DHCP makes our lives easier

As we all know, if the computers want to communicate with each other, they must be on the same network. In addition, every computer must be assigned an IP address. In large networks this can take a significant portion of administrator's and users' time, not to mention the possibility of assigning duplicate addresses and lost connectivity. And even if you configure everything correctly, it's difficult to add new hosts to the network. Or what if the employee moves to another part of a building? DHCP to the rescue!

What is this DHCP and where is it used?

DHCP stands for Dynamic Host Configuration Protocol. DHCP is a protocol that's used on to automatically configure the hosts on a network. In addition to configuring the hosts with an IP address, DHCP can also configure them with additional parameters, such as subnet mask, or DNS server address.

DHCP address allocation

There are three DHCP allocation mechanisms:

  1. Manual

    The client is assigned an IP address and DHCP just sends it to the client.
  2. Automatic

    DHCP automatically assigns a IP address to the client from a pool of IP addresses permanently.
  3. Dynamic

    DHCP assigns the client an IP address from a pool of addresses for a limited period of time (until it expires) or until the client informs the server that it no longer requires the address.

Of course, you can see, most useful is dynamic allocation. The host can use the leased IP address until it expires. Expiry of addresses ensures that hosts don't use the addresses they don't need.

How does DHCP work?

As you might find this blog post while preparing for a CCNA or CCENT exam, let's just briefly describe how DHCP works.

It's basically pretty simple and comes down to four steps:

  1. DHCP Discover - DHCPDISCOVER

    The host that's configured to use DHCP sends a broadcast message designed to locate a DHCP server.
  2. DHCP Offer - DHCPOFFER

    The server responds by unicast - DHCPOFFER message to the host. DHCP Offer message contains the IP address offered to the host, subnet mask, lease duration and IP address of the DHCP Server.
  3. DHCP Request - DHCPREQUEST

    Host accepts the offer and uses broadcast to send the DHCPREQUEST message to the server. This message basically means: OK, I accept the offer. Broadcast is used because the host still doesn't have an IP address and to inform the other DHCP servers whose offer the host has accepted.
  4. DHCP Acknowledge - DHCPACK

    When the DHCP server receives the DHCPREQUEST message, it replies to the host with an DHCPACK message. The DHCPACK message contains the same information as an DHCPOFFER, except it has a different message type. When the host receives DHCPACK it uses Address Resolution Protocol to lookup the address it received. If the host doesn't receive a ARP reply it knows that the IP address is valid and starts using it.

OK, you have the basic understanding of the DHCP's purpose and it's operation. Now for the FUN part. Let's try and configure a router to serve as a DHCP server that provides addresses to the hosts. We'll use routers to play the part of hosts as well.

Simple DHCP configuration

OK, let's create a simple network. Refer to the image below.

We'll use GNS3 for a DHCP configuration practice. GNS3 is a great tool for network emulation. If you need an introduction to GNS3, refer to my blog post about it or official documentation on GNS3 website.

Routers R3, R4 and R5 will play the part of hosts. The goal is that R1 would be reachable from all hosts. First, let's configure the DHCP server. At first it will be a simple configuration, just enough for the hosts to obtain an IP address.

Once you configure GNS3 and create a network like the one in the image right-click on the DHCP router and choose console.

Once the booting is done, press enter to get to the prompt. There you can configure the router to act as a DHCP server. DHCP server has a pool of IP addresses for assignment. First, we'll configure the router interface and then DHCP pool:

DHCP>en
DHCP#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
DHCP(config)#int fa 1/0
DHCP(config-if)#ip address 192.168.1.1 255.255.255.0
DHCP(config-if)#no shut
DHCP(config-if)#exit
DHCP(config)#
*Mar  1 00:04:52.439: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up
*Mar  1 00:04:53.439: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to up
DHCP(config)#ip dhcp pool net-192-168
DHCP(dhcp-config)#network 192.168.1.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.1.1

The default-router configuration directive configures the hosts with (to use the PC term) the „default gateway” address.

