Sie sind auf Seite 1von 25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

How DHCP Technology Works


163 out of 185 rated this helpful
Updated: March 28, 2003
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server
2003 with SP2

How DHCP Works


DHCP provides an automated way to distribute and update IP addresses and other configuration information
on a network. A DHCP server provides this information to a DHCP client through the exchange of a series of
messages, known as the DHCP conversation or the DHCP transaction. If the DHCP server and DHCP clients are
located on different subnets, a DHCP relay agent is used to facilitate the conversation.
Note
It is necessary to have an understanding of basic TCP/IP concepts, including working knowledge of
subnets before you can have a full understanding of DHCP. For more information about TCP/IP, see
TCP/IP Technical Reference.
In this section
DHCP Architecture
DHCP Protocols
DHCP Processes and Interactions

DHCP Architecture
The DHCP architecture consists of DHCP clients, DHCP servers, and DHCP relay agents on a network. The clients
interact with servers using DHCP messages in a DHCP conversation to obtain and renew IP address leases.

DHCP Client Functionality


A DHCP client is any network-enabled device that supports the ability to communicate with a DHCP server in
compliance with RFC 2131, for the purpose of obtaining dynamic leased IP configuration and related optional
information.
DHCP provides support for client computers running any of the following Microsoft operating systems:
Windows NT version 4.0

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

1/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Windows 2000
Windows XP
Windows Server 2003
Windows 98
Windows Millennium Edition

Automatic IP Configuration

DHCP supports Automatic Private IP Addressing (APIPA), which enables computers running Windows 2000,
Windows XP, and Windows Server 2003 to configure an IP address and subnet mask if a DHCP server is
unavailable at system startup and the Automatic private IP address Alternate Configuration setting is selected.
This feature is useful for clients on small private networks, such as a small-business office or a home office.
The DHCP Client service on a computer running Windows XP and Windows Server 2003 uses the following
process to auto-configure the client:
1. The DHCP client attempts to locate a DHCP server and obtain an IP address and configuration.
2. If a DHCP server cannot be found or does not respond after one minute, the DHCP client checks the
settings on the Alternate Configuration tab of the properties of the TCP/IP protocol.
If Automatic private IP address is selected, the DHCP client auto-configures its IP address and subnet
mask by using a selected address from the Microsoft-reserved Class B network, 169.254.0.0, with the
subnet mask 255.255.0.0. The DHCP client tests for an address conflict to ensure that the IP address is
not in use on the network. If a conflict is found, the client selects another IP address. The client retries
auto-configuration up to 10 times.
If User Configured is selected, the DHCP client configures a static IP address configuration. The DHCP
client tests for an address conflict to ensure that the IP address is not already in use on the network. If a
conflict is found, the DHCP client indicates the error condition to the user.
3. When the DHCP client succeeds in self-selecting an address, it configures its network interface with the IP
address. The client then continues to check for a DHCP server in the background every five minutes. If a
DHCP server responds, the DHCP client abandons its self-selected IP address and uses the address
offered by the DHCP server (and any other DHCP option information that the server provides) to update
its IP configuration settings.
If the DHCP client obtained a lease from a DHCP server on a previous occasion, and the lease is still valid (not
expired) at system startup, the client tries to renew its lease. If, during the renewal attempt, the client fails to
locate any DHCP server, it attempts to ping the default gateway listed in the lease, and proceeds in one of the
following ways:
If the ping is successful, the DHCP client assumes that it is still located on the same network where it
obtained its current lease, and continues to use the lease as long as the lease is still valid. By default the
client then attempts, in the background, to renew its lease when 50 percent of its assigned lease time
has expired.
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

2/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

If the ping fails, the DHCP client assumes that it has been moved to a network where a DHCP server is
not available. The client then auto-configures its IP address by using the settings on the Alternate
Configuration tab. When the client is auto-configured, it attempts to locate a DHCP server and obtain a
lease every five minutes.

Local Storage

Windows Server 2003 DHCP supports local storage, which allows clients to store DHCP information on their
own hard disks. Local storage is useful because it enables the client to store its last leased IP address, so that
when the client starts it first attempts to renew the lease of its previous IP address. Local storage also enables
a client to be shut down and restarted and it will use its previously leased address and configuration, even if
the DHCP server is unreachable or offline at the time that the client computer is restarted.

DHCP Server Responsibilities


The DHCP servers maintain scopes, reservations, and options as set by the administrator.

Scopes

A scope must be properly defined and activated before DHCP clients can use the DHCP server for automatic
TCP/IP configuration. A DHCP scope is an administrative collection of IP addresses and TCP/IP configuration
parameters that are available for lease to DHCP clients of a specific subnet. The network administrator creates
a scope for each subnet.
A scope has the following properties:
A scope name, assigned when the scope is created.
A range of possible IP addresses from which to include or exclude addresses used in DHCP lease offers.
A unique subnet mask, which determines the network ID for an IP address in the scope.
Lease duration values.
Each DHCP scope can have a single continuous range of IP addresses. To use several address ranges within a
single scope you must first define the entire address range for the scope, and then set exclusion ranges.
Lease Durations
When a scope is created, the lease duration is set to eight days by default. However there are situations when
the administrator might want to change the lease duration. The following are examples of adjusting the lease
duration due to individual network consideration:
An organization has a large number of IP addresses available and configurations that rarely change. The
administrator increases the lease duration to reduce the frequency of lease renewal exchanges between
clients and the DHCP server. Because the DHCP clients are renewing their leases less frequently, DHCPrelated network traffic is reduced.
A limited number of IP addresses are available and client configurations change frequently or clients
move often in or out of the network. The administrator reduces the lease duration. This increases the
rate at which unused addresses are returned to the available address pool for reassignment.

