DHCP (Dynamic Host Configuration Protocol) is a standardized network protocol. It is used in Internet Protocol networks for dynamic distribution of network configuration parameters, such as IP addresses for interfaces and services. A DHCP server can run on an operating system such as Linux or Windows and is used to distribute IP addresses automatically to the clients in the network. Since, DHCP server assigns IP addresses automatically to all systems, a system or network administrator does not need to assign IP addresses manually to every single machine in the network. DHCP is the best option for system or network administrator who are managing thousands of systems. The DHCP server stores the configuration information in a database that contains:
1) Valid TCP/IP configuration parameters for all clients on the network.
2) Valid IP addresses that are maintained in a pool for assignment to clients, as well as excluded addresses.
3) Reserved IP addresses associated with particular DHCP clients. This allows consistent assignment of a single IP address to a single DHCP client.
4) The lease duration, or the length of time for which the IP address can be used before a lease renewal is required.
DHCP server can provide configuration settings using the following methods:
1) Manual allocation (MAC address): DHCP identify the unique hardware address of each network card connected to the network and a constant configuration continually supplying each time the DHCP client makes a request to the DHCP server using that network device.
2) Dynamic allocation (address pool): DHCP server will assign an IP address from a pool of addresses for a period of time or lease, that is configured on the server or until the client informs the server that it doesn’t need the address anymore.
3) Automatic allocation: DHCP automatically assigns an IP address permanently to a device, selecting it from a pool of available addresses.
Installing DHCP (Centos)
1) Use the following command to install dhcp
# yum install dhcp
2) To edit the configuration file
# vi /etc/sysconfig/dhcpd
3) To Start the dhcp service
# service dhcpd start
4) To check the status
# service dhcpd start
Advantages
1) IP address management: It manages and assigns IP addresses without administrator intervention.
2) Centralized network client configuration: We can make changes for multiple clients just by changing the information in the data store.
3) Support of BOOTP clients
4) Support of local clients and remote clients
5) Network booting
6) Large network support
7) Detect unauthorized DHCP servers on the network.
8) Don’t need to keep a record of the IP addresses that you have assigned.
Disadvantages
1) Security issues
2) Failure: If there is a single DHCP server and it is not available, lease will not be requested or renewed.
3) Only some of the DHCP client implementations work properly with the DHCP Server in Windows Server 2003.
DHCP snooping
DHCP snooping is a layer 2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. It acts like a firewall between untrusted hosts and trusted DHCP servers. It is a series of techniques applied to improve the security of a DHCP infrastructure. The fundamental use case for DHCP snooping is to prevent unauthorized DHCP servers offering IP addresses to DHCP clients. Rogue DHCP servers are often used in man in the middle attacks or denial of service attacks for malicious purposes. However, the most common DoS scenario is an end-user plugging in a consumer-grade router at their desk, ignorant that the device they plugged in is a DHCP server by default.
If you need any further assistance please contact our support department.