DHCP Server Interview Questions and Answers
DHCP Server Interview Questions and Answers
1. What is DHCP?
DHCP stands for "Dynamic Host Configuration Protocol".
2.What is DHCP's purpose?
DHCP's purpose is to enable individual computers on an IP
network to extract
their configurations from a server (the 'DHCP server') or
servers, in particular,
servers that have no exact information about the individual
computers until they
request the information. The overall purpose of this is to
reduce the work
necessary to administer a large IP network. The most significant
piece of
information distributed in this manner is the IP address.
3. Can DHCP work with AppleTalk or IPX?
No, it is too tied to IP. Furthermore, they don't need it since
they have always
had automated mechanisms for assigning their own network
addresses.
4. Who Created It? How Was It Created?
DHCP was created by the Dynamic Host Configuration Working Group
of the
Internet Engineering Task Force (IETF; a volunteer organization
which defines
protocols for use on the Internet). As such, it's definition is
recorded in an
Internet RFC and the Internet Activities Board (IAB) is
asserting its status as to
Internet Standardization. As of this writing (June 1998), DHCP
is an Internet
Draft Standard Protocol and is Elective. BOOTP is an Internet
Draft Standard
Protocol and is recommended. For more information on Internet
standardization,
see RFC2300 (May 1998)
5. How is it different than BOOTP or RARP?
DHCP is based on BOOTP and maintains some backward
compatibility. The main
difference is that BOOTP was designed for manual
pre-configuration of the host
information in a server database, while DHCP allows for dynamic
allocation of
network addresses and configurations to newly attached hosts.
Additionally,
DHCP allows for recovery and reallocation of network addresses
through a
leasing mechanism.
RARP is a protocol used by Sun and other vendors
that allows a computer to find
out its own IP number, which is one of the protocol parameters
typically passed
to the client system by DHCP or BOOTP. RARP doesn't support
other parameters
and using it, a server can only serve a single LAN. DHCP and
BOOTP are
designed so they can be routed.
6.How is it different than VLANs?
DHCP and VLANs, which are very different in concept, are
sometimes cited as
different solutions to the same problem. While they have a goal
in common
(easing moves of networked computers), VLANs represent a more
revolutionary
change to a LAN than DHCP. A DHCP server and forwarding agents
can allow you
to set things up so that you can unplug a client computer from
one network or
subnet and plug it into another and have it come alive
immediately, it having
been reconfigured automatically. In conjunction to Dynamic DNS,
it could
automatically be given its same name in its new place.
VLAN-capable LAN
equipment with dynamic VLAN assignment allows you to configure
things so a
client computer can be plugged into any port and have the same
IP number (as
well as name) and be on the same subnet. The VLAN-capable
network either has
its own configuration that lists which MAC addresses are to
belong to each VLAN,
or it makes the determination from the source IP address of the
IP packets that
the client computer sends. Some differences in the two
approaches:
- DHCP handles
changes by reconfiguring the client while a VLAN-capable
network handles it by reconfiguring the network port the client
is moved to.
- DHCP dynamic
reconfiguration requires a DHCP server, forwarding agent
in each router, and DHCP capability in each client's TCP/IP
support. The
analogous capability in VLANs requires that all hubs throughout
the
network be VLAN-capable, supporting the same VLAN scheme. To
this
point VLAN support is proprietary with no vendor
interoperability, but
standards are being developed.
- DHCP can
configure a new client computer for you while a VLAN-capable
network can't.
- DHCP is
generally aimed at giving "easy moves" capability to networks
that are divided into subnets on a geographical basis, or on
separate
networks. VLANs are generally aimed at allowing you to set up
subnets
on some basis other than geographical, e.g. instead of putting
everyone
in one office on the same subnet, putting each person on a
subnet that
has access to the servers that that person requires.
There is an issue with trying to use DHCP (or BOOTP) and VLANs
at the same
time, in particular, with the scheme by which the VLAN-capable
network
determines the client's VLAN based upon the client computer's
source IP
address. Doing so assumes the client computer is already
configured, which
precludes the use of network to get the configuration
information from a DHCP
or BOOTP server.
7. What protocol and port does DHCP use?
DHCP, like BOOTP runs over UDP, utilizing ports 67 and 68.
