What is this DHCP and where is it used?
As we all know, if computers want to communicate with each other, they must be on the same network. In addition, every computer must be assigned an IP address. In large networks, this can take a significant portion of administrators’ and users’ time, not to mention the possibility of assigning duplicate addresses and lost connectivity. And even if you configure everything correctly, it’s difficult to add new hosts to the network. Or what if the employee moves to another part of a building? DHCP to the rescue!
DHCP stands for Dynamic Host Configuration Protocol. DHCP is a protocol that’s used to automatically configure the hosts on a network. In addition to configuring the hosts with an IP address, DHCP can also configure them with additional parameters, such as a subnet mask, or DNS server address.
DHCP address allocation
There are three DHCP allocation mechanisms:
- Manual
The client is assigned an IP address and DHCP just sends it to the client. - Automatic
DHCP automatically assigns an IP address to the client from a pool of IP addresses permanently. - Dynamic
DHCP assigns the client an IP address from a pool of addresses for a limited period of time (until it expires) or until the client informs the server that it no longer requires the address.
Of course, you can see, the most useful is dynamic allocation. The host can use the leased IP address until it expires. Expiry of addresses ensures that hosts don’t use the addresses they don’t need.
How does DHCP work?
As you might find this blog post while preparing for a CCNA or CCENT exam, let’s just briefly describe how DHCP works.
It’s basically pretty simple and comes down to four steps:
- DHCP Discover – DHCPDISCOVERThe host that’s configured to use DHCP sends a broadcast message designed to locate a DHCP server.
- DHCP Offer – DHCPOFFERThe server responds by unicast – DHCPOFFER message to the host. DHCP Offer message contains the IP address offered to the host, subnet mask, lease duration and IP address of the DHCP Server.
- DHCP Request – DHCPREQUESTHost accepts the offer and uses broadcast to send the DHCPREQUEST message to the server. This message basically means: OK, I accept the offer. Broadcast is used because the host still doesn’t have an IP address and to inform the other DHCP servers whose offer the host has accepted.
- DHCP Acknowledge – DHCPACKWhen the DHCP server receives the DHCPREQUEST message, it replies to the host with a DHCPACK message. The DHCPACK message contains the same information as a DHCPOFFER, except it has a different message type. When the host receives DHCPACK it uses Address Resolution Protocol to look up the address it received. If the host doesn’t receive an ARP reply it knows that the IP address is valid and starts using it.
OK, you have a basic understanding of the DHCP’s purpose and its operation. Now for the FUN part. Let’s try and configure a router to serve as a DHCP server that provides addresses to the hosts. We’ll use routers to play the part of hosts as well.
Simple DHCP configuration
OK, let’s create a simple network. Refer to the image below.
We’ll use GNS3 for a DHCP configuration practice. GNS3 is a great tool for network emulation.
Routers R3, R4 and R5 will play the part of hosts. The goal is that R1 would be reachable from all hosts. First, let’s configure the DHCP server. At first, it will be a simple configuration, just enough for the hosts to obtain an IP address.
Once you configure GNS3 and create a network like the one in the image right-click on the DHCP router and choose console.
Once the booting is done, press enters to get to the prompt. There you can configure the router to act as a DHCP server. DHCP server has a pool of IP addresses for assignment. First, we’ll configure the router interface and then the DHCP pool:
DHCP>en DHCP#conf t Enter configuration commands, one per line. End with CNTL/Z. DHCP(config)#int fa 1/0 DHCP(config-if)#ip address 192.168.1.1 255.255.255.0 DHCP(config-if)#no shut DHCP(config-if)#exit DHCP(config)# *Mar 1 00:04:52.439: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up *Mar 1 00:04:53.439: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to up DHCP(config)#ip dhcp pool net-192-168 DHCP(dhcp-config)#network 192.168.1.0 255.255.255.0 DHCP(dhcp-config)#default-router 192.168.1.1
The default-router configuration directive configures the hosts with (to use the PC term) the „default gateway” address.
