Understanding the DHCP Server Client conversation (very intresting subject)

Discussion in 'MCSE' started by Weamfox, Mar 1, 2008.

  1. Weamfox

    Weamfox Guest

    Dear Friends,

    Through my researches and my studies I tried to understand the DHCP Server
    client conversation in Windows Server 2003 environment and I'm little bit
    lost here.

    Now, According to this table that is listed on Microsoft web page
    http://support.microsoft.com/kb/169289

    Source Dest Source Dest
    Packet
    MAC addr MAC addr IP addr IP addr
    Description
    ------------------------------------------------------------------------------------------------------
    Client Broadcast 0.0.0.0 255.255.255.255 DHCP
    Discover
    * DHCPsrvr Broadcast DHCPsrvr 255.255.255.255 DHCP Offer
    Client Broadcast 0.0.0.0 255.255.255.255 DHCP
    Request
    ** DHCPsrvr Broadcast DHCPsrvr 255.255.255.255 DHCP ACK


    I have some questions regarding the DHCP conversation manner.
    The DHCP server sends a Broadcast MSG offering the IP address to the client
    (*) and at the end it sends AGAIN a Broadcast MSG to acknowledge the IP
    address that's been offered (**).

    Now, my questions are :-

    1) I understand that the Client is sending a broadcast message because it
    doesn't know any concrete DHCP server in order to request an IP address, but
    why the DHCP sends also a broadcast message to the client (*) (**)?

    2) Let's agree that the DHCP server is broadcasting its offer, what happen
    if there is more than one client (lets say 50 or more) is getting same IP
    address that's suppose to be offered to a concrete client at the same time?
    Doesn't this make a high traffic in the network making all the clients go
    back and forth with the DHCPNACK, DHCPDECLINE and the DHCPACK?????
    NOTE: I understand that the client sends an ARP request with the offered
    IP address if it gets a reply that means that this IP address is in use and
    the client sends DHCPDECLINE, this is from the CLIENT side but what about
    the server side and the whole network?? :-s

    3) Why don't the DHCP server cuts the crap and use the client MAC address to
    send the DHCPOFFER and the DHCPACK instate of broadcasting to all clients?
    PLEASE NOTE : That the MAC address is in the second layer (Data Link layer)
    in the OSI model while the IP address is in the third layer (Network layer)
    which make it more reasonable for the DHCP server to use the the MAC address
    of the client that is requesting the service to send him the IP address
    instate of BROADCASTING the DHCPOFFER and the DHCPACK and making high
    traffic.

    I'm sorry for make it long but I think that the subject is worth it....

    Yours,
    Weamfox
     
    Weamfox, Mar 1, 2008
    #1
    1. Advertising

  2. Weamfox

    Neil Guest

    did you hear "Weamfox" <> say in
    news::

    >
    > 1) I understand that the Client is sending a broadcast message because
    > it doesn't know any concrete DHCP server in order to request an IP
    > address, but why the DHCP sends also a broadcast message to the client
    > (*) (**)?
    >


    OY! ok, who exactly would it be able to direct it to? Without the
    specified DHCP server, I shout to everyone on the network (subnet) that I
    can. This will go to all IPs that can acceptt it (255.255.255.255) and
    all MAC adresses as well (FFFFFFFFFFFF). Think of it from human
    perspectives. You walk into a pitch black room. If you aren't sure if
    there is anyone in the room, You shout "ANYBODY THERE?" you don't specify
    "hay Mike, are you there?". This is the DHCP DISCOVERY

    So, when the DHCP server hears this it now knows a little comething. The
    client (who doesn't yet have an IP address), has supplied it's MAC
    address to the DHCP server. BUT, since the client doesn't have an
    address, the DHCP server send the DHCP OFFER as a unicast, to the whole
    network (since client is unassigned it goes to IP of 255.255.255.255) but
    a specified MAC adress. From the human perspective, this is like the
    other guy in the dark room responding "Dave, is that you? It's me Tom"

    > 2) Let's agree that the DHCP server is broadcasting its offer, what
    > happen if there is more than one client (lets say 50 or more) is
    > getting same IP address that's suppose to be offered to a concrete
    > client at the same time? Doesn't this make a high traffic in the
    > network making all the clients go back and forth with the DHCPNACK,
    > DHCPDECLINE and the DHCPACK????? NOTE: I understand that the client
    > sends an ARP request with the offered IP address if it gets a reply
    > that means that this IP address is in use and the client sends
    > DHCPDECLINE, this is from the CLIENT side but what about the server
    > side and the whole network?? :-s
    >


    hold up, the DHCP server is simply listening. It's not continously
    offering out addresses left right and center. Each OFFER is associated
    with a specified MAC adress. There is actually an outside possibility
    that with 2 DHCP Servers on the same subnet, the client may be offered
    more than one address, but the DHCP servers will only offer one address
    per request. The client will pick which it will use. That's the part of
    the DHCP REQUEST.