8. What is an IP address?
An IP address (also called an IP number) is a number (typically
written as four
numbers separated by periods, i.e. 107.4.1.3 or 84.2.1.111)
which uniquely
identifies a computer that is making use of the Internet. It is
analogous to your
telephone number in that the telephone number is used by the
telephone
network to direct calls to you. The IP address is used by the
Internet to direct
data to your computer, e.g. the data your web browser retrieves
and displays
when you surf the net. One task of DHCP is to assist in the
problem of getting a
functional and unique IP number into the hands of the computers
that make use
of the Internet.
9. What is a MAC address?
A MAC address (also called an Ethernet address or an IEEE MAC
address) is a
number (typically written as twelve hexadecimal digits, 0
through 9 and A
through F, or as six hexadecimal numbers separated by periods or
colons, i.e.
0080002012ef, 0:80:0:2:20:ef) which uniquely identifes a
computer that has an
Ethernet interface. Unlike the IP number, it includes no
indication of where your
computer is located. In DHCP's typical use, the server uses a
requesting
computer's MAC address to uniquely identify it.
10. What is a DHCP lease?
A DHCP lease is the amount of time that the DHCP server grants
to the DHCP
client permission to use a particular IP address. A typical
server allows its
administrator to set the lease time.
11. What is a Client ID?
What is termed the Client ID for the purposes of the DHCP protocol is
whatever
is used by the protocol to identify the client computer. By
default, DHCP
implementations typically employ the client's MAC address for
this purpose, but
the DHCP protocol allows other options. Some DHCP
implementations have a
setup option to specify the client ID you want. One alternative
to the MAC
address is simply a character string of your choice. In any
case, in order for
DHCP to function, you must be certain that no other client is
using the client ID
you choose, and you must be sure the DHCP server will accept it.
12.Can DHCP support statically defined
addresses?
Yes. At least there is nothing in the protocol to preclude this
and one expects it
to be a feature of any DHCP server. This is really a server
matter and the client
should work either way. The RFC refers to this as manual
allocation.
13. How does DHCP and BOOTP handle multiple
subnets?
For the situations where there is more than one LAN, each with
its own subnet
number, there are two ways. First of all, you can set up a
seperate server on
each subnet. Secondly, a feature of some routers known as
"BOOTP forwarding"
to forward DHCP or BOOTP requests to a server on another subnet
and to
forward the replies back to the client. The part of such a
router (or server acting
as a router) that does this is called a "BOOTP forwarding
agent". Typically you
have to enable it on the interface to the subnet to be served
and have to
configure it with the IP address of the DHCP or BOOTP server. On
a Cisco router,
the address is known as the "UDP Helper Address".
14. Can a BOOTP client boot from a DHCP
server?
Only if the DHCP server is specifically written to also handle
BOOTP queries.
15. Can a DHCP client boot from a BOOTP
server?
Only if the DHCP client were specifically written to make use of
the answer from
a BOOTP server. It would presumably treat a BOOTP reply as an
unending lease
on the IP address.
In particular, the TCP/IP stack included with Windows 95 does not have this
capability.
16. Is a DHCP server "supposed to"
be able to support a BOOTP client?
The RFC on such interoperability (1534) is clear: "In
summary, a DHCP server:
... MAY support BOOTP clients," (section 2). The word
"MAY" indicates such
support, however useful, is left as an option.
A source of confusion on this point is the following statement
in section 1.5 of
RFC 1541: "DHCP must provide service to existing BOOTP
clients." However, this
statement is one in a list of "general design goals for
DHCP", i.e. what the
designers of the DHCP protocol set as their own goals. It is not
in a list of
requirements for DHCP servers.
17. Is a DHCP client "supposed to"
be able to use a BOOTP server?
The RFC on such interoperability (1534) is clear: "A DHCP
client MAY use a reply
from a BOOTP server if the configuration returned from the BOOTP
server is
acceptable to the DHCP client." (section 3). The word
"MAY" indicates such
support, however useful, is left as an option.
18. Can a DHCP client or server make a DNS
server update the client's DNS entry to match the client's dynamically assigned
address?
RFCs 2136 and 2137 indicate a way in which DNS entries can be
updated
dynamically. Using this requires a DNS server that supports this
feature and a
DHCP server that makes use of it. The RFCs are very recent (as
of 5/97) and
implementations are few. In the mean time, there are DNS and
DHCP servers
that accomplish this through proprietary means.
19. Can a DHCP server back up another DHCP
server?
You can have two or more servers handing out leases for
different addresses. If
each has a dynamic pool accessible to the same clients, then
even if one server
is down, one of those clients can lease an address from the
other server.
