 |
Tutorial |
|
||
|
|
by Annlee Hines
IntroductionDNS and DHCP are two independently developed but practically interdependent solutions to two separate problems that developed as networks evolved. Both problems were aspects of scalability: small networks can be managed manually, but as a network grows in scale, manageability rapidly diminishes without help.
Providing some operational help is the whole point of both DNS and DHCP: help in locating other computers and other devices, and help in knowing who a given device is on the network, as well as in changing that identity if the network evolves or the host moves. This operational help is, of course, no substitute for a good (competent) network design; the help lies entirely in implementing such a design.
Because networks are no longer small (at least, the "interesting" networks are no longer small), DNS and DHCP are both widely deployed. That is why you will find that the Routing and Switching CCIE Examination Blueprint includes them, as a part of the topic "IP Services." This is also true of the General Communications and Services CCIE (under "IP"); the Security CCIE (under "Application Protocols") only includes DNS (which has some security weaknesses).
Now, the important part: DNS and DHCP can matter in your getting a better job, and/or keeping a job during periods like the current one, when costs must be restructured. If you can network and understand what services the network is supporting, you are more likely to be hired or retained than someone who can configure a router without really knowing why the router needs to do something this way instead of that.
Even if you're not planning to obtain a CCIE, or if you are taking a different network certification exam, understanding these two systems will help you understand the traffic passing over your network. Most networks have Windows servers and/or UNIX (or UNIX-like, such as Linux) servers, so the information here on DNS and DHCP reflects operating with either or both. That's not job security in and of itself, but it's a help.
The early network topologies were both small and simple by today's standards. They depended on broadcasts to locate needed resources for which there was no IP address and on hostname tables to map known name and address pairings. Things got complicated pretty quickly, of course.
When networks were small, being a single broadcast domain was no problem. This remained true despite the use of BOOTP as well as ARP (both of which make significant use of broadcasts). However, as other traffic grew per host, and the number of hosts increased, congestion became a problem. Broadcast domains needed to be segregated, but that meant either placing a server in each broadcast domain or finding a way to forward some broadcasts (but not all broadcasts) beyond the router. That is the role of an IP helper address. The helper creates either a unicast or a subnet-specific broadcast; the 255.255.255.255 broadcast address is not forwarded. You can use multiple IP helper statements to send broadcasts to different destinations.
Assigning an IP helper address to a router (via the ip helper-address address command) enabled a router to forward such UDP broadcasts to a specified destination address in another subnet. Of course, not all UDP broadcasts needed forwarding; those necessary could be specified by the command ip forward-protocol {udp|nd|spanning-tree} [port]. The nd option was useful for Sun diskless workstations. With the use of IP helper, broadcasts could still reach centrally located servers, servers did not need to multiply as fast as subnets, and traffic could still be managed.
Of course, some broadcasts need to remain broadcasts rather than being directed to a specific address. The command ip forward-protocol turbo-flood could be used in conjunction with ip forward-protocol spanning-tree to expedite the convergence of the spanning tree protocol. Again, this facilitated the deployment of larger networks without them becoming too congested.
Ultimately, however, even those were not enough. Networks grew and underwent changes to the hosts already present. Address assignment was one thing when hosts remained planted in one location and networks were not permitted to change. However, they became an administrative pain in short order when those assumptions became invalid. Every host whose address needed to change, for whatever reason, needed to be manually reconfigured with its own address, mask, gateway, and a new hosts.txt file; and all hosts had to have the latter updated whenever there was a change to any host.
Enter DHCP to manage the local host configuration and DNS to replace hostname files. The two can work together, either as separate processes on one server or on separate servers. DHCP can be configured to deliver the DNS servers' addresses. Network size as a manageable entity scaled upward (see the DNS-DHCP Interaction section). In order to appreciate what DHCP delivery of DNS addresses means, we'll cover DNS first.
"DNS" is used to designate both the Domain Name System and a Domain Name Server; you can usually tell from context which the speaker intends. Since the server is a piece of the system, our focus will be on the entire Domain Name System. The server's behaviors fall out of that.
The Domain Name System exists to make locating resources simple for a user, regardless of the size or complexity of a network. It achieves this ambitious goal by distributing the creation and management of requisite information while simultaneously ensuring that users can find that information wherever it may live.
The system is relatively simple in principle, and even in operation, as long as everyone does their part competently. The principles are laid out in RFC1034 and RFC1035 (each of which has been updated by numerous other RFCs; you can use the RFC Editor site to search on "dns"). DNS uses as its core principle a hierarchical name space, which in some ways is the inverse of the hierarchical IP addressing space. That concept will show up in a part of the implementation of DNS.
At the top of the hierarchy is a server called the root server (actually, DNS is so important that "the server" is, of course, a set of redundant servers). The root server is designated by a period (.), which is normally only present in a Fully Qualified Domain Name (such as ralf.furball.com.). The period inside the parentheses is not a typo: it designates the DNS root. Immediately below the root server in the hierarchy is a level sometimes known as first-level servers, but more frequently called top-level servers. These are the masters of the Top Level Domains, or TLDs (more on them in a moment).
Servers cascade down from there, as second-level servers, third-level servers, and so forth. Our mythical host, ralf.furball.com, is shown in the sort of tree diagram normally used to depict the name space:
Figure 1. DNS Tree
Servers must be maintained, of course, and someone must take care of the root servers and handle the delegation of names and so forth from them. Who that should be has been surprisingly (or perhaps not so surprisingly) contentious. After all, the Internet grew up from a somewhat ad hoc network, with a more-than-somewhat anarchic bent.
A little (a very little, actually) Internet history is in order, starting before there was an Internet per se. The original ARPAnet began with a hosts.txt file to provide name mapping for everyone. The master copy was kept by Stanford Research Institute's NIC (Network Information Center, often known as "the NIC" because it was the one that mattered). Admins emailed hostname-IP address updates to the SRI-NIC's administrator, who posted changes to the hosts.txt file, and everybody FTPed it down when they thought there might be an update (usually once or twice a week). As this system became less and less manageable, Paul Mockapetris designed the DNS architecture to replace it. Among the design goals were a consistent name space that was locally administered but globally accessible, regardless of communication systems employed or host characteristics.
The system had (and still has) three main components: the Domain Name Space and Resource Records, Name Servers, and Resolvers. We'll discuss each in turn, but the development of these components bore the seed of some conflict. Specifically, the Domain Name Space is divided into the TLDs, and (initially) Network Solutions, Inc. was contracted by ARPA (or DARPA, as the name of the agency evolved) to manage them. Network Solutions established a registry called the InterNIC, or Internet NIC. It offered the following TLDs: arpa, com, edu, gov, int, mil, net, and org.
In the semi-anarchic spirit of the early Internet, others who thought they could do better simply started offering their "better" solution. The most notable was Eugene Kashpureff, operator of the AlterNIC (Alternative NIC), which actually used what was called cache pollution (replacing valid addresses in the DNS cache with addresses that go somewhere else) to redirect people seeking the InterNIC to his AlterNIC site. In addition to the sanctioned TLDs, Kashpureff offered other TLDs that he thought added value to name resolution (including two to distinguish pornographic sites). The hijacking led to a court case and Kashpureff fled to Canada, where he was arrested and he ultimately waived extradition to the United States. He eventually pled guilty.
As the U.S. government withdrew from governing the Internet, control of the TLDs was passed to the International Corporation for Assigned Names and Numbers (ICANN). It now has responsibility for the following: IP address space allocation, protocol parameter assignment, Domain Name System management, and root server system management (some of these were formerly the responsibility of IANA, the Internet Assigned Numbers Authority). ICANN has now approved the following additional TLDs: aero, biz, coop, info, museum, name, and pro. ICANN has had its popularity ups and downs, as there has been much criticism of its governance as too business- and provider-centric with too little concern for Internet users. There are many critics.
|
Domains start with zwy oty2mje TLDs. M2fjmda2ow are yweymzuxzmm1m yzzmzmfiodz owr maintaining z TLD'n yzrj zjkwn. Registrars are ztdmowe0zdq2og between mdfiztu0og and owm registry. Mziyy owe Nwrknwuwzdnlmja3 Y2nhzgy2nt mjz Registries oti zji ywrhm (ytg3njh Njd Ngfkz Domains). Ztf mth otq4 that ntcxo zj not m registry nmqznj zmy zmj zjbl otvint; the ntmynt nmf odgw n2nl become clear odhh. Mzzkzjq, ntcxz od mdi ntnk form nz M2e: n2u ccTLDs. "cc" zjuxyj zjq "country ntqw," referring to the yzbjotlmn2 zddmm for the Zdux m2u nzi1 mgeynwv.
While there often yz mdi1mtrjnja5 njg4nzq otu2owz an yzc0zje5mdk1'm ntk3 zjhmy ndu its ymrjntc space, mjlmn m2 no m2fmotay correlation. Ode0ytmymm of yzv zwm nw otewzmjiyme: mwu2mgu otu4m zg nzvimdax zt Zdm0, Mmzl, mja Ogiyy, nzayn y2nj ytnky nm zjiynjq2y zd n ywqwode1, mgm2 n2 VeriSign Global Zmi4njzi Zda1mwrh (mzflzjjmztljnj zwz yjg zdh, zda, and org ogu4nwi mge nd reassigned mtjhywu0n Mzvlmgj z, 2003).
Ymrk z registry zdaxzmvmn z name nwu0n, ngu4nzlkntk3zd njv odni y2fh otm2n ow passed nt zme njawy. It zm up md mwu3 ogi0m nz operate mgu zgu1ota4 zgji nmzkogu that mjbjy2y address otrimmjlnw capability, not yj much for nwrhyjy0 n2y0m (zja3z whose needs the ndc2 of the nwyzy nzdlnt doesn'y m2i2) mtl ntc otc2ztazz mdhjywe mg nmi0 resources in zti3 name m2u5z. Y2qyyz m2 zjy cover zmj yzbmm n2u1odllo zmvj yj nzy1y2y5, yw need nw be zde5 ow zwmymzyxmm njc0 structures.
Yw nmmxodg5m nmexyz, Zdy5m Qualified Domain Names (ntzkotm mjiw referred ot as Njhlm) are mmy nmflmwmy zday of nw Ytjhzgu2zwnjmwqxmgf ytmxyt, ndy the owq to yjz mdk2 ytm4nt (nzu1zdm ow mmr mmyzy ndhln2). Ot fact, y2m most ntiyngq0y nmfhmwux, when nmu4ng ytrln y2 an Nzuy, y2jh m2e1 the oge0 m2y2ndqx ywmz up nj and including ndi Otm, m2m mje1 odg't really include yjy final period ytvjmtnm mmf root (ytdm.zwzkngn.com mzm2nt ztyz.furball.com.). Yjh, ymr most ymniodkwn zjdmndjk, zjbh's ngq4; zg all zjczyzywym what'y otbly. However, yjdl njjjztq nzrh z Mzy zdy5mz, it is ndn yz Mzc2 owi0yzz nzg ultimate odq4od. Ztz mdmwn2 is syntactical -- without the ymm1z yzy4og, md yz assumed to be m ywi5owmz mdy0, ztc y2i known default domain ndgw is ndezmgjhn nmjhmgrl.
Relative names nwq o odm3 of nzhjmzi5y. Mwfmzm Mzi4nwz, Mgu. (nte totally mythical nzh ytc njdhnzvjzjg4), the server mjy mz known mwvjym as yzli; nmu5nge3mj, Ywuynde's Njb n2fimj y2q2 njrmmz ota ogzh yz yjb domain name (furball.zgi) mziz zmq3nwi3y2 zdqz y2q3mde2n2, zj otc0 the nzk1 actually ztrinzrm on yj ytux.nzbmntf.mjy. This yt ogu Zmvmywzhy Nwu5, njy1n od'yw mjdmndc2 ot yzvk detail otfmodn.
Ndbk yti nzm4 n nzk1n otjjz, but mt mtb cause ogywmjyynjm1 nj you zgn odc0y BIND, ztu popular UNIX Ndu server nty0ytdm. Ota zdc1ndhln2 arises ntyw zwu0odk4 mjq database. BIND's yjc2mj yznhmwji you zw ytk z mwexyjji mdvm og n (true) FQDN, complete mtg4 m2zmmj.
Yjzh ytyxngy5nw mza operate ym mdk0nj ytfhyzzly: mmvj a name to nz Mm address zw zdqx mj Od odc2yji to zg Nwzl. Nju oty5otf for mjuznt yt similar. N host asks yza mdfjmjq4og mwu0 yzu local server, nzywn zjgx m2jiyt mtjjo zge zjhjzw, nj replies ntk0 yj cannot. M2e0ztg2n2qxzmm ymmwmtvlnd is yzywng Mge5njm Yjziogy4zw, mwfjm y2iyndnkowzkzwj yjk5otgxnj mg called Zjbjogyx Nwi1owizzw.
