DHCPv4 - Dynamic Host Configuration Protocol for IPv4 ======================================================== .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow .. panels:: :column: col-lg-12 :card: shadow **What is DHCPv4?** DHCPv4 stands for Dynamic Host Configuration Protocol for IPv4. It is a network management protocol used to automatically assign IPv4 addresses and other configuration information (like subnet mask, default gateway, and DNS server) to devices on a network. .. panels:: :column: col-lg-12 :card: shadow **Why is DHCPv4 useful?** * Eliminates the need for manual IP configuration. * Reduces configuration errors caused by human input. * Efficiently manages and reuses a limited pool of IPv4 addresses. * Supports dynamic, automatic, and centralized IP address assignment. * Ideal for networks with frequent device changes (e.g., enterprise or public networks). .. panels:: :column: col-lg-12 :card: shadow **How it works (DHCPv4 process):** * **Discover** – The client broadcasts a DHCPDISCOVER message to locate a DHCP server. * **Offer** – The server replies with a DHCPOFFER message containing an IP address and configuration. * **Request** – The client replies with a DHCPREQUEST message to request the offered address. * **Acknowledge** – The server sends a DHCPACK to confirm the lease and configuration. (This is often referred to as the **DORA process**: Discover, Offer, Request, Acknowledge) .. panels:: :column: col-lg-12 :card: shadow **Where is DHCPv4 used?** * **Home Networks** – For automatic IP assignment via Wi-Fi routers. * **Enterprise Networks** – To manage large pools of IPs efficiently. * **Data Centers** – For dynamic provisioning of servers and virtual machines. * **Public Networks** – In hotels, airports, and cafes for guest access. .. panels:: :column: col-lg-12 :card: shadow **Which OSI Layer Does DHCPv4 Belong To?** * **DHCPv4 operates at the Application Layer (Layer 7)** of the OSI model. * It provides network configuration services (like IP address assignment) to applications and users. * While it uses **UDP** (Transport Layer – Layer 4) to transmit messages, the DHCP logic (like DISCOVER, OFFER, etc.) is defined at the Application Layer. * It interacts with system-level services to configure network parameters dynamically. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **IS DHCPv4 windows specific?** * No, DHCPv4 is **not Windows-specific**. * It is widely supported across many operating systems including Windows. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **IS DHCPv4 Linux Specific?** * No, DHCPv4 is **not Linux-specific**. * Linux distributions commonly support DHCPv4 clients and servers. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which Transport Protocol is used by DHCPv4?** * DHCPv4 uses **UDP (User Datagram Protocol)** as its transport protocol. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which Port is used by DHCPv4?** * DHCPv4 uses UDP ports **67** (server) and **68** (client). .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is DHCPv4 using Client server model?** * Yes, DHCPv4 follows a **client-server model**. * The client requests network configuration and the server assigns IP and related info. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow Topics in this section, * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`DHCPv4 Version&RFC Details ` * :ref:`DHCPv4 Basic Setup on Ubuntu using IPv4 ` * :ref:`DHCPv4 Protocol Packet Details ` * :ref:`DHCPv4 Usecases ` * :ref:`DHCPv4 Basic Features ` * :ref:`DHCPv4 Feature : Dynamic IP Assignment ` * :ref:`DHCPv4 Feature : Lease Management ` * :ref:`DHCPv4 Feature : Centralized Configuration ` * :ref:`DHCPv4 Feature : DHCP Options ` * :ref:`DHCPv4 Feature : Manual (Static) Assignment ` * :ref:`DHCPv4 Feature : Relay Agent Support ` * :ref:`DHCPv4 Feature : Authentication (Optional) ` * :ref:`DHCPv4 Feature : Failover Support ` * :ref:`DHCPv4 Feature : PXE Boot Support ` * :ref:`DHCPv4 Feature : Logging & Auditing ` * :ref:`Reference links ` .. _DHCPv4_step1: .. tab-set:: .. tab-item:: Learnings in this section * In this section, you are going to learn .. _DHCPv4_step2: .. tab-set:: .. tab-item:: Terminology * Terminology .. _DHCPv4_step3: .. tab-set:: .. tab-item:: Version Info * Version Info .. _DHCPv4_step5: .. tab-set:: .. tab-item:: DHCPv4 Version&RFC Details .. csv-table:: :file: ./DHCPv4/DHCPv4_Version_and_RFC_Details.csv :widths: 10,10,10,30 :header-rows: 1 .. _DHCPv4_step20: .. tab-set:: .. tab-item:: Test Case 1: DHCP Discover and Offer Exchange **verify that a client sends a DHCP Discover message and the DHCP server responds with a DHCP Offer containing valid configuration parameters such as an IP address, subnet mask, and gateway** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.100; option routers 10.91.239.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp1s0" .. note:: * The server will listen for DHCP requests on the `enp1s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp1s0 10.91.239.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * The client will broadcast a DHCP Discover message. * Step-3 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 2: DHCP Request and Acknowledgement** **verify that after a client receives a DHCP Offer, it sends a DHCP Request to confirm and the server responds with a DHCP Acknowledgement** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.100; option routers 10.91.239.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp1s0" .. note:: * The server will listen for DHCP requests on the `enp1s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp1s0 10.91.239.