This chapter covers the three essential network configuration technologies: IP addressing, DNS, and DHCP. Understanding how devices obtain IP addresses, how names are resolved to IPs, and how addresses are automatically assigned is critical for the 220-1101 exam. Approximately 15-20% of the Networking domain questions touch on these topics, so mastery is essential. We will explore the mechanisms, default values, and configuration commands you need to know, along with common pitfalls and exam traps.
Jump to a section
Think of a network like the postal service. Every device (computer, phone, server) is a house with a unique street address — that's the IP address. But humans don't remember street addresses; they remember names like "White House." DNS is the phonebook or directory assistance: you look up a name, and it gives you the street address. Now imagine you move to a new city and need an address. You can't just pick one; you ask the local post office to assign you one. That's DHCP: when a device connects, it shouts "I need an address!" and the DHCP server (like the post office) leases one to it for a set time. If the device leaves, the address goes back to the pool. Without DHCP, you'd have to manually configure every device with a static address — like knocking on every door to ask directions. The lease renewal is like renewing your mailbox rental: you confirm you're still there, and the address stays yours. If you don't renew, the address goes back to the pool. This system prevents address conflicts and automates the entire process, just as a well-run post office ensures every house has a unique, deliverable address without manual intervention.
1. IP Addressing Fundamentals
An IP (Internet Protocol) address is a logical identifier assigned to a device on a network. It consists of two parts: the network portion and the host portion. The subnet mask determines which part is which. For example, 192.168.1.10 with mask 255.255.255.0 means the network is 192.168.1.0 and the host is 10. - IPv4 addresses are 32-bit numbers, typically written in dotted decimal notation (e.g., 10.0.0.1). - IPv6 addresses are 128-bit, written in hexadecimal colon notation (e.g., 2001:db8::1). - The 220-1101 exam expects you to know the difference between public and private IP addresses. Private IP ranges (RFC 1918) are: - 10.0.0.0/8 (10.0.0.0 – 10.255.255.255) - 172.16.0.0/12 (172.16.0.0 – 172.31.255.255) - 192.168.0.0/16 (192.168.0.0 – 192.168.255.255) - Loopback address: 127.0.0.1 (IPv4) and ::1 (IPv6). - APIPA (Automatic Private IP Addressing) assigns addresses in the 169.254.0.0/16 range when DHCP fails.
2. Subnetting Basics
Subnetting divides a network into smaller subnetworks. The subnet mask is expressed either in dotted decimal (255.255.255.0) or CIDR notation (/24). Common CIDR values: - /8 = 255.0.0.0 - /16 = 255.255.0.0 - /24 = 255.255.255.0 - /32 = 255.255.255.255 (single host)
The exam may ask you to identify the network address, broadcast address, or number of usable hosts. For a /24 network, there are 256 addresses, but the first is the network address (all host bits 0) and the last is the broadcast address (all host bits 1), leaving 254 usable hosts.
3. DNS – Domain Name System
DNS translates human-readable domain names (like www.comptia.org) into IP addresses. It uses a hierarchical, distributed database.
Root servers: There are 13 logical root server systems (named A through M). They know where to find TLD (top-level domain) servers.
TLD servers: Manage top-level domains like .com, .org, .net.
Authoritative name servers: Hold the actual DNS records for a domain.
Recursive resolver: Usually provided by your ISP or a public DNS service (like 8.8.8.8). It does the legwork of querying multiple servers to return an answer.
DNS Record Types:
A record: Maps a hostname to an IPv4 address.
AAAA record: Maps a hostname to an IPv6 address.
CNAME record: Canonical name, an alias (e.g., www.example.com -> example.com).
MX record: Mail exchange server for the domain.
NS record: Name server for the domain.
TXT record: Text information, often used for SPF or DKIM.
How DNS Resolution Works (simplified): 1. User types www.example.com in browser. 2. Browser checks local cache (hosts file, DNS cache). 3. If not cached, query goes to the configured DNS server (e.g., 8.8.8.8). 4. The recursive resolver queries root servers, then TLD servers, then authoritative servers. 5. The authoritative server returns the A record (e.g., 93.184.216.34). 6. The browser uses that IP to connect.
Common DNS tools:
- nslookup (Windows) or dig (Linux/macOS) to query DNS records.
- ipconfig /displaydns shows cached DNS entries.
- ipconfig /flushdns clears the DNS cache.
4. DHCP – Dynamic Host Configuration Protocol
DHCP automates IP address assignment. It uses a client-server model. The server can be a dedicated server, a router, or a network appliance.
