Internet Protocol Analysis/Address Assignment

This lesson introduces dynamic addressing and looks at the Bootstrap Protocol (BOOTP) and the Dynamic Host Configuration Protocol for IPv4 (DHCP) and IPv6 (DHCPv6). Activities include using Wireshark to examine BOOTP, DHCP, and DHCPv6 network traffic.

Readings

 * 1)  Link-local address
 * 2)  Bootstrap Protocol
 * 3)  Dynamic Host Configuration Protocol
 * 4)  DHCPv6
 * 5)  Prefix delegation

Multimedia

 * 1) YouTube: DHCP Addressing Overview - CompTIA Network+ N10-005: 2.3
 * 2) YouTube: The DHCP Process in Wireshark
 * 3) YouTube: Understanding APIPA - CompTIA Network+ N10-005: 1.3

Activities

 * 1)  View and test a link-local address.
 * 2) Use Wireshark to  capture and analyze Dynamic Host Configuration Protocol (DHCP) traffic.
 * 3) Use Wireshark to  capture and analyze DHCPv6 traffic.
 * 4) Consider situations in which a packet analyzer might be used to troubleshoot address assignment traffic.

Lesson Summary

 * A link-local address is an Internet Protocol address that is intended only for communications within the segment of a local network (a link) or a point-to-point connection that a host is connected to.
 * Routers do not forward packets with link-local addresses.
 * Link-local addresses for IPv4 are defined in the address block 169.254.0.0/16.
 * Link-local addresses for IPv6 are defined with the prefix fe80::/64.
 * Unlike IPv4, IPv6 requires a link-local address to be assigned to every network interface on which the IPv6 protocol is enabled, even when one or more routable addresses are also assigned.
 * The IPv6 link-local address is required for sublayer operations of the Neighbor Discovery Protocol (NDP) and DHCPv6.
 * The Bootstrap Protocol, or BOOTP, is a network protocol used by a network client to obtain an IP address from a configuration server.
 * The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for the same purpose as BOOTP and has superseded the use of BOOTP. DHCP is an extension of BOOTP and uses the same datagram format.
 * Most DHCP servers also function as BOOTP servers.
 * The BOOTP protocol replaced the Reverse Address Resolution Protocol (RARP).
 * BOOTP, and therefore DHCP, supports the use of a relay agent, which allows BOOTP packets to be forwarded from the local network so that one central BOOTP server can serve hosts on many subnets.
 * The Dynamic Host Configuration Protocol (DHCP) is a network protocol that is used to configure network devices so that they can communicate on an IP network.
 * DHCP servers maintain a database of available IP addresses and configuration information.
 * Network links without a DHCP server can use DHCP relay agents to receive messages from DHCP clients and forward them to DHCP servers. DHCP servers send responses back to the relay agent, and the relay agent then sends these responses to the DHCP client on the local network link.
 * DHCP servers typically grant IP addresses to clients only for a limited interval. DHCP clients are responsible for renewing their IP address before that interval has expired, and must stop using the address once the interval has expired, if they have not been able to renew it.
 * By default, clients attempt to renew their lease using unicast (directed) traffic starting at one half of lease time, also known as renewal time (T1).
 * By default, clients attempt to renew their lease using broadcast traffic starting at 87.5% of lease time, also known as rebinding time (T2).
 * DHCP servers assign addresses through either dynamic or automatic allocation, or thorough static allocation (address reservations).
 * DHCPv4 operations fall into four basic phases: IP discovery, IP lease offer, IP request, and IP lease acknowledgement. These points are often abbreviated as DORA (Discovery, Offer, Request, Acknowledgement).
 * DHCPv4 options provided to clients include subnet mask, router (default gateway), domain name server, domain name, NetBIOS name servers (WINS), lease time, renewal time (T1), rebinding time (T2), and others.
 * The base DHCP protocol does not include any mechanism for authentication. Because of this, it is vulnerable to a variety of attacks including unauthorized servers, unauthorized clients, and address exhaustion attacks from malicious clients.
 * DHCPv6 operations are similar to DHCPv4, but are described as Solicit, Advertise, Request, and Reply. Renewals are processed with Renew and Reply.
 * DHCPv6-PD prefix delegation is used to assign a network address prefix to a user site, configuring the user's router with the prefix to be used for each LAN.

Key Terms

 * Automatic Private IP Addressing (APIPA)
 * Microsoft's terminology for link-local addressing.


 * Bootstrapping
 * A self-sustaining process that proceeds without external help.


 * diskless node
 * A workstation or personal computer without disk drives, which employs network booting to load its operating system from a server.


 * fault-tolerant
 * A design that enables a system to continue operation, possibly at a reduced level, rather than failing completely when some part of the system fails.


 * Preboot eXecution Environment (PXE, sometimes pronounced "pixie")
 * An environment to boot computers using a network interface independent of local data storage devices (like hard disks) or installed operating systems.


 * Reverse Address Resolution Protocol (RARP)
 * An obsolete protocol that finds the logical IP address for a machine that knows only its physical address.

Assessments

 * /Lesson Flashcards/
 * /Terms Flashcards/
 * /Quiz/