十分详细的DHCP服务工作原理剖析

   以下内容摘自笔者最新出版的《深入理解计算机网络》一书,目前该书已在当当网、京东网和卓越网上可以正式预订了

当当网链接:http://product.dangdang.com/main/product.aspx?product_id=23166396

京东网链接:http://book.360buy.com/11165825.html

卓越网上的链接:

http://www.amazon.cn/%E6%B7%B1%E5%85%A5%E7%90%86%E8%A7%A3%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%BD%91%E7%BB%9C-%E7%8E%8B%E8%BE%BE/dp/B00B0S7LDU/ref=sr_1_1?s=books&ie=UTF8&qid=1358153421&sr=1-1

  在与读者的交流中,发现许多读者对DHCP服务的工作原理不是很清楚,如为什么DHCP服务报文不能穿越网关,在网络中有多台DHCP服务器时客户端到底该如何选择?各阶段的DHCP报文格式有哪些主要变化?DHCP客户端与DHCP服务器又是如何识别并建立通信的等。在此本文给出了具体介绍。

11.4.4 DHCP服务IP地址自动分配原理

  DHCP在提供服务时,DHCP客户端是以UDP 68号端口进行数据传输的,而DHCP服务器是以UDP 67号端口进行数据传输的。DHCP服务不仅体现在为DHCP客户端提供IP地址自动分配过程中,还体现在后面的IP地址续约和释放过程中。本节仅介绍DHCP客户端初次分配IP地址的过程。

   在整个DHCP服务器为DHCP客户端初次提供IP地址自动分配过程中,一共经过了以下四个阶段,利用了表11-10中的前四个报文:发现阶段(DHCP客户端在网络中广播发送DHCP DISCOVER请求报文,发现DHCP服务器,请求IP地址租约)、提供阶段(DHCP服务器通过DHCP OFFER报文向DHCP客户端提供IP地址预分配)、选择阶段(DHCP客户端通过DHCP REQUEST报文确认选择第一个DHCP服务器为它提供IP地址自动分配服务)和确认阶段(被选择的DHCP服务器通过DHCP ACK报文把在DHCP OFFER报文中准备的IP地址租约给对应DHCP客户端)。

DHCP客户端在获得了一个IP地址以后,就可以发送一个免费ARP请求探测网络中是否还有其它主机使用IP地址,来避免由于DHCP服务器地址池重叠而引发的IP冲突。以上四个阶段如图11-19所示,相当于DHCP客户端与DHCP服务器的四次握手过程。具体描述如下:

11-19  DHCP客户端从DHCP服务器获取IP地址的四个阶段

   (1)发现阶段:即DHCP客户端获取网络中DHCP服务器信息的阶段。在客户端配置了DHCP客户端程序(如在Windows系统中进行了如图11-16所示的配置)并启动后,以广播方式发送DHCP DISCOVER报文寻找网络中的DHCP服务器。示例如下。

    此广播报文采用传输层的UDP 68号端口发送(封装的目的端口为UDP 68号端口),经过网络层IP协议封装后,源IP地址为0.0.0.0(因为此时还没有分配IP地址),目的IP地址为255.255.255.255(有限广播IP地址)。如下是一个DHCP DISCOVER报文封装的IP报头示例,可以看到 Destination Address(目的地址)是 255.255.255.255,而 Source Address(源地址)是 0.0.0.0IP报头中的其它字段含义大家可以参见本书第77.3.4节相关内容。

IP:ID = 0x0; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 0 (0x0)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram  !---使用UDP传输层协议

IP:Checksum = 0x39A6

IP:Source Address = 0.0.0.0    !---源IP地址为0.0.0.0

IP:Destination Address = 255.255.255.255   !----目的IP地址为255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

   【经验之谈】在以上DHCP DISCOVER报文中IP报头中的目的地址(Destination Address)是255.255.255.255这个有限广播地址。这个有限广播地址就是代表任意一个IPv4子网的广播地址,当然是发送报文的主机所在的子网和DHCP服务器所在子网的广播地址,但因为此时DHCP客户端并不知道DHCP服务器所在的是哪个子网。下面所有其它DHCP报文中的255.255.255.255地址的含义也是一样的。

