diff --git a/content/notes/11-DHCP.md b/content/notes/11-DHCP.md index c2a9c029d..9b3a71880 100644 --- a/content/notes/11-DHCP.md +++ b/content/notes/11-DHCP.md @@ -5,6 +5,8 @@ tags: - cosc301 --- +> [!DANGER] NEED TO STUDY + Address Assignment - First there was Reverse ARP (RARP) - Only IP address, no options for DNS etc. diff --git a/content/notes/11-DHCP.sync-conflict-20230404-164926-OX6NNIH.md b/content/notes/11-DHCP.sync-conflict-20230404-164926-OX6NNIH.md new file mode 100644 index 000000000..c2a9c029d --- /dev/null +++ b/content/notes/11-DHCP.sync-conflict-20230404-164926-OX6NNIH.md @@ -0,0 +1,142 @@ +--- +title: "11-DHCP" +tags: +- lecture +- cosc301 +--- + +Address Assignment +- First there was Reverse ARP (RARP) + - Only IP address, no options for DNS etc. +- Then the Bootstrap Protocol (BOOTP) + - Included concept of tagged options + - Useful for software like X-Terminals, + - Allow direct network booting + - Like RARP, constrained to single subnet, but perform at UDP/IP, instead of MAC layer + +> [!INFO] RARP +> given mac address it finds the ip address. the opposite of ARP + +> [!INFO] ARP +> we need arp because we need the data link layer protocol. so we need the destination mac address. this allows us to send ethernet frame to a MAC address + +> [!INFO] BOOTP + +DHCP +- Dynamic Host Configuration Protocol (DHCP) +- Compatible with BOOTP (uses same ports) +- Can efficiently use a shared pool of addresses +- IP addresses can be tied to MAC address, or client IP name +- Ubiquitous (at least in the IPv4 sense!) +- Limited to a single subnet, but routers can incorporate relay agents +- Successor: DHCPv6, less useful in IPv6 + +> [!INFO] DHCP +> more widely used. more compatible and generalised +> gives not only address. also tell you what is DNS server and gateway. +> ubiquitious +> radvd and slacc similar to DHCPv6 +> send broadcast message to network. the server takes these broadcast messages and returns and IP address, and the lease time of the address. broadcaster sends another messages to accept/reject the offer. this sequence of messages has a session ID + +Static vs. Dynamic +- Static address is assigned manually by system admin in the DHCP configuration file using the client’s MAC address + - Server machines’ addresses should be static +- Dynamically allocated addresses have a lease time period before they are re-assigned + - Dynamically allocated address can be assigned to the same client as it keeps a table of past IP addresses and their clients MAC addresses. + - Layer 3 (IP) change breaks existing connections if IP addresses change in a long session such as downloaders, terminal sessions + +> [!INFO] RFC +> docs of all protocols + +> [!INFO] +> static more stable +> dynamic susceptible to man in the middle attacks, from the gateway. + + +How DHCP Works +- Client broadcasts UDP request to 255.255.255.255 port 67 + - Routers can relay using a relay agent +- The first DHCP server may send an offering + - Corollary: there should usually only be one DHCP server in a subnet (broadcast zone) +- Offer can contain many types of options. + - Netmask, default router, DNS server, lease time, etc. + - https://tools.ietf.org/html/rfc2132 + +DHCP client/server source code +- https://github.com/samueldotj/dhcp-client +- https://www.oryxembedded.com/doc/dhcp__server_8c_sourc e.html +- https://github.com/isc-projects/dhcp + +Manual Assignment vs. DHCP +- Of course, you could do it manually. Why? + - PRO Protection against multiple/rogue DHCP servers! + - CON Change management + - PRO / CON: Better control, but bigger problems when mistakes are made, e.g., IP address clash +- DHCP is still fairly reliable. + - Short outages are generally unnoticeable + +Ad-hoc Assignment +- ZeroConf (Zero Configuration Networking) Link Local Addresses + - 169.254.0.0/16 + - Single subnet, no routing (no internet) +- Get an address by selecting an address and testing for duplicates +- Useful for ad-hoc networks, and unconfigured network devices +- Similar to the principle of IPv6 link local addresses + +Service Offerings +- Network configuration + - Current offerings like DHCP are suitable +- Service location and configuration + - Current offerings/support not enough +- E.g. name resolution service for ad-hoc network + - How to find a web proxy or email gateway in an institute? + - Should services should be resolved or searched based on Physical Location? Network Location? User? Class? Device? + +Ad-hoc Name Resolution +- IP traditionally lacks this + - Proprietary LAN-based protocols have supported it for years + - AppleTalk, NetBIOS +- Useful when infrastructure has no local knowledge (e.g. no DNS) +- In IP world: Multicast DNS (mDNS) + +Multicast DNS +- mDNS queries are the same as DNS, except queries are targeted at 224.0.0.251:5353 + - Queries are made under ‘.local’, so ‘.local’ should never be used for traditional DNS + - .local. + - Client resolvers must recognise .local queries + - Special treatment: not upstream DNS +- Also Microsoft’s LLMNR (Link-Local Multicast Name Resolution) + + +Service Discovery +- Locate the services we need automatically, or by browsing, searching/filtering or provisioning + - Indistinct services all behave the same way and can be assigned automatically + - Distinct services provide different behavior and need to browsed, searched, or provisioned +- Need to consider network context + - Operates within a specified network scope +- Many protocols were proposed for service discovery + - DNS-SD in Zero Configuration Networking, DHCP options, SLP, Directory Services like LDAP + +Well known service names +- http://wpad.domain/wpad.dat for Web proxy auto-configuration +- Other common names include smtp (or mail), pop3, imap, ftp, www, ns1, ns2, time + - These should be aliases, so they can be redirected to other machines easily +- Most useful for human-based configuration + +S.D. with DHCP +- DHCP has various, diverse options: Syslog, DNS, LPR, WINS, NTP, LDAP (!) + - Think carefully about security +- Requires client support, in DHCP client or application +- You can provision based on the machine or subnet, or a single group + +S.D. with DNS-SD +- Service (SRV) records specify service type, transport protocol, and the domain. +- _smtp._tcp.domain returns Priority, Weight, Port and Address of mail servers, for browsing. + - DNS Service Discovery (DNS-SD) allows for browsing service instances. + - Most commonly used with mDNS. +- Not suitable for very dynamic data in traditional DNS. Why? + +DNS-SD Example +- Examples taken from draft DNS-SD standard. +- What services are available on dns-sd.org? (provides a discovery starting point) dig +short -t any _services._dns-sd._udp.dnssd.org _ftp._tcp.dns-sd.org. _ssh._tcp.dns-sd.org. (and others...) +- What FTP services are available on dnssd.org? dig +short -t any _ftp._tcp.dnssd.org Apple\032QuickTime\032Files._ftp._tcp.d ns-sd.org. (and others...) \ No newline at end of file