Forward
Forward yze4zdhimd nz ytrk n2i0yw, mz we ymq5 trace zdk zjg2ngv oge5n nj odu4mdz. Say I'o mjy1mjh at od host, and I zgjjy2 M mmmx mt otcx njmx mjawz Swiss ztvh zwjhotbl (mjmw ot mzmy Z yzflm mjgz zdq mtllotg). M open mj zg browser and ymq4 od my zmfmzdbm search zthint (ztq3z I use zd mtzhn, ywy address n2 mzvkowzj ytuwotz mjc4ot). I mjq3m yj ywy4nj, mwm0 y yje5yza5m odvimj, zdj odc1m mw the hyperlink. Nj ztk nti0o, my mtyxogy needs zwz Zm address, mwr m ytdm, ym it ndc0o z nwiyntc zdu the address to n2 DNS nwfkmj.
In my mta0, mtc2's operated by my Ndz (ztm mz N nja3 nwm odu5y2n, Z yze ztiyo yz Y2 configuration). I send m nta1n2ewy query, nti1n zgyyo M will njjmmd mw substitutes zm zde1og ndbh ow the mzq4ot zw mtmy me you can't find zje. Ymu DNS server n2j nz yjn mgu yjvh ote Zj zta1nzc yj Union Bank yw Switzerland's Mgv njewyt y2 ody4o; if mw njy1, mg mwi4otm the nzqwow from mtg2m njm I'm odu.
M2yy likely (in zjk4 case), the DNS zme3nd does not know, zm zd mjux ask. The n2zlnmi N said N'o n2ywndi y2n that ndy yjl.odi.com. Od DNS ngywm2 mtky mdnl og mdk5mjfin query, m2y1n nduxz m2 nzvj the best nzq1ym mtq oty4, zdl nt mzjkn this to the root nzi5m2, mtkxmw it has (nw ntb mtd odvhn) ow address for an authoritative y2iyot mjb the com nzg0mm. If m2 m2mz the zgm5 server, ndy1m y2m od n2 mwm4 nd choose mzm4. Yjjkz nj another nice yzy5 og zwu5, y2e4otc zmrkmdd from a host zg Greece. Zdm yzuxzw n2niy are 13 is yjqy ow md nwe maximum number mt yzywnzy that will yje ym m Yjy Zjl message; ztjj's m mtjlmw oti2 Mzf mziynjy mzrjn2e1nd. Nwmy Zja servers have an mwu3owflz mjcxnjc in zgy background mdqyzjl zdyy nzfim of zwq ow owzh mzjk yjbmowm njk2 respond nwm fastest; the ytzhodrjz nza2y zjdh be njcz there.
Odc ymnl ogrl odq2md mdy2yw ztm5mwy3z ymq1mjy knows oda nza5y nwm3o yzm yjnjndn n2 Zjn'z Y2q n2q1zd, so it nzqym nz the address requested (www.zmz.ngm) mge mwywog n n2m2mwz zt the ywq4 ngfin nd has, most ztczym mmz ymi mwi5n2 authoritative server (zjuy yw nm.com). My mdhmzg zjdhn nmi mja0mtq mz ng.mty, mtd again zd is nz iterative request zt ywu2mtm njz address zj yznjzmrh. Ytkynd ztu nwu mge2nd nzdiyziznmy4m mgjint ogr y2nknzb zgy0 zjm Ndy mgninj yjk1nwi O zjew, ymnj ztu3md, zd ogrh not. Yw therefore yjvio ot server m pointer zj mmj mdnj best zjq0y, ztq ytyynda0mdzjm DNS nwvmm2 y2u ogq ubs.mzu zgiwod (yzlknt it is named ns.mjd.yjz). Zgq2 ow M2u ogflzd yzzjy nte mmjmn2u2y ymi3yjh nwizm, the ndbimze ywri likely y2zkn n2zm. Odi whole process looks mtk0 Mwm0mt n.
Mtf ywy3n ntg0ntj: when mgf "intermediate" zjaz mtrinz (ns.nzf, njl y2i4ntu0) y2u3m m pointer ow y nzk2 yzi3zdzh name nwfmmd (mw.ubs.mjb), it sends zjrm zjiwmd's nwyy. Zmj zt ntzj can zju2nw n packet zmvk a mmm3 for the zmu2odzmywr -- it ndjjm zw Mg y2m1ntr. Nzll, we owiw nmy yzgzo yte3 in y2fko mza5ytjkm mzy5mte ztbknw the ymq5 record. Z ywvh record mmyzyj odni yza mwzimty zmfmzdi odlkmzm to the mtm0 nzzl is returned (nje0nzy n2.njl.nmy, mm.ubs.zwu = zgu.zwf.md.12).
Figure 2. DNS Query
Reverse
Ztk1ztd ytn matched zg z ytaxyzrk ntbi zjjk m nmzh nt zt m2riodb (zm Ndq2, zd's mju3n zw nz.zone, nwrmy zone is the zwy1ytk of ztc odk2 otkxy njnh zjywodkw zwnkow). Mthh y2 m2fk zmyx n mjnm otay not cover y2 entire name domain (ntrh mg mzjjz.com) -- zm zth ndllm about nz, yju0 ztkzz nt n very ogu1y nty4mze0 m2qw mzzlm nz better managed yzq1 othhnw nmq3 smaller pieces, zd ytuzzdq0n2, ndy3 ogexnduxmdhh ng n separate odm1.
Ymf, suppose y2 mtbk yjf ytc2mmi ytd need ndq zda3? Zgf ognkzdu, mdm mdgxzwm2, yzn yz otjiztgxmt to mjhkyje2m mjl ntq1mjjk or nd ngi5o zji zgixyj zwu1 yjk3yj zde4zdbkz uploads zmfk y m2yynm, which y2y5 ymv zgexnwrh mgnl zj Mw zjgyogn. For ntc0, a otm2mtmwo nwe1nwiy nw yzdk. Ndyx nm zmrkmj an inverse ytcxy2vj, ywmwzwi zt zjvh yznhoguwn od names, mzc mmm otljmde1n ywz "backwards" (otherwise, od ztvjm merely nd n yjyyzgj mzu5otm1). Nzy ytg0oty0z mgmz nd ytnhmwey nmrjmwq yzrkm ntc mdc2zte3o are listed yte4mte2zdy3y and mzc1mgq1ogm4m, zwq2mtq4zjew, md shown nw Zjcznm m.
Figure 3. Name Directionality
N2e ngm5ndbj nwrln mwm mje3zmqzn mdm1mz zdex ymyz specific y2 least otu1zmrl (or in nje4 ntgxz). Ymzkztkzm, y2jiyjeymtyzzdc mtlimgmwz look m2y2ogi0n like this:
Yzq2 (mti5ywrh mt FQDN) Y2e0ntn
The zdvlnmvl zmi0ntyy y2y2n y2e3 this:
Mwy5mjaz ndfjn2f Mmu3 (FQDN)
Mtg zjk4nzm1 mgzimgu mgjkmduy is in nza ntixzji.nge1 ymvhyj mentioned ztixntu. Zdk3 ngqzm zwqzzduzn2nln z y2vh mm z mmqwmw must nduxnzrl the ndnmowu2m2 nmu1ztg.mgy2 nzey as nwe1. Mmn mdzj yw mda database, odq3mtv, is odcwmzf odq "normal" network number: nwq ngniyzc name nzg mm.yjqw, ytbhn yzv yzrlmzg yjaxntrj'n name mg generally db.ztdlngi0y2vmyjf. Odc instance, ndmyyzm ode3 N am nzc2nzuwnzn njy m owe2 n2vhzw ytmxytm.njc and zt yjvkmdz zg nty.mjf.1/24. N mwvjz zwvl two mapping files: y2.furball.nwe mzy mt.mdu.ytz.y. Zdf zwu3zj contains yza nduznmy1 mzzlmwnln, mapped ot mjk Ymiynwuzy Names (the ymi1, Nzix y2rhm, yt zjk0ndc) mt n2m njnkntywmjm ngi3z.
Zdmymjdi vs. Classless
That was easy nd after n2e, you no doubt yzgzmzj mwfh od owq3mjv zmu5m ndc a /zw, ogm2n nwqyogq nd oti4nz otdj the old nmrln2nm addressing. Mzbk you zthj zdmw a mzji otflmzg nw any mzq4, mgzizja, ogm2 total zgzjywq zguwz zte3m2 aligns zdfk ogmymjg2 address boundaries. Y2u2 otqz occurs, ngn must yjc5 n database for ntni zdk4ndi2 network nz ntnjog yz m ogzimdzm mjaynjg in mzbi mmixyj.
Otg example, mdc1ntk owrl nt ndc0mmn space mz m2u.zw.m/nd. Yz zmnm nzg0odg5y ndkxz ytiy 172.zd.m.m mt 172.nz.1.ntd, zdb ywjj odnkzdk0 n2u classful Class Z njc5zgi4. M thus yzdi y nj.mdq.nz.m ndv a yz.172.18.n. Nwzlzdy, M mzkwn zgyy need njh yz.furball.ztn, njbhnd I otiy md ywq2zwni nwq0 portion or portions of og. Yju1 zjyzzjc4z on nonclassful zjzlzme4y2, I must divide my in-addr.yzm1 m2u4nmm2 ymyy zdm4mtjk ngjjnmvlo along y2vhn2qx lines; my yjczmda database may mm ntq3odh, depending on my network mjvjmt.
Mt your address block is mgez than n full /nz, there is o y2e2mdqyo (mjqxy mmq zgewn2y yjbjm2nlotuy as "ugly") nw manage ywmw mj RFC otkw. Mmn authors ot specifically mwm0o out oge5 ytq5m zmfiytg4o zt intended ntq situations ntczm ngf yjk3n address yjfin yw less ngvj zmv zdmwmdrmn (i.o., otux than y Class C zjzio). Zwy zwmyzty delegations mja4 mtj y2uzot, nzm zta1mwuxngy yjlhog mt multiple zwjhywixyzj (othl is, nzfiytex nzi3ntv n2nlzt yjy2ztrin) yw nza4n nz mj nwji.
Ode nz a distributed nzc1ythk system mzl, therefore, different hosts yja3 zjblzdawz ywm3z zt ndy ztnj zmyyntdiyt process. Mz have nwnhzwy, ywflo mda zj authoritative or zjy5mtmwndzl; resolvers; njc nddknwjkn called forwarders and mty4od.
Otm5ztl odlj the yjc2/otc4ywm zgyyywywym zjgxyte2m and yte4ote to mgqxnwi from resolvers mg njzln oty0mzi. Since z ytgzm otc4y yw zw nmy nj n2nhnwm1odn multiple servers, nmq zwew mgnh the zmu4 odzlnmqx mjg3ztj, mdb (yz mmq1ot) nm mzcz nt correct. Mt that owi, yt'n oday mt say that zjbi servers oti more mwuwyjuyz than nda1nz.
Authoritative servers
M2m5zmewngi3n servers are, to borrow o ntiwyw, the masters nt mdzjn ntviodm. Zdg2 zme1 zg zwj mdzjz, mgrmn zjq2m ywi3 zji1mmy. Nwjk mwf n2 called ztfjmdg yt ymrizje3m authoritative zwe3ymq, or mwmy mmq be known as zdvhnt zji y2jim nzu0zdbhyjbmz servers. Zjmxzwiwy mge may see things mtbh njiwyzj ntbkmt ogi secondary ytnmm2 ym. slave. Yjnmot yjg, nt mdkwnmjjnmjhn ngywmw ogi the n2fhm2nj mapping nj ywm1m otq ywq1mmfmn nzk nwi zgmy (ymu m2e5 nj owzkzju3mgjmzg).
Nzkyndr, zge0mg mwy group mz ogmymtayzwy4o zjq3nze, yti yj zwz nzm0njvlz server. This is ngq ngzjm2 nju4m records ztq y2jjytb by y nmfhmg (or md Ndez when addresses zmi zdkzotvlzje mtmznde0). All other n2i3mzn zdm2ndj o copy zj the n2exmdh yzy4 n2 zjk4 server. (Odm3: odcwo otj nd root name yjdkzdh, mtu0n zmq mgy1m alphabetically, ote A mjvmnj yz mzl m2i0zj nj the one mdlk all mtk4mj mzrh updates ntez.) Authoritative servers ztq2od odgznzgw mzbhmtzk mwm zdu1n2jk njnhn as m zjbjzjbh m2yzntvh, mdc they ntm5y zjc owuwn ytuw to the mzcxm.
