Because of this, it is vulnerable to a variety of attacks including unauthorized servers, unauthorized clients, and address exhaustion attacks from malicious clients.[22]
  • DHCPv6 operations are similar to DHCPv4, but are described as Solicit, Advertise, Request, and Reply.[23] Renewals are processed with Renew and Reply.[24]
  • DHCPv6-PD prefix delegation is used to assign a network address prefix to a user site, configuring the user's router with the prefix to be used for each LAN.[25]

Key Terms edit

Automatic Private IP Addressing (APIPA)
Microsoft's terminology for link-local addressing.[26]
Bootstrapping
A self-sustaining process that proceeds without external help.[27]
diskless node
A workstation or personal computer without disk drives, which employs network booting to load its operating system from a server.[28]
fault-tolerant
A design that enables a system to continue operation, possibly at a reduced level, rather than failing completely when some part of the system fails.[29]
Preboot eXecution Environment (PXE, sometimes pronounced "pixie")
An environment to boot computers using a network interface independent of local data storage devices (like hard disks) or installed operating systems.[30]
Reverse Address Resolution Protocol (RARP)
An obsolete protocol that finds the logical IP address for a machine that knows only its physical address.[31]

Review Questions edit

Enable JavaScript to hide answers.

Click on a question to see the answer.

  1. A link-local address is an Internet Protocol address that is _____.
    A link-local address is an Internet Protocol address that is intended only for communications within the segment of a local network (a link) or a point-to-point connection that a host is connected to.
  2. Routers _____ packets with link-local addresses.
    Routers do not forward packets with link-local addresses.
  3. Link-local addresses for IPv4 are defined in the address block _____.
    Link-local addresses for IPv4 are defined in the address block 169.254.0.0/16.
  4. Link-local addresses for IPv6 are defined with the prefix _____.
    Link-local addresses for IPv6 are defined with the prefix fe80::/64.
  5. Unlike _____, _____ requires a link-local address to be assigned to every network interface on which the _____ protocol is enabled, even when one or more routable addresses are also assigned.
    Unlike IPv4, IPv6 requires a link-local address to be assigned to every network interface on which the IPv6 protocol is enabled, even when one or more routable addresses are also assigned.
  6. The IPv6 link-local address is required for sublayer operations of _____.
    The IPv6 link-local address is required for sublayer operations of the Neighbor Discovery Protocol (NDP) and DHCPv6.
  7. The Bootstrap Protocol, or BOOTP, is a network protocol used by a network client to _____.
    The Bootstrap Protocol, or BOOTP, is a network protocol used by a network client to obtain an IP address from a configuration server.
  8. The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for the same purpose as _____ and has superseded the use of _____. DHCP is an extension of _____ and uses the same datagram format.
    The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for the same purpose as BOOTP and has superseded the use of BOOTP. DHCP is an extension of BOOTP and uses the same datagram format.
  9. Most DHCP servers also function as _____ servers.
    Most DHCP servers also function as BOOTP servers.
  10. The BOOTP protocol replaced _____.
    The BOOTP protocol replaced the Reverse Address Resolution Protocol (RARP).
  11. BOOTP, and therefore DHCP, supports the use of a relay agent, which _____.
    BOOTP, and therefore DHCP, supports the use of a relay agent, which allows BOOTP packets to be forwarded from the local network so that one central BOOTP server can serve hosts on many subnets.
  12. The Dynamic Host Configuration Protocol (DHCP) is a network protocol that is used to _____.
    The Dynamic Host Configuration Protocol (DHCP) is a network protocol that is used to configure network devices so that they can communicate on an IP network.
  13. DHCP servers maintain _____.
    DHCP servers maintain a database of available IP addresses and configuration information.
  14. Network links without a DHCP server can use _____ to receive messages from DHCP clients and forward them to DHCP servers.
    Network links without a DHCP server can use DHCP relay agents to receive messages from DHCP clients and forward them to DHCP servers.
  15. DHCP servers typically grant IP addresses to clients only for _____. DHCP clients are responsible for _____, and must _____.
    DHCP servers typically grant IP addresses to clients only for a limited interval. DHCP clients are responsible for renewing their IP address before that interval has expired, and must stop using the address once the interval has expired, if they have not been able to renew it.
  16. By default, clients attempt to renew their lease using _____ traffic starting at one half of lease time, also known as _____ time (T1).
    By default, clients attempt to renew their lease using unicast (directed) traffic starting at one half of lease time, also known as renewal time (T1).
  17. By default, clients attempt to renew their lease using _____ traffic starting at 87.5% of lease time, also known as _____ time (T2).
    By default, clients attempt to renew their lease using broadcast traffic starting at 87.5% of lease time, also known as rebinding time (T2).
  18. DHCP servers assign addresses through either _____.
    DHCP servers assign addresses through either dynamic or automatic allocation, or thorough static allocation (address reservations).
  19. DHCPv4 operations fall into four basic phases: _____. These points are often abbreviated as _____.
    DHCPv4 operations fall into four basic phases: IP discovery, IP lease offer, IP request, and IP lease acknowledgement. These points are often abbreviated as DORA (Discovery, Offer, Request, Acknowledgement).
  20. DHCPv4 options provided to clients include _____.
    DHCPv4 options provided to clients include subnet mask, router (default gateway), domain name server, domain name, NetBIOS name servers (WINS), lease time, renewal time (T1), rebinding time (T2), and others.
  21. The base DHCP protocol does not include any mechanism for authentication. Because of this, it is vulnerable to a variety of attacks including _____.
    The base DHCP protocol does not include any mechanism for authentication. Because of this, it is vulnerable to a variety of attacks including unauthorized servers, unauthorized clients, and address exhaustion attacks from malicious clients.
  22. DHCPv6 operations are similar to DHCPv4, but are described as _____. Renewals are processed with _____.
    DHCPv6 operations are similar to DHCPv4, but are described as Solicit, Advertise, Request, and Reply. Renewals are processed with Renew and Reply.
  23. DHCPv6-PD prefix delegation is used to _____.
    DHCPv6-PD prefix delegation is used to assign a network address prefix to a user site, configuring the user's router with the prefix to be used for each LAN.

Assessments edit

See Also edit

References edit

  Type classification: this is a lesson resource.
  Completion status: this resource is considered to be complete.