DHCP process, Unicast vs broadcast?

FrankGuthrieFrankGuthrie Member Posts: 245
So if I understand this correctly we see the following happening when DHCP is at play.

There are 4 steps:
DHCP Discover
DHCP Offer
DHCP Request
DHCP ACK

When an decive request an DHCP which did not have an IP before it look like this:
DHCP Discover - Broadcast
DHCP Offer - Broadcast
DHCP Request - Broadcast
DHCP ACK - Broadcast


When an decive request an DHCP did have an IP before it look like this:
DHCP Discover - Broadcast
DHCP Offer - Unicast
DHCP Request - Broadcast
DHCP ACK - Unicast

Is this assumption correct?? Is there also a difference in what kind of device is requesting an IP? I've found some threads saying that an broadcast bit can be set, not sure what the use is to set this to broadcast or unicast? Why do you wnat devices to have that choice? Also is my assumption above correct?

If seen in a CBT nugget a 3rd option:
DHCP Discover - Broadcast
DHCP Offer - Unicast

DHCP Request - Unicast
DHCP ACK - Unicast

For this last one I have made/attached a screenshot:


So now I'm confused confused.gif

Comments

  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • FrankGuthrieFrankGuthrie Member Posts: 245
    Hondabuff wrote: »


    Eeeh, or you could just answer the question..... These video's did nothing to help.
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    This is the correct way to remember it for any IPv4 device requesting a address *see below*. In the DHCP offer there can be flags set to different options such as tftp option 150 for VOIP phones so they an download their config file and option 60/66 for WDS sever to allow PXE booting. In most production environments your DHCP lease will be less than 24 hours.

    DHCP Discover - Broadcast
    DHCP Offer - Unicast
    DHCP Request - Broadcast
    DHCP ACK - Unicast
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • FrankGuthrieFrankGuthrie Member Posts: 245
    But what about this:
    DHCP Discover - Broadcast
    DHCP Offer - Unicast
    DHCP Request - Unicast
    DHCP ACK - Unicast

    Was that an error made by the CBT trainer?
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    I can't remember off hand, but it would make sense that the 3rd step was a Unicast because by that point the client would at least know the address of the DHCP server making the offer - so why would it need to be another Broadcast?
  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    Something that I've found is that different DHCP servers will handle the Offer and ACK differently. The best way to see this in action is to run a wire trace while watching the DHCP traffic between a Cisco router handling it vs. a Microsoft DHCP service performing the same task.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • FrankGuthrieFrankGuthrie Member Posts: 245
    gorebrush wrote: »
    I can't remember off hand, but it would make sense that the 3rd step was a Unicast because by that point the client would at least know the address of the DHCP server making the offer - so why would it need to be another Broadcast?

    Yes to me that also makers sense, but in most documentation I only see the 2 option below:
    DHCP Discover - Broadcast
    DHCP Offer - Broadcast
    DHCP Request - Broadcast
    DHCP ACK - Broadcast

    AND:

    DHCP Discover - Broadcast
    DHCP Offer - Unicast
    DHCP Request - Broadcast
    DHCP ACK - Unicast

    Although I agree that when the Offer is done, the DHCP request can also be done in Unicast, as it is clear what device/IP is offering DHCP services....
    docrice wrote: »
    Something that I've found is that different DHCP servers will handle the Offer and ACK differently. The best way to see this in action is to run a wire trace while watching the DHCP traffic between a Cisco router handling it vs. a Microsoft DHCP service performing the same task.

    I was hoping for an answer, but you're right. I only have access to virtual (GNS3) routers/switches. I'll see what I can do.
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    As per below:

    DHCP Discover - Broadcast
    DHCP Offer - Unicast
    DHCP Request - Broadcast
    DHCP ACK - Unicast


    The discovery is broadcast, the offer is unicast and can come from multiple dhcp servers. The request is broadcast so other dhcp servers can see the request and cancel their offers. The Ack is unicast back to choosen server.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • FrankGuthrieFrankGuthrie Member Posts: 245
    EdTheLad wrote: »
    As per below:
    The request is broadcast so other dhcp servers can see the request and cancel their offers.

