DHCP in Computer Networking
Managing network hosts can be challenging, as each computer needs a unique IP
address, subnet mask, primary gateway, and DNS server. DHCP (Dynamic Host
Configuration Protocol) simplifies this by assigning unique IP addresses while
keeping the other settings consistent across multiple machines.
Certainly, DHCP is crucial in computer networking. It's an application layer
protocol that automates host configuration on a network. With DHCP, devices can
easily obtain their network settings when they connect. This simplifies network
management and eliminates the need to manually assign IPs.
For important equipment like routers, static IPs are preferred, ensuring consistent
access. However, client devices, like computers and mobiles, benefit from dynamic
IPs. DHCP can work in a few ways:
1. Dynamic Allocation: Client devices get different IPs each time they connect.
2. Automatic Allocation: The server tracks previous assignments and tries to give
the same IP if possible.
3. Fixed Allocation: Specific MAC addresses are manually assigned fixed IPs.
Unknown devices may get IPs or be denied.
DHCP can configure more than just IPs; it can set NTP servers to keep network time
synchronized. DHCP operates at the application layer but helps configure the
network layer. It's a vital part of networking.
DHCP Protocol
Here's how DHCP works in simple terms:
1. Server Discovery: The DHCP client sends a broadcast message (DHCPDISCOVER) on
the network to find a DHCP server. This message has no IP, so it goes to everyone.
If a DHCP server is present, it receives this message.
2. Server Offers an IP: The DHCP server looks at its settings and decides which IP
to offer to the client. It sends a broadcast message (DHCPOFFER) with the IP offer.
The client recognizes this offer.
3. Client Requests IP: The client responds with a DHCPREQUEST message, essentially
saying, "I want the offered IP." This message also goes to everyone.
4. Server Acknowledges: The server sends a DHCPACK message to acknowledge the
client's request. Now, the client can set up its network configuration. This
configuration is called a DHCP lease and has an expiration time. When it expires,
the client repeats the process.
NAT
NAT is a technique to translate one IP into another, not a standard like DHCP.
Different systems handle it differently, but the concept remains the same.
There are various reasons for using Network Address Translation (NAT), including
security and IPv4 address space conservation. We'll delve into the implications of
�NAT and IPv4 address space later. For now, we'll focus on how NAT enhances network
security.
At its core, NAT is a technology that allows a gateway, often a router or firewall,
to modify the source IP of an outgoing IP datagram while retaining the original IP
for response rewriting. In a simple NAT example, consider two networks: Network A
(10.1.1.0/24) and Network B (192.168.1.0/24). A router connects these networks with
IP addresses 10.1.1.1 and 192.168.1.1, respectively.
Now, place two computers on these networks: Computer 1 (IP 10.1.1.100) on Network A
and Computer 2 (IP 192.168.1.100) on Network B. Computer 1 wants to communicate
with Computer 2. It creates a packet, and the router, acting as its gateway, is
configured for NAT. The router not only forwards the packet but also changes the
source IP to its own (192.168.1.1). To Computer 2, it appears the packet came from
the router, not Computer 1.
When Computer 2 responds, the router rewrites the destination IP, ensuring the
traffic reaches Computer 1. This process hides Computer 1's IP from Computer 2,
known as IP masquerading, a crucial security concept.
In simple terms, no one can connect to your computer if they don't know its IP.
With NAT, you can have multiple computers on Network A, all appearing as the
router's IP to the outside world. This is one-to-many NAT and is widely used in
LANs.
At the network layer, NAT is straightforward: one IP is translated to another,
often by a router. However, at the transport layer, it gets more complex. Return
traffic poses a challenge as many responses are directed to the same IP. Port
preservation comes into play, where the router uses the source port chosen by the
client to direct traffic back to the right computer.
For instance, if a device with IP 10.1.1.100 selects source port 51,300 for an
outbound connection, the router keeps track of this source port, ensuring that
incoming traffic on port 51,300 goes to IP 10.1.1.100. This ensures responses reach
the correct computer.
