网络工程 - DHCP 数据包——它们不总是应该被广播吗？ - 吾爱随笔录

DHCP 数据包——它们不总是应该被广播吗？

网络工程 dhcp 协议论

2022-02-11 07:18:05

因此，据我了解，所有 DHCP/BOOTP REQUEST 数据包都应该被广播（255.255.255.255），因为这是与没有 IP 地址的 LAN 上的主机来回通信的唯一方法。我从一个 PCAP 文件（粘贴在下面）中获得了一些信息，我在该文件中断开了一台机器与网络（主机名 debian2）的连接，然后重新连接了它。我使用的防火墙/DHCP 服务器是 pfSense。这一切都发生在仅 Virtualbox 主机的网络中（该虚拟网络关闭了 DHCP - 唯一做 DHCP 的是 pfSense）。

我注意到在 Offer 和 Ack 中，目标 IP 地址都是 pfSense 提供给 debian2 (192.168.1.10) 的地址。如果 debian2 不应该为自己配置提供的 IP 地址，它到底是如何接收该数据包的？为什么 pfSense 不广播（发送到 255.255.255.255），如果目标 IP 地址尚未配置为使用，debian2 如何接收它？pfSense 是否只是使用以太网和客户端的 MAC 地址，所以指定的目标 IP 地址并不重要？

框架摘要：

43  19.808108   0.0.0.0 255.255.255.255 DHCP    344 DHCP Discover - Transaction ID 0x1caf7b43
48  20.810107   192.168.1.1 192.168.1.10    DHCP    344 DHCP Offer    - Transaction ID 0x1caf7b43
49  20.810864   0.0.0.0 255.255.255.255 DHCP    344 DHCP Request  - Transaction ID 0x1caf7b43
50  20.812807   192.168.1.1 192.168.1.10    DHCP    344 DHCP ACK      - Transaction ID 0x1caf7b43

框架细节：

Frame 43: 344 bytes on wire (2752 bits), 344 bytes captured (2752 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Bootstrap Protocol (Discover)
    Message type: Boot Request (1)
    Hardware type: Ethernet (0x01)
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x1caf7b43
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0
    Your (client) IP address: 0.0.0.0
    Next server IP address: 0.0.0.0
    Relay agent IP address: 0.0.0.0
    Client MAC address: PcsCompu_82:09:fa (08:00:27:82:09:fa)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type (Discover)
        Length: 1
        DHCP: Discover (1)
    Option: (50) Requested IP Address
        Length: 4
        Requested IP Address: 192.168.1.8
    Option: (12) Host Name
        Length: 7
        Host Name: debian2
    Option: (55) Parameter Request List
        Length: 13
        Parameter Request List Item: (1) Subnet Mask
        Parameter Request List Item: (28) Broadcast Address
        Parameter Request List Item: (2) Time Offset
        Parameter Request List Item: (3) Router
        Parameter Request List Item: (15) Domain Name
        Parameter Request List Item: (6) Domain Name Server
        Parameter Request List Item: (119) Domain Search
        Parameter Request List Item: (12) Host Name
        Parameter Request List Item: (44) NetBIOS over TCP/IP Name Server
        Parameter Request List Item: (47) NetBIOS over TCP/IP Scope
        Parameter Request List Item: (26) Interface MTU
        Parameter Request List Item: (121) Classless Static Route
        Parameter Request List Item: (42) Network Time Protocol Servers
    Option: (255) End
        Option End: 255
    Padding: 000000000000000000000000000000000000000000000000...


Frame 48: 344 bytes on wire (2752 bits), 344 bytes captured (2752 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.10
User Datagram Protocol, Src Port: 67, Dst Port: 68
Bootstrap Protocol (Offer)
    Message type: Boot Reply (2)
    Hardware type: Ethernet (0x01)
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x1caf7b43
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0
    Your (client) IP address: 192.168.1.10
    Next server IP address: 0.0.0.0
    Relay agent IP address: 0.0.0.0
    Client MAC address: PcsCompu_82:09:fa (08:00:27:82:09:fa)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type (Offer)
        Length: 1
        DHCP: Offer (2)
    Option: (54) DHCP Server Identifier
        Length: 4
        DHCP Server Identifier: 192.168.1.1
    Option: (51) IP Address Lease Time
        Length: 4
        IP Address Lease Time: (61s) 1 minute, 1 second
    Option: (1) Subnet Mask
        Length: 4
        Subnet Mask: 255.255.255.0
    Option: (3) Router
        Length: 4
        Router: 192.168.1.1
    Option: (15) Domain Name
        Length: 9
        Domain Name: me.net
    Option: (6) Domain Name Server
        Length: 4
        Domain Name Server: 192.168.1.1
    Option: (255) End
        Option End: 255
    Padding: 000000000000000000000000000000