    > 3) Why don't the DHCP server cuts the crap and use the client MAC
    > address to send the DHCPOFFER and the DHCPACK instate of broadcasting
    > to all clients? PLEASE NOTE : That the MAC address is in the second
    > layer (Data Link layer) in the OSI model while the IP address is in
    > the third layer (Network layer) which make it more reasonable for the
    > DHCP server to use the the MAC address of the client that is
    > requesting the service to send him the IP address instate of
    > BROADCASTING the DHCPOFFER and the DHCPACK and making high traffic.
    >


    Um, dude, read this...

    http://en.wikipedia.org/wiki/DHCP

    too much typing...

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

    - I feel much better now that I have given up Hope.
     
    Neil, Mar 1, 2008
    #2
    1. Advertising

  3. Weamfox

    Neil Guest

    did you hear "Weamfox" <> say in news:0FF41841-B797-
    :

    > I'm sorry for make it long but I think that the subject is worth it....


    If you REALLY want to see what's going on, get a copy of netmon etherreal
    or soemthing of that ilk, drop to a command prompt as the tool is running
    and do an IPCONFIG /RELEASE and an IPCONFIG /RENEW. View the results and
    you will see from teh DHCP DISCOVER, OFFER,REQUEST, and ACK what is
    really happening. Look at the IP addresses of each and teh MAC addresses
    of each. That will help you immensely.

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

    - When all else is lost, the future still remains.
     
    Neil, Mar 1, 2008
    #3
  4. Weamfox

    Weamfox Guest

    Hi Neil...
    I understand all what you said and I already been in wikipedia and already
    have seen whats written there but whats concerning me is:

    1) why the DHCP server (BROADCAST) the DHCPOFFER and the DHCPACK??? it
    already knows the client that is requesting the service from its MAC
    address??
    why not the DHCP server just sends its offer to the client that is
    requesting the service according to its MAC address??

    2) you said the (DHCP server send the DHCP OFFER as a unicast, to the whole
    network) but a specified MAC address.
    -How come it sends a UNICAST to the whole network????
    -How come it sends to the WHOLE network (based on the IP address) but a
    SPECIFIED MAC address????





    --------------------------------------------------------------------------------
    "Neil" <guess!!!@gmail.com> wrote in message
    news:Xns9A54AF046338Dneilmcsegmailcom@207.46.248.16...
    > did you hear "Weamfox" <> say in
    > news::
    >
    >>
    >> 1) I understand that the Client is sending a broadcast message because
    >> it doesn't know any concrete DHCP server in order to request an IP
    >> address, but why the DHCP sends also a broadcast message to the client
    >> (*) (**)?
    >>

    >
    > OY! ok, who exactly would it be able to direct it to? Without the
    > specified DHCP server, I shout to everyone on the network (subnet) that I
    > can. This will go to all IPs that can acceptt it (255.255.255.255) and
    > all MAC adresses as well (FFFFFFFFFFFF). Think of it from human
    > perspectives. You walk into a pitch black room. If you aren't sure if
    > there is anyone in the room, You shout "ANYBODY THERE?" you don't specify
    > "hay Mike, are you there?". This is the DHCP DISCOVERY
    >
    > So, when the DHCP server hears this it now knows a little comething. The
    > client (who doesn't yet have an IP address), has supplied it's MAC
    > address to the DHCP server. BUT, since the client doesn't have an
    > address, the DHCP server send the DHCP OFFER as a unicast, to the whole
    > network (since client is unassigned it goes to IP of 255.255.255.255) but
    > a specified MAC adress. From the human perspective, this is like the
    > other guy in the dark room responding "Dave, is that you? It's me Tom"
    >
    >> 2) Let's agree that the DHCP server is broadcasting its offer, what
    >> happen if there is more than one client (lets say 50 or more) is
    >> getting same IP address that's suppose to be offered to a concrete
    >> client at the same time? Doesn't this make a high traffic in the
    >> network making all the clients go back and forth with the DHCPNACK,
    >> DHCPDECLINE and the DHCPACK????? NOTE: I understand that the client
    >> sends an ARP request with the offered IP address if it gets a reply
    >> that means that this IP address is in use and the client sends
    >> DHCPDECLINE, this is from the CLIENT side but what about the server
    >> side and the whole network?? :-s
    >>