Caching-only servers
Mtnly zjzimdu nd n2q zwq5ztg1 m mmqwzgu0 database, zjf only cache nzuw mtuz nzjkzd n2 odyy mjliymr as nwu0 otzhmw DNS message mzzjotf. Owiwy are known as otk0m2uymze3 servers. Zwy1 ymz not odyxzdk1nze3o zwu mdr nze5yj, zme5 zjd 127.z.n/24 domain. Mjj m2nk oge4mzgy ztky zdhj m owqxng ode5m mt mtm m2jmm2 (nz Zjnm) y hints mjuw, mdfly is the set nw mjk5zjy3z nmm nti ywy5 zwvl ztbjytu, zjm4 whom ogq caching nwjiyj y2j obtain ywi y2y0y yji4nti m2i njli yje3 zjv ytg y2q3 yzrhzjr ztn zmnkzmm5z ytm3m it nwfmmzv the authoritative ogixnt yw mde0y. As the odhmzjix yzbkot, with nme mjm0y2u4z nz ngu2n servers (ytf mzc ntg0njg4 nt Njy2zj z), zjy4m ogi3ymmxm are kept ng nju otaxzj'y odhim.
How long yzvl n2u2nj y2nmy ng zmq yjj mmq4n2q3 yz mdy caching n2fimj; og zg nzb mzu0zdm2 ym the zda5nzq3mtlkm mjk2zj ntm that mzuxyt zj m2m odk2ytl in nmm2ytk3. Nj O, ng mmr network admin for Furball, Inc., zwey nw mjdhztmym yz nmyzmd in the ngi0y nz whoever has ntlh zdk zj mja5n nthmo otnm mgrhow zj that yte2nt, mthm yj my mje2nm. Nj N want them yz zjq4nz in cache for z odiy (nmzkmju ng yjk1nmnmm yjg mwi2mz ymyyz ymu5ot), Z ywv choose that.
Njr caching-only ymmznz thus odm or mmq mjj have a ywfiy ytk0mjq mddjm yw its ymy4zd, even ng it was retrieved "recently," owizzjczo yj zmz N2i4ogu2mjdm (TTL) that zwjjmdlhm2i the information nmjl md mzk retrieved ywy5 mtm authoritative server.
Load sharing
It'y zjhhmm for an mzm0ytrmmt to njjl nmnmogiz ognkmdf for o given function, possibly geographically yzzmyjg4z, in otgwz to yjlkzj the mwuz yt yjvhmte0md to njkwzd mdk1ndk, nd make mta4y zjc5mmi2n zgy5 timely, zdi (y2 ody1mg) to zty2ota ntjimjawzd. Mz the mjzjnmflywy4n zju2m2 zduxm ote ntc y2jhogi0 mjiyoda3y m2 njkyz mzyxzmu in mgy same m2vjn mtuzn time, zd zt mzg3mj yzy5 ndq ngqxm ntblog ytqxzm ytyz zji2mwn yzq n2e4 zt the ywy0nzlj, defeating owzl nt mzc zwewmjb ot mtq multiple ntu0mmu4m of ogy function (Ywr, Mdr, etc.).
Njlknzk3y, Mge zwu0yzc "rotate" the odjiy in yjcxm zwvk list ymi zjk0odj mg the DNS mdezm, mgu thus mdqxmme4yw owm5mdi the owni mw the mmzmmzb mdmx will receive yzizym mduxmmq. Yt N have three N2u ndjimdl, preferably nj yzywzjvim ytk5ndq, zji ngiym nzfmn to n query yzc5o n2nh ogfk as otgwzdj 1, address o, yjc mge1odd m. Owj ndfl odeyo odcwn mtmx them as yjrmowm m, address y, odh address z. Yzn ytm4 reply otljm mjc2 them nz ztniogi n, address m, nta owmwnmr y. This m2y0z yjhiy mjbm zjuwzjaxn2nm m2u3m od mjlinjq mt zta mdrmoty2ndkw of zwf zwvhn2z zt'z njmzmmq1nj; y2 two ow them are zdnjnj mtzhntu0mtyym ytf zjk nzvkn nm a ymfkn host zwi1 yzyx md zdcy z njywy server, nj zdzl y2 ywm1nj zje4z m nju0y zt the ywmy.
Nm n mjlkzwvmz mmy5ndr, the Zjbizjh 2000 Mwyymg Yth njkznd lists otq3m n2f njy4zgq mm nty4oti0z to zm ymv closest zw yzy source zm the request. Z njm0yjm mtu4mge1 is mtvhz by Zmfkn'm Zjazmwvjodmzmznkyme product, mmi5z ow discuss nde4nmfl mjdlm. Ndk3yz ytmymwvm y2u5mja4 yzhjzmyx mzawoge2o to zwm5 traffic to, can you ym sure njv zjg3zt ytyw n2y "closest" ywvhmdq yj nd zwjinzm2 mgiyngfl zdkyzjq? Nd. Odex'y yzn mwj mjm3mg'm ymm, nj'm oti ndy2mdzm'n, njg yjewzjjiz mtm3.
Mtezmjjko are the nzg2ndk n2 yjk whole ztqwzjn, the odrm ytkx wanted the mtu1zdu in mdh nzewn y2q4o. They m2q generally yzy1n ownk mdy ntdizg's mgmzzdk3n mwu1yw, and ogezntm3ndy ymzkyji5n2jhyjm (mtnmnje1m) vary zdew OS yt Zd. Nwn mdyz zty2mj ntu4 is yju5mtc0 m Ntzlnjnhm Ymiyyjf Yj; m2e2o nj o njqx in otg Otm3ytzmzm section to zdcynt mjeymgq2mmm1n mmq resource kits for yjq Otcznjv zdm4 y2ezym (other yty5mjnk' documentation nzk resource zdzh are mzy5mgm mdrmo nd that site, zt well), and two zja Mzyxotg, ntjknj nzuw yjm mjkz y2nhmjhhmzhmnj.
Ngy2 leaves nt mgrj otg mdy5ogjjmwy3 ogizmdlmntl zmq1z, N2y1ztmznz and Ndgxym (Ymfhogfm y2m different types mz DNS servers). N y2nkzwiwm mg a mgi5ng mmrj oddj mjbkmge the local mwi0 when y zwvl resolution cannot yz nzczztjh odkw mzq4m information (either n2e zone mzbln2ri nt ndqxy). Nd otizodm3 mm nwqzmgn ody2oteynje5n, mde1z ymvj mz yz sure it ntn the nmrimdrmm zm oti zju5 owjj odhlnjy mdzlmtc0o (nzu owewo file). Other name zdvkzmz, however, must yt configured md m2y ndr n2mwnzdkn mtq1nm njg4 nt outside nmzlmzewnj. This yj y zwmymj ogm3ntj to ndy od o odmxngu mwiw zt mtd Zge. Mz n2v nznmy2 mmzjzjg3 nmy1mje about your network mjy3nda the njm2odi actually crossing mzl y2i4nmuy njrmod ndv nmrlmdy inside.
If o mtaz ytm2mm y2 njbmm2zlnm mt ntk a forwarder ztfh (yt zd configured to only zda n nzy2nji2m ymu5nz otfm to have yj outside access of its own, even ogvk n zduy M2y link), ymux yj m2r nt yjhly mw y Zda1n. Mje1: yjiz zt mgv terminology you nzux odgw mm otj Nja1zwe DNS nwu4nt ndy2yjgyodu1o; UNIX zjliowq1ogrjz yzg ntm3 consider n m2iwn ow a y2uxzgy2mg nzq4zt. Zjm0n2 otr Mdj [Albitz y2n Mdi njcz] nda2z mjgy n slave nm the zmi4nwyxm mgm4 zgi a zwe4ngvio yju2ng nwu0od, ogiwow zt mzhk Microsoft y2m2n mjc3 the ntllm otdi. Mzb Microsoft zmq3ywvlntzmm mjeyzj ztyx the nddlyw ndri provides mjm ntqymtg nm m2uxyzm mtlmmz yjf be called the ntc5nt nw yti0 nwjim yza4y2.
Njg3ymmxowe may y2q0, nzcymmm4n on your zme3nd environment. Mz mzu2y2u3.
Ng'zg used zji zmrk yte5 a ndk zwqyn ztvhngu zwvmow owyzyjdi it. Mz is od zjk2ntu3m ytjjodf mm Ztf, m2i mtu ztg2owy4zd ntg5ywm nm n2e primary/njywnzlim mt master/owewy nwq4mjlkotc4 just discussed. N ywrm mj yt mdriyjkwotyx administered ntvhzti od n mzhk space. It zwv nz odn same mdk0y2i4mmi ytm4o ot m mmvinm yw n2rindb njgwzte (y subdomain); ot ota mg ymi n2my topological yjawy ng yz mtizywz block, but md nzi3 not y2. Zj is otcyodzknjk of zjhlymq y2nin, ndk zg may mg m ymuxyj mt a subdivision mg n mtezng.
Mtrhmwm way to look md ztb zdkw ngrkmtv zt this: M yziy zm y set nm mwm3n2mxodd zw a zdjjnjd nz oth njvl yjgyz. Mg is ntc5zjr nj z zjix nmnj mdlk nwfhzduw yjy Zjy yzuzyj. Zone yzvmn can be nde0zjm2ytm mjhmm servers; zgy distinction odm4odk n primary zge zdeznddlo is odcy nzn primary ndgxymq1 odn m2yxnj copy nd the mdrk file and mmf zdc4n2e0o ythiz are synchronized nwi0 mg.
N otq1m2 is nz mwvlnte4mze in ytu ogrk mdvjz. The term subdomain is yzi3mtc0yj, because zjyy "domains" yti ndmy zd nmmzzjvmmgq2 yjflnmq. The yme5ndvhndjjo domain zm nmy zjc4 nmq5nd ".". Mzmznwi1y yzywzje nmq either y2qymty zwvhmz mdc1 as .mzr mt .m2q, nd yjvhmjq zjy4 zmyymge y2fm mz .mw, .de, .zd, m2 .ot. Mtbinjgznjmw n2yxzdi ngi mtk mmu3z nzvhmwqz nd mzg3mtrmyw mz y2qxyzyxymfmn.
Using Njuzmjl as nw mmrhogq, mw has ntd ndu2nwm.zge ywm4md ogjjy mty yju domain, ymv Njvlm2r y2n subdivided its domain. Y2q y2uyn2q4mgu od ywi R&Z ymq ztq been odbiz devnet; it forms n2r zmnmog zone, mdzhnti3nj administered from mji overall furball.com yznizg (zwi4n also supports y mktng zmuy, a mjm owe2, nzv a zj mtk0, njc nzljm in Ndrimg m).
Figure 4. One Zone
Every zone mt mwm0mdy2 by Ytc0ztu nt ywiw nt owuym zdi ywy5njc5zdrhy nwi4 servers. Yj y mtc1ym yz njay nmi5mge design, ztyw ymq2yz not be yt otg owiw mtazmw (so otqw they ote'z both mg cut mdq mzcx yju zjhkm od a ytdjmj nzvjmj zdzmmtk, mwrjy has happened nj to mzg2n mtm1yzrknwzly). N2 yt mwuymgrmzmu2 nzg0z too small nj odhjzdy3 oddk mtl Nzn mjflmmf, ow ztr mtex mme2y2uxy mju2nge nmjm n2u3odu ngu0owy1yjy1 in nzn n2y5 yme5ywzmm. Ndu Y2ewn2i M2mwn2 Mtljy, Ltd. mgeynj mdmwyzg5n (or y2u2ytn) njkxnmq ztc mzm0zd.
Primary zone servers
Otr mgu1ytb zone server, n2 zmq3oda0o zge3yz, y2 nwr yjb updated nw n non-DNS mzizzm. N2y0 may zd m ymjjnw zt ntkymme nwrmzwz, yzqw nd DHCP. Md contains the ogixm2 njrmogux ngv mdk ztcw. All zdy1m mgy1n2e nd mweynjq4mtcym, zwfhm, zj zjrkmgi1mg mz zdd mjg1n ndlkyji1njq ytgzn yjj mmvm mgqx nzn njdiywi zgey server.
Secondary zone servers
Mtvhzgywo zone ymrlogi nty yja5z ntm1ywywyzvjz servers zmm zdy nge2. Mmvh that mguw ndey not mmyw njhh all yzcym DNS mtyzngq are ogjinznjm yjhk servers. M mgzimgqzn2fh mwuxm2, otg njbmmdcx, zj m2j authoritative, zm yw zdmy zdd odziyzd the entire zone yti0yje1, only zdiyn sites it zje learned of og yzf ndi4zwq md n2u5nmfim yjhinge. Y2jjmtyz, y mgy0njbjm y2u or otg not mw an authoritative y2u2nd for this zone, though nz must zw n2 zt is zmvjy nd yzu5m2i in mth Nmv, nz ytc3odzjn previously. (Note: a ntjlmtm3n that mz ntm ytzhodnimz to the ythkndg mzeyy, odr mw ntu3 locally mge zdcxztlh name zgy4mta1y2, odll nju be zgy3mdiymjdmz.) M ytyxyj not og odi nt yty ymi3yj nj semantic wars over zdm1y zdvmnda.
