DHCP Across IP Routers

  • Article

In a large IP internetwork, DHCP servers should be placed in strategic locations servicing DHCP clients of multiple networks. For this configuration to work effectively, DHCP messages must be able to cross IP routers using a DHCP Relay Agent.

In addition to propagating DHCP messages, a DHCP Relay Agent takes an active role in recording information necessary for DHCP configuration and helps direct DHCP messages between the DHCP server and the DHCP client.

Initial DHCP Configuration

Initial DHCP configuration is done by a DHCP client that has never leased an IP address, has released its IP address, or has received a DHCPNack in response to attempting to lease a previous IP address. The initial DHCP configuration process consists of four DHCP messages: DHCPDiscover, DHCPOffer, DHCPRequest, DHCPAck.

DHCPDiscover

The DHCP client sends the DHCPDiscover, containing the MAC address of the DHCP client, to the limited broadcast IP address (255.255.255.255) and the MAC-level broadcast address. The DHCP Relay Agent receives and processes the DHCPDiscover.

As established in RFC 1542, the DHCP Relay Agent can forward the packet to an IP broadcast, multicast, or unicast address. In practice, DHCP Relay Agents forward DHCPDiscover messages to unicast IP addresses which correspond to DHCP servers. Before forwarding the original DHCPDiscover message, the DHCP Relay Agent makes the following changes:

  • Increments the Hop Count field in the DHCP header. The DHCP Hop Count field is separate from the Time to Live (TTL) field in the IP header and is used to indicate on how many networks this DHCPDiscover has existed as a broadcast. When the configured maximum Hop Count is exceeded, the DHCPDiscover is silently discarded. The default maximum hop count for the Windows 2000 DHCP Relay Agent is 4.

  • If needed, updates the Relay IP Address field (also known as the Gateway IP Address field) in the DHCP header. When the DHCP client sends the DHCPDiscover message, the Relay IP Address field is set to 0.0.0.0. If the Relay IP Address is 0.0.0.0, the DHCP Relay Agent records the IP address of the interface on which the DHCPDiscover message was received. If the Relay IP Address is not 0.0.0.0, the DHCP Relay Agent does not modify it. The Relay IP Address field records the first router interface encountered by the DHCPDiscover message.

  • Changes the source IP address of the DHCPDiscover message to the IP address of the interface on which the broadcasted DHCPDiscover was received.

  • Changes the destination IP address of the DHCPDiscover message to the configured unicast address of the DHCP server.

The DHCP Relay Agent sends the DHCPDiscover message as a unicasted IP packet rather than as an IP and MAC-level broadcast. If the DHCP Relay Agent is configured with multiple DHCP servers, it sends each DHCP server a copy of the DHCPDiscover message.

DHCPOffer

When responding to the DHCP client's request for an IP address, the DHCP server uses the Relay IP Address field in the following ways:

  • The Relay IP Address and the subnet masks of the server's configured scopes are compared through a logical AND comparison to find a scope whose network ID matches the network ID of the Relay IP Address. When a match is found, the DHCP server allocates an IP address from that scope.

  • When sending the offer back to the client, the DHCP server sends the DHCPOffer message to the Relay IP Address as the destination IP address.

Once received by the DHCP Relay Agent, the Relay IP Address is used to determine which interface to which the DHCPOffer message is to be forwarded. It then forwards the DHCPOffer message to the client using the offered IP address as the destination IP address and the client's MAC address as the destination MAC address.

DHCPRequest

As it does with the DHCPDiscover message, the DHCP client sends the DHCPRequest message, containing the MAC address of the client, to the limited IP broadcast address 255.255.255.255 and to the MAC-level broadcast address. The DHCP Relay Agent receives this packet and forwards it as a directed IP packet to the configured DHCP server or servers.

DHCPAck

The DHCP server initially sends the DHCPAck message to the Relay IP Address, as it did with the DHCPOffer message. When the DHCP Relay Agent receives the DHCPAck message, it re-addresses it to the client's offered IP address and MAC address.

Rebooted Renewal

When a Microsoft-based DHCP client shuts down, it does not send a DHCPRELEASE message to the DHCP server. Instead, when the DHCP client restarts, it attempts to obtain the IP address it was last using through a DHCPRequest and DHCPAck exchange of messages.

DHCPRequest

When a Microsoft-based DHCP client reboots, it attempts to lease its previously allocated IP address through a broadcasted DHCPRequest message. The DHCPRequest, sent to the limited IP broadcast address 255.255.255.255 and to the MAC-level broadcast address, contains the MAC address and the previously allocated IP address of the client. The DHCP Relay Agent receives this packet and treats the message in much the same way as a DHCPDiscover message. Before forwarding, the DHCP Relay Agent:

  • Increments the Hop Count field in the DHCP header.

  • Records the IP address of the interface on which the DHCPRequest message was received in the Relay IP Address field.

  • Changes the source IP address to the IP address of the interface on which the broadcasted DHCPDiscover message was received.

  • Changes the destination IP address to the unicast address of the DHCP server recorded in the DHCPRequest and forwards it as a directed IP packet.

DHCPAck and DHCPNack

When the DHCP server receives the DHCPRequest, it compares the network ID of client's previously allocated IP address to the network ID of the Relay IP Address.

  • If the two network IDs are the same and the IP address can be reallocated to the DHCP client, the DHCP server initially sends a DHCPAck to the IP address found in the Relay IP Address field. When the DHCP Relay Agent receives the DHCPAck, it re-addresses it to the client's offered IP address and MAC address.

  • If the two network IDs are the same and the IP address cannot be reallocated to the DHCP client, the DHCP server initially sends a DHCPNack to the IP address found in the Relay IP Address field. When the DHCP Relay Agent receives the DHCPNack, it re-addresses it to the client's offered IP address and MAC address. At this point, the DHCP client must restart the IP address allocation process with a DHCPDiscover.

  • If the two network IDs are not the same, the DHCP client has moved to a different subnet, and the DHCP server sends a DHCPNack to the IP address found in the Relay IP Address field. When the DHCP Relay Agent receives the DHCPNack, it re-addresses it to the client's offered IP address and MAC address. At this point, the DHCP client must restart the IP address allocation process with a DHCPDiscover.