Certainly, even with the vast number of ephemeral ports available, it's still
possible for two computers on a network to choose the same source port at the same
time. In such cases, the router selects an unused port randomly.
Another key concept is port forwarding, where specific destination ports are
configured to always go to specific nodes. This allows for IP masquerading and
makes services accessible through a single external IP.
Imagine our network, 10.1.1.0/24, with a web server at 10.1.1.5. Using port
forwarding, clients only need to know the router's external IP, like 192.168.1.1.
Traffic to port 80 on this IP is forwarded to 10.1.1.5, and the response traffic
appears to come from the router's external IP.
This simplifies how external users interact with services from the same
organization. For example, a company with a web server at 10.1.1.5 and a mail
server at 10.1.1.6 can have traffic for both services directed to the same external
IP.
IPv4 Exhaustion and NAT
The Internet Assigned Numbers Authority (IANA) has managed IP address distribution
since 1988. IPv4 addresses are nearly exhausted. The IANA assigns address blocks to
�Regional Internet Registries (RIRs), which serve different regions: AFRINIC, ARIN,
APNIC, LACNIC, and RIPE. Many RIRs have run out of addresses. IPv6 is a long-term
solution, but its worldwide implementation will take time.
To continue expanding and connecting more devices without enough IP addresses, we
use NAT and non-routable address space. Non-routable address space, defined in
RFC1918, includes various IP ranges for internal use. This ensures no global
collision of IP addresses, and NAT technology plays a crucial role in making this
feasible.
With Network Address Translation (NAT), multiple computers with non-routable
addresses can access the internet through a single public IP. This is useful until
IPv6 becomes more widespread. Businesses use NAT, along with other technologies
like firewalls, to secure their networks. They need to protect proprietary
information and limit access to certain services to employees only.
Securing Networks with VPNs
Virtual Private Networks (VPNs) extend a private network to remote hosts. VPNs come
in various types and serve different purposes, but a common use is for employees to
access their company network from outside the office. VPNs create a secure "tunnel"
for data transfer, allowing remote devices to connect to the company network as if
they were physically on-site.
In a VPN connection, data is sent through an encrypted tunnel, and the layers of
the packet are stripped away at the VPN endpoint. This process involves encryption,
encapsulation, and decryption, making the connection secure. VPNs usually require
strict authentication, often using two-factor authentication for added security.
VPNs can also be used for site-to-site connectivity, connecting two physically
separate offices as one network. It's important to note that VPNs are a general
technology concept, and there are various implementations. The key takeaway is that
VPNs use encrypted tunnels to allow remote computers or networks to behave as if
they are physically connected to another network.
Proxy Servers and Types
A proxy service is a server that acts on behalf of a client to access another
service. Proxies sit between clients and other servers, providing benefits like
anonymity, security, content filtering, increased performance, and more.
We've already covered some specific examples of proxies, such as gateway routers.
These gateways meet the definition of a proxy and how it works. The concept of a
proxy is a general idea; it doesn't refer to any specific implementation.
Proxies exist at various layers of our networking model. While there are many types
of proxies, we'll focus on a few common ones. The term "proxy" is often used in the
context of web proxies, designed for web traffic.
A web proxy can serve various purposes. In the past, organizations used web proxies
for better performance when internet connections were slower. It allowed the proxy
to retrieve and cache webpage data, speeding up subsequent requests.
However, this type of proxy is less common today due to faster internet speeds and
the dynamic nature of the web. Instead, web proxies are often used to block access
to specific websites, enhancing productivity in organizations.
�Another type of proxy is the reverse proxy. It appears as a single server to
external clients but represents multiple servers behind it. This is commonly used
by popular websites to handle heavy traffic and distribute requests to multiple
servers, a form of load balancing.
Reverse proxies also handle decryption, especially for encrypted web traffic. They
offload encryption and decryption work to specialized hardware, freeing web servers
to focus on serving content.
There are many more proxy types, but a common point is that proxies act as
intermediaries between clients and other servers.
