DHCP / DNS
DHCP DORA — Discover, Offer, Request, Acknowledge — is the 4-stage ceremony that gives every new client an IP address. The animation walks through it with ascending pitch per stage so even the audio tells you which step you're on.
Animation
frame 0
Engineering pitfalls
Rogue DHCP server on the LAN
An unauthorised DHCP server (often a misconfigured home router plugged in) hands out wrong addresses. Use DHCP snooping on managed switches to drop OFFER from untrusted ports.
DNS poisoning via DHCP option 6
DHCP can push DNS server addresses to clients. A rogue DHCP server can push attacker-controlled DNS. Combine DHCP snooping + DNSSEC on the resolver.
Lease-time mismatch between client and server
If client renews at T1 (50% of lease) but server has shorter timer, client gets NAK and loses connectivity briefly. Audit lease times match across DHCP cluster.
References
Primary sources
- RFC 2131 — Dynamic Host Configuration Protocol.
- RFC 1035 — Domain Names — Implementation and Specification.
- RFC 7610 — DHCPv6-Shield: Protecting against Rogue DHCPv6 Servers.