DHCP & PXE basics
A DHCP Handshake runs through the following steps:
DHCP The complete traffic runs on UDP User Datagram Protocol (OSI Layer 4)
Discover
· Client broadcast: asks for IP address
· In the network trace you see a call from 0.0.0.0 to 255.255.255.255
· Runs on port 67 UDP
DHCP Offer
· DHCP server response including IP address for client
· Runs on port 68 UDP
DHCP Request
· Acknowledgement (ack) of the client to the server
· Client requests server ack
DHCP Ack
· Acknowledgement of the IP ownership of the client
Where PXE comes into play:
This DHCP handshake has nothing to do with PXE at this point. PXE stands for pre-boot execution environment and is a rather old technology. It is in-deph defined and documented by Intel:
https://download.intel.com/design/archives/wfm/downloads/pxespec.pdf
PXE does not come with a dedicated boot protocol. It is simply DHCP packets extended with additional DHCP options. It’s formerly known as the bootstrap protocol. If a PXE-enabled network card sends out an DHCP discover package, it will add DHCP option 60, which includes the string “PXEClient:Arch:xxxxx:UNDI:yyyzzz”. Then it waits for DHCP offers.
It will only respond if it gets a DHCP offer including option 60 which means: I am PXE capable and able to send out boot server and boot file information.
The DHCP offer can be splitted into two independent packages, coming from different servers. The DHCP server can send out the DHCP offer containing the clients IP address and the PXE server can send out the DHCP offer containing the option 60.
The PXE client will wait for all needed information up to 60 seconds. DHCP Discover will be retried four times. The four timeouts are 4, 8, 16 and 32 seconds respectively. If the client gets the offer within this timeout, it will proceed with the DHCP request. If not, it will stop with a PXE-MOF error.
A PXE-DHCP Handshake looks like the following:
(DHCP and PXE service run on different machines)
DHCP Discover
· Client broadcast asking for IP address and PXE-capable DHCP service
· DHCP discover package contains option 60
· DHCP discover uses port 67 UDP
DHCP Offer
· Reply of the DHCP server containing IP address offering on port 68 UDP
· Reply of the DHCP or PXE server containing option 60
DHCP Request
· Client broadcast, ready to acknowledge IP address and boot server (port 67 UDP)
DHCP Ack
· Server broadcast, acknowledge clients IP address and lease (port 68 UDP)
DHCP Request
· Client unicast request for options 66 (boot server) and option 67 (bootstrap file) (port 4011 UDP)
· Unicast addresses server which offered option 60
DHCP Ack
· Server ack from PXE server including options 66 and 67
Start of the bootstrap file download using TFTP (UDP 69 and UDP high level ports)
Screenshot: normal PXE boot
You can see in the screenshot that:
· DHCP offers come from two different machines (.2 is the DHCP, .1 is the PXE host)
· The last 2 steps run using unicast
Comments
Anonymous
January 01, 2003
Nice articleAnonymous
January 01, 2003
thanksAnonymous
November 16, 2011
The comment has been removedAnonymous
November 16, 2011
have you turned off the vpc dhcp functionality? :-) can you create a netmon trace and send it to me on dheinz at microsoft.comAnonymous
March 12, 2014
Very well written, still relevant to this day, thanks.Anonymous
July 21, 2014
Comprehensive articleAnonymous
July 21, 2014
Thanks for the article, do you have more in-depth articles on PXE like the frames description and what happens in the background ?Anonymous
August 28, 2014
Thank you very much DominikAnonymous
September 10, 2014
Thanks! Very well detailed/Anonymous
October 22, 2014
The comment has been removedAnonymous
May 16, 2015
Informative Article for those who need a background Picture of Pxe-Deployment Process.Anonymous
July 06, 2015
Well explained and good job Dominik!Anonymous
September 05, 2015
Hi Dominik, If PXE and DHCP server are on same machine is there a different handshake ?Anonymous
September 11, 2015
Good article!Anonymous
October 14, 2015
Nicely written, brief and to the point !!Anonymous
December 07, 2015
great article!