DHCP stands for Dynamic Host Configuration Protocol. DHCP is used to quickly and automatically allocate unique IP addresses to devices, allowing them to access network services. As well as assigning unique IP addresses to hosts, DHCP also provides other network configuration at the same time, including subnet mask, default gateway and DNS address. This article will explain DHCP in more detail, including DHCP servers, and the four unique stages of the DHCP process.
Why do we need DHCP?
You may have never heard of DHCP, but we guarantee that if you use computers, it has already made your life a whole lot easier. For computers to work over any network, each one will need its own unique IP address. Without an IP address, data and communications can’t be routed accurately, and the wrong traffic could end up in the wrong place. That’s why a prerequisite for connecting to the network is a machine having a unique IP. Of course, we could assign IP addresses manually to each machine, which would be fine for a home network, but in a business environment with hundreds or even thousands of endpoints, this could get confusing – fast.
Instead of this huge manual effort, DHCP works behind the scenes as a protocol that automatically assigns IP addresses. This is done using a DHCP server, found either on a router, or on a server in enterprise environments. As soon as you turn on your computer, four steps kick into action.
The four steps of DHCP
There are four discrete steps in the DHCP process, all of which happen behind the scenes without you or your user even noticing. The process uses a traditional client-server architecture, where the DHCP server can be both the client and the server. It uses UDP ports for this, with the client using port 68 and the server using port 67. Here are the four steps in more detail:
- Step 1 – DHCP Discover: Your computer turns on, and it needs an IP address to connect to the network. It immediately begins looking for a DHCP server.
- Step 2 – DHCP Offer: It’s found the server, and the server makes an offer of an IP address to the computer or host.
- Step 3 – DHCP Request: The host will now accept the offer from the DHCP server. If it is offered more than one, it’s a case of first come, first accepted.
- Step 4 – DHCP Acknowledgement: Transaction complete. The DHCP server sends the IP address, alongside the other parameters, such as the subnet mask and DNS server to the host.
Understanding DHCP lease times
Each IP address does not belong to the computer indefinitely. In fact, alongside the IP address, the DHCP server will send an expiration date called a lease time, which explains when the host either needs to renew the address, or see it returned to the DHCP server. This might seem like an additional step that’s unnecessary, but actually it prevents IP addresses being wasted if a computer is discontinued, breaks, or is simply turned off and placed in a storage cupboard.
What are the benefits and also the disadvantages of DHCP?
First, let’s think about all the great things about DHCP, and why this network configuration protocol could be helpful to IT professionals.
Of course, DHCP is really easy to implement. Automatically assigning IP addresses means you never have to worry about them being inaccurate, and you can save a lot of resource investment and overhead for network admins, who would otherwise need to manually assign and manage IPs. You won’t have to worry about duplicate IPs or any conflict between two or more IPs either. If a change in the network is detected, the four stages simply begin, which means even for laptops or mobile devices that move in and out of the office network, IPs are always available and secure.
Disadvantages of relying on DHCP are mainly down to security considerations. For example, if you only have one DHCP server in your network, then if this server goes down, computers won’t be able to access the network. This can be alleviated by setting up a failsafe or ensuring that you have multiple DHCP servers so that one can back-up the other in case of an emergency.
DHCP does not authenticate the client before offering an IP address, which means that any new machine or computer can theoretically join the network. If used maliciously, this means that unauthorized clients could flood the system with a type of DDoS attack where they continually request IP addresses to impact performance, or access the network and access sensitive information like the IP of the DNS server. There’s more information about DHCP attacks here.
Because of the lack of authentication involved in DHCP protocol usage, it’s therefore really important to implement strong physical and wireless security protocols around the use of DHCP for network security. You can do this with:
- User access policies: Enforce tight IAM rules around who can access the network and block anyone who doesn’t fit these policies.
- Audit logging: Ensure that you are logging all activity on the network, allowing you to spot early signs of misuse.
- Admin access: Restrict access to Netsh commands or the DHCP console to only a few people who really need this clearance.
- Physical security: Create tight physical security processes to stop anyone unauthorized accessing the routers or servers themselves.
We hope this article about DHCP has been useful, and given you a quick beginners overview to what the protocol is, how it works, and how you can use it to your best advantage as an IT professional!
See Atera in Action
RMM Software, PSA and Remote Access that will change the way you run your MSP Business