DHCP DORA Process: 1. Discover: Client broadcasts a DHCPDISCOVER message (UDP port 67 server, 68 client). Source IP is 0.0.0.0, destination is 255.255.255.255. 2. Offer: DHCP server responds with a DHCPOFFER, proposing an IP address, subnet mask, default gateway, DNS servers, and lease duration. 3. Request: Client broadcasts a DHCPREQUEST, accepting the offer (or if multiple offers, it picks one). 4. Acknowledge: Server sends DHCPACK, confirming the lease. Client configures its IP.
Lease Time: Default is often 24 hours (86400 seconds) on many networks, but can be configured. The client will attempt to renew at 50% of lease time (T1). If that fails, at 87.5% (T2) it broadcasts to any server.
DHCP Options:
Option 1: Subnet mask
Option 3: Default gateway
Option 6: DNS servers
Option 51: Lease time
Option 66: TFTP server (used for PXE boot)
DHCP Reservations: A static mapping between a MAC address and an IP address, so a specific device always gets the same IP. Also called a DHCP static assignment.
DHCP Scope: A range of IP addresses that the DHCP server can assign. For example, 192.168.1.100 to 192.168.1.200.
5. Interaction Between DHCP and DNS
DHCP can update DNS automatically. The client can register its hostname with the DNS server (dynamic DNS update). This allows other devices to resolve the client's name even though its IP may change.
6. Configuration and Verification Commands
Windows:
- ipconfig /all – Shows IP, subnet mask, default gateway, DNS servers, DHCP status, lease info.
- ipconfig /release – Releases DHCP lease.
- ipconfig /renew – Renews DHCP lease.
- netsh interface ip set address name="Local Area Connection" static 192.168.1.10 255.255.255.0 192.168.1.1 – Static IP configuration.
- nslookup www.comptia.org – DNS lookup.
Linux/macOS:
- ifconfig or ip addr – Show IP configuration.
- dhclient – DHCP client (release/renew).
- nslookup or dig – DNS queries.
Router/Switch CLI (Cisco):
- ip dhcp pool [name] – Create DHCP pool.
- network 192.168.1.0 255.255.255.0 – Define subnet.
- default-router 192.168.1.1 – Set gateway.
- dns-server 8.8.8.8 – Set DNS.
- lease 0 12 0 – Lease for 12 hours.
7. Troubleshooting IP Configuration
Common issues:
- APIPA address (169.254.x.x): DHCP server unreachable. Check DHCP service, network connectivity, or scope exhaustion.
- Duplicate IP address: Two devices with same static IP. Use ping or arp -a to detect.
- Wrong subnet mask: Device can't communicate outside its network. Check mask matches the network.
- DNS resolution failure: Check DNS server settings, try nslookup or ping by IP. If ping by IP works but name fails, DNS is the issue.
- Default gateway missing or wrong: Can't reach other networks. Verify gateway IP and that it's in the same subnet.
8. IPv6 Addressing and Configuration
IPv6 addresses are 128-bit, written as eight groups of four hex digits. Leading zeros can be omitted. Double colon (::) can replace one contiguous block of zeros. - Link-local addresses (fe80::/10) are automatically assigned and used for local communication. - Unique local addresses (fc00::/7) are like private IPv4 addresses. - Global unicast addresses (2000::/3) are public.
IPv6 can be configured via: - SLAAC (Stateless Address Autoconfiguration): Device generates its own address using the router's prefix and its MAC address (EUI-64) or random. - DHCPv6: Stateful DHCPv6 provides IP addresses; stateless DHCPv6 provides other options (DNS, etc.) but not IP.
9. Exam-Specific Details
Know that DHCP uses UDP ports 67 (server) and 68 (client).
DNS uses UDP port 53 (and TCP for zone transfers).
The default lease time is often 8 days on Cisco routers, but 24 hours on Microsoft DHCP servers. The exam may mention 8 days.
APIPA range is 169.254.0.0/16, and devices use ARP to check for conflicts before assigning.
The loopback address 127.0.0.1 is used for local testing.
The ping command can test IP connectivity; tracert (Windows) or traceroute (Linux) shows the path.
The ipconfig command is primarily for Windows; ifconfig is legacy on Linux, replaced by ip addr.
DHCP Discover Broadcast
When a DHCP client (e.g., a laptop) first connects to a network, it sends a DHCPDISCOVER message as a broadcast (destination IP 255.255.255.255, source IP 0.0.0.0). This message is sent over UDP port 67 (server) and port 68 (client). The broadcast ensures that any DHCP server on the same subnet receives it. The client includes its MAC address in the message so the server can identify it. If the client has previously had a lease, it may request that same IP in the Discover message.