That's the basic configuration. However, it may be wise to exclude some addresses from DHCP assignments so they can be used for other functions. All the addresses in the excluded address range will not be considered for hosts' addresses, and the first assigned address will be just outside the range. Here's how you do that:

DHCP(config)#ip dhcp excluded-address ?
  A.B.C.D  Low IP address
 
DHCP(config)#ip dhcp excluded-address 192.168.1.1 ?
  A.B.C.D  High IP address
  <cr>
 
DHCP(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.10

OK, now just to complete the configuration of port toward the R1 router:

DHCP(config)#int fa 0/0
DHCP(config-if)#ip add 172.16.0.2 255.255.255.252
DHCP(config-if)#no shut

OK, now for the hosts. Hosts configuration is very simple. We just need to tell them to use the DHCP to obtain an IP address:

R3>en
R3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#int fast
R3(config)#int fastEthernet 0
R3(config-if)#no shut
R3(config-if)#ip
*Mar  1 00:00:47.011: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:00:48.011: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
R3(config-if)#ip address dhcp
R3(config-if)#
*Mar  1 00:01:06.459: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.11, mask 255.255.255.0, hostname R3

That last message informs us what just happened. The ip address 192.168.1.11 was assigned to the Fast Ethernet interface. As you can see, that address is just beyond our configured range: 192.168.1.1 - 192.168.1.10.

When the router is a DHCP client and receives the DHCP packet it creates a default static route in it's routing table containing the address configured by the default-router 192.168.1.1 command on the DHCP server. Let's take a look at the routing table:

R3#sh ip route
 
!!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
 
C    192.168.1.0/24 is directly connected, FastEthernet0
S*   0.0.0.0/0 [254/0] via 192.168.1.1

You can see that the IP route was created with a administrative distance of 254, which means that it's a floating static route. That means if you configure the default route manually later or receive it via routing protocol that new route will be considered better and used instead of this one provided by the DHCP, which is great!

Now do the same for two other hosts:

R4(config)#int f0
R4(config-if)#ip add dhcp
R4(config-if)#no shut
R4(config-if)#
*Mar  1 00:04:00.799: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:04:01.799: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
R4(config-if)#
*Mar  1 00:04:06.643: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.11, mask 255.255.255.0, hostname R4
R5>en
R5#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R5(config)#int f0
R5(config-if)#ip add dhcp
R5(config-if)#no shut
R5(config-if)#
*Mar  1 00:06:22.327: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:06:23.327: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
R5(config-if)#
*Mar  1 00:06:34.171: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.13, mask 255.255.255.0, hostname R5

Now when the hosts are configured, let's just configure R1 so we can ping it. As you know R1 needs a route for the 192.168.1.0 network, so it knows how to reply:

R1>en
R1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#int f0/0
R1(config-if)#ip add 172.16.0.1 255.255.255.252
R1(config-if)#no shut
R1(config-if)#
*Mar  1 00:08:31.603: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:08:32.603: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1#
R1#
R1(config-if)#ip route 192.168.1.0 255.255.255.0 172.16.0.2

Now we can ping the hosts from R1 and vice-versa:

R1#ping 192.168.1.13
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.13, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 700/771/920 ms
R1#
R3(config-if)#do ping 172.16.0.1
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 808/953/1348 ms
R3(config-if)#

NOTE: the basic concept of routing is explained in one of my previous blog posts: Introduction to Routing.

That concludes our simple DHCP example. Let's now turn to somewhat more complex situation you might encounter;

DHCP server behind the router

We've seen that DHCP protocol uses broadcasts for it's operation. And as we all know routers break up broadcast domains. That means a broadcast message cannot go behind a router's interface. And what if our DHCP server was behind a router?

WAIT? How's that possible, you say? Well, a router doesn't have to be a DHCP server. For example Windows Server Editions have the ability to act as a DHCP server. And in large enterprises, servers don't have to be on the same subnet as hosts. So, how does the host locate a server if the server is not in it's subnet and broadcast messages can't go through?