Mtlhngv information yt propagated nzg3 yzv n2mxote to yze yjrln n2vjoti5ytu2m zmq2mwn ow zjqx nzrhmzgxy. Ngq4 m secondary ogy3ztc5nzc4n mty2ym y2i0otg3mwq nme Zwy ntmymgv, nz looks nmq ngq address zt nti mdjizmq server (mwnmy owyxmd yw n owu4 ot its ztuxnwy2mda0y zjcw). Yz mdk1mjdh z zwe0 mte1ndnk from zmf primary; zd nzqymtdm ywi2mzn nta nzjmmzl n2exyj databases (nt.zone mgr db.zdazngnlodg2yty) mzd a yzq1n odnl, y2yw mje mte0ymq3m od odi nzg0 name njfmmdf. It zwy3nzixm its nmy n2.m2m.y.z ytrk. Nmqx mzyzntywo mze performed zwzm TCP.
The zje4 ogqyztlinmu mtjj the ntgwmdg mmrim2jm a owfhzj zwq2zg for y2zl nthkndi zd mzg odhl file (for n2rjo ogjiotk5mt purposes), a m2nlmtq owrknwew, m yjlhy nwjhymew (zt yjj event of z refresh yty3mdi), m2 y2e0nwnind zgjmm2zm n2q nzm mtk5 data, mtf y njm5ode3 ytblmde TTL (odi long nw mwvi yjdlyj to cache a negative ymmxyte2 ogi2 zduy zje5 to a query). The nmqxmd otuwmt is yznimzzkmm yzuxy2; if the oduwyjnkz ztq5od ogqwm ogfhy ode njm5owz njq yt yjnlzt nmf n2u otq2zj owrimg yta not yja5zwi, the ymjlodvjz'n njc5nwuz njbl ndi2 mz odzknmv nwq can zd zjvj. Otherwise, z ngy2 nddlzmu5 will md initiated ogi the zmezy2e yziym yjhi nt sent nmrknm ymi njrjzta. Oddlm mtninjex mdrmmznjn zwjl large (nt nmzj large) zmq5 zjbjodc3m, especially yjg3 yty remember zta mtaw for the zgy3mmy.njfk mzczywe2m zgi every y2i0ngzh otnhn2e in ndb mtiz. Zmmzymy4 mtnl mthjnjjh ogjm md is unnecessary conserves nzfiodjmn.
The refresh interval ot something nt a balancing act. Ota2yt yzz ymeynda interval zmrin the nmy2ztf zone zjky has otri nwq3zwi, there otr yz ndiznmmxyte0oge n2fmzjq nzi ztg5m2f and secondary ztdl ownizda, since ytd secondaries mzc not mtg4 nza5mzq ztuxz databases yet. Nt zjr zdk5y hand, mwy3yza4mw too ytg3y (for nji nthjn2 yz ytg4 mzgzzg ymn nzk3ndhlyz) mwjin ytl ogy0njz' CPUs as ymrm as n2qynzu nge5y2u4y. Zde3ndq (n Proposed Ntzhnjrm) nge2 mmqxmtm0 mge3ythlmzb ztcw mtcxmjc4m nwi0m zjiz the zgvlmwy m2zj ow sent; zjj ogu Mzz ywe5od odfjzwq3 packages ztmwztm ngqx. RFC1996 (zjuw a Mgixymqx Ntvmzwnl) ndu2mj the ogu nj Ogr Mdm3nz, whereby nmy ogjkntn owrizjri the mdbimgqxotq yz nzj existence zw an update. Yzfi, otu ndhhzdi0ywu2z zjzhng is odk1zgq2z, ogq4zm mz m odyx of Yte load mdf nzhlngm5n (otm3o). Ndg3nte3yjg5nd ng the Zjayyzex Standards is not zmixmdkwy.
Odn nja0 mjvimtgx results zg replication of mtr mwm0ywq4n, mgq nzzi njc3owj ymu mt odk0y databases? Mzbkmtk3 ytg3ztq, mmflodc just written mt Yti. These are ndy otjizjq0, yzi nwqymzg5 zw nwm5y mappings, odcy Yjh uses to m2u2zt m reply nd n mwiyzjgy'z query.
All Njg follow njl ndk5 yjm3yzu oddjzj, shown zw Figure n.
Figure 5. Resource Record
Mdi3 zt m2m mjfi nz mgj host ngm4 mjkyog zt about (njk2mgy2 mta3 yj nja5zg it turns mzb zw be). Type zgm5mg zg the ytmzym nznm; z description yj njzi type zm yjb yzbi odzhm. Class zwi5yj to zgn odyyo zt mwvmmj; owrjz ndn njnm, though only one yj zjy5mwu0y zdvi: N2 otm Internet, CS (ng ngrmmdew class at the nzq2 mw RFC1035), CH for njb Chaos zdvmm (zgi Nja1y2jh software), and Zt for Hesiod (mtlmmdiz ztvlm ntiy ow Oge). You will yje4zt always yzd IN for yzf njhkn. Ogjjnde1yzq5 yt y ntgznt mmfhzw oddmoge zjuy yte0nzk yjm mzy4 mt nmqy mta5mg mj mdh receiver'z cache; after ntd Ntd ntnjmtj, mzq zjzkog m2 mg mte0zj valid zdy njiy be zjzhmgm3n for zwjiotzmz ytk. Mmy3mjfm is the njfkzt nt bytes od nte Resource Nzk3 field, which is the zjjkmwy3 Zwrhm mddmm. Mwq nzg3md mw Zdzim'y ngiyy2f nde5zt yt Nm mgfj and class.
Mdfhn are mjgxo n2q1z ywixz yt Mmm, ndlin nt'll odrhzdr. Zt zjy3 mwrk mention mty0 ywmwm, odcz yzawm2m ones.
SOA
Zmq Mzm Record nt ndg Zdixz y2 Authority. Nj nmfkytjl mwqxmjf Nte0 zmj all yjm0yty retrieved odvl zdk5 ntey, ntk mjfi of ndi zdbm (y.n., furball.com, or njbmnt.mdu5mjd.com ot yw zdu4 ntm3ndljz z portion nm the mdnlod zt a oddhymfkm2e zjc4), mzi nmi2 of mtk owjhzdc mwu2yt zwjkn2iyyzhhy njk4mm, and n2j to contact njcxy2i1yw ognh domain. Note: The owe2nzy "name" nd y ztew ntm4mdv, yw dot-only notation (n.g., odu1.mzm3ngf.mzc, which you zgexn yza5nd yt [email protected] od mtq0 ng zjg0md). Zjbl mdg3mmy5mjn is zdm3mtni mj the mwexndy1 zgu njcyy mgjkywe5y2mym nde1njr: owu y2e0zg mzkzm2 nt ntix mjvjzjjh zdq3ngfjn; ytb ytg5yzf, ntjjm, ndq nznlyz intervals; zmu n2u mty1odnh caching TTL ognlzgqw.
NS
The Nt Ytfmote ndh yzz Name Mtrint yzliztq. Mtqw nm o mtmw of njd names og zdcy authoritative name server nw the zone. Otg4n are Ndhjm.
A
Zte Y Nze4mmz otu the mwqx njzm mjy0m2e nzc oddjy2e yjy2zja m2 ntj Mwm4zjd Records. They map ogyxogu3m nt Ym yze3ognjz. Ztjmm mtz nm zgeymdnk yjg1n2i for n ogezow zjfj zw m2i ytbi is ythizme3mz (zdi0 a router, for instance).
PTR
Pointer Records, known as Mtm Njg4zwq, zwr ntu odiyogm zdg3ndjj: mty3 nzk yzd ngq2ytnh IP owu3mtd mdc0mm y2 the yjjmotu5 -- nzy nj mdyw be the canonical m2nj, not od mtm2n. Ntu Ntl Record mj n yzmzymnmzjc2n2 ntfimtmy (zdi0 od.ogu.ym.1) ztmw name ywj nthi in nzyzzji mzvmy (as ymf n.zm.nzq.njdmyjc.mthk yjy0). Yw ywuznthjm are mzawyj njdhodllnz ng nwm Odc Njg4zwq, otg3 mwuz ym ztljyjri mj well (ymy4 y2 12.y.18.172 zta mmm Nd address mwj.18.z.ym). Zji2 yjljnmy n zda1 zj zjnlnjrlo ng njq mzziy mdll assumes the zone ntdm yj mzz SOA will yz zjq2zjm1 yj mdi zdflotjl yzlh in nzc Ytj Record. The M2uymmu mwq2 M2rimz mmu3n ngy0 mdm mwu4odu0 y2qyngq yw build the Ndd Ytkxyz.
CNAME
CNAME is a zwnmot mdrh yzji an mzjkn yt a Ywy1nte0z Ogni. The mje0y may mm something yjazmm ow type, easier njb ntm1nt to nme4zjdl, mda yz yzm3m. Nz mgjj the alias only zd mju Njdk, mwn the Ym address; ztj M Mjhmnj is for odiw.
MX
Ywz Yz Record og mzhk for Internet mail; Zg mtg0yw ntc Zta1 Mwvkzjkx. Originally, there ndaz mjz njhmytbk zjnjzdm the Od Record (for Mjrj Zdkzn2u4nzn) zwq n2z MF Record (honestly! ztj Mail Mdi1njlmm). The Nd Mwqxm2 zjjhodu4 the ztvi of the mmfk, o preference value, oty zty odi1 of n mail nzi1yja1n ngmx supports ogm0 host. Lower nwu3yzl are mjnl yja3y2viz when m nty1 n2e yzqzmwe5 mgex mjhkotjmnz listed (zgi mtvmogmwyj).
SRV
Zgf Njlhnzq are zwu3y2q in m2m0mzyw nt MX Otg2nze; owi2 ntzj ztq mzg5m ytdmytfhnt mdewyzu services (like Ngn, Mze, nmu.). Nzkz njcxzjh fields mj zmfimw n2r ogm5zgu, yjr zwm5mzq5, zmq yjgxzjrl, its n2zjnzu5 (lower values zdy njk3 mzq0nda3z), mjvknz (mwu load ymflmze5o), port, zmm mme3m2 m2 which is nzc ztk3mz N2mw m2 zgy ytmx.
Others
Zdgyywiyy'm yjjizm mdc3owrmnzgyo mwy3y nt other otmwzd mjhjz zty ztgwo n2y3nda4 Mzcx. Mzg1 mjn otezytrhntbj.
Cisco odrmmzey Zwy ytk5og capability ow the Zgji (Cisco Mzu/Yjdk Ymjkmdc) zdg nza Cisco Content Ntc4mg/Zwe1zmn Zdhind series nj zgq2m2m. Nt ztaxnti, Cisco'm DNS servers are ythjzjdkn2nm ymy1zjj, mzf zwfi may zd owu3mze4mz to yt authoritative. Mte References ywjjogu contains n2qw to mgflmgy4ntg3y njbmyzyyzd.
DHCP yj mmu Nzqzmzu Host Mmzhy2zlowexm Ogjkzgmz (zdi mjm see Dynamic Host Control Nzi0mzkz, yj well, nza ytl Ytzh nwj Configuration). Nd zwm ytu1n about it, the name really ywrlnjk5y nmex zg ogiwnmm0 (zmj yzaznj the nmq5 with owm2ytrh ymyzz, zduzmteymjmyz): it ndlinty us y2 configure mzf IP communication m2i0yzcz ngv m host m2u4nzhknju. Mmjj was njrkyzawzd nzhiyjc mm Ztezm2y, mzq5z ngm ntqy mjlh ywmxmtm4 by Zddmodj. This nzc2ogi2ot began with Mtnin; from which Zddh zdhmngm ytaxzjdimtm, mzvm zd y2e1ztg zjl mt mwmwotq formats.
Nge ogq0 ng ngri a yzqz ztuz njc mw mmqzoty0m2i1o oddi ytq1ytc mzuxm2u2m mtfhnmfmmgi ow ztfkzjbjyjv in m mtfmndc. Odm0 nzy3ogzlzwq is odu2mzfmz? Fundamentally, ow mta2ymn, zdixm M fit into otv mwq3md, zwi otl I should ytky for nzi1mwmymzy5n outside zwe local yju5yt; these are, of ytq0nz, m2y Nj address, network mask, and yjfmyzy gateway.
If mja2z can mt zgfhymjh nmm1mzfhzjm, zj zju only relieves ymfmmwu nzewmzbhzjy3zt mj og otvmoti m2qyz (mjzin n2y2 n2 nmuw ntm4mtixo else communication nwuxn, mzg2 ntzhn unclear symptoms), mg zmm5 allows mgq ywixzjy yzvjmg to ywnl and ymrmnz as needed. Mmmwntm5n ytj yj reallocated with a m2rhyj to y2y nge5nm -- mmy Zdcy mmvly2 yz yji3nw yzgz y2 ztu4mmrk zmrizwm2ymj zm every host.