Frame 49: 344 bytes on wire (2752 bits), 344 bytes captured (2752 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 0.0.0.0, Dst: 255.255.255.255
User Datagram Protocol, Src Port: 68, Dst Port: 67
Bootstrap Protocol (Request)
    Message type: Boot Request (1)
    Hardware type: Ethernet (0x01)
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x1caf7b43
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0
    Your (client) IP address: 0.0.0.0
    Next server IP address: 0.0.0.0
    Relay agent IP address: 0.0.0.0
    Client MAC address: PcsCompu_82:09:fa (08:00:27:82:09:fa)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type (Request)
        Length: 1
        DHCP: Request (3)
    Option: (54) DHCP Server Identifier
        Length: 4
        DHCP Server Identifier: 192.168.1.1
    Option: (50) Requested IP Address
        Length: 4
        Requested IP Address: 192.168.1.10
    Option: (12) Host Name
        Length: 7
        Host Name: debian2
    Option: (55) Parameter Request List
        Length: 13
        Parameter Request List Item: (1) Subnet Mask
        Parameter Request List Item: (28) Broadcast Address
        Parameter Request List Item: (2) Time Offset
        Parameter Request List Item: (3) Router
        Parameter Request List Item: (15) Domain Name
        Parameter Request List Item: (6) Domain Name Server
        Parameter Request List Item: (119) Domain Search
        Parameter Request List Item: (12) Host Name
        Parameter Request List Item: (44) NetBIOS over TCP/IP Name Server
        Parameter Request List Item: (47) NetBIOS over TCP/IP Scope
        Parameter Request List Item: (26) Interface MTU
        Parameter Request List Item: (121) Classless Static Route
        Parameter Request List Item: (42) Network Time Protocol Servers
    Option: (255) End
        Option End: 255
    Padding: 0000000000000000000000000000000000000000



Frame 50: 344 bytes on wire (2752 bits), 344 bytes captured (2752 bits)
Linux cooked capture
Internet Protocol Version 4, Src: 192.168.1.1, Dst: 192.168.1.10
User Datagram Protocol, Src Port: 67, Dst Port: 68
Bootstrap Protocol (ACK)
    Message type: Boot Reply (2)
    Hardware type: Ethernet (0x01)
    Hardware address length: 6
    Hops: 0
    Transaction ID: 0x1caf7b43
    Seconds elapsed: 0
    Bootp flags: 0x0000 (Unicast)
    Client IP address: 0.0.0.0
    Your (client) IP address: 192.168.1.10
    Next server IP address: 0.0.0.0
    Relay agent IP address: 0.0.0.0
    Client MAC address: PcsCompu_82:09:fa (08:00:27:82:09:fa)
    Client hardware address padding: 00000000000000000000
    Server host name not given
    Boot file name not given
    Magic cookie: DHCP
    Option: (53) DHCP Message Type (ACK)
        Length: 1
        DHCP: ACK (5)
    Option: (54) DHCP Server Identifier
        Length: 4
        DHCP Server Identifier: 192.168.1.1
    Option: (51) IP Address Lease Time
        Length: 4
        IP Address Lease Time: (61s) 1 minute, 1 second
    Option: (1) Subnet Mask
        Length: 4
        Subnet Mask: 255.255.255.0
    Option: (3) Router
        Length: 4
        Router: 192.168.1.1
    Option: (15) Domain Name
        Length: 9
        Domain Name: me.net
    Option: (6) Domain Name Server
        Length: 4
        Domain Name Server: 192.168.1.1
    Option: (255) End
        Option End: 255
    Padding: 000000000000000000000000000000

1个回答

DHCP 数据包——它们不总是应该被广播吗？

不，DHCP 提供可以作为单播或广播发送。第 3 层地址是单播还是广播并不重要，因为帧是通过第 2 层地址在 LAN 上传送的。

来自RFC 2321，动态主机配置协议（强调我的）：

如果客户端使用 DHCP 进行初始配置（在客户端的 TCP/IP 软件完全配置之前），DHCP 需要创造性地使用客户端的 TCP/IP 软件和对 RFC 1122 的自由解释。TCP/IP 软件应该接受在配置IP地址之前，将任何发送到客户端硬件地址的IP数据包转发到IP层；在配置 TCP/IP 软件之前，DHCP 服务器和 BOOTP 中继代理可能无法将 DHCP 消息传递给无法接受硬件单播数据报的客户端。

为了解决一些在 TCP/IP 软件配置之前无法接受 IP 单播数据报的客户端，如前一段所述，DHCP 使用“标志”字段 [21]。最左边的位定义为 BROADCAST (B) 标志。此标志的语义在本文档的第 4.1 节中讨论。标志字段的其余位保留供将来使用。它们必须被客户端设置为零并且被服务器和中继代理忽略。图 2 给出了“标志”字段的格式。
                              1 1 1 1 1 1
          0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
         |B|             MBZ             |
         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
          B:  BROADCAST flag
          MBZ:  MUST BE ZERO (reserved for future use)
          Figure 2:  Format of the 'flags' field

其它你可能感兴趣的问题

上一篇在 ASA 防火墙上从拆分隧道到全隧道 VPN 下一篇更改接口上的 VLAN 是否会将设备 conn 的 IP 更改为该接口？