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

3/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

For example, consider the ratio between connected computers and available IP addresses. If 40 computers
share 254 available addresses, the demand for reusing addresses is low. A long lease time, such as a few
months, might be appropriate in such a situation. However, if 230 computers must share the same address
pool, demand for available addresses is greater, and a shorter lease time, for example a few days, is more
appropriate.
Note
Although it is possible to configure a client with infinite lease duration, use infinite lease durations with
caution. Even relatively stable environments have a certain amount of client turnover. At a minimum,
computers might be added and removed, moved from one office to another, or network adapters
might be replaced. If a client with an infinite lease is removed from the network without releasing its
lease, the DHCP server is not notified, and the IP address is not automatically reused. Also, when using
an infinite lease, options set on the DHCP server are not automatically updated on the DHCP client,
because the client is never required to renew its lease and obtain the new options. It is recommended
that reservations be used rather than infinite lease durations.
Exclusion Ranges
When you create a new scope, immediately exclude the addresses of existing statically configured computers
from the scope. By using exclusion ranges, you can exclude specific IP address ranges within a scope so that
those addresses are not offered to clients. Assign IP addresses within exclusion ranges to computers or
devices that must have a static IP address, such as servers, firewalls, or routers.
You can use excluded IP addresses on your network by manually configuring these addresses at computers
that do not use DHCP to obtain an address, or by configuring reservations for these addresses.
Reservations
You can reserve IP addresses for assignment to specified computers or devices on the network. Reservations
ensure that a specified hardware device on a subnet always receives the same IP address lease. Use
reservations for DHCP-enabled devices that must always have the same IP address on your network, such as
servers that do not support Domain Name System (DNS) dynamic update.
Note
If multiple DHCP servers are each configured with scopes that cover addresses that must be reserved,
the reservations must be specified on each DHCP server. Otherwise, the client might receive an IP
address from one of the DHCP servers that does not contain the reservation, and therefore might not
receive the IP address reserved for the client.
Superscopes
A superscope allows a DHCP server to provide leases from more than one scope to clients on a single physical
subnet. Before you can create a superscope, you must use the DHCP Microsoft Management Console (MMC)
snap-in to define at least one of the scopes to be included in the superscope. Scopes added to a superscope
are called member scopes. Superscopes can resolve DHCP Server service issues in several different ways; these
issues include situations in which:
Support is needed for DHCP clients on a single physical network segment such as a single Ethernet
LAN segment where multiple logical IP networks are used. When more than one logical IP network is
used on a physical network, these configurations are also known as multinets. In a situation where
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

4/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

multinets are used, clients might not be able to communicate directly with each other, because the
clients might be on different logical subnets, even if they are on the same physical network segment. In
this case, routing must be enabled to allow the clients to communicate with each other. Also, a router or
BOOTP/DHCP relay agent must be configured on the subnet to allow DHCP messages to travel between
the logical subnets.
Support is needed for DHCP clients that are in a multinet located on the other side of BOOTP relay
agents.
Clients need to be migrated to a new scope.

Interactions between Client and Server


DHCP servers and DHCP clients communicate through a series of DHCP messages. To obtain a lease, the DHCP
client initiates a conversation with a DHCP server using a series of these DHCP messages.

DHCP Messages

The following list includes the eight types of messages that can be sent between DHCP clients and servers. For
more information about the structure and specifics of each of these packets, see DHCP Message Format later
in this section.
DHCPDiscover
Broadcast by a DHCP client when it first attempts to connect to the network. The DHCPDiscover message
requests IP address information from a DHCP server.
DHCPOffer
Broadcast by each DHCP server that receives the client DHCPDiscover message and has an IP address
configuration to offer to the client. The DHCPOffer message contains an unleased IP address and additional
TCP/IP configuration information, such as the subnet mask and default gateway. More than one DHCP server
can respond with a DHCPOffer message. The client accepts the best offer, which for a Windows DHCP client is
the first DHCPOffer message that it receives.
DHCPRequest
Broadcast by a DHCP client after it selects a DHCPOffer. The DHCPRequest message contains the IP address
from the DHCPOffer that it selected. If the client is renewing or rebinding to a previous lease, this packet might
be unicast directly to the server.
DHCPAck
Broadcast by a DHCP server to a DHCP client acknowledging the DHCPRequest message. At this time, the
server also forwards any options. Upon receipt of the DHCPAck, the client can use the leased IP address to
participate in the TCP/IP network and complete its system startup. This message is typically broadcast, because
the DHCP client does not officially have an IP address that it can use at this point. If the DHCPAck is in response
to a DHCPInform, then the message is unicast directly to the host that sent the DHCPInform message.
DHCPNack
Broadcast by a DHCP server to a DHCP client denying the clients DHCPRequest message. This might occur if
the requested address is incorrect because the client moved to a new subnet or because the DHCP clients
lease has expired and cannot be renewed.
DHCPDecline
Broadcast by a DHCP client to a DHCP server, informing the server that the offered IP address is declined
because it appears to be in use by another computer.
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

5/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

DHCPRelease
Sent by a DHCP client to a DHCP server, relinquishing an IP address and canceling the remaining lease. This is
unicast to the server that provided the lease.
DHCPInform
Sent from a DHCP client to a DHCP server, asking only for additional local configuration parameters; the client
already has a configured IP address. This message type is also used by DHCP servers running Windows
Server 2003 to detect unauthorized DHCP servers.

