Valid IP addresses, maintained in a pool for assignment to clients, as well as excluded addresses. The lease duration, or the length of time for which the IP address can be used before a lease renewal is required. Reliable IP address configuration. DHCP minimizes configuration errors caused by manual IP address configuration, such as typographical errors, or address conflicts caused by the assignment of an IP address to more than one computer at the same time. Reduced network administration.
DHCP includes the following features to reduce network administration:. The efficient handling of IP address changes for clients that must be updated frequently, such as those for portable devices that move to different locations on a wireless network.
Feedback will be sent to Microsoft: By pressing the submit button, your feedback will be used to improve Microsoft products and services. In addition to simplified management, the use of a DHCP server provides other benefits. These include:. The DHCP protocol requires no authentication so any client can join a network quickly.
Because of this, it opens up a number of security risks, including unauthorized servers handing out bad information to clients, unauthorized clients being given IP addresses and IP address depletion from unauthorized or malicious clients.
Since the client has no way of validating the authenticity of a DHCP server, rouge ones can be used to provide incorrect network information. This can cause denial-of-service attacks or man-in-the-middle attacks where a fake server intercepts data that can be used for malicious purposes. Conversely, because the DHCP server has no way of authenticating a client, it will hand out IP address information to any device that makes a request.
A threat actor could configure a client to continually change its credentials and quickly exhaust all available IP addresses in the scope, preventing company endpoints from accessing the network. The DHCP specification does addresses some of these issues. This tag can be used to control access to the network. There is also a provision to authenticate DHCP messages, but key management can be complicated and has held back adoption.
The use of Most of the leading network vendors support NAC, and it has become significantly simpler to deploy. Once the device has accepted the assignment, it can communicate with both the internal network and the public internet. Options number in the hundreds. Key among them is how long the IP address can be used—known as the lease time. They also include the default gateway, its subnet mask, and its DNS server. The assignment of IP addresses happens dynamically within a given address range.
The IP address can periodically change as its lease time expires unless the lease is successfully renewed. For services that always need to be on, a static IP address is often a better option. Corporate enterprises commonly use static IP addresses for hardware like mail servers. However, there are drawbacks to dedicating a specific IP address to a device or service. A network administrator must manually assign, configure, and track the IP address.
Oftentimes, it requires the admin to physically be with the device. Communications to fulfill a DHCP request involves both the server and client. Furthermore, a relay agent or IP helper often facilitates communication between the two.
Relay agents receive broadcast DHCP messages from clients and then re-send those messages with configuration information to servers. Communication happens via small units of data, called packets, that are routed through a network.
0コメント