DHCP – More Than Dynamic IPv4 Addresses

IBM’s PC, introduced in 1981, weighed 30 lbs. Plus the weight of the monitor. Network administrators and users were happy with statically configured IP addresses as moving equipment was hard work. So, one machine, one IP address that did not change: static.

The devices in our pockets are now far more powerful and travel along with us. In the cloud, virtual machines are spun up and down as needed. And, of course, these virtual devices all need to get addresses to use the networks to which they connect. This is where the Dynamic Host Configuration Protocol (DHCP) comes in. It delivers addresses on demand – and more.

Dynamic Host Configuration Protocol

DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to automatically assign IP addresses and other configuration parameters to devices on a network. DHCP eliminates the need for manual IP configuration and more.

In a static IP environment, the device announces itself with its IP address. When a machine is dynamically configured, the device requests an IPv4 address from the network and as long as it has enough addresses available, the machine is provided one along with the other information it needs. And the network and device both do this without users having to know how to configure their devices. No manual user intervention required.

Routers, the devices that connect different parts of the network, often handle DHCP locally. But many organizations want to manage DHCP centrally. The router relays the request to the central server and gets authorization to assign an address from the correct pool. As with other protocols developed in the early days of the internet, DHCP assumed that users and network operators are trustworthy. We now have extensive best practices for security DHCP and associated services.

In most cases, the core configuration details will include:

  • The IPv4 address and the duration of its lease
  • The default router, and subnet mask (size of the network)
  • The address of at least one DNS resolver
  • The address of a time server

Dynamic Address “Leases”

IPv4 addresses are assigned for a fixed period, known as a lease. Leases must be renewed when they expire or the address goes back into the pool when the user disconnects from it. This is why airports generally have very short lease periods of 15 to 30 minutes. In contrast, an office might use a lease period of two days or more.

When DHCP servers run out of IP addresses, new devices cannot use the network. That’s why DHCP servers provide statistics to IPAM systems, like ProVision. An IPAM can alert an administrator when address pools, like the one used for DHCP cross a usage threshold. For instance, if usage grows to more than 80 percent, it might be time to increase the size of the pool. IPAMs can also show you trends, so you know if you’re seeing a temporary spike or sustained growth. Admins can then make an informed management decision as to how to best manage a network.

DNS Resolvers

The DNS resolver information is important as most internet services are known by names. For instance, IPv4.Global is the DNS name (universal resource locator) for this website and it lives at the IP address 23.185.0.4. The resolver converts a name, into an IP address (23.185.0.4). If this alpha numeric URL weren’t provided, most users wouldn’t be able to use the network as they’d be unliikely to recall the IP address. DNS translates one into the other.

Many networks have private names for things like printers, which they don’t want accessed from the internet. This can be achieved by serving a private view of DNS names inside the network. These names are not available to internet users. This kind of configuration is often called split horizon DNS.

An internal DNS resolver can be an important service for many businesses. Those that don’t have private services and don’t want to run a DNS resolver often provide the address of a public open DNS resolver.

The time server is also important. Computers are surprisingly bad at keeping time. They need to regularly get the time from an accurate clock on the network. This isn’t just for the convenience of having the time on your screen. It is part of protecting users against attacks where a message is intercepted and repeated by a man-in-the-middle. This is a kind of attack where a malicious observer intercepts communications between two parties and can then impersonate one of them.

For a network on a growing business, it is worth checking IP address usage with an IPAM tool like ProVision. It can help identify areas that have more addresses than they need, and the areas that could run out soon.

Contact Us

Blog Directory

A listing of thoughts and reflections on the IPv4 industry and marketplace.

News & Insights

Reports, announcements and industry news.

Checklists

Buyer Checklist

A step-by-step guide to our marketplace and transferring addresses.

Seller Checklist

A straightforward guide to the procedure.