WEBVTT 1 00:00:00.510 --> 00:00:02.370 Initially, we used to have to manually 2 00:00:02.370 --> 00:00:05.310 provide an IP address to every machine on our network, 3 00:00:05.310 --> 00:00:07.170 which is not really a big deal in your house 4 00:00:07.170 --> 00:00:09.150 where you might have three or four machines. 5 00:00:09.150 --> 00:00:11.520 But in the large networks I've worked on, 6 00:00:11.520 --> 00:00:13.440 we have hundreds or thousands 7 00:00:13.440 --> 00:00:16.710 or hundreds of thousands of computers and servers on them. 8 00:00:16.710 --> 00:00:19.230 That is a ton of labor hours to be spent 9 00:00:19.230 --> 00:00:21.690 just for configuring all of these devices. 10 00:00:21.690 --> 00:00:23.730 So someone was really smart 11 00:00:23.730 --> 00:00:27.930 and created an automated way of doing this, known as DHCP. 12 00:00:27.930 --> 00:00:31.380 DHCP was invented to help us with this monumentous task 13 00:00:31.380 --> 00:00:34.350 of configuring all of these servers and workstations. 14 00:00:34.350 --> 00:00:37.500 Now, DHCP also can help eliminate configuration errors 15 00:00:37.500 --> 00:00:39.720 because when a person is entering an IP address 16 00:00:39.720 --> 00:00:41.430 into an end user's device, 17 00:00:41.430 --> 00:00:43.860 there is an opportunity for human error 18 00:00:43.860 --> 00:00:46.680 where they fat finger it and type in the wrong one. 19 00:00:46.680 --> 00:00:48.810 Also, it can be really hard to maintain 20 00:00:48.810 --> 00:00:51.960 a good list of every IP that every computer is using 21 00:00:51.960 --> 00:00:53.310 inside of your network. 22 00:00:53.310 --> 00:00:55.680 So often, you can get IP conflicts 23 00:00:55.680 --> 00:00:58.380 by assigning the same IP to multiple machines 24 00:00:58.380 --> 00:01:00.780 inside the same network by accident. 25 00:01:00.780 --> 00:01:03.240 With DHCP, none of this will happen 26 00:01:03.240 --> 00:01:05.550 because each device is automatically going to get assigned 27 00:01:05.550 --> 00:01:07.200 an IP from a scope. 28 00:01:07.200 --> 00:01:10.290 Now, a scope is simply a list of valid IP addresses 29 00:01:10.290 --> 00:01:13.410 that are available for assignment or lease to a computer 30 00:01:13.410 --> 00:01:16.080 or an endpoint on a given subnet. 31 00:01:16.080 --> 00:01:18.300 Now, for example, in my home network, 32 00:01:18.300 --> 00:01:22.710 I have 254 IPs available for devices in my scope. 33 00:01:22.710 --> 00:01:25.350 So when a computer joins my home network, 34 00:01:25.350 --> 00:01:28.800 the DHCP server automatically picks one of these unused IPs 35 00:01:28.800 --> 00:01:30.100 from the scope 192.168.1.2 36 00:01:32.880 --> 00:01:37.110 all the way up to 192.168.1.254. 37 00:01:37.110 --> 00:01:39.930 And then it gives that IP to that device to use. 38 00:01:39.930 --> 00:01:41.850 This is known as a lease. 39 00:01:41.850 --> 00:01:43.350 As a network administrator, 40 00:01:43.350 --> 00:01:46.350 you can tell your DHCP server what IP addresses 41 00:01:46.350 --> 00:01:47.820 should be used in your scope, 42 00:01:47.820 --> 00:01:50.340 and you can even reserve some of those IPs 43 00:01:50.340 --> 00:01:52.920 that you don't want to be handed out as part of what's known 44 00:01:52.920 --> 00:01:55.710 as an excluded range within your scope. 45 00:01:55.710 --> 00:01:57.690 For example, in my home network, 46 00:01:57.690 --> 00:01:59.460 I have a couple of IP addresses 47 00:01:59.460 --> 00:02:01.950 that have been excluded from my DHCP scope. 48 00:02:01.950 --> 00:02:06.750 These are IP addresses in the range of 192.168.1.2 49 00:02:06.750 --> 00:02:10.350 up to 192.168.1.10. 