-
Notifications
You must be signed in to change notification settings - Fork 91
/
Copy path10. DHCP, NAT
111 lines (81 loc) · 8.28 KB
/
10. DHCP, NAT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
* Dynamic Host Configuration Protocol
----------------------------------------
- Every coputer on a mordern TCP/IP network needs to have 4 thing configured:
1. IP address
2. Subnet mask for the local network
3. Gateway
4. Name server
- Configuring 100s of them is a tedious task - Subnet mask for the local network, Gateway, Name server are almost the same for the nodes on a network;
- IP address needs to be different on every node on the network;
- This is where DHCP is important;
* DHCP - An application layer protocol that automates the configuration process of hosts on a network;
- With DHCP a machine queries a DHCP server when the computer connects to the network and receives all the network configurations in one go;
- For Gateways and routers static IP address are important and need to be known to all clients on the network;
* DHCP ways of operation:
--------------------------
1. Dynamic allocation - A range of IP addresses are set aside for client devices and one of these IPs is issued to these devices when they request one; There the IP of a system can be different everytime it connects to the network;
2. Automatic allocation - A range of IP addresses are set aside for assignmnet purpose; Here the DHCP tracks the assignment numbers assigned to a host device and ensures to assign the same IP to the same machine;
3. Fixed allocation - Requires a manually specified list of MAC address and their corresponding IPs; MAC address and IP addressing mapping and lookup; If the MAC address is not available the DHCP server will fall back to automatic or dynamic allocation;
DHCP - can be used to configured a lot of things - IP Addresses, Gateways, NTP (Network time protocol), subnet networks, etc;
- NTP - Network time protocols servers - used to keep all the computers on a network synchronized in time;
* DHCP in Actions
---------------------
-> It is an Application layer protocol - relies on the transport, network, data-link and physical layers to operate;
-> The DHCP is useful to configure the network layer
-> DHCP discovery - The process by which a client configured to use DHCP attempts to get network configuration information;
- It has 4 steps:
1. Server discovery step -
The dhcp client sends a DHCP discover message out onto a network;
The machine doesn't have an ip nor does it know the ip of the DHCP server - a specially crafted broadcast message is formed instead;
The DHCP listens on UDP port 67 and DHCP discovery message is sentfrom UDP port 68.
The DHCPDISCOVER message is encapsulated in a UDP datagram - destination port - 67, source port - 68; This is encapsulated inside an IP datagram - destination IP of 255.255.255.255 and source IP of 0.0.0.0;
This broadcast message will get delievered on every node on the local area network and if a DHCP server is present it would receive the message;
2. The DHCP server will examine its own configuration and makes a decision on what IP address to offer the client; It checks if it is to run with dynamic, automatic or fixed address allocation;
Then a DHCPOFFER message will be sent with a destination messgae of port 68 and source port of 67, destination broadcast ip of - 255.255.255.255 and its actual IP as the source;
This message is also a broadcast it will be received by every machine on the network, and the original client would recognize the message was for itself. Since the DHCPOFFER has a field that specifies the MAC address of the client that sent the DHCP message;
3. The client machine will then process the DHCPOFFER message to see what IP address is being offered to it. Itwould send a DHCPREQUEST Message. (0.0.0.0 -> 255.255.255.255 - since the IPs are not assigned);
4. The server responds with a DHCPACK message; (The DHCP server source ip -> 255.255.255.255:68) - client recognized the message by the MAC address encapsulated in it;
5. The client machines networking stack now uses the configuration information presented to it by the DHCP server to set up its own network layer configuration; This configuration - DHCP Lease - as it includes the expiration time. It might last for days or for a short amount of time; On expiration the DHCP client needs to negotiate a new lease by performing the entire DHCP Discovery process;
---------------------------------------------------------------------------------------------------------------------------------
NAT - Network Address Translation
-----------------------------------
- It is a technique not a standard like - DNS, DHCP, etc;
- NAT could be OS and hardware dependent;
- A technology that allows a gateway usually a router or a firewall to rewrite the source IP of an outgoing IP datagram while retaining the original IP in order to rewrite it into the response;
NAT is hiding the source IP address and masking with its gateway or relevant IP address; This is termed as IP masquerading;
NAT and Transport Layer
-------------------------
- NAT at the network layer is easy but not so at the transport layer;
- one ip is translated into another usually by a router;
- many to one - > many IP address are translated into a single out bound NAT ip;
- the reverse is complicated, the router needs to figure which response correspondce to which compuer; - The simpleast way to do this is via - port preservation;
* Port preservation - a technique where the source port chosen by a client is the same port used by the router; Outbound comnnections choose ports at random - from the ephemeral ports - 49152 - 65535;
Client Destination
------ (NAT) -------------
source IP - 10.1.1.1000 Router
destination - 10.1.1.100 destination ip : 192.168.1.1
source port - 51300 source port - 51300
- The source port in the TCP datagram remains the same, and the data is stored internally in a table; Then the traffic is forwarded back to the IP 10.1.1.100 on source port - 51300;
- Incase two computers on a network use the same port then the router normally selects an used port at random instead;
* Port Forwarding -> A technique where specific destination ports can be configured to always be delievered to specific nodes;
- This allows for IP masquerading;
-> The detination receives the source IP of the router rather than the actual server IP, while the router will route the intended traffic to the source wiythput exposing its IP address;
Web Server Router Client
IP - 10.1.1.5
Destination IP - 10.1.1.5 Destination IP - 192.168.1.1
Port - 80 port : 80
10.1.1.0/24
Consider a company with Web server (10.1.1.5) and a Mail server (10.1.1.6) -> Through port forwarding on their actual source IPs are never exposed but the routers address is exposed , when the response reached the traffic (same IP/ same DNS) is directed to the intended server based on the destination port;
---------------------------------------------------------------------------------------------------------------------------------------
* NAT, Non-Routable Address Space and the Limits of IPv4
---------------------------------------------------------
- IANA (Internet Assigned Numbers Authority) - incharge of distributing addresses since 1988;
- IANA - responsible for assigning address blocks to the 5 regional internal registries - RIRs
1. AFRINIC - Serves Africa
2. ARIN - United States, Canada, Parts of Caribbean;
3. APNIC - Most of Asia, Australia, New Zealand, Pacific Island Nations;
4. LACNIC - Central and South America, other parts of the Carribean;
5. RIPE - Europe, Russia, Middle East and portions of Central Asia;
IP address spaces are exhausting world-wide. Work arount - NAT (Network Addres Translation) and Non-routable address space;
- RFC1918 - defined non-routable address space;
- With one exposed address space - NAT can internally have multiple non-routable address spaces.