Cisco IOS DHCP Relay Agent

DHCP is often used for hosts to automatically assign IP addresses and uses 4 different packets to do so. Since a host doesn’t have an IP address to start with, we use broadcast messages on the network that hopefully end up at a DHCP server.

DHCP is often used for hosts to automatically assign IP addresses and uses 4 different packets to do so. Since a host doesn't have an IP address to start with, we use broadcast messages on the network that hopefully end up at a DHCP server. The problem with broadcast is that this means that the DHCP



The problem with broadcast is that this means that the DHCP server has to be in the same broadcast domain since routers do not forward broadcast packets. Take a look at the following picture:

dhcp relay agent topology

On the left side we have a client (H1), in the middle a router (R1) and on the right side is our DHCP server. The client wants to get an IP address through DHCP and will send broadcast a DHCP discover message. The router, doing its job will not forward broadcast traffic so the DHCP discover will never reach the DHCP server…ouch!

So how can we solve this? We have to use the DHCP Relay Agent feature. In short, the router will forward DHCP requests from the client towards the DHCP server, when the DHCP server responds it will forward the messages back to the client.

Let me describe this process in detail, step-by-step to you:

dhcp relay discover

The first thing that happens is that our client will broadcast a DHCP discover message, the router will receive this message since its in the same broadcast domain as the client. Here’s what happens next:

dhcp relay discover unicast

The router receives the DHCP discover message on its FastEthernet 0/0 interface and will normally just discard this packet. With the DHCP relay agent feature enabled, it will do something else. It will forward the DHCP discover message as a unicast packet and also inserts a field called giaddr (Gateway IP Address) in the DHCP packet. It will insert IP address 192.168.12.2 in this field since we received the DHCP discover on the FastEthernet 0/0 interface. This giaddr field is required by the DHCP server or it won’t know from which pool it has to select an IP address. Also, the source IP address of this unicast packet will be 192.168.12.2. Let’s continue:

dhcp relay offer unicast

The DHCP server has received the DHCP discover message and in return will send a DHCP offer message. This will be sent as a unicast packet to the router…

dhcp relay offer broadcast

The router, being a good relay will forward the DHCP offer on its FastEthernet0/0 interface as a broadcast.

dhcp relay request broadcast

The client likes the content of the DHCP offer message and will create a DHCP request which is broadcasted. The router hears this broadcast and will do this:

dhcp relay request unicast

Just like the initial DHCP discover message, this DHCP request will be forwarded as a unicast packet. Once again the giaddr field is inserted with IP address 192.168.12.2. The DHCP server receives the DHCP request and will process it…

dhcp relay dhcp ack

Last but not least, the DHCP server will send a DHCP ACK in response to the DHCP request. This is sent to the router by using unicast and our router will broadcast it on its FastEthernet 0/0 interface so the client receives it. The client now has an IP address and our mission is a great success.

Now you know how the DHCP relay agent works, let’s take a look at the configuration shall we?

Configuration

I will be using 3 routers for this, the topology is the same as the one I just used for my explanation:

dhcp relay 3 routers example

Let’s start with the configuration of the interfaces:

H1(config)#interface FastEthernet 0/0
H1(config-if)#no shutdown
R1(config)#interface FastEthernet 0/0
R1(config-if)#no shutdown
R1(config-if)#ip address 192.168.12.2 255.255.255.0
R1(config)#interface FastEthernet 0/1
R1(config-if)#no shutdown
R1(config-if)#ip address 192.168.23.2 255.255.255.0
DHCP(config)#interface FastEthernet 0/0
DHCP(config-if)#no shutdown
DHCP(config-if)#ip address 192.168.23.3 255.255.255.0

Nothing special so far…let’s make a DHCP pool for the 192.168.12.0 /24 network. That’s where the client is at:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 662 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

525 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: ,


Forum Replies

  1. Hi Rene,

    Nice explanation. Crisp and to the point. I have one question though.
    How would the client identify that the Offer and the Ack message that the server sends? In other words, how would the client understand that it is the intended recipient of those messages from the DHCP server. Say, for instance two new clients are connected to the network at the same time, then there would be two sets of offer and ack messages broadcasted from the server. How would each client pick the right message?

    Cheers,
    Vj

  2. Hi Saranya,
    This topic can be a little bit confusing because there are two different layers that can perform broadcast or unicast - Layer 2 and Layer 3.

    Here is a summary of what happens at each layer for each phase:

    Phase      Layer 3      Layer 2
    Discover   Broadcast    Broadcast
    Offer      Broadcast    Unicast
    Request    Broadcast    Broadcast
    Ack        Broadcast    Unicast
    

    Note:
    Layer 3 broadcast = 255.255.255.255
    Layer 2 broadcast = FFFF.FFFF.FFFF

    You may notice that layer 3 is always broadcast. This is because the whole purpose of DHCP is for the clien

    ... Continue reading in our forum

  3. Dear Rene/Andrew,
    Thank you for this great lesson. Mr Andrew with reference to your reply # 27608 above particularly this point " Additionally, you may notice that all communication from the DHCP server at layer 2 is unicast. The reason for this is because the DHCP server obtained the client’s MAC address when the client sent out its initial Discover message.", I am still confused on where broadcast happens and where unicast happens. From the Wireshark captures above I do not see Unicast happening anywhere. Even for Offer and Ack from the server the dest mac ad

    ... Continue reading in our forum

  4. Hello Samit

    This is an excellent question and it shows that you’re thinking deeply about the subject. It is true that the DHCPOFFER when sent can technically be sent using a unicast MAC address since the MAC address of the host making the request, and thus the destination of the DHCPOFFER frame, is known. However, some operating systems and NIC drivers don’t always use this logic when operating DHCP.

    Some client implementations are unable to receive such unicast frames until the implementation has been configured with a valid IP address. Remember, when we en

    ... Continue reading in our forum

  5. Hello Swapnil

    DHCP can provide a multitude of information to hosts. The most common implementations include IP address, subnet mask, default gateway and DNS server. There are many more elements that DHCP can offer and these are called DHCP options. Some of the most common include NTP servers, log servers, cookie servers, interface MTU, default TCP TTL, NetBIOS name server and IRC chat server to name just a few.

    These options are indicated using an option number. DHCP option numbers can range any where from 0 to 255. Some of these numbers are standard vendo

    ... Continue reading in our forum

35 more replies! Ask a question or join the discussion by visiting our Community Forum