CrossNodes Briefing: DHCP
Anyone who maintains an IP-based network knows the headaches. Each device on the network, including routers, printers, firewalls, and workstations requires a unique IP address. As networks expand, most network managers find that they quickly run out of addresses. In addition, maintaining tables of IP addresses takes time. Managers must add subnets to increase the number of IP addresses, and they need to update their tables of IP addresses. Changes to the infrastructure also force the manager to reassess and reassign IP addresses. Further, the increase in mobile computers and remote connections can force a continual expansion of IP addresses.
An Easier Way
Dynamic Host Configuration Protocol (DHCP) offers a solution. Using DHCP, network managers can create a flexible, self-configuring network. DHCP works on the principal that most users and devices do not need a constant connection with the server. When a user logs onto the network, the server assigns an IP address to that device. This IP address remains in effect for a period of time and, if it is not active when that time expires, the server releases the IP address. The server can then reassign that address to another device.
In general, DHCP networks support a mix of three modes of operation to allocate IP addresses.
- Manual -- network administrators assign IP addresses for each group of devices on a network. When a device requires IP services, it polls the servers to get its IP address. Managers can use this to "share" an IP address between multiple devices that never access the server at the same time. This also allows managers to reserve specific IP addresses for devices.
- Automatic -- each device gets an IP address from the server when it first contacts the server. The IP address, however, remains with that device, and the server does not release it for use by another device. This is useful for initially configuring a static network.
- Dynamic -- when a device connects with the server, it receives an IP address that remains in effect for a pre-set time period. When the time expires, the device or workstation must request another IP address. This represents the most flexible use of DHCP.
How It Works
Under DHCP, each device or workstations that connects to the network requests an IP address from the server. The process of negotiating this address includes:
- DHCPDiscover -- As a device or workstation connects to the network, it broadcasts a request for an IP address. This request is sent after a random delay to avoid simultaneous submissions from multiple devices on the network.
- DHCPOffer -- The server receives the DHCPDiscover message and responds with an IP address. Multiple DHCPOffers can be generated if more than one server resides on the network.
- DHCPRequest -- The device or workstations receives the DHCPOffer and generates the DHCPRequest message for the IP address it selects. As a checkpoint, DHCP also can verify that the IP address is not currently in use.
- DHCPack -- The server responds to the DHCPRequest with a message that sets the parameters of the session. This information includes the length of time (lease time) that the IP address will remain active. The device or workstation now operates using the assigned IP address.
DHCP, in theory, seems simple. However, it takes time to set up a DHCP-based network. Older devices may not support DHCP. In some cases, these devices only support BOOTP, an older, simplified version of DHCP. Although many DHCP-enabled servers can support these devices, managers will need to configure the server. In other cases, some devices require a permanent IP address, and these must be identified and assigned. Some network managers prefer to manually assign IP addresses to routers, printers and other "permanent" devices.
In addition, managers using dynamic allocation techniques must take time to calculate the proper lease time for the IP addresses. The server verifies each connection when the lease time reaches the halfway point. If a network supports multiple remote sessions that last a relatively short amount of time, the lease time can be set minutes. This ensures that IP addresses will be released and available for subsequent users. For more stable networks, a lease time can be set for several hours or days. The lease time can effect network performance, so the manager must consider this parameter carefully.
Managers also need to consider the impact of service interruptions. Scheduled server maintenance or server failures can create havoc in a DHCP configuration. Longer lease times generally recover better from interruptions, but managers can implement multiple servers that share a pool of IP addresses to help resolve the problem. Managers can implement servers that share all available IP addresses, or they can select a subset of addresses to share among servers. Each approach requires that the servers synchronize their database of IP assignments, and this requires server processing.
Security also presents a problem. Firewalls, for example, generally allow managers to configure a list of acceptable IP addresses. If these addresses are dynamically assigned, it is more difficult to determine whether the device connecting to the network is authorized. Similarly, DHCP does not specify links to authentication programs, so managers may encounter difficulties implementing these types of security.
What to Look For
Managers seeking a DHCP solution need to consider several functions, including:
- Configurable parameters -- depending on the DHCP version, managers can set such parameters as the lease time, establish groups of users with different parameters, and enhance security by limiting the MAC addresses of devices allowed to access the network. In addition, support for BOOTP devices and other types of named servers can increase the flexibility of DHCP.
- Multiple server support -- coordinating DHCP across multiple servers requires the servers to synchronize the IP allocation tables. Support for this function helps ensure that the network operates correctly and that multiple devices do not accidentally receive the same IP address.
- Administration features -- as is the case with most network administration utilities, managers generally prefer a centralized approach. For networks with multiple servers or geographically dispersed networks, centralized control is necessary. Support for setting parameters through scripts and programming languages also help managers maintain a network more effectively, and most managers prefer a graphical interface.
- Import capability -- if a network already supports static IP addresses, the ability to import these addresses can simplify the DHCP conversion. This feature also helps managers maintain a network that has group of IP addresses that change infrequently.
- Global settings -- managers need to change parameters in DHCP as the network evolves. The ability to apply these changes to every session or groups of sessions eases the configuration process.
- Reports -- an audit trail that includes a log of the IP addresses granted allows the manager to monitor the network operation, enhance security, and anticipate problems.
The Bottom Line
Most network managers like the idea of DHCP, but they fear the complexity of setting up such a system. The decision of moving to DHCP revolves around time. For managers with a static network, DHCP provides little benefit. However, managers that spend time maintaining complex IP tables and managers that expect to expand their networks in the future will want to seriously considering implementing this standard.
Gerald Williams serves as Director of Quality Assurance for Dolphin Inc., a software development company. Williams has extensive background in technology and testing, previously serving as Editorial Director with National Software Testing Labs (NSTL), Executive Editor with Datapro Research, and Managing Editor of Datapro's PC Communications reference service.
Each CrossNodes Briefing is designed to act as a reference on an individual technology, providing a knowledge base and guide to networkers in purchasing and deployment decisions.