That’s the basic configuration. However, it may be wise to exclude some addresses from DHCP assignments so they can be used for other functions. All the addresses in the excluded address range will not be considered for hosts’ addresses, and the first assigned address will be just outside the range. Here’s how you do that:
DHCP(config)#ip dhcp excluded-address ? A.B.C.D Low IP address DHCP(config)#ip dhcp excluded-address 192.168.1.1 ? A.B.C.D High IP address <cr> DHCP(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.10
OK, now just to complete the configuration of the port toward the R1 router:
DHCP(config)#int fa 0/0 DHCP(config-if)#ip add 172.16.0.2 255.255.255.252 DHCP(config-if)#no shut
OK, now for the hosts. The host configuration is very simple. We just need to tell them to use the DHCP to obtain an IP address:
R3>en R3#conf t Enter configuration commands, one per line. End with CNTL/Z. R3(config)#int fast R3(config)#int fastEthernet 0 R3(config-if)#no shut R3(config-if)#ip *Mar 1 00:00:47.011: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up *Mar 1 00:00:48.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up R3(config-if)#ip address dhcp R3(config-if)# *Mar 1 00:01:06.459: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.11, mask 255.255.255.0, hostname R3
That last message informs us what just happened. The ip address 192.168.1.11 was assigned to the Fast Ethernet interface. As you can see, that address is just beyond our configured range: 192.168.1.1 – 192.168.1.10.
When the router is a DHCP client and receives the DHCP packet it creates a default static route in its routing table containing the address configured by the default-router 192.168.1.1 command on the DHCP server. Let’s take a look at the routing table:
R3#sh ip route !!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Gateway of last resort is 192.168.1.1 to network 0.0.0.0 C 192.168.1.0/24 is directly connected, FastEthernet0 S* 0.0.0.0/0 [254/0] via 192.168.1.1
You can see that the IP route was created with an administrative distance of 254, which means that it’s a floating static route. That means if you configure the default route manually later or receive it via routing protocol that new route will be considered better and used instead of the one provided by the DHCP, which is great!
Now do the same for two other hosts:
R4(config)#int f0 R4(config-if)#ip add dhcp R4(config-if)#no shut R4(config-if)# *Mar 1 00:04:00.799: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up *Mar 1 00:04:01.799: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up R4(config-if)# *Mar 1 00:04:06.643: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.11, mask 255.255.255.0, hostname R4
Host 2:
R5>en R5#conf t Enter configuration commands, one per line. End with CNTL/Z. R5(config)#int f0 R5(config-if)#ip add dhcp R5(config-if)#no shut R5(config-if)# *Mar 1 00:06:22.327: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up *Mar 1 00:06:23.327: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up R5(config-if)# *Mar 1 00:06:34.171: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.13, mask 255.255.255.0, hostname R5
Now when the hosts are configured, let’s just configure R1 so we can ping it. As you know R1 needs a route for the 192.168.1.0 network, so it knows how to reply:
R1>en R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#int f0/0 R1(config-if)#ip add 172.16.0.1 255.255.255.252 R1(config-if)#no shut R1(config-if)# *Mar 1 00:08:31.603: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Mar 1 00:08:32.603: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up R1# R1# R1(config-if)#ip route 192.168.1.0 255.255.255.0 172.16.0.2
Now we can ping the hosts from R1 and vice-versa:
R1#ping 192.168.1.13 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.13, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 700/771/920 ms R1#
NOTE: the basic concept of routing is explained in one of my previous blog posts: Introduction to Routing.
That concludes our simple DHCP example. Let’s now turn to the somewhat more complex situation you might encounter;
DHCP server behind the router
We’ve seen that the DHCP protocol uses broadcasts for its operation. And as we all know routers break up broadcast domains. That means a broadcast message cannot go behind a router’s interface. And what if our DHCP server was behind a router?
