Network Services Visualizer

Back to Network+ Hub

DHCP DORA Process Theater

Watch the four-step DHCP process unfold. A client needs an IP address - see how DHCP delivers it!

Client

IP: None (0.0.0.0)
DISCOVER
OFFER: 192.168.1.100
REQUEST: 192.168.1.100
ACK ✓

DHCP Server

Pool: 192.168.1.100-200
D

Discover

Client broadcasts: "I need an IP address! Any DHCP servers out there?"

Broadcast to 255.255.255.255:67 from 0.0.0.0:68
O

Offer

Server responds: "I have 192.168.1.100 available for you!"

Includes: IP, Subnet Mask, Gateway, DNS, Lease Time
R

Request

Client broadcasts: "I want 192.168.1.100 from server 192.168.1.1!"

Broadcast so all servers know which offer was accepted
A

Acknowledge

Server confirms: "192.168.1.100 is yours for 8 hours. Welcome to the network!"

Client configures IP, starts using network

Key Points

  • UDP Ports: Client uses 68, Server uses 67
  • Broadcasts: Discover and Request are broadcasts (client doesn't have IP yet)
  • Lease: IP is "rented" for a time period (default often 8 hours)
  • Renewal: Client tries to renew at 50% of lease (T1) and 87.5% (T2)

What Happens If DHCP Fails?

If no DHCP server responds, Windows/Linux clients use APIPA (169.254.x.x) - Automatic Private IP Addressing. This allows local communication but no internet access.

DNS Resolution Journey

Follow a DNS query from your browser through the hierarchy of DNS servers.

Browser Cache

First, check if we've looked this up recently...

Waiting...

OS Cache / Hosts File

Check local system cache and hosts file...

Waiting...

Recursive Resolver (ISP/8.8.8.8)

Your configured DNS server handles the rest...

Waiting...

Root Server (.)

"I don't know google.com, but ask the .com TLD server"

Waiting...

TLD Server (.com)

"I know who handles google.com - ask their nameserver"

Waiting...

Authoritative Server (ns1.google.com)

"www.google.com = 142.250.80.68 - here's your answer!"

Waiting...

DNS Record Types

  • A: Maps domain to IPv4 address
  • AAAA: Maps domain to IPv6 address
  • MX: Mail exchange servers for the domain
  • CNAME: Alias pointing to another domain
  • TXT: Text records (SPF, DKIM, verification)
  • NS: Name servers for the domain
  • PTR: Reverse lookup (IP to domain)

NTP Stratum Explorer

Click on any stratum level to learn about that tier.

Stratum 0
Atomic/GPS
Stratum 1
Primary Servers
Stratum 2
ISPs, Cloud
Stratum 3
Enterprise
Stratum 4-15
Workstations

Click a Stratum Level

Select any level in the pyramid to learn about that tier of the NTP hierarchy.

Clock Drift Demonstration

See what happens when NTP is disabled. Watch the clocks drift apart!

12:00:00
Server A (NTP Synced)
12:00:00
Server B (NTP Synced)
12:00:00
Workstation (NTP Synced)

Key Takeaway

Clocks drift approximately 1-2 seconds per day. Without NTP, a server could be off by a full minute after a month - enough to break Kerberos authentication (5 min max), certificate validation, and log correlation.

Service Integration Map

See how DHCP, DNS, and NTP work together. Select a scenario to watch the services in action!

DHCP

IP addresses, DNS & NTP server info

DNS

Name resolution for all services

NTP

Time sync for auth & certs

Scenario Simulator

Service Dependencies

DHCP → Provides DNS servers (Opt 6), NTP servers (Opt 42)
DNS → Resolves NTP server names, requires IP from DHCP
NTP → Required for Kerberos (5min), certs, DNSSEC