DHCP Offer from Server
A DHCP server receives the Discover message and responds with a DHCPOFFER. This unicast or broadcast message (depending on the client's state) proposes an available IP address, the subnet mask, default gateway, DNS server addresses, and lease duration. The server reserves the offered IP for a short time (typically a few minutes) to prevent another client from getting it. If multiple servers exist, the client may receive multiple offers.
DHCP Request Acceptance
The client selects one of the offers and sends a DHCPREQUEST broadcast. This message tells the chosen server that it accepts the offer and also informs any other servers that their offers were declined. The client includes the server identifier (IP address) of the chosen server. At this point, the client still has no IP address; it uses 0.0.0.0 as source. The broadcast ensures all servers on the subnet see the request.
DHCP Acknowledgment Final
The chosen DHCP server responds with a DHCPACK message, which is typically unicast to the client's new IP address. This acknowledgment confirms the lease, and the client applies the IP configuration: it sets its IP address, subnet mask, default gateway, DNS servers, and lease time. The client also starts timers: T1 (50% of lease time) for renewal, T2 (87.5%) for rebinding if renewal fails. The client may also perform a duplicate address detection (ARP) before using the IP.
Lease Renewal Process
At T1 (e.g., 12 hours for a 24-hour lease), the client attempts to renew its lease by sending a unicast DHCPREQUEST directly to the server that granted the lease. If the server responds with DHCPACK, the lease is extended. If no response, the client waits until T2 (21 hours) and then broadcasts a DHCPREQUEST to any server. If still no response, the lease expires and the client must start the DORA process again.
Enterprise DHCP Deployment
In a large enterprise with thousands of devices, DHCP is typically provided by dedicated Windows Server or Linux servers (e.g., ISC DHCP). The network is divided into VLANs, each with its own DHCP scope. To avoid having a DHCP server on every subnet, administrators configure DHCP relay agents (IP helpers) on routers. These agents forward DHCP broadcasts from clients to the central DHCP server and relay the responses back. For example, a router interface in VLAN 10 might have ip helper-address 10.10.10.5 pointing to the DHCP server. This allows a single DHCP server to serve multiple subnets.
DNS in a Corporate Environment
Internal DNS servers host zones for the company's domain (e.g., company.local). They contain A records for all internal servers and workstations. When an employee types a server name, the internal DNS resolves it to the private IP. External DNS servers (often hosted by a provider) resolve the company's public domain (company.com) to public IPs. Split DNS is used: internal users get internal IPs, external users get public IPs. This prevents traffic from hairpinning through the firewall.
Common Misconfigurations
Scope exhaustion: A /24 subnet can only support 254 hosts. If more devices connect, new ones get APIPA addresses. Solution: expand the subnet or add another scope.
Duplicate IP addresses: Caused by overlapping scopes or static IPs within the DHCP range. Always use reservations for static devices or exclude those IPs from the DHCP pool.
DNS timeout: If DNS servers are unreachable, name resolution fails. Often due to incorrect DNS server IPs in DHCP options. Use nslookup to test.
DHCP starvation attack: A rogue client sends many Discover messages with fake MAC addresses, exhausting the scope. Mitigation: DHCP snooping on switches.
What the 220-1101 Tests
Objective 2.4 covers configuring and troubleshooting IP, DNS, and DHCP. Expect questions that require you to:
Identify the correct command to release/renew a DHCP lease (ipconfig /release, ipconfig /renew).
Recognize that an APIPA address (169.254.x.x) indicates DHCP failure.
Know the default DHCP lease time (often 8 days or 24 hours; the exam may use 8 days).
Understand the DORA process and what happens at each step.
Differentiate between static and dynamic IP assignment.
Use nslookup or ping to diagnose DNS issues.
Know that DNS uses UDP port 53.
Common Wrong Answers and Traps
"APIPA means the device has a valid IP but no internet" – Wrong. APIPA is a self-assigned address when DHCP fails. The device can only communicate on the local subnet.
"The DHCP server assigns the same IP to every device" – Wrong. DHCP assigns unique IPs from a pool, but can reserve specific IPs for specific MACs.
"DNS resolves IP addresses to names" – That's reverse DNS. The primary function is name-to-IP resolution.
"`ipconfig /renew` releases the current IP" – Wrong. /release releases; /renew requests a new lease.
"The default gateway must be in the same subnet as the device" – True. If the gateway is on a different subnet, the device cannot reach it.
Edge Cases
Multiple DHCP servers: A client may receive multiple offers. It picks one and broadcasts a DHCPREQUEST that includes the chosen server's IP. Other servers see the request and reclaim their offered IPs.