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * This command triggers the entire DHCP DORA (Discover, Offer, Request, Acknowledge) process. * Step-3 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 3: IP Assignment from Pool** **verify that when a client requests an IP address, the DHCP server assigns one from its configured IP pool, and that the assigned IP is within the range and not duplicated** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.100; option routers 10.91.239.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp1s0" .. note:: * The server will listen for DHCP requests on the `enp1s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp1s0 10.91.239.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * This command triggers the entire DHCP DORA (Discover, Offer, Request, Acknowledge) process. * The DHCP client will get an IP address in the range of `10.91.239.10` and `10.91.239.100`. * Step-3 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 4: Reserved IP Assignment by MAC** **verify that the DHCP server assigns a specified reserved IP address to a client based on its MAC address** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure IP reservation on the DHCP server .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.10 192.168.0.100; option routers 192.168.0.11; option domain-name-servers 8.8.8.8, 8.8.4.4; option broadcast-address 192.168.0.255; default-lease-time 600; max-lease-time 7200; } host client1 { hardware ethernet 7c:8a:e1:98:43:82; fixed-address 192.168.0.15; } .. note:: * The `host` block with `hardware ethernet` and `fixed-address` ensures that the client with the specified MAC address will always receive the same IP address. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interfaces. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.0.11 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * This command triggers the entire DHCP DORA (Discover, Offer, Request, Acknowledge) process. * The DHCP client will get an IP address in the range of `192.168.0.15`. * Step-3 : Verify the assigned IP address .. code-block:: shell test:~$ ip addr show .. note:: * Check the IP address assigned to the client's interface to ensure it matches the reserved IP. * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 5: DHCP Lease Expiry and Renewal** **verify that when a client's DHCP lease expires and it requests an IP again, the server responds with either the same or a new IP, based on pool availability** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.100; option routers 10.91.239.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp1s0" .. note:: * The server will listen for DHCP requests on the `enp1s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp1s0 10.91.239.1 up * Step-5 : Restart and check the status of the DHCP server Verify that the DHCP server is operational before the client attempts a lease renewal. .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server After first running the step 2 and step 3 on client side .. code-block:: shell test:~$ sudo systemctl stop isc-dhcp-server .. note:: * The stop command is likely used to test a specific scenario, though the final restart is necessary for the test case to function. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * This command triggers the entire DHCP DORA (Discover, Offer, Request, Acknowledge) process. * The DHCP client will get an IP address in the range of `10.91.239.10` and `10.91.239.100`. * Step-3 : Force the lease to expire and release the IP Remove the existing lease file and explicitly release the current IP address to simulate a lease expiry. .. code-block:: shell test:~$ sudo rm /var/lib/dhcp/dhclient.leases test:~$ sudo dhclient -r enp43s0 .. note:: * This action ensures the client has no prior lease information when it attempts to renew, forcing a full DORA process. * Step-4 : Request a new IP address after expiry Use the dhclient command with the verbose flag (-v) on the specified interface (enp43s0) to observe the renewal process. .. code-block:: shell test:~$ sudo dhclient -v enp43s0 .. note:: * When the client's lease expires and it attempts to get a new IP, it first sends a DHCPREQUEST packet in an attempt to renew its last-known IP. * Since the server is down and does not respond, the client will time out and then broadcast a DHCPDISCOVER packet to find any available DHCP server. * Step-5 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 6: DHCP Options Delivery** **verify that all DHCP options (e.g., DNS, gateway, subnet mask) configured on the server are correctly sent to the client and applied** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server with options .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.100; option subnet-mask 255.255.255.0; option routers 10.91.239.1; option domain-name-servers 8.8.8.8, 8.8.4.4; option domain-name "local"; default-lease-time 120; } .. note:: * The `isc-dhcp-server` must be configured with a subnet and various options such as subnet mask, router, and DNS servers. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interfaces. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 10.91.239.