    至于IP报头中的源地址Source Address,由于当前DHCP客户端主机并未分配具体的IP地址,所以只能用具有任意代表功能的0.0.0.0地址来表示了。下面所有其它DHCP报文中指定的0.0.0.0地址的含义也是一样的。

    因为此时,DHCP客户端没有分配到IP地址,也不知道DHCP服务器或DHCP中继的IP地址,所以在DHCP DISCOVER报文中Ciaddr(客户端IP地址)、Yiaddr(被分配的DHCP客户端IP地址)、Siaddr(下一个为DHCP客户端分配IP地址的DHCP服务器地址)、GiaddrDHCP中继IP地址)这四个字段均为0.0.0.0,如下所示。另外,从中可以看到,在CHADDR字段和DHCP选项中Client Identifier字段中都标识了DHCP客户端网卡MAC地址。

DHCP:Discover           (xid=21274A1D)

DHCP:Op Code           (op)     = 1 (0x1)

DHCP:Hardware Type     (htype)  = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops              (hops)   = 0 (0x0)

DHCP:Transaction ID    (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds           (secs)   = 0 (0x0)

DHCP:Flags             (flags)  = 1 (0x1)   !---标志位置1,代表以广播方式发送

DHCP:1............... = Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your   IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay  IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name  (sname)  = <Blank>

DHCP:Boot File Name    (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field      (options)

DHCP:DHCP Message Type      = DHCP Discover   !---DHCP报文类型为DHCP Discover

DHCP:Client-identifier      = (Type:1) 08 00 2b 2e d8 5e

DHCP:Host Name              = JUMBO-WS    !---DHCP服务器主机名

DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

DHCP:End of this option field

 

   (2)提供阶段:即DHCP服务器向DHCP客户端提供预分配IP地址的阶段。网络中的所有DHCP服务器接收到客户端的DHCP DISCOVER报文后,都会根据自己地址池中IP地址分配的优先次序选出一个IP地址,然后与其它参数一起通过传输层的UDP 67号端口,在DHCP OFFER报文中以广播方式发送给客户端(目的端口是DHCP客户端的UDP 68号端口)。客户端通过封装在帧中的目的MAC地址(也就在DHCP DISCOVER报文中的CHADDR字段值)的比对来确定是否接收该帧。但这样一来,理论上DHCP客户端可能会收到多个DHCP OFFER报文(当网络中存在多个DHCP服务器时),但DHCP客户端只接受第一个到来的DHCP OFFER报文。

    DHCP OFFER报文经过IP协议封装后的源IP地址DHCP服务器自己的IP地址,目的地址仍是255.255.255.255广播地址,使用的协议仍为UDP。下面是一个DHCP OFFER报文的IP报头示例。

IP:ID = 0x3C30; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 15408 (0x3C30)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x2FA8

IP:Source Address = 157.54.48.151

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)

 

   在DHCP OFFER报文中,Ciaddr字段值仍为0.0.0.0,因为客户端仍没有分配到IP地址;Yiaddr字段已有值了,这是DHCP服务器为该客户端预分配的IP地址;因为此时仍没有得到客户端确认,所以Siaddr字段值仍为0.0.0.0;因为没有经过DHCP中继服务器,所以Giaddr字段值仍为0.0.0.0。另外,在 DHCP可选项部分,可以看到由服务器随 IP 地址一起发送的各种选项。在这种情况下,服务器发送的是子网掩码、默认网关(路由器)、租约时间、WINS 服务器地址(NetBIOS 名称服务)和 NetBIOS 节点类型。下面是一个DHCP OFFER报文示例。

DHCP:Offer              (xid=21274A1D)

DHCP:Op Code           (op)     = 2 (0x2)

DHCP:Hardware Type     (htype)  = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops              (hops)   = 0 (0x0)