50 00:02:10.350 --> 00:02:12.390 These IP addresses have already been assigned 51 00:02:12.390 --> 00:02:15.480 to some of those things in my network manually by me, 52 00:02:15.480 --> 00:02:17.970 things like my printer, my network file server, 53 00:02:17.970 --> 00:02:19.230 and other things like that 54 00:02:19.230 --> 00:02:22.260 that I always want to have the same IP address for. 55 00:02:22.260 --> 00:02:23.850 Now, another way you could do this 56 00:02:23.850 --> 00:02:26.070 instead of statically assigning these IPs 57 00:02:26.070 --> 00:02:29.190 is to use something known as a DHCP reservation. 58 00:02:29.190 --> 00:02:31.980 This is very commonly used in large networks. 59 00:02:31.980 --> 00:02:34.350 Now, a DHCP reservation lets you exclude 60 00:02:34.350 --> 00:02:37.470 some of these IP addresses from being handed out to devices 61 00:02:37.470 --> 00:02:39.780 unless they meet certain conditions. 62 00:02:39.780 --> 00:02:42.480 For example, I could set up a DHCP reservation 63 00:02:42.480 --> 00:02:44.910 for my printer based on its MAC address. 64 00:02:44.910 --> 00:02:47.280 That way, whenever my printer joins the network, 65 00:02:47.280 --> 00:02:50.790 the DHCP server sees that it joins, checks its MAC address, 66 00:02:50.790 --> 00:02:52.950 and then assigns the exact same IP 67 00:02:52.950 --> 00:02:54.990 every single time to that printer 68 00:02:54.990 --> 00:02:57.030 because it's been listed as a reserved address 69 00:02:57.030 --> 00:02:59.040 inside the DHCP scope. 70 00:02:59.040 --> 00:03:00.420 This is a great way to do things 71 00:03:00.420 --> 00:03:01.650 when you give a large network 72 00:03:01.650 --> 00:03:04.500 instead of having to manual configure each endpoint device 73 00:03:04.500 --> 00:03:06.540 with a specific IP address. 74 00:03:06.540 --> 00:03:09.300 This lets your DHCP server do it for you, 75 00:03:09.300 --> 00:03:12.570 essentially giving it a static address every single time, 76 00:03:12.570 --> 00:03:15.210 but using this automatic configuration. 77 00:03:15.210 --> 00:03:18.480 So with DHCP, we can automate the process of configuring 78 00:03:18.480 --> 00:03:21.180 all of our devices whenever they come online. 79 00:03:21.180 --> 00:03:22.710 When the device joins our network, 80 00:03:22.710 --> 00:03:24.960 it's going to reach out to our DHCP server 81 00:03:24.960 --> 00:03:26.970 and it's going to do what's known as a discovery. 82 00:03:26.970 --> 00:03:29.490 It's going to say, hey, DHCP server, 83 00:03:29.490 --> 00:03:31.710 I need to discover an IP address. 84 00:03:31.710 --> 00:03:34.140 This means I need one to be assigned to me. 85 00:03:34.140 --> 00:03:35.730 The DHCP server then says, 86 00:03:35.730 --> 00:03:38.100 okay, does this address look okay to you? 87 00:03:38.100 --> 00:03:40.650 And it offers up an address from the scope. 88 00:03:40.650 --> 00:03:43.020 This is known as the offer phase. 89 00:03:43.020 --> 00:03:46.080 Then the computer's going to say, yeah, I like that address. 90 00:03:46.080 --> 00:03:47.610 I request to take it. 91 00:03:47.610 --> 00:03:49.830 And that's the DHCP request phase, 92 00:03:49.830 --> 00:03:52.410 which is going to be our third step in this process. 93 00:03:52.410 --> 00:03:54.600 Finally, our DHCP server is going to acknowledge 94 00:03:54.600 --> 00:03:56.940 that the IP is now being used by this client 95 00:03:56.940 --> 00:03:59.550 by sending what's known as an acknowledgement and saying, 96 00:03:59.550 --> 00:04:01.290 okay, that's your address 97 00:04:01.290 --> 00:04:03.690 and you can borrow it for this amount of time. 98 00:04:03.690 --> 00:04:06.420 This is known as a DHCP lease. 99 00:04:06.420 --> 00:04:08.790 Now, when we look at this in our home networks, 100 00:04:08.790 --> 00:04:12.480 the default lease time is going to be about 24 hours usually. 