This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Understanding DHCP DORA process from Wireshark packet capture perspective

jeisson_diaz
RUCKUS Team Member

‎11-16-2023 09:32 AM

Understanding DHCP DORA process from Wireshark packet capture perspective

 These are the basics you need to know to understand what DHCP process involves when a client initiates a request to get an IP address from a DHCP server. This applies to wireless as well as wired clients. 

 

DHCP—Dynamic Host Configuration Protocol

  • It uses UDP port 67 for the DHCP server, and UDP port 68 for the DHCP client.
  • Dynamically assigns an IP address and other network configuration parameters to each device on a network so they can communicate with other IP networks.

 

How it operates:

DHCPDISCOVER (IP address request)

-DHCP client generates a special message known as DHCPDISCOVER message and broadcasts this message on the local LAN. If a DHCP server is configured on the local network, it will also receive the message. If multiple DHCP servers are configured on the local network, they all will receive the DHCPDISCOVER message. This message is broadcast packet.

jeisson_diaz_0-1700155433887.png

 

 

DHCPOFFER (IP address offer)

In reply to the DHCPDISCOVER message, a DHCP server sends a DHCPOFFER message to the client. If multiple DHCP servers are available, based on their configuration, one of them or all of them can reply to the DHCPDISCOVER message. This message is broadcast packet.

jeisson_diaz_1-1700155433890.png

 

DHCPREQUEST (IP address selection)

Depending on the number of DHCP servers, a host may receive multiple DHCPOFFER messages. If a host receives multiple DHCPOFFER messages, it accepts only one message and tells the corresponding server with a DHCPREQUEST message that it wants to use the offered IP configuration, all other servers withdraw any offers that they might have made to the client and return the offered address to the pool of available addresses. This is an unicast packet.

jeisson_diaz_2-1700155433892.png

 

 

DHCPACK (IP address acknowledgment)

When the DHCP server receives a DHCPREQUEST message from the client, the configuration process enters its final stage. The server sends a DHCPACK message to the client. This is an unicast packet.

jeisson_diaz_3-1700155433894.png

 

Summarizing, the following picture describes the packet flow between DHCP client and server.

DHCP Cross communication between Client-Server

jeisson_diaz_4-1700155433897.png

 

I hope this is being informative for you!

 

 

 

Labels:
0 REPLIES 0
Copyright © 2024 Khoros, LLC