Foundation Topics

Understanding DHCP

DHCP, a descendant of BootP, allows a server to automatically provision IPv4 addresses and configuration information to clients as they boot.

There are two principal advantages to DHCP, and they are big ones. First, DHCP makes it easier to administer an IP network. Without DHCP, administrators would have to manually assign and track addresses and this is—at best—laborious and error-prone. Second, DHCP allows clients to temporarily use IP addresses and thus make better use of IP address space. DSL customers of an ISP, for example, only need IP addresses when they are currently online.

With DHCP, the following process takes place:

  1. Clients broadcast asking for IP configuration information and servers respond with address, mask, gateway, and other information. Specifically, new clients broadcast a DHCP DISCOVER message.

  2. Each server on the network responds with an OFFER. It is not uncommon—particularly in enterprise settings—to have redundant DHCP servers, so the user could get two or more responses. The OFFER contains an IP address, mask, gateway, lease time, and possibly option codes.

  3. The client considers its offers and picks one. Different implementations pick in different ways; Windows XP will take a previous address if offered, other operating systems will take the first OFFER. The client sends back a REQUEST that basically says "if this IP is still available, I would like it."

  4. The server responds with an ACK to indicate that it has recorded the assignment.

  5. Finally, the client will send an ARP request for its new address. If anyone else responds, the client knows it has been assigned an address that is already in use and the client starts the DHCP process again. This process is called a gratuitous ARP.


Many client operating systems use something called Automatic Private IP Addressing. This process assigns an IP address, even in the absence of a DHCP server. If a DISCOVER message is not answered, the client picks a random 16-bit number and prepends it with 169.254. It performs a gratuitous ARP and assigns that address to itself.

The idea of Automatic Private IP Addressing is that two travelers could link their devices quickly and easily. For instance, two train commuters could play a game on the way to the city. They configure DHCP on their laptops and use Automatic Private IP Addressing on the train and get a different IP in the office.

If you see a 169.254.x.x address, it means that the DHCP server is not reachable. The PC will not work because there is not a router to or from that IP. Troubleshoot this by finding out why the PC cannot see the DHCP server.

DHCP Roles

There are at least two devices involved in any DHCP setup—a DHCP server and a DHCP client. There are often additional devices in the network between the client and server, called DHCP relays. The following sections describe the function and configuration of each of these DHCP roles.

Acting as a DHCP Server

The following steps configure an IOS device as a DHCP server:

Step 1.
Create a pool of addresses to assign to clients. The syntax for this command is

Router(config)# ip dhcp pool name

Step 2.
Assign a network to the pool:

Router(config-dhcp)# network network/mask

Step 3.
Tell the client how long it can keep the address—this is called the lease period. Most DHCP implementations use a three-day lease, but IOS defaults to one day:

Router(config-dhcp)# lease days

Step 4.
Identify the DNS server:

Router(config-dhcp)# dns-server address

Step 5.
Finally, identify the default gateway:

Router(config-dhcp)# default-router ip-address

Addresses are always assigned on the interface that has an IP address in the same subnet as the pool. Example 13-1 shows this configuration in context.

Example 13-1. DHCP

Router(config)# interface fastethernet 0/1
Router(config-if)# ip address
Router(config)# ip dhcp pool 1
Router(config-dhcp)# network /24
Router(config-dhcp)# default-router
Router(config-dhcp)# lease 3
Router(config-dhcp)# dns-server

Some IOS devices receive an IP address on one interface and assign IP addresses on another. In these instances, DHCP may import the options and parameters from one interface and pass them to the other interface. The command to do so is

Router(config-dhcp)# import all

Using import all can reduce the headache of setting up DHCP in remote offices. The router, once it is onsite, can determine the local DNS and options.

There are a variety of commands to manage an IOS DHCP server. The additional commands are listed in Table 13-2.

Table 13-2. Descriptions of DHCP Server Commands
service dhcpEnables DHCP server (on by default)
ip dhcp databaseConfigures a database agent
no ip dhcp conflict loggingDisables logging of conflicts
ip dhcp excluded-address start-ip end-ipLists addresses that should be excluded from the pool
domain-name domainDefault DNS assignment

Acting as a DHCP Relay

Normally, routers do not forward broadcast. There are a few times when an exception to this rule would be useful. IP assignment, for instance, would be easier if you did not have to deploy a DHCP server on every segment. If routers passed broadcasts, a central server could take care of remote locations.

Cisco IOS allows routers to forward broadcasts through the ip helper-address command. When configured, a router will forward broadcasts to select UDP ports to predetermined remote locations. A router configured to forward DHCP requests is called a DHCP relay. DHCP relays forward requests and set the gateway to the local router.

To use helper-address, enter the following command in interface configuration mode:

Router(config-if)# ip helper-address address

When first configured, helper-address supports eight UDP ports. Broadcasts to these eight ports are forwarded to the remote address specified by the command. The ports are

  • NTP (UDP 37)

  • TACACS (UDP 49)

  • DNS (UDP 53)

  • DHCP (UDP 67 and 68)

  • TFTP (UDP 69)

  • NetBIOS name service (UDP 137)

  • NetBIOS datagram service (UDP 138)

Additional ports may be added using the command ip forward-protocol udp port. For example, if UDP 5000 should be forwarded and TFTP should not, the commands would be

Router(config)# interface fastethernet0/0
Router(config-if)# ip helper-address
Router(config-if)# exit
Router(config)# ip forward-protocol udp 5000
Router(config)# no ip forward-protocol udp 69

The ip dhcp relay information option command, used on a DHCP relay, enables the system to insert a DHCP relay agent information option (also called option 82) in forwarded BOOTREQUEST messages to a DHCP server. The DHCP server can then use this information to assign the correct subnet.

Acting as a DHCP Client

Setting an IOS device to be a DHCP client is easy. The command is supplied in interface configuration mode. Instead of supplying an IP and mask, the IP address command is used to specify DHCP:

Router(config)# interface fastethernet0/0
Router(config-if)# ip address dhcp

This is a quick and painless way to get remote offices and SOHO users up and running.

Troubleshooting DHCP

The most obvious way to troubleshoot DHCP installations is to type show run and compare the output to this book. This approach, however, can fail due to a lack of details. A more robust way to troubleshoot is to examine the process step-by-step as assignments are made.

Before discussing troubleshooting, we need to rule out some issues. We assume, in this section, that the PC has been shown to have a connection to the network, and the DHCP server is turned on.

Troubleshooting is best approached by following a pre-existing model, such as the OSI model, as follows:

Step 1.
Start by verifying that the PC is not getting an IP address. Verify that the PC and server are each attached to the network.

Step 2.
Make sure that DHCP is set up and that the client is attached to the network and capable of sending traffic.

Step 3.
Examine the DHCP database. To see the database, try show ip dhcp database.

Step 4.
To view more detailed information about the DHCP configuration, use the command show ip dhcp server statistics.

Step 5.
Use show ip dhcp binding and clear binding. To display address bindings on the DHCP server, use the show ip dhcp binding command. To delete an automatic address binding from the DHCP server database, use the clear ip dhcp binding command.

Step 6.
To enable DHCP server debugging, use the debug ip dhcp server events and the debug ip dhcp server packets commands.

Step 7.
Check access control lists to ensure that DHCP messages are not being blocked by ACLs.