DHCP D.O.R.A question

dazerski

Hello,

I am reading the newest Cisco/Odom ICND1 book and on page 124 & 125, it is describing the DORA process of DHCP.

On page 124, it says that the first two messages in the DHCP are broadcast messages. The Discover & Offer part I am assuming. But when I look at the diagram on page 125 (Figure 5-15) it says only the first message (the Discover message) is a LAN Broadcast.

I am just confused on what they mean when they say "The first two messages are both IP broadcast messages".

Thank you for you help and time in advance!!


Dale

CiscoCerts

this one's got me stumped now too, from the diagram 5-15 it looks like only the first one is a broadcast. I think we need another text for reference. I hate misinformation! This isn't in the errata that's published either.

Pash

ddzierzek wrote:

Hello,

I am reading the newest Cisco/Odom ICND1 book and on page 124 & 125, it is describing the DORA process of DHCP.

On page 124, it says that the first two messages in the DHCP are broadcast messages. The Discover & Offer part I am assuming. But when I look at the diagram on page 125 (Figure 5-15) it says only the first message (the Discover message) is a LAN Broadcast.

I am just confused on what they mean when they say "The first two messages are both IP broadcast messages".

Thank you for you help and time in advance!!


Dale

Hi ddzierzek,

Please read this post:-

http://www.techexams.net/forums/viewtopic.php?t=31947

sprkymrk posted a direct rfc quote regarding this exact subject. My advice is always try and see these things for yourself by using a packet analyser.

Cheers,

tech-airman

ddzierzek wrote:

Hello,

I am reading the newest Cisco/Odom ICND1 book and on page 124 & 125, it is describing the DORA process of DHCP.

On page 124, it says that the first two messages in the DHCP are broadcast messages. The Discover & Offer part I am assuming. But when I look at the diagram on page 125 (Figure 5-15) it says only the first message (the Discover message) is a LAN Broadcast.

I am just confused on what they mean when they say "The first two messages are both IP broadcast messages".

Thank you for you help and time in advance!!


Dale

ddzierzek,

Disclaimer: I don't have the "Cisco/Odom ICND1 book" and am not currently pursuing CCENT certification.

When the term "broadcast" is used, there are two types of broadcasts: 1) Network Layer broadcast and 2) Datalink Layer broadcast. For Internet Protocol, the standard broadcast DESTINATION address is 255.255.255.255. For Ethernet, the broadcast DESTINATION address is FF:FF:FF:FF:FF:FF. You have to think of the DORA process in terms of encapsulation and decapsulation, as well as switch behavior with frames it receives.

So let's say you've got two computers, a client host and a server host. The client host is the DHCP client and the server host is the DHCP server. Let's call the client host PC and the DHCP server DHCP.

Now, when the PC is turned on, the NIC has a MAC address but no IP address. So the PC tries to "Discover" the DHCP server by sending out a "Discover" packet. In that packet, the destination IP address is 255.255.255.255 and source IP address of 0.0.0.0 (because the PC doesn't have an IP address yet). That Discover packet is encapsulated into an Data Link layer Ethernet Frame. That Ethernet Frame has a destination address of FF:FF:FF:FF:FF:FF and the source address of whatever the MAC address of the PC's nic is, let's call it PC:MA:CA:DD:RR:SS (I know this is not a valid MAC address). Now, since the destination address is FF:FF:FF:FF:FF:FF, the first switch that receives the frame will, by definition, send that frame out of every single switch port, except the switch port that received the frame. Since the switch doesn't know (from it's CAM table), who FF:FF:FF:FF:FF:FF is, it forwards the Discover packet out of every single switch port, except the switch port that received the frame. Let's say the DHCP server is directly connected to the switch. So the DHCP server first receives the Ethernet frame with the destination address of FF:FF:FF:FF:FF:FF (which by definition, means itself), and a source address of PC:MA:CA:DD:RR:SS. So when the DHCP server receives that Discover Packet, it replies to it by sending the Offer Packet. Since the DHCP server has no idea who was contacting them (since PC currently has an IP address of 0.0.0.0), the Offer packet has the destination address of 255.255.255.255. But the DHCP server remembered the MAC address of whoever it was trying to contact them, so the DHCP server sends out the Offer packet in a frame with a destination address of PC:MA:CA:DD:RR:SS and uses it's own source address of DH:CP:SE:RV:ER:MC (again, I know this is not a valid MAC address). So the Offer packet is sent from the DHCP server to the PC as a unicast not a broadcast. So the switch receives the frame from the DHCP server and forwards it to the PC which receives the Offer packet. Then the rest of the DHCP process of R and A occurs.

So that's why the "...the first two messages in the DHCP are broadcast messages..." refers to Network Layer IP broadcast messages (destination IP address of 255.255.255.255). Then "...only the first message (the Discover message) is a LAN Broadcast..." because only the Discover packet's frame had the Ethernet destination address of FF:FF:FF:FF:FF:FF (therefore a LAN broadcast) and the Offer packet's frame had the Ethernet destination address of PC:MA:CA:DD:RR:SS (therefore a LAN unicast).

I hope this helps.

hetty

http://www.inetdaemon.com/tutorials/lan/dhcp/process.shtml

dazerski

Great! Thank you for all the information everyone, I appreciate it. Tech-airman, great clarification, thank you for your time on your response. That helped me hear it in a perspective previously unknown to me.

I'll check out those links too!

Take care,
Dale



PS: I should have searched for that subject before I posted, I should've known that question had probably been asked somewhere before me LoL But thanks for everyone's time.