##
DNS & DHCP
DNS resolves names to addresses (port 53). DHCP hands out addresses via the DORA exchange (ports 67/68).
// DORA exchange
CLIENTSERVER
D · Discover
▶
client → broadcast
O · Offer
◀
server → client
R · Request
▶
client → broadcast
A · Acknowledge
◀
lease confirmed
// DNS record types
| A | Hostname → IPv4 address |
| AAAA | Hostname → IPv6 address |
| CNAME | Alias → another name |
| MX | Mail exchanger (with priority) |
| NS | Authoritative name server |
| PTR | IP → hostname (reverse) |
| SOA | Zone authority & serial |
| TXT | Free text (SPF, DKIM, verify) |
| SRV | Service location host:port |
| CAA | Allowed certificate authorities |
// DHCP — DORA
DDiscover · client → broadcast
"Any DHCP servers out there?"
OOffer · server → client
"Here is an address you can use."
RRequest · client → broadcast
"I accept this offer."
AAcknowledge · server → client
"Confirmed — here is your lease."
facts › DHCP relay = ip helper-address · server 67, client 68 · DNS uses UDP 53 (TCP for zone transfers & large responses)
dhcp pool · cisco ios
ip dhcp excluded-address 192.168.1.1 192.168.1.10
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8 1.1.1.1
domain-name example.com
lease 7
verify
show ip dhcp binding
show ip dhcp pool
show ip dhcp conflict
// scaling DNS — anycast, GSLB & CDN
| Anycast | One IP advertised from many sites; BGP routes you to the nearest (root DNS, 1.1.1.1, 8.8.8.8) |
| GSLB | Global server load balancing via DNS — best site per client |
| CDN | Cache content at edge PoPs; DNS/anycast steers users to the closest |
| EDNS Client Subnet | Resolver hints the client subnet so the answer is closer |
// DHCP relay, snooping & DHCPv6
| DHCP relay | ip helper-address forwards client broadcasts to a central server |
| Option 82 | Relay agent info — circuit / remote ID for tracking and security |
| DHCP snooping | Trust only authorized server ports; builds a binding table |
| DHCPv6 stateful | Server assigns full addresses, like IPv4 DHCP |
| DHCPv6-PD | Prefix Delegation — hands a whole /56 or /60 to a router |
| SLAAC vs DHCPv6 | RA M / O flags decide auto-config vs DHCP |