    >
    > hold up, the DHCP server is simply listening. It's not continously
    > offering out addresses left right and center. Each OFFER is associated
    > with a specified MAC adress. There is actually an outside possibility
    > that with 2 DHCP Servers on the same subnet, the client may be offered
    > more than one address, but the DHCP servers will only offer one address
    > per request. The client will pick which it will use. That's the part of
    > the DHCP REQUEST.
    >
    >> 3) Why don't the DHCP server cuts the crap and use the client MAC
    >> address to send the DHCPOFFER and the DHCPACK instate of broadcasting
    >> to all clients? PLEASE NOTE : That the MAC address is in the second
    >> layer (Data Link layer) in the OSI model while the IP address is in
    >> the third layer (Network layer) which make it more reasonable for the
    >> DHCP server to use the the MAC address of the client that is
    >> requesting the service to send him the IP address instate of
    >> BROADCASTING the DHCPOFFER and the DHCPACK and making high traffic.
    >>

    >
    > Um, dude, read this...
    >
    > http://en.wikipedia.org/wiki/DHCP
    >
    > too much typing...
    >
    > --
    > The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X
    >
    > - I feel much better now that I have given up Hope.
    >
     
    Weamfox, Mar 2, 2008
    #4
  5. Weamfox

    LRM Guest

    "Neil" <guess!!!@gmail.com> wrote in message
    news:Xns9A54AFA963F28neilmcsegmailcom@207.46.248.16...
    > did you hear "Weamfox" <> say in news:0FF41841-B797-
    > :
    >
    >> I'm sorry for make it long but I think that the subject is worth it....

    >
    > If you REALLY want to see what's going on, get a copy of netmon etherreal
    > or soemthing of that ilk, drop to a command prompt as the tool is running
    > and do an IPCONFIG /RELEASE and an IPCONFIG /RENEW. View the results and
    > you will see from teh DHCP DISCOVER, OFFER,REQUEST, and ACK what is
    > really happening. Look at the IP addresses of each and teh MAC addresses
    > of each. That will help you immensely.
    >

    Yeah, I couldn't find anything good on TV Saturday either....
     
    LRM, Mar 2, 2008
    #5
  6. Weamfox

    Neil Guest

    did you hear "LRM" <> say in news:e0ThQmHfIHA.5900
    @TK2MSFTNGP02.phx.gbl:

    > Yeah, I couldn't find anything good on TV Saturday either....


    Really? I quite enjoyed SNL. Hillary was on.

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

    - Zenocide: the killing of ancient philosophers.
     
    Neil, Mar 3, 2008
    #6
  7. Weamfox

    kpg* Guest

    Neil <guess!!!@gmail.com> wrote in news:Xns9A565B82749B9neilmcsegmailcom@
    207.46.248.16:

    > did you hear "LRM" <> say in news:e0ThQmHfIHA.5900
    > @TK2MSFTNGP02.phx.gbl:
    >
    >> Yeah, I couldn't find anything good on TV Saturday either....

    >
    > Really? I quite enjoyed SNL. Hillary was on.


    Yeah, but you live in Canadia.
     
    kpg*, Mar 3, 2008
    #7
  8. Weamfox

    Neil Guest

    did you hear "Weamfox" <> say in
    news::

    > Hi Neil...
    > I understand all what you said and I already been in wikipedia and
    > already have seen whats written there but whats concerning me is:
    >
    > 1) why the DHCP server (BROADCAST) the DHCPOFFER and the DHCPACK???
    > it already knows the client that is requesting the service from its
    > MAC address??
    > why not the DHCP server just sends its offer to the client that is
    > requesting the service according to its MAC address??
    >


    Think of it from the perspective of having multiple DHCP servers on the
    same subnet. If two DHCP servers make the offer, the client needs to pick
    one and then the selected server sends it's acknowledgement along with
    options to the client.

    > 2) you said the (DHCP server send the DHCP OFFER as a unicast, to the
    > whole network) but a specified MAC address.
    > -How come it sends a UNICAST to the whole network????
    > -How come it sends to the WHOLE network (based on the IP address) but
    > a SPECIFIED MAC address????
    >
    >


    Because there is no assigned IP address for the client yet, there are
    limited options for the server. It has to send it to all IP address
    (255.255.255.255) but knows of a specific MAC address.