DHCP Lease Process

A DHCP-enabled client obtains a lease for an IP address from a DHCP server. Before the lease expires, the
DHCP client must renew the lease or obtain a new lease. Leases are retained in the DHCP server database for a
period of time after expiration. By default, this grace period is four hours and cleanup occurs once an hour for
a DHCP server running Windows Server 2003. This protects a clients lease in case the client and server are in
different time zones, the internal clocks of the client and server computers are not synchronized, or the client is
off the network when the lease expires.
Obtaining a New Lease
A DHCP client initiates a conversation with a DHCP server when it is seeking a new lease, renewing a lease,
rebinding, or restarting. The DHCP conversation consists of a series of DHCP messages passed between the
DHCP client and DHCP servers. The following figure shows an overview of this process when the DHCP server
and DHCP client are on the same subnet.
DHCP Lease Process Overview

1. The DHCP client requests an IP address by broadcasting a DHCPDiscover message to the local subnet.
2. The client is offered an address when a DHCP server responds with a DHCPOffer message containing an
IP address and configuration information for lease to the client. If no DHCP server responds to the client
request, the client sends DHCPDiscover messages at intervals of 0, 4, 8, 16, and 32 seconds, plus a
random interval of between -1 second and 1 second. If there is no response from a DHCP server after
one minute, the client can proceed in one of two ways:
If the client is using the Automatic Private IP Addressing (APIPA) alternate configuration, the client
self-configures an IP address for its interface.
If the client does not support alternate configuration, such as APIPA, or if IP auto-configuration
has been disabled, the client network initialization fails.
In both cases, the client begins a new cycle of DHCPDiscover messages in the background every five
minutes, using the same intervals as before (0, 4, 8, 16, and 32 seconds), until it receives a DHCPOffer
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

6/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

message from a DHCP server.


3. The client indicates acceptance of the offer by selecting the offered address and broadcasting a
DHCPRequest message in response.
4. The client is assigned the address and the DHCP server broadcasts a DHCPAck message in response,
finalizing the terms of the lease.
When the client receives acknowledgment, it configures its TCP/IP properties by using the DHCP option
information in the reply, and completes its initialization of TCP/IP.
In rare cases, a DHCP server might return a negative acknowledgment to the client. This can happen if a client
requests an invalid or duplicate address. If a client receives a negative acknowledgment (DHCPNack), the client
must begin the entire lease process again.
When the DHCP client and the DHCP server are on the same IP broadcast subnet, the DHCPDiscover,
DHCPOffer, DHCPRequest, and DHCPAck messages are sent to identify clients by means of IP-level broadcasts
sent to the limited broadcast address and the media access control (MAC) broadcast address.
When the DHCP server and DHCP client are not on the same subnet either a router or a host on the DHCP
clients subnet must act as a DHCP relay agent to support the forwarding of DHCP messages between the
DHCP client and the DHCP server.
Renewing a Lease
The DHCP client first attempts to renew its lease when 50 percent of the original lease time, known as T1, has
passed. At this point the DHCP client sends a unicast DHCPRequest message to the DHCP server that originally
granted its lease. If the server is available, and the lease is still available, the server responds with a unicast
DHCPAck message and the lease is renewed.
If the original DHCP server is available, but the clients current lease is no longer available, the DHCP server
responds with a DHCPNack message, and the client immediately starts the process to obtain a new lease. This
can happen if the client has changed subnets or if the DHCP server cannot fulfill the lease request for some
other reason.
If there is no response from the DHCP server, the client waits until 87.5 percent of the lease time has passed
(known as T2). At T2, the client enters the rebinding state, and broadcasts a DHCPRequest message to attempt
to renew the lease from any available DHCP server. If no DHCP server is available by the time the lease expires,
the client immediately unbinds itself from the existing lease and starts the process to obtain a new lease,
beginning with a DHCPDiscover message.

Preventing Address Conflicts

Windows Server 2003 DHCP has both server-side and client-side conflict detection to prevent duplicate IP
addresses on your network.
Client Conflict Detection
Client computers running Windows Server 2003, Windows XP, Windows 2000, Windows NT 4.0, Windows
Millennium Edition, and Windows 98 automatically check to determine if an IP address is already in use before
using it.
After the DHCP client receives a lease from the DHCP server, the client sends an Address Resolution Protocol
(ARP) request to the address that it has been assigned. If a reply to the ARP request is received, the client has
detected a conflict and sends a DHCPDecline message to the DHCP server. The DHCP server attaches a
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