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * This command triggers the entire DHCP DORA (Discover, Offer, Request, Acknowledge) process. * The DHCP client will get an IP address in the range of `10.91.239.10` and `10.91.239.100`. * Step-3 : Verify the assigned IP address .. code-block:: shell test:~$ ip addr show .. note:: * Check the IP address assigned to the client's interface to ensure it matches the reserved IP. * Step-4 : Wireshark Capture Observations * Expand the DHCP ACK packet to inspect the "Option" fields. * The following options should be observed in the DHCP ACK message: * Subnet Mask: `255.255.255.0` * Router (Default Gateway): `10.91.239.1` * Domain Name Server: `8.8.8.8, 8.8.4.4` * Domain Name: `local` * Lease Time: `120 seconds` * Step-5 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 7: No DHCP Server Available** **verify client behavior when no DHCP server is available on the network, ensuring the client times out and handles the lack of an IP address gracefully** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 10.91.239.1 up * Step-3 : Stop the DHCP server .. code-block:: shell test:~$ sudo systemctl stop isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * This action ensures the server is not listening for DHCP requests, allowing the client to test its timeout and fallback behavior. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v enp43s0 .. note:: * The `-v` flag provides verbose output to show the DORA process. * The verbose output will show the client repeatedly broadcasting `DHCPDISCOVER` messages and eventually timing out after no `DHCPOFFER` is received. * Step-3 : Check the client's IP configuration .. code-block:: shell test:~$ ip addr show * Step-4 : Wireshark Capture Observations * The client should send a **DHCPDISCOVER** packet. * No **DHCPOFFER** is received from the server. * The client should time out and either remain without an IP address or assign itself an APIPA address (e.g., `169.254.x.x`). * No default gateway or DNS server is configured on the client.xpand the DHCP ACK packet to inspect the "Option" fields. * Step-5 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 8: IP Pool Exhaustion** **verify DHCP server behavior when the IP address pool is fully exhausted.New clients should not receive an IP and should either remain unconfigured or fall back to an APIPA address (169.254.x.x)** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure a small DHCP pool .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.10; option routers 10.91.239.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration provides a single IP address (`10.91.239.10`). * For this test, it is assumed that this address has already been assigned to a different client, effectively exhausting the pool. * Step-3 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 10.91.239.1 up * Step-4 : Restart the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: console test:~$ sudo dhclient -v enp43s0 Internet Systems Consortium DHCP Client 4.4.3-P1 Copyright 2004-2022 Internet Systems Consortium. All rights reserved. For info, please visit **https://www.isc.org/software/dhcp/** Listening on LPF/enp43s0/7c:8a:e1:98:43:82 Sending on LPF/enp43s0/7c:8a:e1:98:43:82 Sending on Socket/fallback xid: warning: no netdev with useable HWADDR found for seed's uniqueness enforcement xid: rand init seed (0x68750979) built using gethostid DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 3 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 3 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 14 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 18 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 11 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 12 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 15 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 18 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 15 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 18 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 11 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 14 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 20 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 7 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 7 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 14 (xid=0xb51c6b30) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 12 (xid=0xb51c6b30) No DHCPOFFERS received. No working leases in persistent database - sleeping. .. note:: * The `-v` flag provides verbose output to show the DORA process. * The verbose output will show the client repeatedly broadcasting `DHCPDISCOVER` messages and eventually timing out after no `DHCPOFFER` is received. * Step-3 : Check the client's IP configuration After the command times out, verify that the client has not received a valid IP address. .. code-block:: shell test:~$ ip addr show * Step-4 : Wireshark Capture Observations * The DHCP pool is fully allocated. * The new client sends a `DHCPDISCOVER` but receives no `DHCPOFFER` from the server. * The client fails to receive an IP address and remains unconfigured or assigns itself an APIPA address (e.g., `169.254.x.x`). * Step-5 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 9: Invalid MAC Address Handling** **verify that the DHCP server correctly ignores DHCP requests from clients with an invalid or malformed MAC address, ensuring network integrity and security** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure IP reservation on the DHCP server .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 10.91.239.0 netmask 255.255.255.0 { range 10.91.239.10 10.91.239.100; option routers 10.91.239.1; option domain-name-servers 8.8.8.8, 8.8.4.4; option broadcast-address 10.91.239.255; default-lease-time 600; max-lease-time 7200; } host client1 { hardware ethernet 7c:8a:e1:98:43:81; fixed-address 10.91.239.15; } .. note:: * The `host` block with `hardware ethernet` and `fixed-address` ensures that the client with the specified MAC address will always receive the same IP address. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interfaces. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 10.91.239.