Luckily, there's a solution! We can use a feature called helper address. This feature enables routers to forward DHCP broadcasts to DHCP server. In short, router acts as a relay agent. Let's test this one out. Create a simple network like the one in the image:

The idea is that all the hosts can communicate and that DHCP router provides the correct IP addresses for them, which means H1 and H2 should get an address from 192.168.1.0/24 network and H3 should get one from 192.168.15.0/24 network. First, let's configure the DHCP router. There are a few considerations when configuring DHCP in this topology:

As RELAY router connects the two networks, it will have the first IP address in each network on the appropriate interface:

  • RELAY - Fast Ethernet 1/0 -> 192.168.1.1
  • RELAY - Fast Ethernet 0/0 -> 192.168.15.1

I'm sure you know what this means: RELAY will be the default router for both networks and we should configure it as such using the DHCP. So, let's get into it. DHCP is first:

DHCP>en
DHCP#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
DHCP(config)#int fa0/0
DHCP(config-if)#ip address 192.168.15.5 255.255.255.0
DHCP(config-if)#no shut
DHCP(config-if)#
*Mar  1 00:00:51.979: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:00:52.979: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
DHCP(config-if)#ip dhcp pool net-15-0
DHCP(dhcp-config)#network 192.168.15.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.15.1
DHCP(dhcp-config)#dns-server 192.168.15.1
DHCP(dhcp-config)#
DHCP(dhcp-config)#
DHCP(dhcp-config)#ip dhcp pool net-1-0
DHCP(dhcp-config)#network 192.168.1.0 255.255.255.0
DHCP(dhcp-config)#default-router 192.168.1.1
DHCP(dhcp-config)#dns-server 192.168.1.1
DHCP(dhcp-config)#exit
DHCP(config)#ip dhcp exclude 192.168.15.1 192.168.15.10
DHCP(config)#ip dhcp exclude 192.168.1.1 192.168.1.10

Note that we can also use DHCP to set a DNS server. We can see the pools we created using the show ip dhcp pool command:

DHCP#show ip dhcp pool
 
Pool net-15-0 :
 Utilization mark (high/low)    : 100 / 0
 Subnet size (first/next)       : 0 / 0
 Total addresses                : 254
 Leased addresses               : 0
 Pending event                  : none
 1 subnet is currently in the pool :
 Current index        IP address range                    Leased addresses
 192.168.15.1         192.168.15.1     - 192.168.15.254    0
 
Pool net-1-0 :
 Utilization mark (high/low)    : 100 / 0
 Subnet size (first/next)       : 0 / 0
 Total addresses                : 254
 Leased addresses               : 0
 Pending event                  : none
 1 subnet is currently in the pool :
 Current index        IP address range                    Leased addresses
 192.168.1.1          192.168.1.1      - 192.168.1.254     0

Now we configure the RELAY router. It's configuration is pretty simple, as we need only to configure the IP addresses of the interfaces and helper address feature. Here are the ports:

  • Fast Ethernet 0/0 -> 192.168.15.1
  • Fast Ethernet 1/0 -> 192.168.1.1
RELAY>en
RELAY#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
RELAY(config)#int fa0/0
RELAY(config-if)#ip add 192.168.15.1 255.255.255.0
RELAY(config-if)#no shut
RELAY(config-if)#
*Mar  1 00:00:59.163: %LINK-3-UPDOWN: Interface FastEthernet0/0, changed state to up
*Mar  1 00:01:00.163: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
RELAY(config-if)#int fa1/0
RELAY(config-if)#ip address 192.168.1.1 255.255.255.0
RELAY(config-if)#no shut
RELAY(config-if)#
*Mar  1 00:01:29.511: %LINK-3-UPDOWN: Interface FastEthernet1/0, changed state to up
*Mar  1 00:01:30.511: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0, changed state to up
RELAY(config-if)#
RELAY(config-if)#
RELAY(config-if)#ip helper-address 192.168.15.5
RELAY(config-if)#end

