DHCP Notes

Dynamic Host Configuration Protocol.  Server automatically gives IP address to those machine that request it.

• Message Exchanges (DORA), Discovery, Offer, Request, Acknowledgement.  
• UDP Protocol - port 68 (server) - port 67 (client)
• Wireshark decodes it as Bootp Protocol, because Bootp also uses same port numbers
• Transaction ID same for one transaction of DHCP packets

DHCP

DHCP Discovery

• DHCP Client ---> DHCP Server
• Source MAC is client's MAC.  Destinatation MAC is FF:FF:FF:FF:FF:FF 
• Source IP is 00:00:00:00 (it was not configured with any IP address yet)
• Destination IP is FF:FF:FF:FF (not sure which one is DHCP server)

DHCP Discovery

DHCP Offer

• DHCP Server ----> DHCP Client
• Source MAC and Destination MAC self-explanatory
• Source IP (Server)
• Destination IP(Client).  
• This packet is unicast, but client's IP address is not yet configured. Some cases, the packet will be broadcast.  This needs explanation and it will be done in the next tutorial with Scapy.
• 'Your (client) IP address' is the IP address given by server to client
• Rest of the fields are self-explanatory

DHCP Offer

DHCP Request

• DHCP Client ---> DHCP Server
• Source MAC is client's MAC.  Destinatation MAC is FF:FF:FF:FF:FF:FF 
• Source IP is 00:00:00:00 (it was not configured with any IP address yet)
• Destination IP is FF:FF:FF:FF 
• The reason why destination MAC and IP are broadcast, even though the client is aware about the server IP address is:  It helps other DHCP servers in the network to be aware that the client has already got hold of another DHCP server and it can reallocate the client-offered IP address to some other machine.
• Client requests the IP address to the server, and configures IP address on its interface

DHCP Request

DHCP Acknowledge

• DHCP Server ---> DHCP Client
• Client would have configured IP address by now, so Destination MAC and IP will be of Client's.
• All the properties will be the same that of DHCP Offered packet

DHCP Ack