If you administer a network large or small, at some point you will need to setup DHCP.
Understanding the way the protocol works is essential, not only for troubleshooting purposes but also in cases where DHCP can help you engineer your network more efficiently.
There are literally thousands of pages on the internet addressing the topic.
This article aims to give you a solid understanding of the DHCP process while cutting out the fluff.
DHCP stands for Dynamic Host Configuration Protocol. It defines a process used to dynamically assign IP addresses and other configuration parameters to hosts on a network segment.
For DHCP to work there needs to be at least one Server which provides the configuration information, and Clients which request this information.
The server here refers to a piece of software which performs a defined set of functions, not a hardware device.
The DHCP client is usually built into an operating system as opposed to being a separate piece of software running on a machine.
In theory, you could have a machine that obtains its IP address from another DHCP server, also running the DHCP server software. ie this machine is a DHCP server and Client simultaneously.
A lot of home routers operate in this manner. They obtain configuration information from an Internet Service Provider, and in turn act as a hand out IP addresses to hosts on the home network.
Why Use DHCP?
DHCP allows for the automatic assignment of IP address and other configuration information to devices on a network.
In addition to assigning this information, DHCP also keeps track of what IP addresses are currently in use, in order to prevent configuration errors.
Changes to device configuration can also be made in a single place.
The alternative is to manually configure and track each individual device on the network. While this is possible and even feasible on a network with a small number of devices, it becomes impossible on a sufficiently large network.
What protocol / port number does DHCP use?
DHCP Uses udp ports 67 and 68. The DHCP server listens/ operates on udp port 67 while the Clients use port 68.
since DHCP uses broadcasts for parts of its operation, it only makes sense that udp and not tcp is the protocol used.
Because of the restriction on what port you can use for the DHCP Server, you can only have 1 DHCP server software running on a host at a time.
Only one application can bind to udp port 67 at a time.
How DHCP Works
When a Client that’s configured for DHCP comes online ( or is first booting up) and needs to obtain an IP address, it goes sends a broadcast message asking any available DHCP server for an IP address.
If there is one, it responds to the Client and they work through the process of assigning an IP address and other configuration information to the Client.
The initial message by the Client is a broadcast and broadcast messages only get to devices on the same Layer 2 network segment (yes Layer 2 NOT 3)
This is an important distinction to make because there are cases where multiple Layer 3 networks can reside on the same Layer 2 segment (VLAN).
Later on, we’ll look at how to get a DHCP server in a separate segment to respond to DHCP requests (using DHCP relay)
Below, is the sequence a Client and Server go through in order for the Client to obtain an IP address and other configuration information.
- DHCPDISCOVER – Client Sends a DHCP Discovery message (broadcast) to the entire segment asking for any present DHCP server to assign it an ip address
- DHCPOFFER – DHCP Server sends IP address to Client. There could be multiple offers depending on the number of DHCP Servers on the segment
- DHCPREQUEST – The Client now uses the information from one of the offers in step 2 to make a request. ie its now officially asking to use the ip address it was previously offered.
- DHCPACK – The Server sends the Client an acknowledgment, which signifies final permission for the Client to use the ip address for the agreed upon period.
Once the sequence is successful (after going through the stages above) ,the DHCP server keeps track of what ip addresses have been assigned and to what device they were assigned.
Unsuccessful DHCP Requests
A DHCP request can also be unsuccessful.
Obviously, one possible reason for a lack of success would be the absence of a DHCP server.
A DHCP Server can also deny a request with the following messages:
DHCPNAK – This could happen if the Client presents a request, which the Server thinks is incorrect, e.g the Client is asking for an address on a subnet where the Server thinks it does not belong.
DHCPDECLINE – The Client is asking for an address thats already in use by another device.
In some cases, a Client may already have an IP address configured but needs to obtain other configuration information. The client can ask for this information using a DHCPINFORM message.
DHCP Lease Duration
Along with the IP address and other configuration information that a Server assigns to a client, it also sends a period of time for which the client can keep the IP address. This is also known as the lease duration.
Technically this duration can be as short as 1 second or as long as infinity
When the lease duration is at its halfway point, the client attempts to renew the lease. If the server is unavailable, it tries again at the halfway point of the remaining time, and again if it is not successful.
The client keeps trying to renew the address until the lease is up, and in theory should give up the address if unable to renew. In practice though, some clients just hang on to the address.
Whats a DHCP Scope?
This is a group of IP addresses that a DHCP Server can lease to clients on the same network segment.
This group of IP addresses will usually be consecutive, but exclusions can be made for IP addresses within the scope which the server may not dynamically assign to a client.
The excluded IP addresses would typically be addresses that have already been statically assigned to other devices.
DHCP Relay is a process that allows DHCP servers on remote network segments to respond to DHCP requests.
In order for this to happen, a DHCP relay agent has to be present and configured on the segment that needs the DHCP service.
The DHCP relay agent listens on the network segment for DHCP requests, and then forwards the requests to a previously configured DHCP server which in turn assigns the configuration information to the new host.
The address assigned to the new host will be an address in the same subnet as the DHCP relay agent.
DHCP Relay Agent
More often than not, the DHCP relay agent will be the router (AKA default gateway) on a network segment.
Most Business-class routers are capable of acting as DHCP relay agents, and even some home grade routers.
