1
Lecture 13: IP autoconfiguration
Autoconfiguration in IP: stateful and stateless autoconfiguration
Olof Hagsand KTH CSC
DD2393/EP2120 p1 2011
2
Literature
•Forouzan Chapter 18All sections.BOOTP is in itself not relevant but necessary for historical reasons in order to understand DHCPThe chapter only handles stateful autoconfiguration
•Forouzan Chapter 26.4 and 28.4Stateless autoconfiguration in IPv6
3
Autoconfiguration requirements
•Suppose you connect a computer with no configured state to a network. What does it take to communicate?
– To a directly connected node?– To a node on the Internet?
•For computers connected to a local link:–IP address and subnet mask–(IP address of a name server)*
•For Internet access a computer also needs:–IP address of a router (default gateway)–IP address of a name server*
•Additional info in both cases:–Default TTL, –Time servers,–Printers–Other services
*: not strictly necessary
4
Different autoconf variants
1) Stateful autoconfiguration –A central server keeps track of the address of every individual host–DHCP–This is the most widely used method today
2) Stateless autoconfiguration (SLAAC)–Automatic address assignment by the hosts themselves–Server only supplies non-host specific information–Use of link-local addresses–Mainly IPv6 (but IPv4 has it now too)
3) Zeroconf–No servers – hosts assign and require all information automatically–Not widely deployed
5
Stateful autoconfiguration
•Historical development:–RevARP --> BOOTP --> DHCP, Stateful DHCPv6
6
BOOTP
•Reverse ARP (RARP) translates MAC IP addr
–But only contains an IP address
–Requires fixed hw addresses
•BOOTP (RFC 951) is a lot more powerful than RARP
•Client/Server Protocol
•Specify a boot image for disk-less clients
•BOOTP sends requests/replies over UDP
–Easy to write a user space server
–Client does not need a full TCP/IP stack to run BOOTP
•But BOOTP is not dynamic
–uses a static binding between MAC and IP addresses
7
DHCP
• Dynamic Host Configuration Protocol
• DHCP provides dynamic configuration–Client can get a temporary address, and move from network to network
• DHCP is backward compatible with BOOTP–BOOTP client can request a static configuration from a DHCP server
• Allows reuse of address, which avoids having to tie up addresses for systems which are not currently connected, or have been removed
• Extended with many other services: name and time servers, etc.
• Stateful DHCPv6 is the corresponding protocol in IPv6–There is a also a stateless DHCPv6 in IPv6 with no unique address assignment
8
DHCP simplified operation
UDP
67
UDP
67
UDP
Server
Request
Reply
DHCP request/replyUDP headerIP header
20 bytes 8 bytes 300 bytes
UDP datagram
IP datagram
68
Client
68
UDP
src: 0.0.0.0dst: 255.255.255.255
src: Sdst: 255.255.255.255 or C
Address: C
9
DHCP simplified operation
1. DHCP server uses UDP port 67 and waits for client
2. Client sends initial requests (discover) encapsulated in UDP using:
• dst IP address 255.255.255.255
• dst port no 67
• src IP address 0.0.0.0
• src port no 68
3. Server replies (DHCPOFFER) with either broadcast or unicast message using UDP destination port 68
• The unicast IP address of the client can be used in server’s reply message if client’s IP address has been manually added in the ARP table
• Note that the server will know the client’s MAC address
• Only place in IP where client has fixed port!
10
Relay agent
•A relay agent (proxy) is used so a DHCP server can serve several subnets
–A relay agent is a router that sends local requests to a remote server, and relays replies back to the subnet.
–The relay agent 'tunnels' the orignal request to the server.
UDP
67
UDP
67
UDP
Relay agent
Request
Reply
68
Client
68
UDP
Broadcast
Server
11
Options and message types• Lots of semantics is implemented in the DHCP options
field
– or ”Vendor-specific field”
• Uses ”TLV”: Type-Length-Value
• Subnetmask
• Address of routers, nameservers, timeservers, hostname, etc.