    This is gold. Just learned smething new, and it makes sense. Thank you for your insights :).
  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    Yep colour me corrected too.

    Makes perfect sense. Luckily you don't need to be an expert in DHCP for CCIE icon_smile.gif
  • JeanMJeanM Member Posts: 1,117
    EdTheLad wrote: »
    As per below:

    DHCP Discover - Broadcast
    DHCP Offer - Unicast
    DHCP Request - Broadcast
    DHCP ACK - Unicast


    The discovery is broadcast, the offer is unicast and can come from multiple dhcp servers. The request is broadcast so other dhcp servers can see the request and cancel their offers. The Ack is unicast back to choosen server.

    Thanks!
    2015 goals - ccna voice / vmware vcp.
  • KrusaderKrusader Member Posts: 109
    https://technet.microsoft.com/en-us/library/cc780760%28v=ws.10%29.aspx

    Technet says Microsoft DHCP service uses this method

    DHCP Discover - Broadcast
    DHCP Offer - Broadcast
    DHCP Request - Broadcast
    DHCP ACK - Broadcast

    2018 Goals
    AWS & Linux Knowledge
  • HondabuffHondabuff Member Posts: 667 ■■■□□□□□□□
    I stand corrected. Unicast on layer 2.
    1. The client sends DHCPDiscover. It is broadcast both in Layer 2 and Layer 3.
    2. The server replies with DHCPOffer. It's broadcast in Layer 3 but unicast in Layer 2.
    3. The client replies with DHCPRequest. It's broadcast in both Layers 2/3.
    4. The server sends DHCPAck. It's broadcast in Layer 3 but unicast in Layer 2.
    As you see, at Layer 3 all communication is broadcast. This makes sense as the client does not have an IP address. However, what many people overlook is both client and server have Layer 2 (i.e. MAC) addresses, so unicast communication is possible at Layer 2.

    At Layer 2, the client's messages are always broadcast, and those of the server's can be unicast or broadcast depending on how vendor implemented it.
    “The problem with quotes on the Internet is that you can’t always be sure of their authenticity.” ~Abraham Lincoln
  • FrankGuthrieFrankGuthrie Member Posts: 245
    Krusader wrote: »
    https://technet.microsoft.com/en-us/library/cc780760%28v=ws.10%29.aspx

    Technet says Microsoft DHCP service uses this method

    DHCP Discover - Broadcast
    DHCP Offer - Broadcast
    DHCP Request - Broadcast
    DHCP ACK - Broadcast


    That's true when the device has no IP, but when the DHCP lease is about toi end the following order is used to renew the SHCP lease:
    DHCP Discover - Broadcast
    DHCP Offer - Unicast
    DHCP Request - Broadcast
    DHCP ACK - Unicast

    At least that's how I understand it....
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    gorebrush wrote: »
    Luckily you don't need to be an expert in DHCP for CCIE icon_smile.gif

    Don't be so sure on that icon_smile.gif , if it's configurable its testable. I did alot of study on dhcp a while back, read up on option 82.
    Krusader wrote:
    Technet says Microsoft DHCP service uses this method

    I've only tested using Cisco as a dhcp server, so i cant say whats true regarding microsoft behavior, but it is possible the microsoft documentation is wrong if it's anything like cisco documentation.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • FrankGuthrieFrankGuthrie Member Posts: 245
    I've also read somewhere that Linux uses a different method then Windows, not sure how that works.
  • Danman32Danman32 Member Posts: 1,243
    There have been known to be interoperable incompatibilities between vendors. Some have issues with DHCP from Cisco ISR to Vista client. I forget the details but a registry change on Vista fixes the issue.
    Ah, has to do with a broadcast flag in the DHCP discover packet.
    In another case, someone had put in a subnet mask in the default-router IP setting. XP would accept that and ignore the extra info, but Vista/XP didn't like that. But that digresses from the topic of broadcasts and unicasts in DHCP.
Sign In or Register to comment.