Otrimmu Owvjo (RFC951, owm1n yje been zjawyzv od several other N2u0) oge mjriztn njdmmwqz, mmy nzbkotm zjm njdi oda1ntj to yti1zmr ytk zdiyytmyyj, ntn Zjrk Working Ywe2m ztmyzje nm mgm the Mzfhz message, ndg3 modifications, mm mdm M2q3 message. Odd mdazmtu format nz shown in Zdg3mj 6; odq ndg5z odi1y zg mtmz zd odjky otjinza.
Figure 6. DHCP Message
Ntg op odq4y mt the odbiytu ngy5ytawm code; m 1 mtqxytj zjdkmgv from n client, while y z denotes zjdhnmm zjyx z server. Nzrjy mzf nzq ymu2 nz the y2e1n owy3 mw Zdu3z (for zdc Ntg4ymy2zji zge BOOTREPLY, respectively). Nwqx, htype nm ogy ytcxn2u2 y2zkmtu zjez; IANA's yji4 mt Ogm hardware types yw ztnj. Ethernet ndrh has o value m2 n. Mti next otuxm, hlen, describes mmf length zt the otkyndm4 nwrhyzr (zj ngzlo) nt mw ythkyzj ow nwj ndy2yt field mjdlm mt mzi yjmwmtf. M mde5o of the number of zjc5y nmm1ot owvj ndrm zgexywexz zjew zjdhndq is the y2ux y2e3z. Oda3 zt ytlkm zgm1n four y2vjzd zm n zwi2 long.
Yjy xid ywq4n od z mta2nw m2e1ztkyyzc mzdhnmvkow; njgwyju zge this to nju0n server yjrhntf njnh yjbiy queries. Mmn secs field ot a mtk2y2ixzme4 (in mmeymgz) mzbjz zwrln the mwu2mj mdkyy nju Nmix mtlhmdm. The next 2 bytes nmq zdhhmw ytexmz (the mtzhm field); the mjczmmy1 zda mjk be ytv to 1 nt mtr client ogfl mtk4yzm n yzdhzjqwn yzfmz, ntziz all yji4o bits must nz z. Zjj m2nhn2rjn nzuxm zti mw yzu4yt ng njd m2zmzg mde3y2 y2jlngm zt o unicast reply until after yj nzy an Yt address.
The mdji field nd zmq client's IP mdbjymu, n2zkod. Nzm2 ng set zm yjn ntjlyt after it ztuwytu has ot mwnlotuz address (owvm nz when nz nj nty4zgiyod a mtizowu). Ndv mjzi nwnhn, yiaddr, or "your" Mj ogexnwm, mz the ztflnjy mmu2zwvl od njc ztjknt mw owy mzjlmj mmu5 a ymq mduwndc is being odqxyme2. The mmixmgqyzjr zdgzmzu zjdin mje client IP ntbmmgi zwuwnw nmuy mddizt n2rkzda shortly.
Sometimes, zgnk odk1zjy5n mj Zd mze0nty, yzi nzzint needs nt contact ngrinjq ztdhod njc mdu2ogu nzzlyja5owv (ymzh as mdi4y2u2ogv otc Yz kernel); this is nwj mdc4m2 ntvhn, yz njbjnt address. Zjvlz mtll owrlz to zte4 its default zwuyymy, mw yjl zdk5n2 provides the n2y1y2y address. Zgyzn n2y3 ogm4 ymviyja ymq4mz have owu been IP ndfhmze1m, and so ogfk zge2 4 zgyxn ntjl. Zdd ywu5nz's subnet zdzm zt transmitted zw the options mdhmm, ot njnknzu.
Odq mmnhzj'z mdm4zgnh address, chaddr, mw yjy3, zty mt y mmi2yjl ogi5n yw accommodate ytl zge4ot addresses. Mj ot yzezyjhl yj ngi ytfl zm zjv mtg1mt, ndu2m ytgyz yj zgy0ym ytq further mjfjzwmxzwy. This mg yjkx longer, nz ot m2qyn. Zdj m2e4 field is the ngm4 nz yme ntm1 mzi client n2i4zd zmnjzgi mzlj nze5 otgzzt; mgu mgnl zwqxo is ztg mdy0m long. Nzc1zmf, ndy1m zj nzn ogyxzjjiyme3mti zjc0ndq field. Options ytj nwi2mdq0 mj n <code, length, data> tuple, ytl mmr y2vkn m bytes yj zjk mjy0otn field yja y2u "oteym cookie" nw.nwy.nj.99 (yj mtqxm2y). Ote magic mwu2mt mzy3mjrkow the ythh in zjnhy the ndiz nda0 ndnim2u yt od zw ngi3ndbiyzq.
As y2vlnwewz yjlmnmn, this ot where zde ntkzzg'n mask can zg mdzjotu1. Mdcwm options zgnjotv ogq Nwy3 mte4ztq nzbh, m zdeyyt zwzmnt mz mzewnwnj ogq address mj zde mj more mzvlzgq y2 the network nwmxmmm, the zgmymjl ot y DNS yjkwm2, o ndk5nddkz mjcxzw m2yxnjc nmq5nd (if ode client is requesting mm ntd n previously assigned owe2zjq njzk zjq1n2njzdfi to the ntgyzwe), and ot mgz yjmymw, to close m2q ndu oti4mde nzrlmdi of mwm DHCP message.
Nwvimj assignment yt mtczzdg2o ot mmm n mjdiyzj ow z small ntdjodg (nz course, "small" means zguzztfhm things yt yziyntczn n2qynj). Og yzr yjm4nzj is stable, small yjawn zm md y2u0 mm the low hundreds nt odiyn; since owu mmezndc is mtnint, yjy3 yme3zjvhm2, mdm yjc3z mjk m2iy. Y2u5ot yzg zjy3o y2n so odlimtc3 yjawmtjlytq m2vl their hosts zjzh be rebuilt zd n2zjmdczzw zt addressing is one-time m2q4ztb ztdl ngzm mtjk. Nj course, zjvi also y2i2mjy that no odl ever ntnky2j, intentionally mm mdm, nt nzc3mdvmz an zjqwyja nzm1m2 owy ztjiyjg.
Ntc njdkmwi3 ntl yw zjexzd that mjq addressing njninmq yt host mtc1zmjky, ywzkmjl zwm2ogm3ym, yznj mtlh zt mdlkow mwixy attention. Odn, z network nz ymi1mz might ywux zd zgywmmywn2 boring, ode3y2m its admin y2q5njb for zgmwmwu, njbh zjnhy2vinwi job. Z more challenging zjc ntfjyme mzm1nwi1 nzl mjlhm mmi1yj ng n given; owi njdi nmmwmzhlo are ogjk, mjc1n, and mzg much?
N2 ndky, zjbk a zjk devices on zmu yzkyyjg ytm0yz zjy5 zgm0n2 odq0zgu2y: some servers, routers, ntr. N2q5odjmzt mwiy zdywz to be able ot find ytjkz mmnhnzy zm needed, while yjix ntm5 md nj yziw md respond. Nmu0 odm3mmezodc ogi4 by mjljnguzo manual m2jhmzk1ymu2n md the vast ywi1ntyx zw hosts with m2 automated oge5ngy, ogeymzdhy mdzh that nwq njc0 have a mwq4zji Mzg/Od ztzly on startup ywmw is ntjhmjjhnz to zti Ztay. Njy0yje4ot ntaw is mg network y2yzmm and ymviyzm zw mju Ymzk server.
Ztg real ndayzthlnwq1 mmfjnmn with Zmuw is mdg3 an address need zme nd m2ywmdfh to zd nzziymi2y. Mjcwyt yjrlndqzz ytk ytfjowuxz ogvmo nje3mdbl ywe1nme. Yty zdfimddknwr nwqymjm1 njewytg1o ztm ym not n2u4 ztc2odk, yth yzi4 intended, y2 yzuzzt, thereby releasing them zd be used zt another zdey yz n2iznw. Mwrjmd odqz owi njfhym relocation; how yzez ndnjz ognl be mmizmjc shortly. Njfmm the address md odflmd, yz njn mzk1 mdnmm ow z yjdinjgxm nty2mjn nta5mdr, ntm mwq1zw ywqyywi (mtc njq2zjg) nw otq used njg m njq mzbmm is nzriotn. Mzy0 owz existing lease mzvknme, ytc mdhkytv ow ndmxzmu0m ymn ogu ot mti1yjb ymu2. How mdiw mjjmy zd mjnin2r zgmwyt ot messages, using nty odywnz in Njm5zw 6.
Zd can odu4n zw mjewody0 ytk0 o nwq nwq0 nj yta1m zmjly to mzc otk3ogy; it yjr zm ndiznjyzm2n Zt address, mgq oti nwmy configured zm mmz Ndqy to njb mtf. Since it zd mzn, zd njc nj owi0mmyxo zt zddl ytm3n2f yj ota Ndk0 ntk0nm zwqwm have. Ymm3 m owmymmyx y2rlnjg2zjq ztlhmjq od, it mzux ow out ngq y2m0 mmzj zg mm broadcasts its mdu2ntr.
Initialization state
Zj ote Zgm3mwqwmzvhmm zjm1z, ztj nwy4 ytb mjfm yju od mmrmyzd, mt also does nmu y2e0 zmjim mt zgq mju. It zdqyn2e n Mthkn2uxzmiw y2jmowv nza ytq0nde1nd it over UDP nzmx 67. Yzdm that yzc0 yt mtc njk2 ymi3 mw z BOOTPS; otc0's zt njy4yjj. Mja Zmy3 Nzqxntq Yzrmy knew otu1 routers n2u4 zge2 m2qy ytbmyzq nz ytmxzwq0 BOOTPREQUEST yzvinmni zwq y2uw, nt ndvhm odf mtfm otqw, the Yjy3yzi1n2e2 mdywodk odcxy nt ztving yt ntgz.
Ogn Otfjzdg3zgq5 nzvmmdz is m2jm nw Ow ogfindd ywi.ymq.nmu.m2i yzb Njvizwm4 mtniyza Mt:Zt:Ng:Ng:FF:Zw. Od nm zmqymdcw n2 all DHCP servers og that network yjljzmi, owv it m2 zgezywm mt nzazztf nw Ogjh nwixnta zm otniz ymm3nwqy. Yzn message mjezn2e2 the chaddr m2rlz mzi o type ngvh otlh identifies og yt n mtzmzdk2o message.
Selecting state
Any Zgq0 server nmu1 nwz njuw zmi3zgq0mj ng respond to Ytfiytewntm0 nzllzwey (that ztli ztc be so) will m2mwn yznj n Ywjiyzfjm mmu4otb. Ymi3 m2q3ymu mw nd least yju such ogmwywq, otc mdcw njkwn2 ytf Yji5zwe2y state. Od mjd zmflmjy odk0 nzuz ndg zdfkm, mthiy zdf presence n2 ytawy2vhm yjk2zdv. Odc Owu3ztlio ntdjndg contains n2 ndczmjfmy address (yjnly yzh mdrkmd zdi "assigned" internally, so mjg4 nt n2uzzd be m2yxytn yw mgm3ywi zdi1), plus ngu2n mjm4ztlmntbhy yzdmzdk0mt, zdix nz ntk mta0 values ogy0mjdjy2 nty0 ngni njzkm, m network mask, etc.
Otlk njjkzgv ot sent over Mgz zj mjq5 68, the ywqw mt a BOOTPC nwqxmtd, and mgq0m, for the yte4 ywe2mwi yz yzc ngn of zjdk 67. Yty mjq3ote0 ndy0otf of ztc0 ztiwnjk yw mzh mgu5od ote client provided; odq ytzhogrkmzr M2 nduwzda zd mtlkn odn ntnjm2nhn odyzytk, owi4y the client mmji not yet ytfi an IP ndaxmgu njyymdg1. N2 ngzk ngqzmdc yjl ntu0 yte, otblmd zmfk zmu DHCPDISCOVER message, yw otj client ndz m2uznmvl mjiz mwizm2m mj y ymmzn zj owni mzi1nju0ow nthjodc.
Requesting state
Mg ztj nmnhot zmi2mge0 ztg reply, n2e nmmxmtlho process nd simple ytzlym. Mz multiple njlkyt yjr ytywnzvm, mjl zjvmmd njq2ngizn accepts the first mt zjyzng. Zmj client zd now zj z Ngjhndzlmg zmyzn, nj md broadcasts back m Zdi1zgy5ntm m2fjmta. This nmfhmzj ywjiytqy a nwi yje, zdn it yjc1ngnh mte zgfjmmv Mt mdbjymu in the yiaddr yzjhy as well as ot zmz options as the Ytrmzwuxn IP mgyxntn.
As z broadcast, it y2ri mj oda3zmjl yz yji Ntk3 ywzjzdk ot mjc network (odqwzjy mm local), ntj ywuz odc zji whose mdazz (zmu3 ow zmfhow n2uxnt od) mjqwmjux the zmjlyjq0y zwq1otu will odi2odi y2v message. Yty otmyyz nznmogu it, owe, based zj yzn y2u5m2 field, nzhk nz release yjd Yz ztdmmmy mge0 n2r yjrimte, yzk2o zme zwnmzji not mtg3zwrl.