WAIT? How’s that possible, you say? Well, a router doesn’t have to be a DHCP server. For example, Windows Server Editions have the ability to act as a DHCP server. And in large enterprises, servers don’t have to be on the same subnet as hosts. So, how does the host locate a server if the server is not in its subnet and broadcast messages can’t go through?
Luckily, there’s a solution! We can use a feature called helper address. This feature enables routers to forward DHCP broadcasts to the DHCP server. In short, the router acts as a relay agent. Let’s test this one out. Create a simple network like the one in the image:
The idea is that all the hosts can communicate and that the DHCP router provides the correct IP addresses for them, which means H1 and H2 should get an address from the 192.168.1.0/24 network and H3 should get one from the 192.168.15.0/24 network. First, let’s configure the DHCP router. There are a few considerations when configuring DHCP in this topology:
As the RELAY router connects the two networks, it will have the first IP address in each network on the appropriate interface:
- RELAY – Fast Ethernet 1/0 -> 192.168.1.1
- RELAY – Fast Ethernet 0/0 -> 192.168.15.1
I’m sure you know what this means: RELAY will be the default router for both networks and we should configure it as such using the DHCP. So, let’s get into it. DHCP is first:
DHCP>en DHCP#conf t Enter configuration commands, one per line. End with CNTL/Z. DHCP(config)#int fa0/0 DHCP(config-if)#ip address 192.168.15.5 255.255.255.0 DHCP(config-if)#no shut DHCP(config-if)# *Mar 1 00:00:51.979: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Mar 1 00:00:52.979: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up DHCP(config-if)#ip dhcp pool net-15-0 DHCP(dhcp-config)#network 192.168.15.0 255.255.255.0 DHCP(dhcp-config)#default-router 192.168.15.1 DHCP(dhcp-config)#dns-server 192.168.15.1 DHCP(dhcp-config)# DHCP(dhcp-config)# DHCP(dhcp-config)#ip dhcp pool net-1-0 DHCP(dhcp-config)#network 192.168.1.0 255.255.255.0 DHCP(dhcp-config)#default-router 192.168.1.1 DHCP(dhcp-config)#dns-server 192.168.1.1 DHCP(dhcp-config)#exit DHCP(config)#ip dhcp exclude 192.168.15.1 192.168.15.10 DHCP(config)#ip dhcp exclude 192.168.1.1 192.168.1.10
Note that we can also use DHCP to set up a DNS server. We can see the pools we created using the show ip dhcp pool command:
DHCP#show ip dhcp pool Pool net-15-0 : Utilization mark (high/low) : 100 / 0 Subnet size (first/next) : 0 / 0 Total addresses : 254 Leased addresses : 0 Pending event : none 1 subnet is currently in the pool : Current index IP address range Leased addresses 192.168.15.1 192.168.15.1 - 192.168.15.254 0 Pool net-1-0 : Utilization mark (high/low) : 100 / 0 Subnet size (first/next) : 0 / 0 Total addresses : 254 Leased addresses : 0 Pending event : none 1 subnet is currently in the pool : Current index IP address range Leased addresses 192.168.1.1 192.168.1.1 - 192.168.1.254 0
Now we configure the RELAY router. It’s configuration is pretty simple, as we need only to configure the IP addresses of the interfaces and helper address feature. Here are the ports:
- Fast Ethernet 0/0 -> 192.168.15.1
- Fast Ethernet 1/0 -> 192.168.1.1
RELAY>en RELAY#conf t Enter configuration commands, one per line. End with CNTL/Z. RELAY(config)#int fa0/0 RELAY(config-if)#ip add 192.168.15.1 255.255.255.0 RELAY(config-if)#no shut RELAY(config-if)# *Mar 1 00:00:59.163: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up *Mar 1 00:01:00.163: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up RELAY(config-if)#int fa1/0 RELAY(config-if)#ip address 192.168.1.1 255.255.255.0 RELAY(config-if)#no shut RELAY(config-if)# *Mar 1 00:01:29.511: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up *Mar 1 00:01:30.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to up RELAY(config-if)# RELAY(config-if)# RELAY(config-if)#ip helper-address 192.168.15.5 RELAY(config-if)#end
See, that was easy. Now for the hosts (H1, H2, H3). Not much configuration there, so let’s do them:
H1 is first:
H1>en H1#conf t Enter configuration commands, one per line. End with CNTL/Z. H1(config)#int fa H1(config)#int fastEthernet 0 H1(config-if)#ip add dhcp H1(config-if)#no shut H1(config-if)# *Mar 1 00:00:41.791: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up *Mar 1 00:00:42.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
Hmm, where’s the message confirming the DHCP assignment? Let’s verify:
H1(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0 unassigned YES unset administratively down down FastEthernet0 unassigned YES DHCP up up
What’s happening? H1 didn’t get an IP address! And we used a helper address on RELAY?! What’s the deal? Well, it’s pretty simple. Let’s take a look at the DHCP’s routing table:
DHCP#sh ip route !!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Gateway of last resort is not set C 192.168.15.0/24 is directly connected, FastEthernet0/0
It’s simple. The DHCP router doesn’t know how to reach RELAY’s FA 1/0 interface. We can even enable debugging to verify this:
DHCP#debug ip dhcp server packet
The result is the following:
So, we just need to add the static route for the 192.168.1.0/24 network:
DHCP(config)#ip route 192.168.1.0 255.255.255.0 192.168.15.1 DHCP(config)#do sh ip route !!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Gateway of last resort is not set C 192.168.15.0/24 is directly connected, FastEthernet0/0 S 192.168.1.0/24 [1/0] via 192.168.15.1
Now it works:
H1(config-if)#ip add dhcp H1(config-if)# *Mar 1 00:16:43.219: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.12, mask 255.255.255.0, hostname H1
OK, time for H2:
H2>en H2#conf t Enter configuration commands, one per line. End with CNTL/Z. H2(config)#int f0 H2(config-if)#no shut H2(config-if)# *Mar 1 00:06:11.075: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up *Mar 1 00:06:12.075: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up H2(config-if)#ip add dhcp H2(config-if)# *Mar 1 00:06:34.159: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.12, mask 255.255.255.0, hostname H2 H2(config-if)#
See, everything went well. Now, let’s check the routing table:
H2(config-if)#do sh ip route !!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Gateway of last resort is 192.168.1.1 to network 0.0.0.0 192.168.15.0/32 is subnetted, 1 subnets S 192.168.15.5 [254/0] via 192.168.1.1, FastEthernet0 C 192.168.1.0/24 is directly connected, FastEthernet0 S* 0.0.0.0/0 [254/0] via 192.168.1.1 H2(config-if)#
See, it’s smart. It installed both a default route and a static route to the DHCP server, both as floating static routes.
Now just for H3:
H3>en H3#conf t Enter configuration commands, one per line. End with CNTL/Z. H3(config)#int f0 H3(config-if)#no shut H3(config-if)# *Mar 1 00:10:03.703: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up *Mar 1 00:10:04.703: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up H3(config-if)#ip add dhcp H3(config-if)# *Mar 1 00:10:24.555: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.15.11, mask 255.255.255.0, hostname H3 H3(config-if)#do sh ip route !!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Gateway of last resort is 192.168.15.1 to network 0.0.0.0 C 192.168.15.0/24 is directly connected, FastEthernet0 S* 0.0.0.0/0 [254/0] via 192.168.15.1
This one has only a default route because the DHCP server is in its network and the helper address wasn’t used.
Now all the hosts have IP addresses and are able to ping each other. Let’s try from H1 to H3:
H1#ping 192.168.15.11 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.11, timeout is 2 seconds: .!!!! Success rate is 80 percent (4/5), round-trip min/avg/max = 676/936/1208 ms H1#ping 192.168.15.11 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.15.11, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 544/718/1240 ms
As you can see, DHCP is very useful and with the right configuration very flexible tool. This blog post was meant as an introduction to DHCP’s purpose and operation. DHCP has additional options which I hope I’ll deal with in some future blog posts.