7/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

BAD_ADDRESS value to the IP address in the scope for the length of the lease. The client then begins the lease
process again, and is offered the next available address in the scope.
Note
ARP requests do not traverse routers. Clients use ARP requests rather than pings (ICMP Echo messages)
because pings require the sender to have an IP address.
Server Conflict Detection
If your network includes older DHCP clients that do not perform conflict detection themselves, you can enable
conflict detection on the DHCP server. By default, the Windows Server 2003 DHCP Server service does not
perform any conflict detection.
To detect conflicts, the DHCP server pings (sends an ICMP Echo message to) an IP address before offering that
address to clients in a new lease. The DHCP server only pings addresses that have not been successfully and
previously leased. If a client requests a lease on an IP address that it already had or is requesting a renewal,
the DHCP server does not ping the IP address.
If conflict detection is enabled, an administrator-defined number of pings are sent. The server waits 1 second
for a reply. Because the time required for a client to obtain a lease is equal to the number of pings used,
choose this value carefully because it directly impacts the overall performance of the server. In general, one
ping is sufficient.
If a response to the ping is received, a conflict is registered and that address is not offered to clients
requesting a lease from the server. The DHCP server then attaches a BAD_ADDRESS value to that IP address in
the scope. The DHCP server then tries to lease the next available address. If the duplicate address is removed
from the network, the BAD_ADDRESS value attached to the IP address can be deleted from the scopes list of
active leases, and then the address returns to the pool. Addresses are marked as BAD_ADDRESS for the length
of the lease for which the scope is configured. If the BAD_ADDRESS entry is not manually removed, it will
automatically be removed after a period of time equal to the lease time for the scope.
Note
In general, use server conflict detection only as a troubleshooting aid when you suspect that duplicate IP
addresses are in use on your network. Each additional conflict detection attempt adds to the time
needed to negotiate leases for DHCP clients.

DHCP Options
DHCP options are additional configuration parameters that a DHCP server assigns to clients. Options can also
be used for DHCP communication between the server computer and client computers.
The most specific options take precedence over the least specific options. This simplifies DHCP management
and allows a flexible administration that can range from per-server default settings to common settings for a
specific subnet and individualized client settings when needed for special circumstances. In most cases, the
option values are specified in the Options dialog box on the DHCP server, scope, or reservation.
DHCP options can be configured for specific values and enabled for assignment and distribution to DHCP
clients based on:
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

8/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Server options. These options apply globally for all scopes and classes defined at each DHCP server
and any clients that it services. Configured server option values always apply unless they are overridden
by options assigned to other scope, class, or client reservation.
Scope options. These options apply to any clients that obtain a lease within that particular scope.
Configured scope option values always apply to all computers obtaining a lease in a given scope unless
they are overridden by options assigned to class or client reservation.
Class options. These options apply to any clients that specify that particular DHCP Class ID value when
obtaining a scope lease. Configured class option values always apply to all computers configured as
members in a specified DHCP option class unless they are overridden by options assigned to a client
reservation.
Reserved client options. These options apply only to the client corresponding to the reservation.
Reserved client option values override all other server, scope, or class assigned option values.
Options are typically applied at each DHCP server at the server or scope level. To precisely manage or
customize option settings for a group or class of computers, specify either a user or vendor class assignment
that overrides the broader server or scope option defaults.
For special requirements, such as clients with special functions, assign options for specific reserved clients.
Options can also be used to separate and distribute appropriate options for clients with similar or special
configuration needs. For example, DHCP clients on the same floor of a building can be configured with the
same DHCP Class ID value to assign them membership in the same option class. You can then distribute
additional or varied option data to that class during the lease process, overriding any scope or globally
provided default options.
Note
Statically configured values on a client override any DHCP options of any type or level.
Many options are predefined on a DHCP server running Windows Server 2003. Other standard DHCP options
can be added as needed to support any other DHCP client software that recognizes or requires the use of
these additional options. The DHCP Server service running on Windows Server 2003 supports all options
defined in RFC 2132, although most DHCP clients use or support only a small subset of the available RFCspecified options.
The following table contains a list of default DHCP options requested by DHCP clients running Windows
Server 2003 and Windows XP. For a complete reference of DHCP options, see DHCP Tools and Settings.
Default DHCP Options

Option Code

Option Name

Subnet mask

Router

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

9/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

DNS servers

15

DNS domain name

44

WINS/NBNS servers

46

WINS/NetBT node type

47

NetBIOS scope ID

51

Lease time

58

Renewal (T1) time value

59

Rebinding (T2) time value

31

Perform router discovery

33

Static route

43

Vendor-specific information

249

Classless static routes

DHCP Option Parameters

DHCP servers can be configured to provide optional data that fully configures TCP/IP on a client. Some of the
most common DHCP option types configured and distributed by the DHCP server during the lease process
include parameters for the default gateway, DNS, and WINS.
Clients can be configured with:
Information options. You can explicitly configure these options and any associated values provided to
clients.
Protocol options. You can implicitly configure these options used by the DHCP Server service based on
server and scope property settings.
You can use the DHCP snap-in to configure these properties and set them for an entire scope or for a single,
reserved client scope.
Information Options
The following table lists the most common types of DHCP information options that can be configured for DHCP
clients. These options can be enabled and configured for each scope that you configure on a DHCP server.
Depending on your network infrastructure, some of these options can be configured as server options, such as
DNS domain name.
Common Information Options
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

10/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Code

Description

Router

DNS server

15

DNS domain name

44

WINS/NBNS servers

Clients can request these DHCP options, and can use the values to set their TCP/IP configurations for the
duration of the lease.
Protocol Options
The following table shows protocol options that DHCP clients can be configured to use when communicating
with a DHCP server to obtain or renew a lease.
Common Protocol Options

Code

Description

51

Lease time

53

DHCP message type

55

Special option type used to communicate a parameter request list to the DHCP server

58

Renewal time value (T1)

59

Rebind time value (T2)

The values provided to clients for lease time, T1, and T2 are taken from the scope settings on the DHCP server.
The value provided for DHCP message type is automatically set depending on which packet of the DHCP
conversation is being sent.

