Week 10 Preview: UDP and DHCP - savannahc502/SavC-TechJournal-NET215 GitHub Wiki

Information on this page may be paraphrased or copied from Champlain College materials. Avoid coping as you may be committing plagiarism. This is for note-taking and academic purposes only.

---

Two Possible Transport Layer Protocols:

• Transmission Control Protocol (TCP)
  • Provides ports for transport layer addressing
  • Guaranteers data will arrive completely and in order
  • Flow control handling using sliding windows
• User Datagram Protocol
  • Provides ports for transport layer addressing only
    • While TCP/IP and UDP are not the only layer four addressing protocol suites, they're the only widely implemented ones.

• Checksum optional, data is encapsulated
• TCP Header Comparison Diagram

UDP is designed to be simple and fast:

• While TCP is more reliable, that reliability requires more overhead/complexity = more time!
• UDP does not establish connections, you can lose data and transmissions are unreliable
  • Therefore, UDP is only utilized if reliability isn't the priority.

When to Use UDP:

• Performance is more important than completeness
  • Example: streaming does not require no disruptions and retransmissions are not needed
• The exchanges are short
• The application (layer seven) deals with reliability elsewhere
• The connection does not require the acknowledgment of flow control functionality
  • Conversely, TCP would be used when reliability and flow control are necessary to functionality, the the transference of files.

• TCP and UDP use the concepts of ports and sockets for virtual software addressing
  • Ports and sockets enable many applications to function simultaneously on a singular IP device

• Sent data is multiplexed for transmission using the same IP and physical connection
• Received data is de-multiplexed and passed to the appropriate application

• Source and Destinations port numbers are included in the TCP and UDP headers
  • 16-bit field allows for 65,535 possible ports
• Each port within an IP device identifies a particular software process
  • Therefore, de-multiplexing occurs with port numbers

IANA manages port-number assignments to ensure universal compatibility. The numbers are divided into three ranges:

• Well-known port numbers for common applications: 0-1023
• Registered port numbers for other applications: 1024-49151
• Private/Dynamic Port numbers used without IANA registration: 49152-65535
  • System admins could configure and change port numbers easily if they wanted to
• Ephemeral vs. System Ports

Ports and the Client-Server Model

• Clients initiate communication using TCP and UDP
  • Clients need to know the port number of the server process
• Servers must port numbers known by their clients
  • Well-known and registered port numbers must identify server processes
• Therefore, Clients send requests using the known server port number as the destination port number
  • Ex. requesting the web server of the machine with port 80

Client (Ephemeral) Ports

• As Servers reponsd to clients, the clients do not need a known port and can pick a random ephemeral port to include as the source port on the request

Socket: The overall identifier of a TCP/IP application process on a device is the combination of its IP Address and port number

• Notation: <IP Address>:<Port Number>
  • Website running on 41.199.222.3, the socket would be: 41.199.222.3:80

Socket Pair: Each connection is uniquely identified using the combination of the client socket and the server socket.

• For example, the server destination is 41.199.22.3:80 and the client source is 177.41.72.6:3022

Previous Notes:

• SYS 255 Class Notes on DHCP
• More SYS 255 DHCP Notes

The Discover Packet

• Client = no IP address, no known network
  • Clients sends out a packet with the Destination MAC of FF:FF:FF:FF:FF:FF (global layer 2 broadcast) and the Destination IP of 255.255.255.255 (global layer 3 broadcast)
  • Clients sends out the source MAC address, and the default Source IP 0.0.0.0
  • UDP 68 to 67

The Offer Packet

• The client does not have an IP address, so the server sends this packet using the MAC address from ARP. However, the proposed IP address for the client will be included in the destination of the IP header.
  • Other important information is included in the options section, like the IP address and mask, default router, DNS server, IP of DHCP, and more if necessary
  • The UDP port is 67 to 68

The Request Packet

• Client asking for the IP address -- still using broadcasting addresses and the 0.0.0.0 IP address because the obtaining of the IP is not yet complete
  • However, the DHCP identifier will be present now in options

The Acknowledge Packet

• DHCP sends the requested IP address to the client, stores the records in its database
• Proper IP addresses are set in the headers

• Depends on how frequently the clients join and leave the subnet (ie cafeteria vs. lab machines)

• OpCode: indicates whether the packet is a request or a reply
• Hardware Type: type of hardware address
• Hardware length: length of hardware address
• Hops: Used by relay agents to assist in finding a DHCP server
• Transaction ID: a random number to pair between DHCP requests and responses
• Seconds Elapsed: seconds since the client first requested an address from the DHCP server
• Flags: the types of traffic the DHCP client can accept (unicast, broadcast, etc.)
• Client IP address: the client's IP address
• Your IP address: The IP address offered by the DHCP server
• Server IP address: DHCP address
• Gateway IP address
• Client Hardware address (MAC)
• Server host name (optional)
• Boot file (optional)
• Options

• Many options for DHCP headers, however only the Message Type Option is required (option 53), of which there are eight choices above. (This is bc OpCode isn't enough to differentiate DORA).

• DHCP is an upper layer protocol (not layer 2 or 3)
• The addresses in DHCP are for DHCP operations and distinct fields from Layer 2 and Layer 3 addresses in packet

• Remember -- configured clients have no IP configuration
• Broadcasts are Layer 2 only though -- so, Layer 3 devices (routers, servers) can be configured as DHCP relays to pick up broadcasts and forward to the DHCP server
  • Can be used to connect DHCP request from one network to another

DHCP: Dynamic Host Protocol

• Used to dynamically (automatically) assign IP addresses to a host nad includes additional network configurations
  • A DHCP server runs a service to assign and track IP addresses on a given network(s)

The DHCP employs a connectionless service model using the User Datagram Protocol (UDP)

• It is implemented with two UDP port numbers for its operations which are the same for the older, similar BOOTP protocol
  • UDP port 67: destination port of a server
  • UDP port 68: used by the client contacting the DHCP server
    • Therefore, UDP does not use an ephemeral port

• Initialization is the DORA process (important for redundancy, confirmation/reliability, and protecting against spoofing)
• Renewal: Process for the client to request continued use (renewal) of its lease
  • Default renewal time value is 50% of the lease period
  • Client generates DHCPREQUEST messages as unicasts to the server that holds the lease
• Rebinding: If the client does not hear back from the original DHCP server, it will broadcast a request (rebind) to see if another DHCP server will let it use the same IP
  • Defaults to 87.5% of the lease period
  • Client sends the DHCPREQUEST messages as broadcasts from any DHCP server once the rebinding time is reached after lease expiration.