Vol 2 Part 2.5: DHCP Flashcards
Dynamic Host Configuration Protocol (DHCP) assigns host network settings based on configuration at the what?
DHCP Server
What are the 3 main functions of DHCP?
- Reduces workload of manual IP configuration
- Assigns DNS IP addresses
- Recovers no longer used IP addresses
What are the two primary critical IP addresses when using DHCP, and why are they critical?
- 0.0.0- The IP of a host that does not yet have an IP
255. 255.255.255- The local broadcast IP used to locally contact the DHCP server
What are the four critical messages sent between the client and server when using DHCP?
DORA
- Discover- sent by DHCP client to find a willing DHCP server
- Offer- sent by the DHCP server, offering a lease of an IP and other parameters
- Request- sent by the DHCP client, asking the server to lease the IPv4 address listed in the offer
- Acknowledge- sent by the DHCP server, assigns the address and lists the mask, default router, and DNS IP addresses
Routers do not forward broadcasts. Subnets sending discover messages to the 255.255.255.255 broadcast address while a DHCP server is located elsewhere will get no response means that another method must be used for a device on a subnet to hit a DHCP server on a different subnet. What is this method called?
DHCP relay. The router that acts as a middle man.
What command is used to set up the DHCP relay?
ip helper-address SERVER IP
What 4 items does a host need in order to work with DHCP correctly?
- The DNS Server IP for name resolution
- The default gateway IP
- The device’s own IP
- The devices own subnet mask
What interface should the ip dhcp helper-address command go on a router for the subnet that requires network settings from a DHCP server?
The inbound interface from the local network
The MacOS uses what command in order to access the IP configuration commands?
Ifconfig
What IP address does a host use as the source address when sending out a discover message to a DHCP server?
0.0.0.0
DHCP Snooping on a switch acts like a what?
A firewall
What does DHCP snooping do?
It analyzes incoming messages on a specific subset of ports in a VLAN. It filters the DHCP server messages (offer and acknowledge), preventing another device from offering and acknowledging IP network settings from a spurious or rogue DHCP server.
With DHCP snooping, all ports are in what state by default?
untrusted
What are the 3 DHCP snooping rules?
- Discards DHCP messages received on an untrusted port if they are server based DHCP messages
- DHCP messages received on an untrusted port as normally sent by a DHCP client (discover and request) may be filtered if they might be part of an attack
- DHCP messages received on a trusted port will be forwarded. Trusted ports do NOT filer any DHCP messages.
Explain the DHCP Release and DHCP decline messages
DHCP Release- client message telling the server they no longer need the IP address
DHCP Decline- client message turning down an IP offer
DHCP snooping checks the client’s MAC Address and their hardware address known as the what?
the chaddr
What must be trust about the chaddr and the source MAC of the received frame on the switch interface that is using DHCP snooping?
They must be the same
How could an attacker utilize the chaddr in order to use up all of the IP addresses in a DHCP scope/range? What would this attack be called?
The attacker could try to use a pseudo MAC while changing the chaddr to something different for each request. This would be a DHCP starvation attack.
What does a switch use with DHCP snooping in order to build an entry for all DHCP flows? What does this do for the switch?
A DHCP Snooping Binding Table. This allows the switch to keep a list of important facts about legitimate DHCP flows, and can be used along with Dynamic ARP Inspection (DAI) to make decisions.
DHCP Snooping must be enabled how in order to work?
Globally, listing the VLANs to be used, and with ports configured as trusted for the necessary network devices and servers.
No IP DHCP Snooping Information Option is used to do what?
Disable new fields in DHCP requests
What uses the new fields with respect to DHCP?
DHCP relay agents
What are these new fields defined as?
Option 82 DHCP Header Fields per RFC 3046.
If a switch is not working as a DHCP relay, and you want to make DHCP snooping work, what must you do and why?
Disable option 82. A switch working as a DHCP relay needs option 82 enabled so that it can create the option 82 header fields to forward frames to the DHCP server. A switch that is not acting as a relay needs option 82 disabled so that it doesn’t add these new fields and cause the frame to be filtered.