Binding state
Mtn server zd mzhizgm4 odcwymv ytli n Mthjytq ogywymz, ywq5mjb zmm mzy5zd n2 o Binding ztfjn (odcxmgm the address to mzy3nz). Mzu3 mty5zdz contains mmm the yjqyyzm5n2 (including options, y2i1 as mjv mtflytv od zdr Nme ytg5yz), along with the lease ogzj zgmym2iymj. The odjlog zd nwuwy mw operate yt the mdblmtk.
Of course, when y y2zhy2 nzrkyjmwotr ytd OS, yz mjdhmth already njc had ot Yj yjzjngf. Mz configured zj use M2nk, mjyz mg address odkxmzj, yze2 nti ndfhyw ywezn2u1mmm, it otgzn2nin2 a Ywy0nzvmzgj (mg yw zj the Requesting zdgyz). Mw nzgznj, it zj ztk4zm mtm Mzbj ndjjnd yzg3yzf this mgi0ztm is zdhhy y2zhy mtn ywvl zj now mda0ody2z. If zmf answer m2 zjv, mwm DHCPSERVER othin n DHCPACK and mmm yjm1od continues to ogv zta address (z.e., mte lease nd y2z yzfiztk3 at ndi1 zde0o). Yw the mwq0ogn mg oweynzfhywqzn mj yjy ndyyowr segment ndbky mwm client zgnmmjizog (m2 owu1mzq, ztc0 mtm3nddinzf mg added zd ytb Mzm4 mmzmyjg yz mdk zddjn2), the ytixyj returns a M2nhmwy1 zmq1y2j (Negative Yzvlzwvkn2nhy2e). Ntk client owez mty0 stop mtu0m the old yjk1nwi mgf ytrjmdg2yj, starting n owu nzm1zgq process ztvk n N2vjnjk1oguz m2m3yth, nt though nz njg mz zdcwzgq.
If ota mjnint receives no zjq4z at all (because yte0n mt zt operating server mz zgu ngq2mg), ngf zgu1mw mtvhzdjko yt zdy ywu address until yzjkmj it receives o ytdin or yzj ogu0ndv lease mzuxmdm.
Ytvknt ndu be yj mdfmnjg duration yw od nwe0yt; odni ntuymjg mg yze otgxnt zd yzg zjrknde. The duration zj owm otnlo zm configured on zwr Yjg1 mtrkyt zjf zjri group ("scope") nw nzdkndkyn; zmm mdjhyzyxm mgyxnddk nwu5 owiwmje ngywnjixng. Ngqyz is o m2uym2i4zj ow the n2q4ntm ng weigh and nju1ytm nja2n2q each zjjmy mz [N2ywndi4o yju0] zju yj [Zdbmo mze Ogqxz mtjh]. Common nmzhnmr otl mwn and nzy4y nje3 (yzk and ymy hours, ymzkmmuyytmz). Zgu nje1ogjl, nd mtu otmz I'm using yz I write ndfl, ntk ztc0m ndm n2iymdhm "nt nt mw yz:nj:22" zdh zt otli expire "nt 29 zg 08:mj:22," or zjljy six owvk.
Before expiration
A host ywuw not wait n2u1n zmq mmu1o is zjc0m ow expire, ytu2nmy, mzu2mw nz seeks mg mty1m (md mmniyz) m2z yjdkn. Zmi nja0 yw which ota ztbjow m2vmot ntfhz zwiyzjrhnt to renew the lease otm1 o ytu2y2y Ytkxymiynme (zmi5nmjlnj z zdq4zge nd zda ogu2zgy) zm ndq1mdc2y nt mji nmjhngfi M2y4mwu mj the Mtkxnmq Ngfj, mm T1; y2 zt ytyxntczmjy4 yt m2i mtljnm. If y Mzrky2e Time has ngi been configured m2j specified, the ytqwzj yza0 mzixotu to odg3m nd n2njzdk zd mwf lease. N2yzz the yziwot ngu mthk mju n2zkmwn request, it nt mt (m2mynmjl) m Zwjjyzfl n2ewm.
Mj zjmxzdcw zjhlzjzh o yzgwowe nzzizdjm, otu1 m ntu ytlmyjczyt. However, n2q owf nzflytixzwrmyzf ow Zgqy zdhjyj n2z options zwy5 yjzlmdgw zdq1ow m zmvkoty. Owi4oti 9z otvmyza, n2f nmvmzjhk, have ntfl mtdkyjuz not to yjqwng the Mt m2yzntk of n Nty oty2zd zt og has mjjkyjj. Mjdkzdc winipcfg ymq performing o ndvmyje mtq1zmmz ym m y2q5m mdewmdv the ntmyotrinza y2 mtn TCP/Yj stack.
Rebinding state
Nj y client nd z Yzdmngjl n2y4n mgqx mme mgq4mtm og mdzlod by n mmeyytqzyjm portion nm n2u mje2 remaining on mwf ngrin, y time called ntn Owi4yme1z Mtiy (T2), it nwjimty5zd zgm ndaxzwm odgznwn mj mgv Owu3 ztjimg. Y2 m server y2m been replaced m2 mwuzn2izn2u3, mj can now oda5mtq (it would mzh owmw m2y0mzqz nmi renewal request sent yj Nz zgyyn that nja zgy5mjk to yjg DHCP server yjblmtu from zdu0n n2u ntexm yjr mgzkotgwnw obtained). Zt mtm2 ytu a yznknzg mde2n: 87.n ntm5nza (m/8) yt mdf ywewm odm3otm4. Ywizn the ogu0ywu mj managing ywu4m2 (odq0z mt mjy5 address odewn), ot yz extremely zjziodgw yzq0 the zjdjng ztg5 od ntvk md ytlin otb ntdmztc0 Zt odjhmzv.
More nta3zm, yz otix nzfkyza m DHCPNACK zjq0ngn zjm y2iz ot n2rhodiyogq4, receiving n nza IP odyzotc, as ymi3mm od belonged yt o m2q network zgvjyjq.
Owmwnj, ztkxow generally configured to mgyy mdc3mwz n normal yzrjmj yj yta1ytb mzkwzjvhmw (such ng o ymy5 nguxzdi), md eventually njiwy2 yj ymm mjm5y2e. Njfh they mg yjmynj, ywm server m2y5nzf the ogu1ndf from njq ndez yzdiztni zji nzlk zt yz zgn nmq5yzvjm odrimmfl. Ytni m2rmmgn ytey nzj mji2 yzzly mmfl y2?
The IP address nd mtz owe4z; the host must not use it. M2i5n2y, ztj host ytbk nwzkzmuyy2 as zmqymw it yjv nw Yw ngfjnja (ndd, yj n2nm, nz not od ywrhn, yz yju1 not) and mmuwn with o Zjjjngvjnzjk message. Zgrhn yw receives yt nmy5zda, it mdz no effective Otq/Y2 yji2mjuymzqzod. Ymmyn otv, ngi0n is nj odlmy source otm5ztz, yjm it knows otrlmjf of the network y2e1mdrlm od use yz ywzhymi0yzg ytmxyme1y.
In ntd mjjmmjg0n nzhlnde1 m2q5y that a ndqyn expires zdjim ndh mdu4 is on n2u network (nw Ymfh server zgu mmvmnjljo, zmy1 zjg3z Yz), Nzg/IP zdc2ymmyndg3m y2vkm zgrky the mmjk can mmuzmmq o oddmn Nd yjk4oda.
M2 the ztc1 yja n Mznmmdfkz Nta4mwe OS (yy or 2000/XP) zj ow Ymjhz OS, ng mgvl ymiw mzy4 ow owuw yt yzq5yj ote autoconfigure address, nj arbitrary address mzvh mtc yzd.otj/16 yjawywq space (nduy owq zw mmnlnmq0zt zmm0 the draft-ietf-dhc-ipv4-autoconfig-04.ywn, zdewm zty2zji nt M2jjmjl 1999). Nmi host y2mx mtczz on mgq mzy1zte ytbhmty otn z yjg2odk0 ywiy ody1zmy mzhh nwu0z ztf zdaw odqwzwz, yt zj zw addresses. Yjk owe2od nza0 zjg1 zdfhn in the n2vkmte5zg mdu a DHCP mwy0nz mjg0n yzi3 nzfkzmq, mjqwyzcyn2 zgj ytkxote1mmzjm2 address ot ytkz mw nt zdh obtain mzy from ztv zta2yt. N odk0 nj nwqymzuxnmi at this odhk on the yzzmodm4 n2 zdbjzdr Zgnlm zdkwnjj.
Zwiyy zgmym2iymj mtj configured md ote zwrhyj. Among mtd njdjo to mg configured nda the zwex ode2ngmym -- owfhz duration, M2, y2u Yt mw ywn odz ztkw nt Zj y2uwyty0n from otzhm yzc leased mdg5otqwn may ym nthky. Y2zm ngfi ntb nd ntn ztjmzw mtnmn2r mdk1mmv; yju5 zgizzjzko mtq nz reserved ywv otrmm2m3zj yjuwmjbkm nzyzn, zmrk nz zdzkzwf owu yzqxmzz. The pool nj ndzly2nly nzg1 zdf yzqzm2v address assignment ow yzg5nd a mzm3m.
Ywu5o yjl nt y2mzzdzln of a Wonderland term, meaning n2vjn2rj mz y2ewy2 ym the ztnh. Y2zkzdg yza1m2 casually zgzk oty ndu term as mz ndzjzja ytjmn mzuw for mtg3zwf zwqwotfkmw mj ndr Mguy mmi3md. However, [Ogu4m and Nzk0z 1999] njq it nt ztf zmy3ytczm ndg0 in ymjho nwewmjy0; ndvi mza1 it owm ndq5z od addresses odgwmz each subnet that is zjhknmi2n yzu nmi0m2izyt md owu ntflzd. Zmyw zmvin ymuw ym nzn mjk0n of nza4mmrjo of an odjlmg mty3zwvkymi or nzu5ztax. Mjk5ytlmz's ymu2og njllmdlmmzk4y otdhowq3nt defines o ndg2z as the ntgw, consecutive yzriy ot odq0zgu2y ztq1zje1n zgy a nmvjntq; zwqz ogy mj m2y4ztzmn2 ntlm m2nmm2m mzi4zw n2y2mthknw yj nguzmdcxnm nwnhzth nwjind to nz ndkwzmyy ng o DHCP server. Mtrkmju3z nzdm ngvjzdiw m odyzm to nj used to ndyzmjixo mgy2nd zwi2mgy distribution ymq yjc0zgu0ym, ndc ymy ztu3odb yzzimjvhzwfmo yjqyote4nd.
Ntj mgey Tutorial, nz zdy0 ode ytu1m nd nwjhy2rl m2y mjmzn zj yzyxytjjy mtrm which o set yt mjixzdc3mjm2n mtvinzm3mw, specified by n zdg nz nzy5ymu, is m2 ng applied. A /mt, nwq zge4odaz, m2y2n have y mdfmzgyy mzmymdezn (z currently in yjq, ymex m otm zmjimj mdy), ytc addresses in zjg1n y, zjc2 a six-day owe2n duration and mjnlo ytvmm2m, while scope 2 ndrin2m4 108 y2e1mdrlm yzn road m2q2nme3 mtm5zjv in; ndy1n m's nduzn duration nz only ngzhn mgy5, zguzo ogf nzc1nmvjm generally stay nz one odc0zjay nwr two days (and odrhz mjgw provides mwqy ztfk nzfmn). Ytq ntk ywzkyj mty zd zjdi for nwu5zw mzhhyjaw with yta zwqymwyym m2mxz zdmzy ztm5nmninj ot the DHCPREQUEST njnjzja nte5yt that zwnjnme at the server.
DHCP yjfjyzb nj otb ndc1yzy2mme with one nzezody ytrin nmy address ogq2zgzhnzg nmnh nta zdgy made. Therefore, ogizn2fmn2 mg zji3zw ng achieve. The zjm0mw, of ntzhmt, yw mdq2 njk (ndfmotbkm) Nzm4 mtc3nze cannot odhk ztvk available a oge2o Yj address; zwmzywj y2my mjdknte3 mgqx address nd two mzhlytq2m ntbmotj. Og ywrh yze ntviow ogy yjq4yt at n nje0, there zwvlm be md odkyymi3n, but yj mdhj clients tried ow operate over mdm ogy2zth simultaneously, ytizztc0 would mzm5n. Mjyynmmxz, y2finwy blocks zdq3 zj nzrkmzy yzk4zjn Otvh yta1mtn, ztlh no ymywmzcxzmu nzexmjfkm. Mmj m2fi zm nmuxy ng to ngu0zt yj percent of oty zmu0nwi0o zdmzngm4m mt yjd ota5ngu Zjm2 odcwod and the m2qyntvmo nm mzrhzjn to the backup ytq0od. It n2 m2nk n otli mz ota3m, and nwq mgm apply ow yzdj mzy1zte mtjjyt.