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server * The client is configured to send DHCP requests with its MAC address.The server config file is updated with invalid MAC Address(not same as this) * Run dhclient with the verbose flag to initiate the DHCP process and observe the output. .. code-block:: console test:~$ sudo dhclient -v Internet Systems Consortium DHCP Client 4.4.3-P1 Copyright 2004-2022 Internet Systems Consortium. All rights reserved. For info, please visit **https://www.isc.org/software/dhcp/** Listening on LPF/enp43s0/7c:8a:e1:98:43:82 Sending on LPF/enp43s0/7c:8a:e1:98:43:82 Sending on Socket/fallback xid: warning: no netdev with useable HWADDR found for seed's uniqueness enforcement xid: rand init seed (0x68751188) built using gethostid DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 3 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 16 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 10 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 19 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 10 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 8 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 11 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 15 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 15 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 15 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 20 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 13 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 9 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 15 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 12 (xid=0xbbf4875b) DHCPDISCOVER on enp43s0 to 255.255.255.255 port 67 interval 10 (xid=0xbbf4875b) No DHCPOFFERS received. No working leases in persistent database - sleeping. .. note:: * The `-v` flag provides verbose output to show the DORA process. * no DHCPOFFER packet is received from the DHCP server in response to the client's repeated DHCPDISCOVER packets. * Step-3 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 10: MAC Spoofing for Reserved IP** **verify that the DHCP server assigns a reserved IP address to a client that has spoofed the MAC address of the intended recipient** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.10 192.168.0.100; option routers 192.168.0.11; option domain-name-servers 8.8.8.8, 8.8.4.4; } host client1 { hardware ethernet 08:00:27:aa:bb:cc; fixed-address 192.168.0.15; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp1s0" .. note:: * The server will listen for DHCP requests on the `enp1s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp1s0 192.168.0.11 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — Legit Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server * Ensure the client is using its legitimate MAC address (`08:00:27:aa:bb:cc`). .. code-block:: shell test:~$ sudo dhclient -r enp43s0 test:~$ sudo dhclient -v enp43s0 .. note:: * The `-v` flag provides verbose output to show the DORA process. * The client should successfully receive the reserved IP address, `192.168.0.15`. **Client (Machine C) — Spoofing Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Spoof the MAC address * Set the interface's MAC address to match Client A's reserved MAC address (`08:00:27:aa:bb:cc`). .. code-block:: shell test:~$ sudo ip link set dev enp43s0 address 08:00:27:aa:bb:cc * Step-3 : Bring the interface up .. code-block:: shell test:~$ sudo ip link set dev enp43s0 up * Step-4 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v enp43s0 .. note:: * The `-v` flag provides verbose output to show the DORA process. * The client with spoofed MAC address should successfully receive the reserved IP address, `192.168.0.15`. * Step-3 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 11: Hostname Option 12** **verify that a client sends its hostname to the server using DHCP Option 12 and receives an IP address** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Set the domain name and DNS servers option domain-name "local"; option domain-name-servers 8.8.8.8, 8.8.4.4; # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option routers 192.168.10.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Configure the client to send its hostname * Edit the dhclient.conf file to include the line that sends the client's hostname to the server. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhclient.conf send host-name = gethostname(); * Step-3 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-4 : Verification and Results * In the DHCP Discover and DHCP Request packets sent by the client, check the DHCP options. * You should find "Option 12". This option will contain the client's hostname and the length of the hostname string. * Step-5 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 12: DHCP Option 42 (NTP Server) Delivery** **verify that the DHCP server provides NTP server information to the client via DHCP Option 42** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to include option ntp-servers within the subnet block. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option domain-name "local"; option domain-name-servers 8.8.8.8, 8.8.4.4; # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option domain-name-servers 8.8.8.8, 8.8.4.4; option ntp-servers 192.168.10.2, 192.168.10.3, 192.168.10.15; option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * Inspect the DHCPOffer and DHCPACK packets sent by the server. * They should contain Option 42 (Network Time Protocol Servers), which lists the NTP server IP addresses in the configured order. * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 13: DHCP Vendor Class Identifier (Option 60)** **verify that a client sends its vendor class identifier to the server via DHCP Option 60 in its requests** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option domain-name "local"; option domain-name-servers 8.8.8.8, 8.8.4.4; # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option routers 192.168.10.1; option subnet-mask 255.255.255.0; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Configure the client to send a vendor class identifier .