101 00:04:12.480 --> 00:04:13.890 For a corporate network though, 102 00:04:13.890 --> 00:04:16.170 you may choose to use a longer lease time, 103 00:04:16.170 --> 00:04:18.540 something like seven days or 30 days 104 00:04:18.540 --> 00:04:20.460 depending on your use case. 105 00:04:20.460 --> 00:04:21.990 In the world of cybersecurity, 106 00:04:21.990 --> 00:04:24.600 having devices that are constantly changing their IPs 107 00:04:24.600 --> 00:04:27.510 makes it harder for us to track down when bad things happen. 108 00:04:27.510 --> 00:04:31.860 So in larger networks, we tend to use a longer lease time. 109 00:04:31.860 --> 00:04:35.460 Now, how are you going to remember these four steps of DHCP? 110 00:04:35.460 --> 00:04:38.400 Well, I have a little memory aid or mnemonic for this. 111 00:04:38.400 --> 00:04:40.680 I like to think of Dora the Explorer. 112 00:04:40.680 --> 00:04:42.810 Dora is D-O-R-A 113 00:04:42.810 --> 00:04:46.260 and it's discover, offer, request, and acknowledge. 114 00:04:46.260 --> 00:04:48.660 That is our four steps of configuring a device 115 00:04:48.660 --> 00:04:51.330 on a network using DHCP. 116 00:04:51.330 --> 00:04:53.160 Now, when the device gets a configuration 117 00:04:53.160 --> 00:04:54.570 from our DHCP server, 118 00:04:54.570 --> 00:04:56.970 it isn't just getting that IP address though. 119 00:04:56.970 --> 00:05:00.090 Instead, it's going to get four key pieces of information. 120 00:05:00.090 --> 00:05:02.700 This is the IP address, the subnet mask, 121 00:05:02.700 --> 00:05:05.730 the default gateway, which is the IP address of our router, 122 00:05:05.730 --> 00:05:08.250 and the IP address of the DNS server 123 00:05:08.250 --> 00:05:11.400 so your client knows how to do a DNS name lookup. 124 00:05:11.400 --> 00:05:13.830 Once your client has these four pieces of information 125 00:05:13.830 --> 00:05:16.620 configured, that client can now get online, 126 00:05:16.620 --> 00:05:19.080 get out of your network and get onto the internet 127 00:05:19.080 --> 00:05:21.450 because it now knows where it is on the network 128 00:05:21.450 --> 00:05:22.650 with its IP address, 129 00:05:22.650 --> 00:05:25.020 where the router is with that gateway address, 130 00:05:25.020 --> 00:05:27.960 and how to convert the domain names to IP addresses 131 00:05:27.960 --> 00:05:30.450 using that DNS server's IP. 132 00:05:30.450 --> 00:05:32.550 Now, I mentioned the fact that we use DHCP 133 00:05:32.550 --> 00:05:34.980 to dynamically assign our configuration needed 134 00:05:34.980 --> 00:05:36.690 for our devices to get online, 135 00:05:36.690 --> 00:05:39.030 but we can also do this manually 136 00:05:39.030 --> 00:05:41.310 which is known as a static assignment. 137 00:05:41.310 --> 00:05:43.170 You see, when we do it dynamically, 138 00:05:43.170 --> 00:05:46.380 we let DHCP servers do the configuration for us, 139 00:05:46.380 --> 00:05:49.110 but you can also statically assign the configuration 140 00:05:49.110 --> 00:05:51.510 if you provide all four pieces of information 141 00:05:51.510 --> 00:05:53.070 to your client device. 142 00:05:53.070 --> 00:05:55.020 Now, again, in most large networks, 143 00:05:55.020 --> 00:05:57.390 you wouldn't want to statically assign the information. 144 00:05:57.390 --> 00:05:58.933 But instead, you're going to want to use 145 00:05:58.933 --> 00:06:01.140 a DHCP reservation to do it. 146 00:06:01.140 --> 00:06:03.540 But in your home network or a small network, 147 00:06:03.540 --> 00:06:06.060 you may want to statically configure things. 