    Seriously, grab a network sniffer, fire up a DHCP server and look at the
    packets. It's incredibly helpful. When I taught TCP/IP (NT 4 days) I
    would sometimes grab out the NETMON tool and go through a bit of it if
    the student was having an issue. It was also well taught in the NT in the
    Enterprise course (which spent WAY TOO much time in the NETMON tool).
    Ethereal would be a good tool to try. Learn it and love it.

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X


    - 'Bother,' said Pooh, as he took aim from behind the grassy knoll.
     
    Neil, Mar 3, 2008
    #8
  9. Weamfox

    Neil Guest

    did you hear "kpg*" <> say in
    news:Xns9A5651D36A48Dipostthereforeiam@207.46.248.16:

    > Yeah, but you live in Canadia.


    It's true, American politics are much funnier to Canadians. Canadian
    politcs just make me sad.

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

    - Remaining time multiplied by distress is a constant.
     
    Neil, Mar 3, 2008
    #9
  10. Weamfox

    kpg* Guest

    Neil <guess!!!@gmail.com> wrote in news:Xns9A5661E7AA401neilmcsegmailcom@
    207.46.248.16:

    > did you hear "kpg*" <> say in
    > news:Xns9A5651D36A48Dipostthereforeiam@207.46.248.16:
    >
    >> Yeah, but you live in Canadia.

    >
    > It's true, American politics are much funnier to Canadians. Canadian
    > politcs just make me sad.


    Yeah, Like all those problems you have with everyone wanting to speak
    a different lanugage! A county with two languages...you Candians are
    muy comico.
     
    kpg*, Mar 3, 2008
    #10
  11. Weamfox

    Neil Guest

    did you hear "kpg*" <> say in
    news:Xns9A565C5F29A1Aipostthereforeiam@207.46.248.16:

    >
    > Yeah, Like all those problems you have with everyone wanting to speak
    > a different lanugage! A county with two languages...you Candians are
    > muy comico.
    >


    feh, just 2? Wander downtown Toronto and you might get 32. Even in my
    backwater burb, offical documents at the hospigital are in English,
    French and Italian. WTF!?!?! I am still waiting for MY language to be
    officially recognized....gibberish...

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

    - Superoxymoron: Government worker
    (HEY! I resemble that!)
     
    Neil, Mar 3, 2008
    #11
  12. Weamfox

    Jtyc Guest

    > French and Italian. WTF!?!?! I am still waiting for MY language to be
    > officially recognized....gibberish...


    I thought it was babel?
     
    Jtyc, Mar 3, 2008
    #12
  13. Weamfox

    Neil Guest

    did you hear "Jtyc" <> say in news:#GpIMLYfIHA.536
    @TK2MSFTNGP06.phx.gbl:

    >> French and Italian. WTF!?!?! I am still waiting for MY language to be
    >> officially recognized....gibberish...

    >
    > I thought it was babel?


    Babel is the cousin of gibberish. They are very similar, but no, I speak
    gibberish. Kind of like spanish and portueges

    --
    The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

    - Love is the triumph of imagination over intelligence
     
    Neil, Mar 4, 2008
    #13
  14. HI,
    > 2) you said the (DHCP server send the DHCP OFFER as a unicast, to the
    > whole network) but a specified MAC address.
    > -How come it sends a UNICAST to the whole network????
    > -How come it sends to the WHOLE network (based on the IP address) but a
    > SPECIFIED MAC address????
    >

    You must here consider the TWO layers of communication :
    -Layer 2 Mac based
    -Laver 3 IP based
    During DHCP process , the DHCP server can not adress the client by IP (until
    the client is granted and has taken the ip).
    The server nows the MAC of the asking IP, so he can send the offer by
    specifying his MAC.

    Allthoug you must not forget IP is only useful with the underlying Layer2
    Mac space : My 'IP' wants to communicate with another 'IP', so my 'IP' does
    (arp) "hey another 'IP' , what is your MAC" (if it is not in my cache).
    jk
     
    Juergen Kluth, Mar 5, 2008
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. stefanoa
    Replies:
    2
    Views:
    695
    scott enwright
    Dec 30, 2003
  2. Replies:
    0
    Views:
    406
  3. Replies:
    5
    Views:
    491
    Whiskers
    Aug 19, 2006
  4. XeDigital
    Replies:
    5
    Views:
    744
    John R
    Mar 2, 2008
  5. Gib Bogle

    Re: Intresting Web site.

    Gib Bogle, Apr 14, 2010, in forum: NZ Computing
    Replies:
    2
    Views:
    304
    Frank Williams
    Apr 23, 2010
Loading...

Share This Page