Option Classes

Option classes allow quick introduction of custom applications for enterprise networks. DHCP option classes
provide a way to easily configure network clients with the parameters necessary to meet the special
requirements of custom applications. Equipment from multiple vendors on a network can also use different
option code numbers for different functions. The options used to support vendor classes the vendor class
identifier and the vendor-specific option are defined in the Internet DHCP options standard reference,
RFC 2132.
Windows Server 2003 includes two types of option classes: vendor-defined and user-defined. These classes
can be configured on your servers to offer specialized client support in the following ways:
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

11/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Add and configure vendor-defined classes for managing DHCP options assigned to clients identified by
vendor type.
Add and configure user-defined classes for managing DHCP options assigned to clients that need a
similar DHCP option configuration.
After options classes are defined on a DHCP server, scopes on the server can be configured to assign options
for specific user-defined and vendor-defined option classes.
Vendor Classes
Vendor-defined option classes can be used by DHCP clients to identify the clients vendor type and
configuration when obtaining a lease from the DHCP server. The client can include the vendor class ID option
(option code 60) when it requests or selects a lease from a DHCP server to identify its vendor class during the
lease process.
The vendor class identifier information is a string of character data interpreted by the DHCP servers. Vendors
can choose to define specific vendor class identifiers to convey particular configuration or other identification
information about a client. For example, the identifier might encode the clients hardware or software
configuration. Most vendor types are derived from standard reserved hardware and operating system-type
abbreviation codes listed in RFC 1700.
When vendor options are specified, the server performs the following additional steps to provide a lease to
the client:
The server verifies that the vendor class identified by the client request is a recognized class defined on
the server.
If the vendor class is recognized, the server checks to see if any additional DHCP options are configured
for this class in the active scope.
If the vendor class is not recognized, the server ignores the vendor class identified in the client request,
and returns options allocated to the default vendor class (which includes all DHCP Standard options).
If the scope contains options configured specifically for use with clients in this vendor-defined class, the
server returns those options using the vendor-specific option type (option code 43) as part of its
acknowledgment message.
In most cases, the default vendor class the DHCP Standard option class provides a default vendor class
for any Windows DHCP clients or other DHCP clients that do not specify a vendor class ID. In some cases, you
might define additional vendor classes for other DHCP clients, such as printers or some types of UNIX clients.
When you add other vendor classes for these purposes, make sure that the vendor class identifier you use to
configure the class at the server matches the identifier used by clients for your third-party vendor.
User Classes
User classes allow DHCP clients to differentiate themselves by specifying what type of client they are, such as
desktop or server computer. For computers running Windows Server 2003, Windows XP, and Windows 2000,
you can define specific user class identifiers to convey information about a clients software configuration, its
physical location in a building, or about its user preferences. For example, an identifier can specify that DHCP
clients are members of a user class called 2nd floor, West, which has need for a specific set of router, DNS,
and WINS server settings. An administrator can then configure the DHCP server to include different option
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

12/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

values depending on the user class of client receiving the lease.


Windows Server 2003 user classes can be used as follows:
DHCP client computers can include the DHCP user class option when sending DHCP request messages
to the DHCP server. This can specifically identify the client as part of a user class on the server.
DHCP servers running the Windows 2000 Server or Windows Server 2003 DHCP Server service can
recognize and interpret the DHCP user class option from clients and provide additional options (or a
modified set of DHCP options) based on the clients user class identity.
For example, shorter leases can be assigned to wireless clients. Or perhaps a particular set of clients might
need a specific set of routes, a specific DNS server, or a specific default gateway.
Note
If user classes are not specified, default settings, such as server options or scope options, are assigned.
A user class can be either a default or custom user class. Microsoft provides three default user classes, as
described in the following table.
Default User Classes Provided by Windows DHCP

Class
Type
Default
User
Class

Class ID String

Description

(Unspecified)

This class is typically used by most DHCP clients. Clients that are included in
this class:
DHCP clients that cannot be configured with a user class or a user class
ID. This is true for most Windows-based DHCP clients prior to
Windows 2000.
Clients running Windows Server 2003, Windows XP, or Windows 2000
configured with a class ID unknown to the DHCP server.
Clients that do not otherwise specify a user class ID.

Default
Routing
and
Remote
Access
class

RRAS.Microsoft

This class is used by the Windows 2000 Server or Windows Server 2003 DHCP
Server service to classify clients making a PPP-type connection through a
remote access server. Typically, this class includes most dial-up networking
clients that use DHCP to obtain a lease, including remote access clients that
cannot be configured with a Routing and Remote Access user class or a
Routing and Remote Access user class ID.
See DHCP and Routing and Remote Access later in this topic for details

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

13/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

about the interaction between a Routing and Remote Access server and a
DHCP server and how DHCP servers identify remote access clients.
Default
BOOTP
class

BOOTP

This class is used by the Windows 2000 Server or Windows Server 2003 DHCP
Server service to classify any clients recognized as BOOTP clients.