148 00:06:06.060 --> 00:06:08.340 Now, if you need to statically configure a device, 149 00:06:08.340 --> 00:06:10.560 be sure you double check everything you've entered 150 00:06:10.560 --> 00:06:12.570 for all four pieces of information: 151 00:06:12.570 --> 00:06:15.540 the IP address, the subnet mask, the default gateway, 152 00:06:15.540 --> 00:06:17.730 and the DNS server's IP. 153 00:06:17.730 --> 00:06:18.900 If you're troubleshooting a device 154 00:06:18.900 --> 00:06:20.460 that's having connectivity problems, 155 00:06:20.460 --> 00:06:22.530 you should check if it was statically configured. 156 00:06:22.530 --> 00:06:25.200 And if it was, you need to verify the IP address 157 00:06:25.200 --> 00:06:27.600 and the subnet mask are configured correctly 158 00:06:27.600 --> 00:06:30.030 because this is often the source of your problems. 159 00:06:30.030 --> 00:06:32.550 So at this point, we've talked about dynamic assignment 160 00:06:32.550 --> 00:06:33.990 and static assignment. 161 00:06:33.990 --> 00:06:35.670 Now, when we use a dynamic assignment, 162 00:06:35.670 --> 00:06:38.970 what happens if a device can't reach the DHCP server 163 00:06:38.970 --> 00:06:41.760 or it fails to receive a proper configuration? 164 00:06:41.760 --> 00:06:44.820 What should that device do? Should I just keep asking? 165 00:06:44.820 --> 00:06:47.790 Well, no, because then it's just going to sit there forever 166 00:06:47.790 --> 00:06:48.840 getting hung up. 167 00:06:48.840 --> 00:06:52.440 So instead, we need to have an alternate configuration. 168 00:06:52.440 --> 00:06:56.640 Whenever you're configuring DHCP, if DHCP is not successful 169 00:06:56.640 --> 00:06:58.110 and it's not able to negotiate its way 170 00:06:58.110 --> 00:07:00.690 through the DORA process for whatever reason, 171 00:07:00.690 --> 00:07:03.090 it's going to default to its alternate configuration 172 00:07:03.090 --> 00:07:04.770 that's set by the system administrator 173 00:07:04.770 --> 00:07:06.690 inside the operating system. 174 00:07:06.690 --> 00:07:08.760 By default, this is going to be set to use 175 00:07:08.760 --> 00:07:12.360 what's known as an APIPA address, A-P-I-P-A, 176 00:07:12.360 --> 00:07:15.450 which is automatic private IP address. 177 00:07:15.450 --> 00:07:18.330 Now, as a network administrator or a system administrator, 178 00:07:18.330 --> 00:07:19.920 you can also configure your device 179 00:07:19.920 --> 00:07:22.650 to fall back to a known good static IP address 180 00:07:22.650 --> 00:07:26.100 as your alternate configuration instead if you prefer. 181 00:07:26.100 --> 00:07:28.350 Now, when you're configuring your DHCP server, 182 00:07:28.350 --> 00:07:31.500 one of the things you can configure is your scope options. 183 00:07:31.500 --> 00:07:34.080 This allows you to configure a bunch of different things, 184 00:07:34.080 --> 00:07:36.090 but the most common are the subnet mask 185 00:07:36.090 --> 00:07:37.980 that is going to be applied to all the devices 186 00:07:37.980 --> 00:07:39.630 requesting that configuration, 187 00:07:39.630 --> 00:07:42.690 the default router or gateway that these devices should use, 188 00:07:42.690 --> 00:07:44.250 and the DNS server 189 00:07:44.250 --> 00:07:47.100 to include the IP address configuration for those devices, 190 00:07:47.100 --> 00:07:49.710 as well as the lease time for the IP address. 191 00:07:49.710 --> 00:07:50.580 Now, as you can see, 192 00:07:50.580 --> 00:07:53.430 we've already discussed all of these things in this lesson, 193 00:07:53.430 --> 00:07:54.810 but I wanted to bring this up 194 00:07:54.810 --> 00:07:57.330 so you're aware that you can change and configure them 195 00:07:57.330 --> 00:08:00.513 as part of your scope options inside your DHCP server.