DHCP:Transaction ID    (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds           (secs)   = 0 (0x0)

DHCP:Flags             (flags)  = 1 (0x1)

DHCP:1............... =  Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your   IP Address (yiaddr) = 157.54.50.5

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay  IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name  (sname)  = <Blank>

DHCP:Boot File Name    (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field      (options)

DHCP:DHCP Message Type      = DHCP Offer    !---DHCP报文类型为DHCP Offer

DHCP:Subnet Mask            = 255.255.240.0    !---所分配IP地址的子网掩码为255.255.240.0

DHCP:Renewal Time Value (T1) = 8 Days,  0:00:00   !---想要继续租约原来分配的IP地址,则提出续约申请的期限为8天

DHCP:Rebinding Time Value (T2) = 14 Days,  0:00:00  !---如果上次申请续约失败,再次申请绑定原来分配到的IP地址的期限为14天

DHCP:IP Address Lease Time  = 16 Days,  0:00:00   !---租约期限为16天,也就是DHCP客户端可使用此IP地址的最长时间为16天

DHCP:Server Identifier      = 157.54.48.151  !---DHCP服务器的IP地址为157.54.48.151

DHCP:Router                 = 157.54.48.1  !---默认网关IP地址为157.54.48.1

DHCP:NetBIOS Name Service   = 157.54.16.154  !---DNS服务器IP地址为157.54.16.154

DHCP:NetBIOS Node Type      = (Length: 1) 04

DHCP:End of this option field
   ( 3 )选择阶段:即 DHCP 客户端选择 IP 地址的阶段。如果有多台 DHCP 服务器向该客户端发来 DHCP OFFER 报文,客户端只接受第一个收到的 DHCP OFFER 报文,然后以广播方式发送 DHCP REQUEST 报文。在该报文的 Requested Address 选项中包含 DHCP 服务器在 DHCP OFFER 报文中预分配的 IP 地址,对应的 DHCP 服务器 IP 地址等。这样也就相当于同时告诉得其他 DHCP 服务器,它们可以释放已提供的地址,并将这些地址返回到可用地址池中。

 

   在DHCP OFFER报文封装的IP协议头部中,客户端的 Source Address仍然是 0.0.0.0,数据包的 Destination 仍然是 255.255.255.255。但在DHCP OFFER报文中CiaddrYiaddrSiaddrGiaddr 字段的地址均0.0.0.0,大家自己分析一下为什么,很简单的。下面是一个DHCP OFEER报文头部和DHCP OFFER报文示例。

 

IP:ID = 0x100; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 256 (0x100)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x38A6

IP:Source Address = 0.0.0.0

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)




DHCP:Request            (xid=21274A1D)

DHCP:Op Code           (op)     = 1 (0x1)

DHCP:Hardware Type     (htype)  = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops              (hops)   = 0 (0x0)

DHCP:Transaction ID    (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds           (secs)   = 0 (0x0)

DHCP:Flags             (flags)  = 1 (0x1)

DHCP:1............... = Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your   IP Address (yiaddr) = 0.0.0.0

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay  IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name  (sname)  = <Blank>

DHCP:Boot File Name    (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field      (options)

DHCP:DHCP Message Type      = DHCP Request

DHCP:Client-identifier      = (Type:1) 08 00 2b 2e d8 5e

DHCP:Requested Address      = 157.54.50.5

DHCP:Server Identifier      = 157.54.48.151

DHCP:Host Name              = JUMBO-WS

DHCP:Parameter Request List = (Length:7) 01 0f 03 2c 2e 2f 06

DHCP:End of this option field
   ( 4 )确认阶段:即 DHCP 服务器确认分配级 DHCP 客户端 IP 地址的阶段。某个 DHCP 服务器在收到 DHCP 客户端发来的 DHCP REQUEST 报文后,只有 DHCP 客户端选择的服务器会进行如下操作:如果确认将地址分配给该客户端,则以广播方式返回 DHCP ACK 报文;否则返回 DHCP NAK 报文,表明地址不能分配给该客户端。