In the diagram below, even though there are 2 routers between the DHCP server and the PC, the DHCP relay agent, makes it possible for the PC to obtain an IP address from the DHCP server.
What’s the benefit of using DHCP relay?
Without DHCP Relay, devices on every network segment would only be able to obtain IP addresses from a DHCP Server local to that segment.
DHCP relay allows you to centralize the management of DHCP functions on your network.
RFC 3046 specifically addresses DHCP relay https://tools.ietf.org/html/rfc3046
Enabling DHCP Relay on a Cisco Router
In Cisco terminology, DHCP relay is known as IP helper. The configuration is pretty straightforward.
Here’s an example configuration below:
This is configured on a Layer 3 Cisco switch, for VLAN 10 which does not have a DHCP server locally. The DHCP server at IP address 10.10.10.10 has been configured with a scope for this segment.
It can certainly get more complicated, but this should get you going
interface VLAN 10 ip helper-address 10.10.10.10 ip address 192.168.10.1 255.255.255.0 !
Cisco has a handy guide here.
What Devices can be used as DHCP Servers
Here are some devices you will commonly see used as DHCP servers
- Windows Servers
- Any Linux Machine
- Any Machine running Mac OS
- Routers (yes, including your home router)
These machines usually have a built-in DHCP server you can turn on or off as needed.
Non-server Windows versions typically do not come with a DHCP Server. If you need DHCP services and you have a Windows desktop OS, there are several options for Open Source DHCP Servers.
Here are some in no particular order:
How to configure DHCP Servers
DHCP On Mac OS X
Mac OS X comes with a built-in DHCP Server software, named bootpd. It is a command line tool and is off by default.
The configuration parameters are stored in a file at /etc/bootps.plist
Setting up the DHCP server is mostly about editing the plist file and then starting the service.
The most common items that need to be configured can be found in the example plist further below.
A full list of options as well as instructions can be found by typing the command “man bootpd” into a terminal window.
DHCP options may be specified using the naming convention:
dhcp_option_option_code replacing option_code with a numeric value in the range of 1 through 254.
For example, to specify option code 242, specify a property named dhcp_option_242.
Here are the contents of a plist configured with 2 DHCP scopes :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
The command to start the service :
sudo /bin/launchctl load -w /System/Library/LaunchDaemons/bootps.plist
And to stop it:
sudo /bin/launchctl unload -w /System/Library/LaunchDaemons/bootps.plist
You’ll also need admin privileges to edit the bootps.plist file.
DHCP On a Cisco Router
Here’s the syntax for setting up a DHCP Server on a Cisco router running IOS.
ip dhcp excluded-address 192.168.110.1 192.168.110.10
ip dhcp excluded-address 192.168.110.55
ip dhcp pool Random
network 192.168.110.0 255.255.255.0
dns-server 126.96.36.199 188.8.131.52
option 242 ascii “MCIPADD=184.108.40.206,HTTPSRVR=220.127.116.11”
In this example, we have set up a DHCP pool for the 192.168.110.0/24 network and excluded the first 10 addresses.
Everything is configured in the address pool except strangely enough, for the address exclusions.
There is an option setting for Avaya phones (option 242) and the lease period is 2 days.
DHCP On a Cisco ASA Firewall
Here’s the syntax for a dhcp configuration that assigns ip addresses on the inside interface. The option 3 is the default gateway.
This Configuration is from a Cisco ASA 5506-X and addresses are being served on the inside interface.
dhcpd dns 18.104.22.168 172.18.10.241
dhcpd address 172.18.10.21-172.18.10.240 inside
dhcpd wins 172.18.10.241interface inside
dhcpd lease 86400 interface inside
dhcpd domain random.com interface inside
dhcpd option 3 ip 172.18.10.1 interface inside
dhcpd enable inside
What are DHCP Options
DHCP was primarily created for the purpose of dynamically handing out IP addresses.
The creators recognized that clients receiving IP address might also need to be configured in some other ways.
DHCP Options (also knows as Vendor extensions) are a way for DHCP servers to pass additional (usually vendor specific) information to clients.
Each DHCP option is represented by a number and can range from 1 to 255.
You can find a list of options and their uses here
We also list some of the more common DHCP options and their uses below:
Common DHCP Options and their uses
1 – Subnet Mask
3- Default Gateway
5 – Name Server
15 – Domain name
33 – Static route
43 – Vendor Specific (usually Wireless Controller)
66 – TFTP server
69 – SMTP Server
70 – POP3 Server
138 – capwap WiFi controller IP address
150 – List of TFTP servers
176 – Avaya Telephone
242 – Avaya telephone
DHCP Snooping is a Layer 2 mechanism that provides security by filtering DHCP messages.
This mechanism ensures that rogue DHCP servers on a network segment are not able to successfully hand out addresses to clients on that segment.
DHCP snooping also helps guard against malicious attacks on your network via DHCP.
This will usually be configured on a Layer 2 Switch.
Cisco has few guides on how to configure DHCP snooping on their different products.
Here are a few of them:
Some DHCP Best practices
- Use multiple DHCP servers
- When you have multiple DHCP Servers, each one of them should hand out a unique range of addresses. Eg You can have 1 server responsible for the first half of the addresses in a scope, and a second server responsible for the remaining half.
- Use short lease periods for Guest Networks.
- Don’t use an infinite lease.