Use the Microsoft default user classes to isolate specific configuration details for clients with special needs,
such as older clients or clients that use BOOTP or Routing and Remote Access. For example, you might want to
include and assign special BOOTP option types (such as option codes 66 and 67) for clients that are BOOTP
type, or shorten the lease time for remote access clients.
You can also add and configure custom user classes for use by DHCP clients running Windows 2000,
Windows XP, and Windows Server 2003. For a custom user class to work properly, the client must use the same
custom identifier when requesting options as was used when the class was defined on the DHCP server
The user class option field permits only one ASCII text string to be used for identifying clients. This means each
client computer can be identified only as a member of a single user class by the DHCP server. You can use
additional user classes to make new hybrids from your other user classes to accommodate clients that need
configuration for multiple user classes. For example, if you have two user classes, one called mobile with
short lease times assigned and another called engineer with an option assigned to configure a highperformance server for its clients, you can make a new hybrid user class called mobile-engineer that contains
both special option value settings.

MADCAP and Multicast DHCP


Multicast Address Dynamic Client Allocation Protocol (MADCAP) is modeled after the DHCP standard. MADCAP
assists in simplifying and automating configuration of multicast groups on your network, but it is not required
for the operation of multicast groups or for the DHCP Server service. Multicast scopes provide only multicast
address configuration and do not support or use other DHCP-assignable options.
Multicast scopes configured on the DHCP server define ranges of IP multicast addresses. Similar to allocating
unicast IP addresses, IP multicast addresses are allocated to MADCAP clients. A MADCAP address is configured
separately from a primary IP address. Computers that use either static or dynamic IP configuration through a
DHCP server can be MADCAP clients.
In Windows Server 2003, the DHCP Server service supports both DHCP and MADCAP, although these services
function separately. Clients of one do not depend on the use or configuration of the other.
Clients that do not support the MADCAP service or are unable to contact and obtain multicast configuration
from a MADCAP server can be configured in other ways so that they participate in either permanent or
temporary multicast groups on the network.
In all TCP/IP networks, each computer requires a unique primary unicast IP address for each network interface.
You must assign this required primary unicast IP address before you can configure a computer to support and
use secondary IP addresses such as multicast IP addresses.

DHCP Protocols
In Windows Server 2003, the DHCP Server service includes support for the Dynamic Host Configuration
Protocol (DHCP), the Multicast Address Dynamic Client Allocation Protocol (MADCAP), and the Bootstrap
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

14/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Protocol (BOOTP).

DHCP
DHCP servers communicate with DHCP clients by using a series of DHCP messages. The format of DHCP
messages is based on the message format used with the BOOTP protocol.
RFC 2131 defines the format for each message sent between a DHCP client and a DHCP server. The following
table shows the possible fields in the DHCP messages.
DHCP Message Fields

Field
Length
(Octets)

Description

Message
Type

Message type

htype

Hardware
Address
Type

Hardware address type. Defined at


http://www.iana.org/assignments/arp-parameters

hlen

Hardware
Address
Length

Hardware address length in octets

hops

Hops

Value is set to zero by DHCP clients. Optionally used to count the


number of relay agents that forwarded the message.

xid

Transaction
ID

A random number used to associate messages and responses between


a client and a server.

secs

Seconds

Seconds elapsed since client began address acquisition or renewal


process.

flags

Flags

Flags set by client. The Broadcast flag is set if the client cannot receive
unicast IP datagrams (for example, before it is configured with an IP
address).

ciaddr

Client IP
Address

This field is only filled in if the client has an IP address and can respond
to ARP requests.

yiaddr

Your IP
Address

Address given to the DHCP client by the DHCP server

siaddr

DHCP

IP address of the server that is offering a lease

Field
Name

Friendly
Name

op

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

15/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Server IP
Address
giaddr

Gateway IP
Address

DHCP relay agent IP address

chaddr

Client
Hardware
Address

16

Client hardware address

sname

Server
Host Name

64

Optional server host name. Not used in Windows Server 2003

file

Boot File
Name

128

The name of the file containing the boot image for a BOOTP client

options

Options

variable

Optional parameters field. In the DHCP protocol packet, each option


begins with a single octet tag, which holds the option code, and a
second octet, which describes the option data length, in bytes. For a
complete list of the DHCP options available by default on a DHCP
server running on Windows Server 2003, see DHCP Tools and
Settings.

For a complete view of how these fields are used in each DHCP message, see RFC 2131 or use a network
monitoring tool, such as Netmon, to view the DHCP messages.

MADCAP
Windows Server 2003 includes a Multicast Address Dynamic Client Allocation Protocol (MADCAP) Server service
to support dynamic assignment and configuration of IP multicast addresses on TCP/IP-based networks.
Whereas DHCP unicast scopes provide client configurations by allocating ranges of IP addresses for point-topoint communication between two networked computers, multicast scopes provide ranges for multicast IP
addresses. These addresses are reserved for multicast operation using directed transmission from one point
to multiple points.
A multicast address is shared by many computers. A group of TCP/IP computers can use a single multicast IP
address to send directed communication to all computers with which they share the use of the group address.
An IP datagram that is sent to the multicast address is forwarded to all members of that multicast group.

Dynamic Membership

Multicast addresses support dynamic membership, allowing individual computers to join or leave the multicast
group at any time. The size of the group is not limited, and computers can be members of multiple groups. In
addition, any computer that uses TCP/IP can send datagrams to any multicast group.

