What is the DHCP server and what is it for?
The DHCP protocol (Dynamic Host Configuration Protocol), or also known as dynamic host configuration protocol, is a network protocol of the client and server type that is responsible for dynamically assigning an IP address, subnet mask, default gateway and other configuration parameters, which could be the DNS servers to use among others such as NTP server, WINS server and many more.
The DHCP server is the one that will have a range of private IP addresses that it can provide to different clients. As the clients connect, they are assigned different IP addresses, there are some routers that assign IP addresses sequentially, one after the other, and in another case it is based on a certain internal algorithm of the DHCP server, for so addresses are not assigned sequentially. The DHCP server knows at all times who has a certain IP address, how long they have had it, and who has been assigned afterwards, if a certain IP address has been reused.
The DHCP protocol uses the UDP protocol at the transport layer on port 67 for the DHCP server and port 68 for the client or clients that want to connect. When a computer connects to the network for the first time, it will send a DHCP Discovery message to the entire network, so that the DHCP server responds with a DHCP Offer message, later the client will send a DHCP Request message and the server will connect it with a DHCP Ack message.
By default, the DHCP server is activated in all the routers supplied by the operators and in those that we acquire on our own. It is true that it provides users with many comforts, but it is also true that there are some disadvantages associated with this configuration. In the end, it is a question of needs if the user needs the DHCP server activated or if we are actually facing an unnecessary function. Yes, it is true that thanks to this function of our router we do not have to “waste” time in configuring the network in the computers that we connect. Unfortunately, not everything is positive, as we can see, there are some negative points to take into account and that more than one will be invited to deactivate this server.
Advantages of activating the DHCP server in our router
The first advantage of having the DHCP server activated in our router is the time saving in configuring each and every device in our home. Having this service in our router allows all the connecting devices to obtain the addresses automatically, according to the range of addresses configured in the LAN subnet and in the range of the DHCP server that we have configured.
The connection and disconnection of equipment, either through cable or Wi-Fi, will be done automatically and without the user having to intervene. With the DHCP server activated, the user does not have to worry about anything, and it is the router that is in charge of managing the LAN addresses autonomously. Very useful when the number of teams to handle is high, and it would take a long time to establish some control over each one of them.
We must also bear in mind that DHCP servers have the “Static DHCP” functionality, this will allow us to relate a specific MAC address with the private IP address that we want, in this way, we can provide the same IP address to the same computer. always, that is, we can give them a static IP but dynamically through the router’s DHCP server.
In short, it allows ease of installation and saves time in the process of assigning network parameters to computers, in addition, it allows you to configure additional parameters such as DNS servers, WINS server and other advanced parameters.
Disadvantages of activating it
One of the problems that we find is mainly related to the security of the local network itself. Now that the hacking of Wi-Fi networks is so fashionable, in the case of a DHCP server, the intruder will have an address as soon as he connects. If there is no DHCP pool, the IP address will have to be assigned manually and if we have changed the range, the possible cybercriminal will run into some problems and will have to use different techniques to try to know the address range used.
Another negative aspect of having the DHCP server activated, and therefore the DHCP client in each and every one of the computers, is that a possible attacker who has entered our network, either via WiFi or wired, could set up a server Illegitimate DHCP and have all devices connect to it. In this way, it could later carry out a Man in the Middle attack using ARP Spoofing or ARP Poisoning. In the face of an attacker, it is much easier to set up a DHCP server so that all clients send the traffic to it, than to carry out a specific MitM to each computer on the network that we want, because we can send it the DNS servers that we want and redirect you to malicious websites at will.
The DHCP server also has a functionality problem. Suppose we need to know the IP address of a computer for some reason. In the event that the DHCP server is restarted, the assigned addresses could change completely and we will have to search the computer again, this would not happen if we use the Static DHCP functionality that we have explained previously.
Of course, in case of not having the DHCP server, we will necessarily need to configure a fixed IP on each and every one of the PCs, smartphones, Smart TVs and other devices that we have in our home.
DHCP on or off?
The first thing we have to think about is the number of computers connected to the local network, and if we want to improve security or improve usability. In our opinion, in a home environment where we are going to connect many WiFi and wired clients, choosing to activate the DHCP server is the best option, and make sure to protect the WiFi wireless network. If you want more protection in the local network, you could choose to disable DHCP and put a fixed IP on each and every one of the computers, to partially mitigate attacks on networks and the dynamic assignment of addresses that could change.
It is also possible to keep the server activated, but with a very limited range of addresses. In other words, our own devices will be configured using a fixed IP address, while those of friends or guests who occasionally come to our home will use the reduced “pool” of DHCP addresses on our router. In this way we will know much better what devices are connected using the DHCP range and detect possible intrusions, looking at the different records of the router’s DHCP server.
As you have seen, there is no exact answer on whether to deactivate or activate the DHCP server, it depends on the needs and if we want to improve security or usability a little more.