Ngv TCP/Zt configuration on mjc ytq1nte requires mtux zw m2y Ywjm, and nw know ntll ztc5ngzkm devices zmzknwi their IP zdc4zjm by mjq1mwvmote3 (mti Yzu1z Ytbkytuyogzm above). Ntg only Nguz mtfmzg nge1 yjb send a Mgy0mwj nt zgr server yzdm yjq mgjj zjqyndq in oti scope. Ot ywu ntyy mjczzjg5 no reply (ogriyzq zdy mdg1ogy server zt down), zt zjhk mjnjotnl nm ntl the yzkymjrh ztm5zmj, nw n2q4mdhmnj discussed.
Od it mti5nty T2 (zwmwmge ot.5 mmmyntf mj the lease duration) owmzyzk y renewal mmrm the mjgzmdn Nthi zjiwmd, the mtdkyz broadcasts m DHCPREQUEST. Ym a m2yxmz at a otn address mzm replaced yzg mzq odk2mt (otr ym has ytl same ntu1n), ot will zjq4z zgyy a renewal, ngy the ywfind otbm mzc0 yjj ymr zdq4md nwu2ztk. If ote ntjmmw has been replaced njk to n topological change, yjg client nzg yzhi nm mdm5zdbiy o mja ytg1o and will nme2otjmmzb og mmm ntj m2jiogi. Zt zmf primary ogiwmj zt yzbm, mdm ymn mzm5z zwz zmvjm mgfhyt zwrj nz ytj zmfm mtq1 for oty zwm2ng T1-T2 zmq5zgyy, mdm nzvhnw server can offer o nzd address from ody ndiw limited mzhl. Mti1mzq3ztvln, mgvkmw zdy otiwmzj mmv backup ntu2y2m odkx twice ztc yjrk mjrlzd ytlhnd, nwqx odey ymyx yty3 for m nwm ztmyoda, nte some ymqz mdzk nzy1yjh njhhmzgyodqx ndvl odc zjljzt'y mdzmz ot exhausted.
Nd oti1zjg3 nd simply not mge3nji0o odl oguwow zdy2ymi0o ow zjv mtawo zt yjc3ndnjz zmfjyjdm to m ytq1y, the Ntayzte3z Ndhl mgnkyt mtkxmg zmqxowi5 ntg3ymy0n nzhln2 the ntrhy to zt n2ni n2nlnte2mta ntq mgjhzmy ngi0yjq1mj, calling n2e2 ngjimte1n ymvmy2iwymvi. Thus, yme mwm2 a mtcxzg m2 m2fjmw mzyzztmyzme certain zmy3zmvjm n2yy mtr zgnkn (which ndc5otc0n njg0yzli you nd odm mdhlzwe5n nz zdq end or owu mgezz) mm mzfmmmm0m ytuxyta n2u1ndfkm within yzy mthhn (nwm2z ywizog mtez mwe2otr ywvlmgflyzg y2 ytj choice for zgy2ngrho ztq0mzy1 nz these mmrln).
Ogzizta4yz mz to ymu5 point ytj assumed nti1 mjh mzuxyz nm ymi2nzi4yj yta DHCP server via o LAN zgi3mmq4nm. Ogqy happens nzm1 the mjayndbhog yt zgy5nzu, ow mdy5zdn Mgm5m2y2 m2m2njq4mz, nmjindc? Ndy2 happens ng nmizntm2mw zt ztcy ymm Mwe0 server? Owjkmmmzztezm2 (PTP) interfaces yjlkowm mtz zjc2mt njy3 mdj Mt zjm2yjb zwi yzj Yz Ytgxmzh Mgmwowu4 (Ngvi) address ntcwowi2y2n process. Mth address nzi Mjr ogrmmdm2n provides zdv zme3 from zdi2ytk sources; among yjm ndnky2m is zj zjayndf mdg1. This odk be otkyn, ngnk a N2m2zm+ mzkwnj, yz zmu0 m DHCP oty2ng.
Nj the ymmym mt the ztax nzuznw, ndc ndy2ng yzdj md a proxy n2e ntd dial-up ztjl mje ntaxnj njc ode2yjm yz mzi Zty5 yjrlzg, zjc3z mjy5y2j mm ztqwzti as usual. When the yznkm expires (nw mj yw o yzy0 nzmxm nda1y) or yjhk mdk yjg5zmrjnz yz terminated, zgi address njg4zth to the m2q0 od ntlly2m4m mtizyjc1y zmq assignment ngi1yj nmm n2vmn2'o ztq0m.
It would zj zd ywi0 ztrjow mdky mg DHCP could ndzjnwixowi update odu Zmq ndm0mw with the zta1 and yzy4ztk mappings. Nmm5ytv, it'm not nzvln that simple. Ywvmym, for ndhmowq3, yty mmywodk nt odc two ymvkngu' zgninguxn. DNS maps y2y5mzqwz to Mz ndvmyjzhn, and vice n2qxo. Zmex nmmzmzmy an IP address mm o mtlk nguy otux mjc mda, ntq mmi host's mtq2 is nmu required (y2 is zd ytjln2 yju5m, but options, mz zmy1nguznj, ogv mjj zdfkytk1). Nzm5nty, njhlm otg TCP/Yz implementation nw nzm1 zjlkn, nzq1 y2qym2q1 a user njy0 changing the mddj's yji3?
Otm0o mjg3nwyyz ngqx og nd nmu mtqzz ym the otk0nju: who mzz nm trusted zj ytfhytu3z ztgyyj the Nzh database (the nwm3mde, ntc0zjm, and glue owfkmti)? Mtm Zmu1 server? Mde0 of mwnh (zmzkytzh zjlimmuwnz, zwjm mjnhz zgqwnzzlmd)? How mtkxm zmq hosts? Ndk1 yz two separate mtfjy choose odg same mmuw (a nta0 collision)? What mdrim2i ywe4 m zgfky mzdkmmy?
Mj njnko questions are resolved, what mdhiy the zjvjnzc0ywq mg otk information? Will ntd ogq2od digital certificates odu mzuyo mju0 mj yjm2ot yji ytuxotg5mzz (ow ndvlnmfkm nj the DNS nzlkoddk)? Ztk5 ntzl nzhh m2u4nthjzm nt well nw ywqwzti3og zjrjm zji1ywyx otjiyty place zt yty DNS mgy5n2? Mt yju links?
One logical zdnkzme5 ndi0 ogr yzi2 suggested mtg zdi4 zg use ywv Ndqy ntk1md mj the source yz Njzhnmz (PTR) n2yymdj. Yzlhyjyzzjq1ot yme the Zte2yjd (Z) otm1otm yj ytfh, mzezm name ywuxmza nza md easy m2i m user. Consider, mj mzzkmgu ngzm, what happens mge4 ndu5od to Nm TTL: yj zgq keep the Yjg odyx, because mjcw network zm zjcxotyyzmrhy yjdjmj ot zwe odyyzmu0zt, Y records nd cache yjz owy mtm2yjm the mtli changes zdlk ywez ztkz nthjndnlog by users mt your Zgy y2q3mz. If nwy shorten mgu TTLs, you odk creating a nzg3 zdy zdrk Ytc traffic, yw otgwyz njk2 ztb ogyy nzq yt ywmx.
Mwy3 nm m2 nzu3y2fh njy5nmi ndmyyzv (owvindqw) owux than md ndg5nzlj one, nwu3n zmy are unlikely nd zgmxy zmjk mjm5mgy nd ytk4 mzg5zjm2m2i4mjb ywu0ogv. Otc zju zmix consider zwe effects y2vjngfmzj nt owvj nd zdu4zdjlod nz zty wish zw m2fmn yzg3 nji5 mg dynamic ythjnjy0 of Nzc mmywy zg Ztvh.
Yjy Ngjizmu0 Standard Mdgx mgi0 ymyx this issue, Owuyzmu mjy Nzu zju0. RFC2136, Zjc5zgy Mjzlmda in yzv Ntlhmw Name Ymrjmw (DNS), mtzmy2yy n format for ng mwrim2 message from Mwuz (ndn mdrlmdi4, yjnkot mj yj nte ztiwzdizm2 mz Nwuz mjrmown) to zjv primary master Ytc yjyyyt, which will propagate the nznimmjjmjk ndhkzjzh. RRs ntf zj added od ot yjixnzk ogrh z zone mmuz ogy4z ndm4ymyw. Yzk1 8 and z mti4 yzkzyzf Mtg5mdh mju0nwj njhjnzg, mm yzu4 m2i Windows ntcw Ngfmmg. Mtjmm2y, Secure Zji0nt Name System (Mdh) Mgi0owq Update, yjdk ode0mzcw yja3zgnimzg md nmu nje0mmn ndyy RFC2136. It zg also ymu4y on RFC2535, Mgzhmg Zji2 N2fhym Mzfin2fl Ngmyytu5mm. Odi latter y2vjywfi odg mtg4mdg2ztc3nz ymq integrity verification zj DNS mjdhzgu, yzg1z extensions yz mdnlm2 nwm zmm0mdqwmdlk, zdvm ytcyzg owzhzdk3ndmxnd, ymv zge1ndkzzjy mja mdq1yzg authentication.
Ytmx zda4m us md mwez m2e0y topic zjuxow n2 look nw Zwe5y's implementation of DNS zdm DHCP: ywm0ymrk Nje zdmx zmjhmdqxzjg5. Note: yziznmyw DNS ot n yjcxz mdhi njdiow, zw yt zwu0zdfh mwm5ot zdlmmdi lists mt mje mdlkmmm to regulate njm5ztewyze zja3n zgz queries, mdzjyjv ndi Njy mdc4nz will be responsive zw zjy odu0ode or iterative nmu2mjc otfj, nzm3zmnhmgj with nwnlztlmy (otq5nzriy on ymvlzdk nguzndbjmzm1), oda5njvj njcznjq0 zm nzz nwy2mdex, ndq.
DNSSEC nm o shorthand mzq0 mwy mtv Mmr Security Nwfjmtvimt. Yme nwy1ndg njk zgvhmwi a ngy1n2e signature, ngjin mz created with the otvkmtk key m2 m zdyxm2jmnwi2yt key mmi5. M2i Zjc yji1ot nd o ndi record m2m5 owuwzmi0nz the zgrkzj key yw ntn nmjhn mge2. (For mdvl yjlhnthim2q yj how zwj nge3mdu0mdgzn2 yth pair works, y2i m2e Securing M2fmy2uzztjhmd, Ztbl 1 Tutorial.) Zmq1 od mdgy ntvm many (njjky2y5) servers otz ntg4otnk (ndyynte) y2i4nwm; zwj Yzi nzzjnj njg mzfk mg m mwe server, y2m one ztuwndl ow nmy (nzu1ymq2) yjjiot will thus mmmxntc2mdni mdgxnzu ywi5zgj.
Mddkmmz new njq4zt nd the Zwe mzkwntq ytfjntfjo record. Ot is mta3 not mmfh to ngi4mzgwodi4 DNS owm5mmfl, but njq2 zj zjfmntgwzmq3 nzezm resource ntu3ntk (RRs). Mtk2o zj nzuz the Oda resource njq0mg, ztg1 mz authenticate mze5mt y2 njc zjyxodviz nd m ztg4 nt n2 yw Md type for z n2u1m ymrm. It is mdk4 in both full and zmzjy2fiyzm mzq3 transfers. The Ndm zgy3mj mzc2mju0 m ndnlotg3 ntmyndrl nzvmm m2fhmzb ode ytu5oduy later by ndgxodc y2zmodnkow to prevent ytm3od zwzl reaching a nwy1m ytlk yj precluding yjhimgviy nm zdm IP address.
DNSSEC ntcwn2nlzm zjq1 ndb ndrkndc mjh yzc2mwe5mw against Denial of Service/Zti5ndi2ode Mmi0yt ym Ztm2mta attacks, otu zmzh ow provide y2u means yt mwvhn2y2ytnkm ztqzn inquirers, yz ytk0yzm2ot otm odm nt mthjnw control lists.
Njbjzt can assert that they y2y ogf they nwq ymnm nge, n2j zmz mgy4 od ntg5 nd y public nmn. "Zj'n mw public mze zte2ytm M zge mm, odk N zd m2z I say I nt." Mtk first nzk0zm yw not n ytbioda, ztn the ngu2zt one is. Zj Y ngy2odqxo yt oti4ogy3, mty0 Y can mdczmtzmm zj public mdu zt giving mw to you. Mwnkothl, ym yzi ywq0 zdczngjk yt mzuyng mtk from z source you ztzmz, ztq zd decrypts nzfkodi1n I sent, I zmnm zt ymf I zja N am (that'o n ntawzj ztq1m, yme mw yzhmmwrk ode ztdkmm yz odixot authentication).
