Udostępnij za pośrednictwem


DHCP & PXE basics

 

A DHCP Handshake runs through the following steps:

DHCP The complete traffic runs on UDP User Datagram Protocol (OSI Layer 4)

Discover
· Client broadcast: asks for IP address
· In the network trace you see a call from 0.0.0.0 to 255.255.255.255
· Runs on port 67 UDP

DHCP Offer
· DHCP server response including IP address for client
· Runs on port 68 UDP

DHCP Request
· Acknowledgement (ack) of the client to the server
· Client requests server ack

DHCP Ack
· Acknowledgement of the IP ownership of the client

 

Where PXE comes into play:

This DHCP handshake has nothing to do with PXE at this point. PXE stands for pre-boot execution environment and is a rather old technology. It is in-deph defined and documented by Intel:

https://download.intel.com/design/archives/wfm/downloads/pxespec.pdf

PXE does not come with a dedicated boot protocol. It is simply DHCP packets extended with additional DHCP options. It’s formerly known as the bootstrap protocol. If a PXE-enabled network card sends out an DHCP discover package, it will add DHCP option 60, which includes the string “PXEClient:Arch:xxxxx:UNDI:yyyzzz”. Then it waits for DHCP offers.

It will only respond if it gets a DHCP offer including option 60 which means: I am PXE capable and able to send out boot server and boot file information.

The DHCP offer can be splitted into two independent packages, coming from different servers. The DHCP server can send out the DHCP offer containing the clients IP address and the PXE server can send out the DHCP offer containing the option 60.

The PXE client will wait for all needed information up to 60 seconds. DHCP Discover will be retried four times. The four timeouts are 4, 8, 16 and 32 seconds respectively. If the client gets the offer within this timeout, it will proceed with the DHCP request. If not, it will stop with a PXE-MOF error.

 

A PXE-DHCP Handshake looks like the following:

(DHCP and PXE service run on different machines)

DHCP Discover
· Client broadcast asking for IP address and PXE-capable DHCP service
· DHCP discover package contains option 60
· DHCP discover uses port 67 UDP

DHCP Offer
· Reply of the DHCP server containing IP address offering on port 68 UDP
· Reply of the DHCP or PXE server containing option 60

DHCP Request
· Client broadcast, ready to acknowledge IP address and boot server (port 67 UDP)

DHCP Ack
· Server broadcast, acknowledge clients IP address and lease (port 68 UDP)

DHCP Request
· Client unicast request for options 66 (boot server) and option 67 (bootstrap file) (port 4011 UDP)
· Unicast addresses server which offered option 60

DHCP Ack
· Server ack from PXE server including options 66 and 67

Start of the bootstrap file download using TFTP (UDP 69 and UDP high level ports)

image

Screenshot: normal PXE boot

You can see in the screenshot that:
· DHCP offers come from two different machines (.2 is the DHCP, .1 is the PXE host)
· The last 2 steps run using unicast

Comments

  • Anonymous
    January 01, 2003
    Nice article

  • Anonymous
    January 01, 2003
    thanks

  • Anonymous
    November 16, 2011
    The comment has been removed

  • Anonymous
    November 16, 2011
    have you turned off the vpc dhcp functionality? :-) can you create a netmon trace and send it to me on dheinz at microsoft.com

  • Anonymous
    March 12, 2014
    Very well written, still relevant to this day, thanks.

  • Anonymous
    July 21, 2014
    Comprehensive article

  • Anonymous
    July 21, 2014
    Thanks for the article, do you have more in-depth articles on PXE like the frames description and what happens in the background ?

  • Anonymous
    August 28, 2014
    Thank you very much Dominik

  • Anonymous
    September 10, 2014
    Thanks! Very well detailed/

  • Anonymous
    October 22, 2014
    The comment has been removed

  • Anonymous
    May 16, 2015
    Informative Article for those who need a background Picture of Pxe-Deployment Process.

  • Anonymous
    July 06, 2015
    Well explained and good job Dominik!

  • Anonymous
    September 05, 2015
    Hi Dominik, If PXE and DHCP server are on same machine is there a different handshake ?

  • Anonymous
    September 11, 2015
    Good article!

  • Anonymous
    October 14, 2015
    Nicely written, brief and to the point !!

  • Anonymous
    December 07, 2015
    great article!