DHCP工作原理

 

动态 主机设置协议（Dynamic Host Configuration Protocol, DHCP）是一个局域网的 网络协议，使用UDP协议工作，主要有两个用途：给内部网络或 IP地址，给用户或者内部 网络管理员作为对所有 计算机作中央管理的手段。

DHCP客户机接入到网络以后，它会搜索 DHCP服务器，以便向DHCP服务器索取IP地址等信息，然而他们之间的通信方式，要看DHCP客户端是向DHCP服务器索取一个新的ip地址还是更新租约而有所不同。

1、以下情况会索取新的地址：

1、 该客户端是第一次扮演DHCP客户端的角色，也就是说，他是第一次向DHCP服务器索取IP地址

2、 该客户端原先所租用的IP地址已经被其他DHCP服务器收回病已经租给其他计算机了

3、 该客户端自己释放原先所租用的IP地址，并请求一个新的IP地址

4、 客户端更换了网卡

5、 客户端并移动到另一个网络

2、 DHCP客户端请求信的IP地址时，会与DHCP服务器之间会通过以下四个数据包来互相通信

1、 DHCPDISCOVER：DHCP客户端会先发送DHCPDISCOVER广播消息到网络来搜索一台能提供IP地址的DHCP服务器

2、 DHCPOFFER：当网络中的DHCP服务器接收到DHCP客户端的DHCPDISCOVER广播包以后，它会先检查自己的缓存，看有没有次DHCP客户端的记录，如果没有会检测保留选项，看有没有绑定，如果没有，那么它会在自己的地址池内选择一个合法的IP地址，通过广播方式传送给DHCP客户端，如果网络中有多台DHCP服务器接收到DHCP客户端的DHCPDISCOVER消息，并且都响应DHCP客户端，则客户端会从中挑选第一个收到的DHCPOFFER消息

3、 DCHPREQUEST：当DHCP客户端挑选好收到的DHCPOFFER消息后，它就利用广播发送一个DHCPREQUEST消息给DHCP服务器。

4、 DHCPACK：DHCP服务器收到DHCP客户端请求IP地址的DHCPREQUEST消息后，就会利用广播发出DHCPACK确认消息给DHCP客户端。DHCP客户端收到DHCPACK的消息后，就完成了IP地址的租用程序，这时候就可以开始利用这个IP地址与其他计算机通信了。

以下是客户端和服务器之间对话的摘要表，最后一列是数据包级的过程说明：

Source      Dest        Source     Dest              Packet

MAC addr    MAC addr    IP addr    IP addr           Description

-----------------------------------------------------------------

Client      Broadcast   0.0.0.0    255.255.255.255   DHCP Discover

DHCPsrvr    Broadcast   DHCPsrvr   255.255.255.255   DHCP Offer

Client      Broadcast   0.0.0.0    255.255.255.255   DHCP Request

DHCPsrvr    Broadcast   DHCPsrvr   255.255.255.255   DHCP ACK

DHCP 客户端和 DHCP 服务器之间的详细对话如下：

DHCPDISCOVER

客户端发送 DHCPDISCOVER 数据包。以下内容摘自网络监视器的捕获信息，显示了 DHCPDISCOVER 数据包中的 IP 和 DHCP 部分。在 IP 部分，可以看到 Destination 地址是 255.255.255.255，而 Source 地址是 0.0.0.0。DHCP 部分将数据包标识为 Discover 数据包，并使用网卡的物理地址在两处标识客户端。注意 CHADDR 字段和 DHCP 中的值：Client Identifier 字段是相同的。

IP:ID = 0x0; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 0 (0x0)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x39A6

IP:Source Address = 0.0.0.0

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:Discover            (xid=21274A1D)

DHCP:Op Code            (op)     = 1 (0x1)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags              (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP Discover

DHCP:Client-identifier       = (Type:1) 08 00 2b 2e d8 5e

DHCP:Host Name               = JUMBO-WS

DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

DHCP:End of this option field

                          

DHCPOFFER

DHCP 服务器通过发送 DHCPOFFER 数据包作出响应。在以下摘录捕获信息的 IP 部分中，Source 地址现在是 DHCP 服务器 IP 地址，而 Destination 地址是广播地址 255.255.255.255。DHCP 部分将数据包标识为 Offer。YIADDR 字段用服务器提供给客户端的 IP 地址填充。注意，CHADDR 字段仍然包含发出请求的客户端的物理地址。另外，在 DHCP Option Field 部分，可以看到由服务器随 IP 地址一起发送的各种选项。在这种情况下，服务器发送的是子网掩码、默认网关（路由器）、租约时间、WINS 服务器地址（NetBIOS 名称服务）和 NetBIOS 节点类型。

IP:ID = 0x3C30; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 15408 (0x3C30)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x2FA8

IP:Source Address = 157.54.48.151

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:Offer               (xid=21274A1D)

DHCP:Op Code            (op)     = 2 (0x2)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags              (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 157.54.50.5

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP Offer

DHCP:Subnet Mask             = 255.255.240.0

DHCP:Renewal Time Value (T1) = 8 Days, 0:00:00

DHCP:Rebinding Time Value (T2) = 14 Days, 0:00:00

DHCP:IP Address Lease Time = 16 Days, 0:00:00

DHCP:Server Identifier       = 157.54.48.151

DHCP:Router                  = 157.54.48.1

DHCP:NetBIOS Name Service    = 157.54.16.154

DHCP:NetBIOS Node Type       = (Length: 1) 04

DHCP:End of this option field

                          

