Network Services Continued: DHCP and IPAM
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:04
>> Our next network service we'll take a look at is DHCP,
00:04
Dynamic Host Configuration Protocol.
00:04
This allows a client to come onto the network,
00:04
send out a query,
00:04
and receive an IP address automatically.
00:04
Without DHCP, we would have to go to
00:04
each system and statically configure an IP address.
00:04
This automates that process and makes life much easier.
00:04
You can see on the screen a shot from windows,
00:04
where we've got the DHCP utility.
00:04
One of the most important things we have to think
00:04
about doing is setting up a scope.
00:04
A scope is a range of
00:04
IP addresses the DHCP server can issue.
00:04
I may have a scope between
00:04
10.1.1.100 and 10.1.1.200 for instance.
00:04
Then DHCP would be able to issue
00:04
IP addresses anywhere in that range.
00:04
When I say DHCP will issue those addresses,
00:04
it doesn't give a client
00:04
IP addresses forever. Ain't nothing free.
00:04
What DHCP does is it leases an IP address to the client.
00:04
The typical lease is eight days.
00:04
It will lease an address to a client for eight days.
00:04
If that client wants to renew their lease,
00:04
they can contact DHCP after four days and ask,
00:04
hey, can I continue my lease?
00:04
If DHCP is accessible, it says sure.
00:04
If not, the client will try again and again.
00:04
If it can't contact the DHCP server,
00:04
the entire process just starts over.
00:04
We'll talk about what that leasing process
00:04
is in just a second.
00:04
You can also reserve IP addresses for specific servers.
00:04
When you reserve an IP address,
00:04
let's say I have a file server and I'd like
00:04
that file server to always have the same IP address.
00:04
I can create a reservation for that file server,
00:04
enter its MAC address.
00:04
That way when that file server comes online to get
00:04
an IP address from DHCP based on its MAC,
00:04
it will be given that specific reserved IP address.
00:04
I can also exclude IP addresses from the range.
00:04
Maybe I'm going to give out IP addresses
00:04
from 10.1.1.100 to 10.1.1.200.
00:04
But 10.1.1.150 is a print server
00:04
that I want to assign manually.
00:04
I can just exclude from that range and
00:04
10.1.1.150 won't be given to any other device.
00:04
I'll have to manually configure the print server.
00:04
With reservations,
00:04
a specific IP address is given to a specific host.
00:04
With exclusions,
00:04
the IP address is removed from the range,
00:04
and that requires the administrator to
00:04
manually assign that address.
00:04
Sometimes exclusions are better,
00:04
if you have really critical servers,
00:04
it's best to just statically assign an IP address.
00:04
Some services require that you do.
00:04
But also if you have a really
00:04
critical server and you think about what would
00:04
happen if DHCP is down
00:04
and I couldn't access that critical server.
00:04
That could really be a problem.
00:04
When you have those really important
00:04
servers on the network,
00:04
it's probably just better to go ahead and give them
00:04
a static address and exclude the address from that range.
00:04
I mentioned the leasing process just a few minutes ago.
00:04
Let's go ahead and look at this.
00:04
You can remember the DHCP lease process through DORA.
00:04
Discover, Offer, Request, Acknowledge.
00:04
The way the discover process
00:04
works is when a client comes online,
00:04
it sends out a broadcast message that basically says,
00:04
hey, is anybody out there, DHCP server.
00:04
Every DHCP server that hears the query responds and says,
00:04
I'm a DHCP server,
00:04
and here's an IP address for you.
00:04
Now, the client is going to request
00:04
the first IP address that it received as an offer,
00:04
then that DHCP server is going to come back
00:04
and acknowledge the client has
00:04
been offered an IP address.
00:04
It's going to remove the IP address from its scope.
00:04
That's the DORA process.
00:04
Now, there are a couple of little things to note here.
00:04
First of all, to start
00:04
the discover message is a broadcast.
00:04
There are some devices that don't allow broadcasts
00:04
to pass, specifically routers.
00:04
We'll talk in a later chapter about what routers
00:04
are and some of the peculiarities of them.
00:04
But one of the things a router does is lock broadcasts.
00:04
There are some broadcasts that you don't want
00:04
to go through your entire network.
00:04
You might want some broadcasts
00:04
limited to certain segments.
00:04
Router does that for us.
00:04
But if I'm trying to get an IP
00:04
address on the other side of
00:04
a router then my broadcast is going to be blocked.
00:04
There are a couple of things we can do about this.
00:04
There's something called a DHCP relay agent,
00:04
which is a service you install on the router
00:04
that will forward those DHCP requests.
00:04
There are also certain routers referred to as
00:04
RFC 1542 compliant routers.
00:04
You can also hear them referred to as boot PE routers.
00:04
These will also forward
00:04
those discover messages from clients.
00:04
Alright. The next service we look at is
00:04
called IPAM, IP Address Management.
00:04
We may be in an environment that has
00:04
multiple locations throughout the world.
00:04
We may have thousands and thousands of hosts.
00:04
When you start to work with a very large organization,
00:04
it becomes very challenging
00:04
to keep up with all your network segments,
00:04
The IP addresses, and any naming resolution issues.
00:04
There are a series of software tools that will assist
00:04
you with determining what IP addresses are in use,
00:04
whether or not they're being fully utilized and
00:04
any issues that you might have
00:04
with your DHCP server or scope.
00:04
You could also even use it with
00:04
incident response because it's
00:04
able to detect the IP addresses that are being used.
00:04
That's going to bring us to the end of the services.
00:04
We looked at DNS,
00:04
DNS for rename resolution,
00:04
and determining where services are.
00:04
We looked at DHCP for automatic IP address assignment,
00:04
and then we looked at IPAM as a means of managing
00:04
a more complex environment and keeping
00:04
track of IP address scopes and names as well.
Up Next
Similar Content
