Re: Understanding the DHCP Server Client conversation (very intresting subject)

Hi Neil...
I understand all what you said and I already been in wikipedia and already have seen whats written there but whats concerning me is:

1) why the DHCP server (BROADCAST) the DHCPOFFER and the DHCPACK??? it already knows the client that is requesting the service from its MAC address??
why not the DHCP server just sends its offer to the client that is requesting the service according to its MAC address??

2) you said the (DHCP server send the DHCP OFFER as a unicast, to the whole network) but a specified MAC address.
-How come it sends a UNICAST to the whole network????
-How come it sends to the WHOLE network (based on the IP address) but a SPECIFIED MAC address????





--------------------------------------------------------------------------------
"Neil" <guess!!!@xxxxxxxxx> wrote in message news:Xns9A54AF046338Dneilmcsegmailcom@xxxxxxxxxxxxxxxx
did you hear "Weamfox" <weamfox@xxxxxxxxxxx> say in
news:0FF41841-B797-412C-A2B1-44D61270CF3E@xxxxxxxxxxxxx:


1) I understand that the Client is sending a broadcast message because
it doesn't know any concrete DHCP server in order to request an IP
address, but why the DHCP sends also a broadcast message to the client
(*) (**)?


OY! ok, who exactly would it be able to direct it to? Without the
specified DHCP server, I shout to everyone on the network (subnet) that I
can. This will go to all IPs that can acceptt it (255.255.255.255) and
all MAC adresses as well (FFFFFFFFFFFF). Think of it from human
perspectives. You walk into a pitch black room. If you aren't sure if
there is anyone in the room, You shout "ANYBODY THERE?" you don't specify
"hay Mike, are you there?". This is the DHCP DISCOVERY

So, when the DHCP server hears this it now knows a little comething. The
client (who doesn't yet have an IP address), has supplied it's MAC
address to the DHCP server. BUT, since the client doesn't have an
address, the DHCP server send the DHCP OFFER as a unicast, to the whole
network (since client is unassigned it goes to IP of 255.255.255.255) but
a specified MAC adress. From the human perspective, this is like the
other guy in the dark room responding "Dave, is that you? It's me Tom"

2) Let's agree that the DHCP server is broadcasting its offer, what
happen if there is more than one client (lets say 50 or more) is
getting same IP address that's suppose to be offered to a concrete
client at the same time? Doesn't this make a high traffic in the
network making all the clients go back and forth with the DHCPNACK,
DHCPDECLINE and the DHCPACK????? NOTE: I understand that the client
sends an ARP request with the offered IP address if it gets a reply
that means that this IP address is in use and the client sends
DHCPDECLINE, this is from the CLIENT side but what about the server
side and the whole network?? :-s


hold up, the DHCP server is simply listening. It's not continously
offering out addresses left right and center. Each OFFER is associated
with a specified MAC adress. There is actually an outside possibility
that with 2 DHCP Servers on the same subnet, the client may be offered
more than one address, but the DHCP servers will only offer one address
per request. The client will pick which it will use. That's the part of
the DHCP REQUEST.

3) Why don't the DHCP server cuts the crap and use the client MAC
address to send the DHCPOFFER and the DHCPACK instate of broadcasting
to all clients? PLEASE NOTE : That the MAC address is in the second
layer (Data Link layer) in the OSI model while the IP address is in
the third layer (Network layer) which make it more reasonable for the
DHCP server to use the the MAC address of the client that is
requesting the service to send him the IP address instate of
BROADCASTING the DHCPOFFER and the DHCPACK and making high traffic.


Um, dude, read this...

http://en.wikipedia.org/wiki/DHCP

too much typing...

--
The InterNeil "V2 w/tabbed browsing & decreased verbosity" MCNGP Triple X

- I feel much better now that I have given up Hope.

.

Relevant Pages

  • Re: mac address issue
    ... mac address that was different in some way that just resulted in the DHCP ... Sounds like the client is sent our a DHCP request, ... your DHCP server is replying with an offer, but the client is sending back ... Modeled after the famous Black Hat event ...
    (Security-Basics)
  • Re: Mac Hostname on Network
    ... hostnames to the names of random Windows PCs on the network. ... it looks for a DHCP server, specifying its own name as the DHCP Client ... Along comes your Mac and asks the DHCP server for an IP address. ... name assigned by the network as its hostname. ...
    (comp.sys.mac.system)
  • Re: Network Security
    ... >>I've been tasked to protect out network from unwanted clients ... > configure the DHCP server to only give out addresses to specific MAC ... > that says no visiting computers. ... >>not 'known' to us then we can stop it getting an IP from the DHCP server? ...
    (linux.redhat)
  • RE: Cain & Able man in the middle attack
    ... any client port can have to 2 or less is the best way to stop APR attacks ... If you are trying to secure your client machine against APR and you don't ... own the network, your best bet is to use a static ARP entry (arp -s IP MAC) ...
    (Pen-Test)
  • Re: network vs NetworkManger services ??
    ... Getting back to network manager, there's two basic ways you can expect ... If you have a DHCP server on the network, ... it is possible for a DHCP client to have ... overriding local configuration, but network manager doesn't seem to ...
    (Fedora)
Loading