 

   在DHCP 服务器发送的DHCP ACK报文的IP协议头部,Source Address DHCP 服务器IP地址,Destination Address仍然是广播地址255.255.255.255。在DHCP ACK报文中的Yiaddr字段包含要分配给客户端的IP地址,而ChaddrDHCP:Client Identifier字段是发出请求的客户端中网卡的MAC地址。同时在选项部分也会在DHCP OFFER报文中把所分配的IP地址的子网掩码、默认网关、DNS服务器、租约期、续约时间等信息加上。

 

IP:ID = 0x3D30; Proto = UDP; Len: 328

IP:Version = 4 (0x4)

IP:Header Length = 20 (0x14)

IP:Service Type = 0 (0x0)

IP:Precedence = Routine

IP:...0.... = Normal Delay

IP:....0... = Normal Throughput

IP:.....0.. = Normal Reliability

IP:Total Length = 328 (0x148)

IP:Identification = 15664 (0x3D30)

IP:Flags Summary = 0 (0x0)

IP:.......0 = Last fragment in datagram

IP:......0. = May fragment datagram if necessary

IP:Fragment Offset = 0 (0x0) bytes

IP:Time to Live = 128 (0x80)

IP:Protocol = UDP - User Datagram

IP:Checksum = 0x2EA8

IP:Source Address = 157.54.48.151

IP:Destination Address = 255.255.255.255

IP:Data:Number of data bytes remaining = 308 (0x0134)




DHCP:ACK                (xid=21274A1D)

DHCP:Op Code           (op)     = 2 (0x2)

DHCP:Hardware Type     (htype)  = 1 (0x1) 10Mb Ethernet

DHCP:Hardware Address Length (hlen) = 6 (0x6)

DHCP:Hops              (hops)   = 0 (0x0)

DHCP:Transaction ID    (xid)    = 556223005 (0x21274A1D)

DHCP:Seconds           (secs)   = 0 (0x0)

DHCP:Flags             (flags)  = 1 (0x1)

DHCP:1............... = Broadcast

DHCP:Client IP Address (ciaddr) = 0.0.0.0

DHCP:Your   IP Address (yiaddr) = 157.54.50.5

DHCP:Server IP Address (siaddr) = 0.0.0.0

DHCP:Relay  IP Address (giaddr) = 0.0.0.0

DHCP:Client Ethernet Address (chaddr) = 08002B2ED85E

DHCP:Server Host Name  (sname)  = <Blank>

DHCP:Boot File Name    (file)   = <Blank>

DHCP:Magic Cookie = [OK]

DHCP:Option Field      (options)

DHCP:DHCP Message Type      = DHCP ACK

DHCP:Renewal Time Value (T1) = 8 Days,  0:00:00

DHCP:Rebinding Time Value (T2) = 14 Days,  0:00:00

DHCP:IP Address Lease Time  = 16 Days,  0:00:00

DHCP:Server Identifier      = 157.54.48.151

DHCP:Subnet Mask            = 255.255.240.0

DHCP:Router                 = 157.54.48.1

DHCP:NetBIOS Name Service   = 157.54.16.154

DHCP:NetBIOS Node Type      = (Length: 1) 04

DHCP:End of this option field

 

    【说明】客户端在收到服务器返回的DHCP-ACK确认报文后,会以广播的方式发送免费ARP报文(该报文中,源IP地址和目标IP地址都是本机IP地址,源MAC地址是本机MAC地址,目的MAC地址是广播MAC地址),探测是否有主机使用服务器分配的IP地址,如果在规定的时间内没有收到回应,客户端才使用此地址。否则,客户端会发送DHCP DECLINE报文给DHCP服务器,并重新申请IP地址。

   如果网络中存在多个DHCP服务器,除DHCP客户端选中的服务器外,其它DHCP服务器中本次未分配出的IP地址仍可分配给其他客户端。

本文出自 “王达博客” 博客,转载请与作者联系!

你可能感兴趣的:(王达,深入理解计算机网络)