Multicast Address Ranges

You can permanently reserve multicast group addresses or temporarily assign and use them. A permanent
group is made by permanently reserving a multicast IP address (224.0.0.0 to 239.255.255.255) with the Internet
Assigned Numbers Authority (IANA). The reserved address then becomes a well-known address, indicating a
specific multicast group that exists regardless of whether group member computers are present on the
network. Any multicast IP address that is not permanently reserved with the IANA can then be used dynamically
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

16/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

to assign and form temporary multicast groups. These temporary groups can exist as long as one or more
computers on the network are configured with the groups address and actively share in its use.

BOOTP
Bootstrap Protocol (BOOTP) is a computer configuration protocol developed before DHCP. DHCP improves on
BOOTP and resolves specific limitations that BOOTP had as a computer configuration service. RFC 951 defines
BOOTP.
Whereas BOOTP configures diskless workstations with limited boot capabilities, DHCP configures networked
computers, that have local hard drives and full boot capabilities.
Likewise, although both BOOTP and DHCP allocate IP addresses to clients during startup, they use different
methods of allocation. BOOTP typically provides fixed allocation of a single IP address for each client,
permanently reserving this address in the BOOTP server database. DHCP typically provides dynamic, leased
allocation of available IP addresses, reserving each DHCP client address temporarily in the DHCP database.
Because of the relationship between BOOTP and DHCP, both protocols share some defining characteristics.
BOOTP and DHCP use nearly identical request messages and reply messages. Both protocols enclose each
protocol message in a single User Datagram Protocol (UDP) datagram of 576 bytes. Message headers are the
same for both BOOTP and DHCP, except for the final message header field that carries optional data. For
BOOTP, this optional field is called the vendor-specific area and is limited to 64 bytes. For DHCP, this optional
field is called the options field and is at least 312 bytes long.
Both BOOTP and DHCP use the same reserved protocol ports for sending and receiving messages between
servers and clients. Both BOOTP and DHCP servers use UDP port 67 to listen for and receive client request
messages. BOOTP and DHCP clients typically reserve UDP port 68 for accepting message replies from either a
BOOTP server or DHCP server.
Because DHCP and BOOTP messages use nearly identical format types and packet structures, and use the same
well-known service ports, BOOTP or DHCP relay agent programs usually treat BOOTP and DHCP messages as
the same message type and do not differentiate between them.
BOOTP clients do not rebind or renew configuration with the BOOTP server except when the system restarts,
whereas DHCP clients do not require a system restart to rebind or renew configuration with the DHCP server.
Instead, clients automatically enter the rebinding state at defined intervals to renew their leased address
allocation with the DHCP server. This process occurs in the background and is transparent to the user.
BOOTP uses a two-phase bootstrap configuration process in which clients contact BOOTP servers to perform
address determination and boot file name selection, and clients also contact Trivial File Transfer Protocol
(TFTP) servers to perform file transfer of their boot image. DHCP uses a single-phase boot configuration
process whereby a DHCP client negotiates with a DHCP server to determine its IP address and obtain any other
initial configuration details it needs for network operation.
Because BOOTP clients contact TFTP servers to perform file transfer of their boot image and
Windows Server 2003 does not provide a TFTP file service, you need a third-party TFTP server to support
BOOTP clients that must boot from an image file (usually diskless workstations). You also need to configure
your DHCP server to provide supported BOOTP/DHCP options.

DHCP Options Supported for BOOTP Clients

To obtain other options, BOOTP clients must specify DHCP option code 55 (the Options Request List
parameter) in the BOOTP request. BOOTP clients that do not specify option 55 can still retrieve the options
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

17/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

listed in the following table from DHCP servers running Windows NT Server 4.0 or later, if they are configured
on the server.
DHCP Options for BOOTP Clients

Code

Option Name

Subnet Mask

Router

Time Server

Name Server

LPR Server

12

Computer Name

15

Domain Name

17

Root Path

42

NTP Servers

44

WINS Server

45

NetBIOS over TCP/IP Datagram Distribution Server

46

NetBIOS over TCP/IP Node Type

47

NetBIOS over TCP/IP Scope

48

X Window System Font Server

49

X Window System Display Manager

69

SMTP Server

70

POP3 Server

DHCP servers running Windows Server 2003 return the options in the order listed above and return as many
options as can fit in a single datagram response. For more information about individual DHCP options, see
DHCP Tools and Settings.
Note
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

18/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

When configuring client reservations for use with BOOTP clients, remember that DHCP options can apply
equally to DHCP and BOOTP clients.

BOOTP Table

Each record in the BOOTP table has three fields of information that is returned to the BOOTP client:
Boot Image. Identifies the generic file name (such as unix) of the requested boot file, based on the
BOOTP clients hardware type.
File Name. Identifies the full path of the boot file (such as /etc/vmunix) that the BOOTP server returns
to the client by using TFTP.
File Server. Identifies the name of the TFTP server used to store the boot file.
To add entries in the BOOTP table, use the DHCP snap-in.

DHCP Processes and Interactions


In Windows Server 2003, the DHCP Server service interacts with several other services, including the Active
Directory directory service, DNS, and the Routing and Remote Access service.

Detecting Unauthorized DHCP Servers


An unauthorized DHCP server on a network can cause a variety of problems, such as the leasing of incorrect IP
addresses and options. To protect against this type of problem, when a DHCP server running Windows 2000
or Windows Server 2003 starts on the network, it first attempts to determine if it is authorized to service clients.
There are different methods used depending on how the network is configured.