DHCP relay: If a DHCP server is on a different subnet, a relay agent (IP helper) forwards broadcasts. Without it, DHCP fails.
DNS cache poisoning: An attacker injects false DNS records. The exam may ask about clearing the cache with ipconfig /flushdns.
How to Eliminate Wrong Answers
When given a scenario, first identify the symptom:
APIPA address → DHCP failure (check server, scope, or connectivity).
Can ping by IP but not name → DNS issue.
Cannot ping any remote host → check default gateway and IP configuration.
Intermittent connectivity → DHCP lease expiry or IP conflict.
Eliminate answers that don't match the symptom. For example, if the issue is DNS, don't choose an answer about DHCP.
DHCP uses DORA (Discover, Offer, Request, Acknowledge) over UDP ports 67 and 68.
APIPA range is 169.254.0.0/16; it indicates DHCP failure.
Default DHCP lease time is often 8 days (Cisco) or 24 hours (Microsoft); exam commonly uses 8 days.
DNS uses UDP port 53 for queries and TCP port 53 for zone transfers.
The `ipconfig /release` and `ipconfig /renew` commands release and renew DHCP leases on Windows.
`nslookup` and `ping` are primary tools for DNS and IP troubleshooting.
A device cannot reach its default gateway if the gateway is on a different subnet.
IPv6 can use SLAAC or DHCPv6 for address configuration.
These come up on the exam all the time. Here's how to tell them apart.
DHCP
IP address assigned automatically from a pool.
Reduces configuration errors and administrative overhead.
IP can change over time (lease renewal may get a different address).
Requires a DHCP server and network connectivity to it.
Supports centralized management and scalability.
Static IP
IP address manually configured on the device.
No dependency on a DHCP server; works even if server is down.
IP never changes unless manually changed.
Prone to configuration errors (typos, duplicate IPs).
Not scalable for large networks; requires manual tracking.
Mistake
DHCP assigns the same IP address to every device.
Correct
DHCP assigns unique IP addresses from a pool. It can be configured to reserve a specific IP for a specific MAC address (DHCP reservation), but by default it gives out the next available address.
Mistake
APIPA addresses are assigned by the DHCP server when the scope is full.
Correct
APIPA is a fallback mechanism used by Windows when DHCP fails entirely (e.g., server unreachable). It is not assigned by the server; the client self-assigns an address in the 169.254.0.0/16 range.
Mistake
DNS only resolves domain names to IP addresses.
Correct
DNS also supports reverse lookup (IP to name) via PTR records. Additionally, it supports other record types like MX (mail), CNAME (aliases), and TXT (text).
Mistake
The `ipconfig /renew` command immediately renews the lease without releasing.
Correct
`ipconfig /renew` first releases the current IP (if any) and then requests a new lease. It performs a DHCP Discover, Offer, Request, Acknowledge sequence.
Mistake
Static IP addresses are always better than DHCP.
Correct
Static IPs are appropriate for servers, printers, and network devices that need a consistent address. For client devices, DHCP is preferred because it reduces configuration errors and simplifies management.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
DHCP automatically assigns IP addresses from a pool, while static IP requires manual configuration. DHCP is easier to manage and reduces errors, but static IP is necessary for devices that must always have the same IP, like servers. The exam expects you to know when to use each.
APIPA (Automatic Private IP Addressing) means the device has assigned itself an IP in the 169.254.0.0/16 range because it could not reach a DHCP server. To fix it, check the DHCP server status, network connectivity to the server, and that the DHCP scope is not exhausted. You can also try `ipconfig /renew`.
Use the command `ipconfig /flushdns` to clear the DNS resolver cache. This is useful when you suspect cached incorrect DNS entries. You can view the cache with `ipconfig /displaydns`.
DHCP uses UDP port 67 for the server and UDP port 68 for the client. The client sends messages from port 68 to port 67, and the server responds from port 67 to port 68.
Yes, but you must ensure that static IPs are outside the DHCP scope or that the DHCP server excludes those addresses. Otherwise, you may get IP conflicts. It's common to use reservations for devices that need a consistent IP.
The default subnet mask for a Class C network is 255.255.255.0, which corresponds to /24 in CIDR notation. This allows for 254 usable hosts.
When you type a domain name, your computer checks its local cache (hosts file and DNS cache). If not found, it queries the configured DNS server (recursive resolver). The resolver queries root servers, then TLD servers, then authoritative servers for the domain, and returns the IP address. The result is cached for future use.
You've just covered Network Configuration: IP, DNS, DHCP — now see how well it sticks with free 220-1101 practice questions. Full explanations included, no account needed.
Done with this chapter?