However, without communication between the two servers to share
their
information on current leases, when one server is down, any
client with a lease
from it will not be able to renew their lease with the other
server. Such
communication is the purpose of the "server to server
protocol" (see next
question). It is possible that some server vendors have
addressed this issue with
their own proprietary server-to-server communication.
20. When will the server to server protocol be
defined?
The DHC WG of the IETF is actively investigating the issues in
inter-server
communication. The protocol should be defined "soon".
21.Where is DHCP defined?
In Internet RFCs.
22. Can DHCP support remote access?
PPP has its own non-DHCP way in which communications servers can
hand
clients an IP address called IPCP (IP Control Protocol) but
doesn't have the same
flexibility as DHCP or BOOTP in handing out other parameters.
Such a
communications server may support the use of DHCP to acquire the
IP addresses
it gives out. This is sometimes called doing DHCP by proxy for
the client. I know
that Windows NT's remote access support does this.
A feature of DHCP under development (DHCPinform) is a method by
which a
DHCP server can supply parameters to a client that already has
an IP number.
With this, a PPP client could get its IP number using IPCP, then
get the rest of its
parameters using this feature of DHCP.
SLIP has no standard way in which a server can hand a client an
IP address, but
many communications servers support non-standard ways of doing
this that can
be utilized by scripts, etc. Thus, like communications servers
supporting PPP,
such communications servers could also support the use of DHCP
to acquire the
IP addressees to give out.
The DHCP protocol is capable of allocating an IP address to a
device without an
IEEE-style MAC address, such as a computer attached through SLIP
or PPP, but
to do so, it makes use of a feature which may or may not be
supported by the
DHCP server: the ability of the server to use something other
than the MAC
address to identify the client. Communications servers that
acquire IP numbers
for their clients via DHCP run into the same roadblock in that
they have just one
MAC address, but need to acquire more than one IP address. One
way such a
communications server can get around this problem is through the
use of a set
of unique pseudo-MAC addresses for the purposes of its
communications with
the DHCP server. Another way (used by Shiva) is to use a
different "client ID
type" for your hardware address. Client ID type 1 means
you're using MAC
addresses. However, client ID type 0 means an ASCII string.
23.How can I relay DHCP if my router does not
support it?
A server on a net(subnet) can relay DHCP or BOOTP for that net.
Microsoft has
software to make Windows NT do this.
24.What is DHCP Spoofing?
Ascend Pipeline ISDN routers (which attach Ethernets to ISDN lines) incorporate
a feature that Ascend calls "DHCP spoofing" which is
essentially a tiny server
implementation that hands an IP address to a connecting Windows
95 computer,
with the intention of giving it an IP number during its
connection process.
25. How long should a lease be?
A very relevant factor is that the client starts trying to renew
the lease when it is
halfway through: thus, for example, with a 4 day lease, the
client which has lost
access to its DHCP server has 2 days from when it first tries to
renew the lease
until the lease expires and the client must stop using the
network. During a 2-
day outage, new users cannot get new leases, but no lease will
expire for any
computer turned on at the time that the outage commences.
Another factor is that the longer the lease the longer time it
takes for client
configuration changes controlled by DHCP to propogate.
25. How can I control which clients get leases
from my server?
There is no ideal answer: you have to give something up or do
some extra work.
- You can put all
your clients on a subnet of your own along with your own
DHCP server.
- You can use
manual allocation.
- Perhaps you can
find DHCP server software that allows you to list which
MAC addresses the server will accept. DHCP servers that support
roaming
machines may be adapted to such use.
- You can use the
user class option assuming your clients and server
support it: it will require you to configure each of your
clients with a user
class name. You still depend upon the other clients to respect
your
wishes.
26. How can I prevent unauthorized laptops
from using a network that uses DHCP for dynamic addressing?
This would have to be done using a mechanism other than DHCP.
DHCP does not
prevent other clients from using the addresses it is set to hand
out nor can it
distinguish between a computer's permanent MAC address and one
set by the
computer's user. DHCP can impose no restrictions on what IP
address can use a
particular port nor control the IP address used by any client.
27. What features or restrictions can a DHCP
server have?
While the DHCP server protocol is designed to support dynamic
management of
IP addresses, there is nothing to stop someone from implementing
a server that
uses the DHCP protocol, but does not provide that kind of
support. In particular,
the maintainer of a BOOTP server-implementation might find it
helpful to
enhance their BOOTP server to allow DHCP clients that cannot
speak "BOOTP" to
retrieve statically defined addresses via DHCP. The following
terminology has
become common to describe three kinds of IP address
allocation/management.