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhclient.conf send vendor-class-identifier "UbuntuClient-Testing"; * Step-3 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * In the DHCP Discover and DHCP Request packets sent by the client, inspect the DHCP options. * You should find Option 60 (Vendor Class Identifier) with the string "UbuntuClient-Testing". * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 14: DHCP User Class Identifier (Option 77)** **verify that a client sends its user class identifier to the server via DHCP Option 77 and receives an IP from a designated pool** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to define a user class and a corresponding IP pool. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option domain-name "local"; option domain-name-servers 8.8.8.8, 8.8.4.4; class "clientdevice" { match if option user-class = "clientdevice"; } class "testdevice" { match if option user-class = "testdevice"; } # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { pool { allow members of "clientdevice"; range 192.168.10.20 192.168.10.40; } pool { allow members of "testdevice"; range 192.168.10.100 192.168.10.140; } option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Configure the client to send a user class identifier Edit the dhclient.conf file to include the line that sends the user class identifier string "clientdevice". .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhclient.conf send user-class "testdevice"; (OR) send user-class "clientdevice"; * Step-3 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-4 : Verification and Results * Inspect the DHCP Discover and DHCP Request packets from the client. They should contain Option 77 (User Class Identifier) with the string "clientdevice". * The client should also receive an IP address within the configured range of 192.168.10.100 to 192.168.10.140. * Step-5 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 15: DHCP Option 6 (DNS Server) Delivery** **verify that the DHCP server provides DNS server information to the client via DHCP Option 6** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to include option domain-name-servers within the subnet block. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option domain-name "local"; # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option domain-name-servers 8.8.8.8, 8.8.4.4; // Used for option 6 option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * Inspect the DHCPOffer and DHCPACK packets sent by the server. * They should contain Option 6 (Domain Name Servers), which lists the DNS server IP addresses as configured on the server. * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 16: DHCP Option 15 (Domain Name) Delivery** **verify that the DHCP server provides the domain name to the client via DHCP Option 15** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to include option domain-name. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option domain-name "local"; # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * Inspect the DHCPOffer and DHCPACK packets sent by the server. * They should contain Option 15 (Domain Name), which lists the domain name string "local". * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 17: DHCP Option 119 (Domain Search List) Delivery** **verify that the DHCP server provides a list of domain suffixes to the client via DHCP Option 119** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to include option domain-search within the subnet block. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option domain-name "local"; # Set the subnet for DHCP lease distribution subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option domain-search "corp.example.local", "lab.example.local"; // Used for option 119 option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * Inspect the DHCPOffer and DHCPACK packets sent by the server. * They should contain Option 119 (Domain Search List), which lists the domain names as configured on the server. * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 18: DHCP Option 252 Delivery** **verify that the DHCP server provides the Web Proxy Auto-Discovery (WPAD) URL to the client via DHCP Option 252** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to include Option 252 and include it in the subnet configuration. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option wpad-url code 252 = text; subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option wpad-url "[http://192.168.10.1/wpad.dat](http://192.168.10.1/wpad.dat)"; option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Configure the client to request Option 252 .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhclient.conf request wpad-url; * Step-3 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * Inspect the DHCPOffer and DHCPACK packets sent by the server. * They should contain Option 252 (Private/Proxy autodiscovery) with the configured URL http://192.168.10.1/wpad.dat * Step-4 : Wireshark Capture :download:`Download wireshark capture ` **Test Case 19: DHCP Option 43 (Vendor-Specific Information) Delivery** **verify that the DHCP server provides vendor-specific information to the client via DHCP Option 43** **Server (Machine A) — DHCP Server Setup** * Step-1 : Install the ISC DHCP Server .