Network Services Continued: DHCP and IPAM
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:04
>> Our next network service we'll take a look at is DHCP,
00:04
Dynamic Host Configuration Protocol.
00:04
This allows a client to come onto the network send out
00:04
a query and receive an IP address automatically.
00:04
Without DHCP, we would have to go to
00:04
each system and statically configure an IP address.
00:04
This automates our process and makes life much easier.
00:04
You can see on the screen,
00:04
a shot from windows where we've got the DHCP utility.
00:04
One of the most important things we have to think
00:04
about doing is setting up a scope.
00:04
A scope is a range of
00:04
IP addresses the DHCP server can issue.
00:04
I will have a scope between 1011100,
00:04
and 1011200 for instance.
00:04
Then DHCP would be able to issue
00:04
IP addresses anywhere in that range.
00:04
When I say DHCP will issue those addresses,
00:04
it doesn't give a client
00:04
IP addresses forever, ain't nothing free.
00:04
What DHCP does
00:04
>> is it leases an IP address to the client.
00:04
>> The typical lease is eight days.
00:04
It will release an address to a client for eight days.
00:04
If that client wants to renew their lease,
00:04
they can contact DHCP after four days and ask,
00:04
"Hey, can I continue my lease?"
00:04
And if DHCP is accessible,
00:04
it says, "Sure."
00:04
If not, the client will try again and again.
00:04
If it can't contact the DHCP server,
00:04
the entire process just starts over.
00:04
We'll talk about what that leasing process
00:04
is in just a second.
00:04
You can also reserve IP addresses for specific servers.
00:04
When you reserve an IP address,
00:04
let's say I have a file server and I'd like
00:04
that file server to always have the same IP address,
00:04
I can create a reservation for that file server,
00:04
enter its MAC address.
00:04
That way when that file server comes online
00:04
to get an IP address from DHCP,
00:04
based on its MAC,
00:04
it will be given that specific reserved IP address.
00:04
I can also exclude IP addresses from the range.
00:04
Maybe I'm going to give out IP addresses
00:04
>> from 1011100 to 1011200 but 101150 is
00:04
>> a print server that I want to assign manually.
00:04
I can just exclude from that range and
00:04
101150 won't be given to any other device.
00:04
I'll have to manually configure the print server.
00:04
With reservations,
00:04
a specific IP address is given to a specific host.
00:04
With exclusions,
00:04
the IP address is removed from the range,
00:04
and that requires the administrator to
00:04
manually assign that address.
00:04
Sometimes exclusions are better.
00:04
If you have really critical servers,
00:04
it's best to just statically assign an IP address.
00:04
Some services require that you do,
00:04
but also if you have
00:04
a really critical server and you think about what would
00:04
happen if DHCP is down
00:04
and I couldn't access that critical server,
00:04
that could really be a problem.
00:04
When you have those really important
00:04
servers on the network,
00:04
it's probably just better to go ahead and give them
00:04
a static address and
00:04
>> exclude the address from that range.
00:04
>> I mentioned the leasing process just a few minutes ago.
00:04
Let's go ahead and look at this.
00:04
You can remember the DHCP lease process through DORA;
00:04
Discover, Offer, Request, Acknowledge.
00:04
The way the discover process
00:04
works is when a client comes online,
00:04
it sends out a broadcast message that basically says,
00:04
"Hey, is anybody out there?
00:04
DHCP server?"
00:04
Every DHCP server that
00:04
here's the query, responds and says,
00:04
"I'm a DHCP server and here's an IP address for you."
00:04
The client is going to request
00:04
the first IP address that it received as an offer.
00:04
Then that DHCP server is
00:04
going to come back and acknowledge the client has
00:04
been offered an IP address and it's
00:04
going to remove the IP address from its scope.
00:04
That's the DORA process.
00:04
There are a couple little things to note here.
00:04
First of all, to start
00:04
the discover message is a broadcast.
00:04
There are some devices that don't allow broadcasts
00:04
to pass, specifically routers.
00:04
We'll talk in a later chapter about what routers
00:04
are and some of the peculiarities of them.
00:04
But one of the things a router does is lock broadcasts.
00:04
There are some broadcasts you don't want
00:04
to go through your entire network.
00:04
You might want some broadcasts
00:04
limited to certain segments,
00:04
a router does that for us.
00:04
But if I'm trying to get an IP address
00:04
on the other side of a router,
00:04
then my broadcast is going to be blocked.
00:04
There are a couple of things we can do about this.
00:04
There's something called a DHCP relay agent,
00:04
which is a kind of service you install on
00:04
the router that will afford those DHCP requests.
00:04
There are also certain routers referred to as
00:04
RFC 1542 compliant routers.
00:04
You can also hear them referred to as boot P routers.
00:04
These will also forward
00:04
those discover messages from clients.
00:04
The next service we look at is called
00:04
IPAM, IP address management.
00:04
We may be in an environment that has
00:04
multiple locations throughout the world.
00:04
We may have thousands and thousands of hosts.
00:04
When you start to work with a very large organization,
00:04
becomes very challenging to
00:04
keep up with all your network segments,
00:04
the IP addresses, and
00:04
any sort of naming resolution issues.
00:04
There are a series of software tools that will assist
00:04
you with determining what IP addresses are in use,
00:04
whether or not they're being fully utilized,
00:04
and any sort of issues that might
00:04
have with your DHCP server scope.
00:04
You could also even use it with
00:04
incident response because it's
00:04
able to detect the IP addresses that are being used.
00:04
That's going to bring us to the end of the services.
00:04
We looked at DNS,
00:04
DNS for name resolution,
00:04
and determining where services are.
00:04
We looked at DHCP for automatic IP address assignment.
00:04
Then we looked at IPAM as a means of managing
00:04
a more complex environment and keeping
00:04
track of IP address scopes and names as well.
Up Next
Similar Content
