When starting out in Azure, a common point of confusion is seeing that the network settings within your VM, whether Linux or Windows, are set to DHCP rather than a static IP. This might seem counterintuitive, especially if you’re used to manually assigning IP addresses.
Why is DHCP used?
This DHCP configuration is intentional, and you should avoid changing it. Microsoft uses DHCP to inject critical networking details directly into the VM’s OS, ensuring integration with Azure’s networking architecture. The most obvious piece of information passed via DHCP is the IP address defined in the Network Interface (NIC) object in Azure, but there’s much more happening under the hood.
Capturing DHCP in action
To better understand what’s going on, let’s break down a Wireshark capture of the DHCP traffic from an Azure VM and see what information gets passed from Azure’s software-defined networking stack to the OS.
The key role of DHCP in this context is to automatically assign not just IP addresses, but also a host of other crucial network settings via what are known as DHCP options. Let’s explore the key options and what they accomplish.
We can see a number of DHCP options in our Wireshark output. The ones were going to focus on today are 1, 3, 6, 15 and 121
Option: (1) Subnet Mask (255.255.255.0)
Length: 4
Subnet Mask: 255.255.255.0
Option: (3) Router
Length: 4
Router: 10.0.0.1
Option: (6) Domain Name Server
Length: 4
Domain Name Server: 168.63.129.16
Option: (15) Domain Name
Length: 51
Domain Name: suy4vbizuixuloqgscnox0usye.zx.internal.cloudapp.net
Option: (51) IP Address Lease Time
Length: 4
IP Address Lease Time: infinity (-1)
Option: (53) DHCP Message Type (ACK)
Length: 1
DHCP: ACK (5)
Option: (54) DHCP Server Identifier (168.63.129.16)
Length: 4
DHCP Server Identifier: 168.63.129.16
Option: (58) Renewal Time Value
Length: 4
Renewal Time Value: infinity (-1)
Option: (59) Rebinding Time Value
Length: 4
Rebinding Time Value: infinity (-1)
Option: (243) Private
Option: (245) Private
Option: (121) Classless Static Route
Length: 23
default-10.0.0.1
168.63.129.16/32-10.0.0.1
169.254.169.254/32-10.0.0.1
Option: (255) End
Lets explore these options one by one and what they accomplish.
DHCP Option 1 (Subnet Mask): This option provides the subnet mask to the client, which is necessary for determining the network portion of an IP address. It defines how IP addresses within a network are segmented and how routing decisions are made based on the subnet.
DHCP Option 3 (Router or Default Gateway): This option is used to provide the default gateway IP address to the client. The default gateway allows the client to communicate with devices outside its local subnet, facilitating communication between different networks or the internet.
DHCP Option 6 (DNS Servers): This option provides the DNS server IP addresses. These are used by the client to resolve domain names into IP addresses, enabling communication with other devices using easily memorable domain names rather than numeric IP addresses.
DHCP Option 15 (Domain Name): This option specifies the domain name that the client should use as part of its DNS configuration. It can help define the network’s domain name for internal DNS resolution, making it easier to resolve hostnames without using fully qualified domain names (FQDNs).
DHCP Option 121 (Classless Static Routes): This option provides the client with static routes that do not follow classful network boundaries. It allows the VM to route traffic to specific networks using custom routes, enhancing control over how network traffic is directed between subnets or networks without requiring adjustments to subnet masks.
In our Azure example we can see these options in action. Without details like subnet mask, static routes and DNS servers, your networking could come to a standstill. DHCP takes the pain of knowing these details out of the equation and manages them for you.
Why This Matters
So why does Azure rely on DHCP instead of manual configurations?
By keeping networking settings (like IP addresses, gateways, and routes) within Azure’s NIC configuration, Azure can centralise and manage these details externally. This avoids potential issues such as accidentally locking yourself out by setting the wrong IP address or gateway inside the VM.
Since the DHCP configuration is managed by Azure, if something goes wrong, for example you misconfigure an IP or gateway inside the VM, you can easily recover by adjusting the settings in the Azure Portal without needing direct access to the VM itself. The VM will periodically renew its DHCP lease and receive the correct networking details, helping to maintain a consistent network environment.