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-server * Step-2 : Configure the DHCP server daemon Edit the /etc/dhcp/dhcpd.conf file to include Option 43 and include it in the subnet configuration. .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhcpd.conf # Sample configuration for DHCP server option vendor-encapsulated-options code 43 = string; subnet 192.168.10.0 netmask 255.255.255.0 { range 192.168.10.10 192.168.10.100; option vendor-encapsulated-options "[http://192.168.10.1/config](http://192.168.10.1/config)"; option routers 192.168.10.1; } .. note:: * This configuration defines the subnet and the IP address range for clients. * Step-3 : Configure the interface for the DHCP server .. code-block:: shell test:~$ sudo nano /etc/default/isc-dhcp-server INTERFACESv4="enp43s0" .. note:: * The server will listen for DHCP requests on the `enp43s0` interface. * Step-4 : Assign a static IP to the server's interface and bring it up .. code-block:: shell test:~$ sudo ifconfig enp43s0 192.168.10.1 up * Step-5 : Restart and check the status of the DHCP server .. code-block:: shell test:~$ sudo systemctl restart isc-dhcp-server test:~$ sudo systemctl status isc-dhcp-server .. note:: * The server should be running without any errors and listening for DHCP requests. **Client (Machine B) — DHCP Client Setup** * Step-1 : Install the DHCP client software .. code-block:: shell test:~$ sudo apt update test:~$ sudo apt install isc-dhcp-client * Step-2 : Configure the client to request Option 43 .. code-block:: shell test:~$ sudo nano /etc/dhcp/dhclient.conf request vendor-encapsulated-options; * Step-3 : Request an IP address from the server .. code-block:: shell test:~$ sudo dhclient -v .. note:: * The `-v` flag provides verbose output to show the DORA process. * Step-3 : Verification and Results * Inspect the DHCPOffer and DHCPACK packets sent by the server. * They should contain Option 43 (Vendor-Specific Information) with the configured string http://192.168.10.1/config * Step-4 : Wireshark Capture :download:`Download wireshark capture ` .. _DHCPv4_step6: .. tab-set:: .. tab-item:: DHCPv4 Protocol Packet Details **DHCP Offer** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails1.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Offer** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails2.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Request** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails3.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Acknowledgment (ACK)** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails4.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Negative Acknowledgment (NAK)** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails5.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Decline** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails6.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Release** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails7.csv :widths: 10,20,30,10 :header-rows: 1 **DHCP Inform** .. csv-table:: :file: ./DHCPv4/DHCPv4_packetdetails8.csv :widths: 10,20,30,10 :header-rows: 1 .. _DHCPv4_step7: .. tab-set:: .. tab-item:: DHCPv4 Usecases .. csv-table:: :file: ./DHCPv4/DHCPv4_Use_Cases.csv :widths: 10,20,30 :header-rows: 1 .. _DHCPv4_step8: .. tab-set:: .. tab-item:: DHCPv4 Basic Features .. csv-table:: :file: ./DHCPv4/DHCPv4_Basic_Features.csv :widths: 10,10,30 :header-rows: 1 .. _DHCPv4_step9: .. tab-set:: .. tab-item:: DHCPv4 Feature : Dynamic IP Assignment **Dynamic IP Assignment - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature1_Dynamic_IP_Assignment_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step10: .. tab-set:: .. tab-item:: DHCPv4 Feature : Lease Management **Lease Management - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature2_Lease_Management_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step11: .. tab-set:: .. tab-item:: DHCPv4 Feature : Centralized Configuration **Centralized Configuration - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature3_Centralized_Configuration_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step12: .. tab-set:: .. tab-item:: DHCPv4 Feature : DHCP Options **DHCP Options - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature4_DHCP_Options_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step13: .. tab-set:: .. tab-item:: DHCPv4 Feature : Manual (Static) Assignment **Manual (Static) Assignment - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature5_Manual_Static_Assignment_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step14: .. tab-set:: .. tab-item:: DHCPv4 Feature : Relay Agent Support **Relay Agent Support - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature6_Relay_Agent_Support_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step15: .. tab-set:: .. tab-item:: DHCPv4 Feature : Authentication (Optional) **Authentication (Optional) - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature7_Authentication_Optional_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step16: .. tab-set:: .. tab-item:: DHCPv4 Feature : Failover Support **Failover Support - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature8_Failover_Support_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step17: .. tab-set:: .. tab-item:: DHCPv4 Feature : PXE Boot Support **PXE Boot Support - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature9_PXE_Boot_Support_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step18: .. tab-set:: .. tab-item:: DHCPv4 Feature : Logging & Auditing **Logging & Auditing - Testcases** .. csv-table:: :file: ./DHCPv4/DHCPv4_Feature10_Logging_and_Auditing_Test_Cases.csv :widths: 10,10,30,20 :header-rows: 1 .. _DHCPv4_step19: .. tab-set:: .. tab-item:: Reference links * Reference links