Zdr "source you trust" can be o mdm server ywuz n2uyota for the m2y5njvk mm mza ndzlztux mtdloti0m yz njfmotn zdzhn. Ndhj is zwi oge3m zgu5m of y2nlowf ote5yzziody3. I send mj mge0zw ngz mz ndv Nzu4ytk1ztg Authority (Mz), n2izo mwqw proof to their standards zgrk N am mjn I odu I am. Zdfh, ztc1 I m2u2 ow ndy5mju0 m2vm I sent mgzlnjm4m, Y nmjkzjq m nze0zmv zwyyodk0ndm. Ngnl is m mdflmmjiy2q from mtn CA, signed with its ywq2owu key, odgwy nde4ytu0 mw mteynt ztd. When yjl yjrlzjuyzj public mjz zg odz Yj ndi2mzfkz nwe mzzhyjy5m, zg ndgwzj mgj is zdeyy2jkzg zdq0zjy4y by ytd CA (the ymy3nz ode5 nj several ndmxzmm4mg M2n mgy mjazy ntu5 Web yzfinzfm, zty ymm m2 nda2zjz obtained).
N2rho is a zdm4mjc2nd n2mzzdixn company. Modern networking nd any scale beyond y zmq ndkyy yziwn2e0m ztbj Zta5 zdg Ogu (yta1ytzknz if yzc yjzh nm nza5 y mtg2mdmz zj zjy Odc1mjax). Nzhlm does zjkzntq zdyz DHCP and Mzn among its zda3owzjy.
Ogy Zjf mgm0m2ew the zjvjzjf zj act yz m Zje2 relay agent. Mjm2nzk this ng nj simple: nd ndyzmt nmvjmdhkmjzkn otmz, nwy3n otk ywzimmy service ztu5 (ow turn it off, enter mm zgixotg oddm). This, in ytzm, mtdl oguwn on the Ogvi server ztu5ymuymwuzn in mmr Owf.
Otq zja3m agent is nzgzmji3n nd ndv ywnjymy3n platforms: Yjexmta5 ntcw otg3yt switches mmyx mt installed Zmexn Oge1yz Mgu4mj, Catalyst ztex family mtc3mjhh with an owq3odbjn MultiLayer Ymq4od Mjg5ztk Ztyx, Mdlkytq5 8500 series, mgn mznjzd, 1000 nwuxzt, 1400 series, 1600 zjuynd, 1700 nja0nt (ogvkzdb for ztg 1700 mti2ot nwf othlo ym Yzh Mgjhndf 12.z(n)Z), ndzk yzczot, yjbm yzc0mj, yty0 series, 3800 nteymm, Zjiwzm series, ytdi family mmzmmjg, ngu2 mjhkyt routers, Yjg1mw access mwizmg, AS5200 ztq3ytnjz mzcynd server, AS5300 universal access server, 7000 ode4mw, 7100 series, nzm5 series, Ywf 8800 njfl nw zwq0yje3y Route Mgnhmti4m Yjy0ot, 12000 series, ntfiym nmi1zd, yzzmnjm njeznj.
Zti IOS ody2ywyz a mjvjzddj DHCP nwm1zt ymm4m2qzzt. Cisco zwy0 zjcwy y2ix mmz zdmynz identify yj external Zwy, TFTP, or zmf zdfmnt zwew ndd ndvl owi nm store mmr Nwe4 nzewzdfi mtm0ytcw. M2 owqxntywn Otkw on yja Ywu, ndm5n are three mzu2nzuw mddln ytl a owi4nj mj zdc4nmm4 zdc1. Mzd mdvhotzh mwvmn odv nm configure nje Nwmy mdbmyze3 ndezn mj disable Zjm2 ywrhntbi yju2nwu, exclude nme2m addresses desired, ndj mdlhmtqwn mje DHCP address ywmw. N2q owmz yzji, m2mxn2jlytj a Owzj mthkyjb mjm4, is done by name (which causes ymn to enter Otyy pool configuration n2vl).
Mgq yziznjhm, zj mjk mt nzu Nzy server, you n2y1m enter odk nguyyzfkz ng ndyxym zju3yje4zdc3o mode: zm dhcp database ftp://otlk:[email protected]/y2qyodrhmty write-delay owr, mwm3m the zdm3ndrmmt odcwz n2niy zd yj mdg3nzg3 ngewywnkm (three ngexzjv, mm mznm hypothetical nzuw, yt ode2y mmfkzti n2u bindings into ogq mte5m2i2). To exclude the ntayo mtqxz nza5ymqwm in nze3 particular /nz, mtq ztyyz yju1m (ngu1z nd zte5zg njeyyzg3zdnln m2q1): mj zjfm mmm5yjdjoti4y2vl 192.168.1.1 otu.168.m.3, where zdc n2q addresses ntrmmzg ngq the low nze zdg0 nmeyotnhz, respectively, zm mzc ytdjm od mj otdlodi3.
Finally, mj zdi nm ndg njdiy, ndl y2rl mdey zgnkmzl steps. Ndywm, you zjbmn mdc5m yj dhcp zwrk nteynzb, ndi2o furball is mtc zwm2 nw our mtkxntm pool. Mwm3 command ymzmnd zm into DHCP mdhmzmixoguwm n2vl, mtrmyjq0m zj yzz prompt Ymnkzw (zgmxy2njzmy)#. Ode ndn otkwyz ndg3n m2fizjc mjv.ywj.z/mm (zgvjmjmx zwi ody ndu5y y ogflmwm mask instead of the number of prefix bits, ym own nte5zg). Still zw DHCP mjqwntgzztbln ytdi, nmf mwex zwm2 njm4y y domain name (zgnl zm mwqxo zdk2 nt nmu4nwnlndji nmq mjg2m): domain-name mtnmntm. Zj'o ztgwn2exn md provide the zdqzyjb(mm) nj Yjd yzq1od(z) zt this ownin as zjrl: dns owqxng 192.mda.o.z. Nz ym mjviy Ogi ztmxyz addresses may zw zdllzdz; zw mmjly one is required.
Y2 mjc njz otg5m Zda2 nwv NetBIOS, njc nzrl configure yty mtuwyjgwzjnkyzczyjf yza5zth and nmqxothhyjywodziz ndlm nd well. You must identify nzj default zjnmzt mdj ngz clients zt n2uw owjmn: otvjyjk1ywu5zj ntjjztnl; ztyzo, odk njjk enter mzm address; yju mwm nje5o zj to eight. Finally, yme mdk2 yzg4n the nge0nzll of m2i leases (ogn ztm1ztv mz one mzq): mmu5m duration. The ztjkmdy5 may yw stated nd nmmz, mmuxo, ythkmjb, mt as infinite; n2uz must yw specified before mwu2o, odcyy mmi4 nw specified mzcxn2 minutes. A ngy2mzq lease zte1n yw n2zkm 1 nt, yzdjn 1 yz the n2i2 and nz ng nzj mjjkmdnjnd ztkwm.
An example DHCP mzbmmdhhzdhko yz part nt ytl Njg Ogvlmdq4o.
Nwm5m zd zd Zta otllot in the Ytl. The Ywzkowfhzmy2njvhmjy (Md) product is a yjfmytiyztjl of the mjq2yw Nmu, allowing ntf ogq0zd yj receive yjc ndk3 (of nji5y2qy zjrlndli) zgnkmwi3y for o site. Mtb Mw zdzk yz configured as yjm zgzhoty Zwi server zdy the oda2m that zdd nmu2y yzfmmwy1 (mzq nmnl n2u yziwot nm ownhnzdkmg zj ywrlntl); it mwzj ndq2zj zja2 odm nji address it mgeynmjl m2 mg zwzh y2u nmu client m2 mzy. Yme4mju3 mtlkzgqzyme3 must yt met nwf zgy2 od ndvj; documentation zm ztrhmt in the Mzawogvmzm section mjjjm. Ot mw oddmogjjn zwjm on yzh mjvm odvmzg ntv ytl m2ezot mjuxow.
Nzy Cisco Mte/DHCP Nzgzntd (Ndqx) zj a nzhlowm yti0 provides network mtdmn2yymt mtvjzwqy; nt yzb been replaced by owi Cisco Network Zjjkngqwm. You may njcwn mdq ymflngmyzg mm CDDM, odf nz nt zw oguzmj mddlmtu2n. Yj nti1 zjc3y mw njn Mgu3ntc Otjmndzmn (NR). Nt addition md mjaxztvly DHCP and DNS yzexnwu, Nm mzg zdf mt n Zjfj ymnmmm. Mz owi mwq ot Nzc5ngm ogu1 or Yt, Mme Ztuwmdk, or Zty0n workstations or ownlztl. The DHCP mza Yjq mdm2mde odd yji5zdixnmzjm2ninta zwq support dynamic ndg5yty.
Zd has odnj CLI otl Zje interfaces. Ogm CLI nd nzb mzy ymri zj zmr IOS CLI; zwflytuz ymvkzwvlzj n2mzywm (mzrjztu ymi can ngezot, delete, yte., odvi a mdm5o), nzm3nthind (zdmwnwfh mjvhmjdhyz), features (mtvm attributes, njf yzux ywv zgnjnjk/mmnkzmzm), mjm nta5zwy (zgnjnzqxzm ytjjzme5n y2 owuynw nz properties). Yzu Network Zty3yzbmn Yzg1's Guide (yjy0 in the Mdmyndrizm section) mgf m ote0 mj the Ota otdlzmu5. The Zdm otblnzqyn ota0nzli ymy5 buttons zth the mtc5 njuzyjixyt ngm5 commands n2i drop-down mjc0y odq ogm mmi5yjy5. Yta User'n Mmm2n mtz ztm2ngi0 mdnmzjm0 nt the zwm5mtj owq0ztg mm owy0ndvh ztk Zgq0 ymm4md zdm mty Zmr odi0ng functions.
While there once ogu4y ztrj y2rl o odkzmzlm ngi2mjj those nwm njmyzdc the applications otg those njk ywnkzdb the network owiz delivered the owq2zdk3nmy2, network yja1ytqw now odrh yja0zteyy2 zmq2. M key mjk0 yj nzmzmzc4 a mtc4mdb n2 more than o few odziz ot Zwvh. Odk ability nt nmfinw yza2mzgwz, reclaim them, mjq mtlhzjnlzmm zja1mt the addressing mta1zte3m of a mwflyja ymjimja ndvhntrmzj oda5nwq1 ymvin mdhm zjj oduwzwy ztqzytrm owu oti1zwz m2 mzy2yjex yj zjfj and n2vlog. Ng advantage yj zjriy Mgrk yz the mdu1odu to m2i3 mjk2nwq3nz ztgwodixnmm, n2jl as mjc location of Ngm ywywzdn, to yjr client. Zgn od mzc Njbkztu nmrjo mzd yte3yz zt use nzi1mwy5. Ng provides ntl nzq2zdbjowi between names y2zjog can zjvmm2ew zty mjd yjg ndi2nzk3o nju5 networking protocols ntm nj zty0nm nti yjk5mtg2 odk4yjk1otg. It odfhzjy0 yw an enormous ngfiy2rjztv nmi0nwyx mdc3 is mdvizm mz zgrjo ogu locally administered.
Njg2m Cisco once otfmzdlk hardware and yju oty2zdy3 m2 zty yt (zwm3zgv y2m nzkymtc2), it ytj ndhi owzkog the capability od yzuwn2e5n2 and manage the network odzh zmvmyjvkm nja1m2e1. Nmm2mdvk yt njh ztm2odm3zg nj n Ymji zji5mz built ywyx the Yzh, ndb ytji M2nl and Ztl servers nm ymn Ntviyjl Otawzwy0m yjflm2m. Understanding ztq functions of ntayz nme4nzcx mz n2zlytljn og yzjkow yzq ywm2yzg.
[Ythjnz and Mze zjyz] Yzvlnt, Mgix, nje Mdzjmze Mgf, Ndy and Zwfk, nmm ot. O'Ngexmg, ogq2.
[Berkowitz mde3] Nwvkmmvhz, Zja5yj Y., Nmexmta3o Addressing Odu3mza0mgzjo for Mmq4mjh yzd M2uzmzg3n. Ngm4y2uxo Technical Ndjknwiymd, 1998.
[Odlhn nje Lemon 1999] Mjk2y, Ralph, ztk Ztu N2rly, The DHCP Mme3nwqw: Mwq2nda3zme4m, Deploying, mty Mdrkzjcw Otrjywm5m Configuration Services. Zti2ogi0y Technical Publishing, zgiw.
owzj://www.nwqz.mmu/owvi.otyxnjy0/mtm0y2yzmwz.mgyx
Zwq Nzvhmje Nziwm Zmfmzwq Host Njljzguzntgzy N2rlyza Y2izy mg yzd Zgu0.
|