These are independent "features": a particular server
can offer or not offer any
of them:
- Manual
allocation: the server's administrator creates a configuration for
the server that includes the MAC address and IP address of each
DHCP
client that will be able to get an address: functionally
equivalent to
BOOTP though the protocol is incompatible.
- Automatic
allocation: the server's administrator creates a configuration
for the server that includes only IP addresses, which it gives
out to
clients. An IP address, once associated with a MAC address, is
permanently associated with it until the server's administrator
intervenes.
- Dynamic
allocation: like automatic allocation except that the server will
track leases and give IP addresses whose lease has expired to
other
DHCP clients.
Other features which a DHCP server may or may not have:
- Support for
BOOTP clients.
- Support for the
broadcast bit.
- Administrator-settable
lease times.
- Administrator-settable
lease times on manually allocated addresses.
- Ability to limit
what MAC addresses will be served with dynamic
addresses.
- Allows
administrator to configure additional DHCP option-types.
- Interaction with
a DNS server. Note that there are a number of
interactions that one might support and that a standard set
& method is
in the works.
- Interaction with
some other type of name server, e.g. NIS.
- Allows manual
allocation of two or more alternative IP numbers to a
single MAC address, whose use depends upon the gateway address
through which the request is relayed.
- Ability to
define the pool/pools of addresses that can be allocated
dynamically. This is pretty obvious, though someone might have a
server
that forces the pool to be a whole subnet or network. Ideally,
the server
does not force such a pool to consist of contiguous IP
addresses.
- Ability to
associate two or more dynamic address pools on separate IP
networks (or subnets) with a single gateway address. This is the
basic
support for "secondary nets", e.g. a router that is
acting as a BOOTP
relay for an interface which has addresses for more than one IP
network
or subnet.
- Ability to
configure groups of clients based upon client-supplied user
and/or vendor class. Note: this is a feature that might be used
to assign
different client-groups on the same physical LAN to different
logical
subnets.
- Administrator-settable
T1/T2 lengths.
- Interaction with
another DHCP server. Note that there are a number of
interactions that one might support and that a standard set
& method is
in the works.
- Use of PING
(ICMP Echo Request) to check an address prior to
dynamically allocating it.
- Server grace
period on lease times.
- Ability to force
client(s) to get a new address rather than renew.
DHCP Discovery:
The client broadcasts on the local physical subnet to find
available servers. Network
administrators can configure a local router to forward DHCP
packets to a DHCP server on a
different subnet. This client-implementation creates a UDP
packet with the broadcast
destination of 255.255.255.255 or subnet broadcast address and
also requests its last-known
IP address (in the example below, 192.168.1.100) although the
server may ignore this optional
parameter....
DHCP Offers:
When a DHCP server receives an IP lease request from a client,
it extends an IP lease offer.
This is done by reserving an IP address for the client and
broadcasting a DHCPOFFER message
across the network. This message contains the client's MAC
address, followed by the IP
address that the server is offering, the subnet mask, the lease
duration, and the IP address of
the DHCP server making the offer.
The server determines the configuration, based on the client's
hardware address as specified in
the CHADDR field. Here the server, 192.168.1.1, specifies the IP
address in the YIADDR field.
DHCP Requests:
Whenever a computer comes on line, it checks to see if it
currently has an IP address leased. If
it does not, it requests a lease from a DHCP server. Because the
client computer does not know
the address of a DHCP server, it uses 0.0.0.0 as its own IP
address and 255.255.255.255 as
the destination address. Doing so allows the client to broadcast
a DHCPDISCOVER message
across the network. Such a message consists of the client
computer's Media Access Control
(MAC) address (the hardware address built into the network card)
and its NetBIOS name.
The client selects a configuration out of the DHCP
"Offer" packets it has received and
broadcasts it on the local subnet. Again, this client requests
the 192.168.1.100 address that
the server specified. In case the client has received multiple
offers it specifies the server from
which it has accepted the offer.
DHCP Acknowledgement:
When the DHCP server receives the DHCPREQUEST message from the
client, it initiates the
final phase of the configuration process. This acknowledgement
phase involves sending a
DHCPACK packet to the client. This packet includes the lease
duration and any other
configuration information that the client might have requested.
At this point, the TCP/IP
configuration process is complete.
The server acknowledges the request and sends the
acknowledgement to the client. The
system as a whole expects the client to configure its network
interface with the supplied
options.
Comments
Post a Comment