See, that was easy. Now for the hosts (H1, H2, H3). Not much configuration there, so let's do them:

H1 is first:

H1>en
H1#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
H1(config)#int fa
H1(config)#int fastEthernet 0
H1(config-if)#ip add dhcp
H1(config-if)#no shut
H1(config-if)#
*Mar  1 00:00:41.791: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:00:42.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up

Hmm, where's the message confirming the DHCP assignment? Let's verify:

H1(config-if)#do sh ip int bri
Interface                  IP-Address      OK? Method Status                Protocol
Ethernet0                  unassigned      YES unset  administratively down down
FastEthernet0              unassigned      YES DHCP   up                    up  

What's happening? H1 didn't get an IP address! And we used helper address on RELAY?! What's the deal? Well, it's pretty simple. Let's take a look at the DHCP's routing table:

DHCP#sh ip route
 
!!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is not set
 
C    192.168.15.0/24 is directly connected, FastEthernet0/0

It's simple. DHCP router doesn't know how to reach the RELAY's FA 1/0 interface. We can even enable debugging to verify this:

DHCP#debug ip dhcp server packet

The result is following:

So, we just need to add the static route for the 192.168.1.0/24 network:

DHCP(config)#ip route 192.168.1.0 255.255.255.0 192.168.15.1
DHCP(config)#do sh ip route
 
!!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is not set
 
C    192.168.15.0/24 is directly connected, FastEthernet0/0
S    192.168.1.0/24 [1/0] via 192.168.15.1

Now it works:

H1(config-if)#ip add dhcp
H1(config-if)#
*Mar  1 00:16:43.219: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.12, mask 255.255.255.0, hostname H1

OK, time for H2:

H2>en
H2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
H2(config)#int f0
H2(config-if)#no shut
H2(config-if)#
*Mar  1 00:06:11.075: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:06:12.075: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
H2(config-if)#ip add dhcp
H2(config-if)#
*Mar  1 00:06:34.159: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.1.12, mask 255.255.255.0, hostname H2
 
H2(config-if)#

See, everything went well. Now, let's check the routing table:

H2(config-if)#do sh ip route
 
!!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is 192.168.1.1 to network 0.0.0.0
 
     192.168.15.0/32 is subnetted, 1 subnets
S       192.168.15.5 [254/0] via 192.168.1.1, FastEthernet0
C    192.168.1.0/24 is directly connected, FastEthernet0
S*   0.0.0.0/0 [254/0] via 192.168.1.1
H2(config-if)#

See, it's smart. It installed both default route and a static route to DHCP server, both as floating static routes.

Now just for H3:

H3>en
H3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
H3(config)#int f0
H3(config-if)#no shut
H3(config-if)#
*Mar  1 00:10:03.703: %LINK-3-UPDOWN: Interface FastEthernet0, changed state to up
*Mar  1 00:10:04.703: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0, changed state to up
H3(config-if)#ip add dhcp
H3(config-if)#
*Mar  1 00:10:24.555: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0 assigned DHCP address 192.168.15.11, mask 255.255.255.0, hostname H3
 
H3(config-if)#do sh ip route
 
!!! LEGEND OMITTED !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 
Gateway of last resort is 192.168.15.1 to network 0.0.0.0
 
C    192.168.15.0/24 is directly connected, FastEthernet0
S*   0.0.0.0/0 [254/0] via 192.168.15.1

This one has only a default route, because the DHCP server is in it's network and helper address wasn't used.

Now all the hosts have IP addresses and are able to ping each other. Let's try from H1 to H3:

H1#ping 192.168.15.11
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.11, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 676/936/1208 ms
H1#ping 192.168.15.11
 
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.15.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 544/718/1240 ms

As you can see, DHCP is very useful and with the right configuration very flexible tool. This blog post was meant as an introduction to DHCP's purpose and operation. DHCP has additional options which I hope I'll deal with in some future blog post.

Comments are closed