DHCPREQUEST

客户端通过发送 DHCPREQUEST 响应 DHCPOFFER。在以下捕获信息的 IP 部分中，客户端的 Source 地址仍然是 0.0.0.0，数据包的 Destination 仍然是 255.255.255.255。由于客户端还没有从服务器收到可以开始使用所提供地址的确认，所以客户端仍然保留 0.0.0.0。由于可能有多个 DHCP 服务器已经作出响应，并可能预订了为客户端产生的 Offer，所以 Destination 地址仍然被广播出去。这使得其他 DHCP 服务器知道：它们可以释放已提供的地址，并将这些地址返回到可用地址池中。DHCP 部分将数据包标识为 Request，并使用 DHCP:Requested Address 字段确认所提供的地址。DHCP:Server Identifier 字段显示提供租约的 DHCP 服务器的 IP 地址。

IP:ID = 0x100; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 256 (0x100)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x38A6

IP:Source Address = 0.0.0.0

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:Request             (xid=21274A1D)

DHCP:Op Code            (op)     = 1 (0x1)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags             (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP Request

DHCP:Client-identifier       = (Type:1) 08 00 2b 2e d8 5e

DHCP:Requested Address       = 157.54.50.5

DHCP:Server Identifier       = 157.54.48.151

DHCP:Host Name               = JUMBO-WS

DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

DHCP:End of this option field

                          

DHCPACK

DHCP 服务器用 DHCPACK 响应 DHCPREQUEST，以此完成初始化周期。Source 地址是 DHCP 服务器 IP 地址，Destination 地址仍然是 255.255.255.255。YIADDR 字段包含客户端的地址，而 CHADDR 和 DHCP:Client Identifier 字段是发出请求的客户端中网卡的物理地址。DHCP Option 部分将数据包标识为 ACK。

IP:ID = 0x3D30; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 15664 (0x3D30)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x2EA8

IP:Source Address = 157.54.48.151

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:ACK                 (xid=21274A1D)

DHCP:Op Code            (op)     = 2 (0x2)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags              (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 157.54.50.5

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP ACK

DHCP:Renewal Time Value (T1) = 8 Days, 0:00:00

DHCP:Rebinding Time Value (T2) = 14 Days, 0:00:00

DHCP:IP Address Lease Time = 16 Days, 0:00:00

DHCP:Server Identifier       = 157.54.48.151

DHCP:Subnet Mask             = 255.255.240.0

DHCP:Router                  = 157.54.48.1

DHCP:NetBIOS Name Service    = 157.54.16.154

DHCP:NetBIOS Node Type       = (Length: 1) 04

DHCP:End of this option field

                          

如果客户端以前有 DHCP 分配的 IP 地址并且客户端被重新启动，则客户端将在特殊的 DHCPREQUEST 数据包中特定地请求以前租用过的 IP 地址。Source 地址是 0.0.0.0，Destination 地址是广播地址 255.255.255.255。Microsoft 客户端将用以前分配的地址填充 DHCP Option Field DHCP:Requested Address 字段。严格符合 RFC 的客户端将用请求的地址填充 CIADDR Field。对这两种情况 Microsoft DHCP 服务器都将接受。

IP:ID = 0x0; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 0 (0x0)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x39A6

IP:Source Address = 0.0.0.0

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:Request             (xid=2757554E)

DHCP:Op Code            (op)     = 1 (0x1)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 660034894 (0x2757554E)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags              (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP Request

DHCP:Client-identifier       = (Type:1) 08 00 2b 2e d8 5e

DHCP:Requested Address       = 157.54.50.5

DHCP:Host Name               = JUMBO-WS

DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

DHCP:End of this option field

                          

这时，服务器可能响应，也可能不响应。Windows NT DHCP 服务器的行为取决于所使用的操作系统版本以及其他因素，如超级作用域。如果服务器决定客户端仍然可以使用该地址，它将保持静默或对 DHCPREQUEST 发出 ACK。如果服务器决定客户端不能拥有该地址，它将发送 NACK。

IP:ID = 0x3F1A; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 16154 (0x3F1A)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x2CBE

IP:Source Address = 157.54.48.151

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:NACK                (xid=74A005CE)

DHCP:Op Code            (op)     = 2 (0x2)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 1956644302 (0x74A005CE)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags              (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP NACK

DHCP:Server Identifier       = 157.54.48.151

DHCP:End of this option field

                          

然后，客户端将开始发现进程，但 DHCPDISCOVER 数据包仍然尝试租用相同的地址。在许多情况下，tth 客户端将得到相同的地址，但也可能得不到。

IP:ID = 0x100; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 256 (0x100)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x38A6

IP:Source Address = 0.0.0.0

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

DHCP:Discover            (xid=3ED14752)

DHCP:Op Code            (op)     = 1 (0x1)

DHCP:Hardware Type      (htype) = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops               (hops)   = 0 (0x0)

DHCP:Transaction ID     (xid)    = 1053902674 (0x3ED14752)

DHCP:Seconds            (secs)   = 0 (0x0)

DHCP:Flags              (flags) = 0 (0x0)

DHCP:0............... = No Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your    IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name (sname) = <Blank>

DHCP:Boot File Name     (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field       (options)

DHCP:DHCP Message Type       = DHCP Discover

DHCP:Client-identifier       = (Type:1) 08 00 2b 2e d8 5e

DHCP:Requested Address       = 157.54.51.5

DHCP:Host Name               = JUMBO-WS

DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

DHCP:End of this option field

                          

客户端从 DHCP 服务器获得的 DHCP 信息中将有与该信息关联的租约时间。租约时间定义了对于 DHCP 分配的信息，客户端可以使用多久。当租约时间达到某个特殊时刻时，客户端将尝试更新其 DHCP 信息。

转载于:https://blog.51cto.com/bjwxjy/1160877