• Message type examples
– DHCPDISCOVER
– DHCPOFFER
– DHCPREQUEST
– DHCPACK
– DHCPNACK
– DHCPRELEASE
type length value
12
Example of a simple server config filesharednetwork LOCALNET {
Defaultleasetime 5000;
Maxlease time 10000;
option domainname "exp.se";
option domainnameservers 13.14.15.16;
option domainnameservers 195.54.122.200;
subnet 10.5.5.0 netmask 255.255.255.0 {
option routers 10.5.5.1;
option subnetmask 255.255.255.0;
option broadcastaddress 10.5.5.255;
range 10.5.5.100 10.5.5.199;
host armitage {
fixedaddress 10.5.5.21;
hardware ethernet 00:61:e0:42:a5:bc;
}
host molly {
fixedaddress 10.5.5.22;
hardware ethernet 00:a3:e0:42:6b:ff;
}
}
}
13
Initialization•First discover a server, then request address lease
•Discover is sent on broadcast with 0.0.0.0 as source
•Offer includes an IP address
•Request/Ack commits the use of the ip address
67
Server
DISCOVER
68
Client
OFFER
REQUEST
ACK
14
Expiration
•After 50% of lease, client needs to renew
•If server NACKs, client needs to start over (shown below)
•If server does not respond, client continues until lease expires
67
Server
68
Client
REQUEST
NACK
REQUEST
RELEASE
15
Client state machine
Initializing
Selecting
Requesting
Bound
Requesting
Renewing Rebinding
Expired? or S: DHCPNACK
C: DHCPDISCOVER
S: DHCPOFFERC: DHCPREQUEST
S:DHCPACK
50% Expired?C: DHCPREQUEST
S: DHCPACK
C: DHCPRELEASE
Boot
Client ServerC
S
87.5% Expired?C: DHCPREQUEST
S: DHCPNACK
16
Stateless autoconfiguration
•Stateless autoconf - SLAAC–Nodes can start communicating directly–Router has only non-host specific data –Does not keep track of individual host addresses–Mainly for IPv6
1. Create a link-local address 2. Get a global prefix from a router 3. Create a global address
Global destinationRouterClient
17
1. How to create LLAs
•FE80/10 is used for IPv6 link-local addresses•169.254/16 is allocated for IPv4•Alt 1: A host allocates an LLA by mac-derived address (see below)•Alt 2: A host allocates an LLA by a random function•A host probes this address by sending an ICMPv6 neighbor solicitation with the new address as target and ::/128 as source.•A reply (neighbor advertisement) means a conflicting address (try a new)
64 bits
FFFE
48 bit MAC address
FE80::
64 bits
FFFE
48 bit MAC address
FE80::
18
2. Get a global prefix from the router
•Router configured with global prefixes that hosts can create addresses from•Router sends ICMPv6 router advertisments (RA) on the sub-network periodically•Hosts may send ICMPv6 router solicitations to trigger router RAs
19
3. Create a global address•Use the global prefix obtained by RA to create a global address•Either mac-derived or random function•This is a global routable address•If you have a routable address, you should always use that instead of a LLA•Also, link-local addresses should never be configured in DNS
except if you use mDNS - where you can use local names
64 bits
FFFE
48 bit MAC address
Global prefix
20
RA versus DHCP
•Using router advertisments (RA) for stateless autoconfiguration in IPv6 has its limits and is controversial•RA only provides address, subnet and next-hop.•But a host (almost) always needs name servers, for example.•So there is a need for DHCP in most networks anyway•So why would you need RA at all if you have to set up a DHCP server?•Good question. Many therefore question the use of RA•However, RA is much more lightweight than DHCP•And you can use stateless DHCP together with RA.
ServerRouterClient
21
Zeroconf
•Allowing two hosts to communicate without infra-structureTypically for ad-hoc meetings on a wireless networkCommunicate with new people in publicUse a service (eg printer) you pass by
•This has worked well in proprietary network technologies Apple's Appletalk, Microsoft NETBIOSNovell IPXUPnP (Universal plug and play)
•But IP has always been bad at this•What do you need to make it work?
22
IP Zeroconf requirements
1.Allocate addresses without a DHCP server IPv4 Link-Local Addressing
2.Translate between names and IP addresses without a DNS serverMulticast DNS (mDNS)introduces a new top_level-domain: local.
3.Find services, like printers, without a directory serverDNS Service Discovery (SRV posts)
4.Allocate IP Multicast addresses without a server
23
Exercise: DHCP Autoconfiguration
Assume two hosts A and B, an IP sub-network N (a WaveLAN), a router R, and a DNS server D. A, R and D are connected to N, while B is accessible on the Internet via R.Assume further that A is just being connected to N – it has no configured IPv4 address on that interface. Describe what is necessary in terms of all protocol messages for A to send a UDP packet to B given only its name? Your answer should include DHCP, DNS, ARP, and IP.This is mainly an exercise in understanding all actions necessary to send an IP message starting from scratch.
24
Exercise: Multi-homing in IPv6Consider a host A that wishes to start a communication with another remote host B. A is on a multi-homed site with two border routers peering with two different ISPs. Your site has two different IPv6 address blocks from each of the ISP, and thus two different prefixes. Host A can therefore use two different addresses A1 and A2. Assume that the same situation is true for B: it has addresses B1 and B2. Discuss the following questions:
•How does A obtain the two source addresses A1 and A2?•How does A obtain the destination addresses (B1 and B2)?•How does A decide which source address to use (A1 or A2)?•How does A decide which destination address to use (B1 or B2)?•When B receives a packet from A, which source/destination addresses does it use in a reply?•Suppose A and B have started to communicate using a pair of addresses. Can the address be changed when the session is up?