Unauthorized Domain Member DHCP Servers

A domain member DHCP server queries Active Directory. The DHCP server compares its IP address and server
name to the list of authorized DHCP servers. If either the server name or IP address is found on the list of
authorized DHCP servers, the server is authorized as a DHCP server. If no match is found, the server is not
authorized in Active Directory, the server does not respond to DHCP traffic, and a system event is logged.
Note
This process of authorizing DHCP servers is useful for only DHCP servers running Windows 2000 or
Windows Server 2003. This process cannot be used for DHCP servers running Windows NT Server 4.0,
or servers running non-Windows-based DHCP Server services. Only a member of the Enterprise Admins
group can authorize or unauthorize a DHCP server in Active Directory.

Unauthorized Workgroup DHCP Servers

A Windows Server 2003 workgroup member DHCP server uses the following process to detect other DHCP
servers currently running on the reachable network and to determine if it is authorized to provide service.
1. When the DHCP Server service starts, it sends a DHCPInform request message to the reachable network,
using the local limited broadcast address (255.255.255.255), to locate other DHCP servers on the
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

19/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

network.
This message includes several vendor-specific option types that are known and supported by other
DHCP servers running Windows Server 2003. These other DHCP servers will respond with a DHCPAck
containing information indicating if they are authorized domain member or workgroup member servers.
2. When queried, other DHCP servers running Windows 2000 and Windows Server 2003 reply with
DHCPAck messages to acknowledge and answer with workgroup or domain membership information.
3. If an Active Directory domain member DHCP server is found, then the workgroup member server
determines that it is not authorized and does not service clients. If other workgroup servers are found,
the workgroup member server determines that it is authorized to service clients, and begins service. It
then performs the check again at one-hour intervals.

DHCP and DNS


Domain Name System (DNS) servers provide name resolution for network clients. DNS resolves a fully qualified
domain name (FQDN) to its corresponding IP address.
Although DHCP provides a powerful mechanism for automatically configuring client IP addresses, prior to
Windows 2000, the DHCP Server service did not notify DNS to update the DNS records on behalf of the client.
Specifically, DHCP did not map the client name to an IP address and did not update IP address-to-name
mappings using DNS dynamic update.
Without a way for DHCP to interact with DNS, the information maintained by DNS for a DHCP client might be
incorrect. For example, a client can acquire its IP address from a DHCP server, but the DNS records might not
reflect the IP address acquired nor provide a mapping from the new IP address to the FQDN.

DNS Dynamic Updates

In Windows 2000 and Windows Server 2003, DHCP servers and clients can register record updates if the DNS
server supports DNS dynamic updates. In Windows 2000 Server and Windows Server 2003, the DNS service
supports DNS dynamic updates.
A DHCP server running Windows Server 2003 can register with a DNS server and update pointer (PTR) and
address (A) resource records on behalf of its DHCP-enabled clients by using the DNS dynamic update
protocol.
The ability to register A and PTR resource records lets a DHCP server act as a DNS registration proxy for
clients using Windows NT 4.0, Windows 98, or Windows Millennium Edition, and possibly other clients that are
not able to register the updates on their own, as shown in the following figure.
DHCP Server Performing DNS Dynamic Update on Behalf of DHCP Client

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

20/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

DHCP clients running Windows 2000, Windows XP, and Windows Server 2003 interact with DNS differently than
DHCP clients running earlier versions of Windows. DHCP clients running Windows XP, Windows 2000, or
Windows Server 2003 typically update their own dynamic forward lookup names, as shown in the following
figure.
DHCP Client and DHCP Server Performing DNS Dynamic Update

An additional DHCP option code (option code 81) enables the return of a clients FQDN to the DHCP server. If
implemented, the DHCP server can dynamically update an individual computers resource records on a DNS
server by using the DNS dynamic update protocol.
For more information about DNS dynamic updates, see DNS Technical Reference.

Secure DNS Dynamic Updates

By itself, DNS dynamic update is not secure; any client can modify DNS records. When secure DNS dynamic
update is configured, the authoritative name server accepts updates only from clients and servers that are
authorized to make DNS dynamic updates to the appropriate objects in Active Directory. Secure DNS dynamic
update is available only on Active Directoryintegrated zones.
Secure DNS dynamic update protects zones and resource records from being modified by unauthorized users
by allowing you to specify the users and groups that can modify zones and resource records. By default,
Windows Server 2003, Windows XP Professional, and Windows 2000 clients attempt unsecured DNS dynamic
updates first. If that request fails, they attempt secure updates.
When using multiple DHCP servers and secure DNS dynamic updates, add each of the DHCP servers as
members of the DnsUpdateProxy global security group so that any DHCP server can perform a secure DNS
dynamic update for any record. Otherwise, when a DHCP server performs a secure DNS dynamic update for a
record, that DHCP server is the only computer that can update the record.

DHCP and Routing and Remote Access


The Windows Server 2003 DHCP Server service interacts with the Windows Server 2003 Routing and Remote
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

21/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

Access Server service in two specific ways. When Routing and Remote Access is used to provide remote access
to PPP clients, the remote access server obtains IP addresses from the DHCP server, which it then assigns to
the PPP clients.
DHCP also interacts with routers when DHCP clients and DHCP servers are on different subnets from each
other. In this situation, a router that can act as a DHCP relay agent must be present on the subnet of the DHCP
client. You can use the Windows Server 2003 Routing and Remote Access service to act as a DHCP relay agent.

Configuration of PPP Clients

When the Routing and Remote Access service is configured to use DHCP to obtain IP addresses for TCP/IP
based clients, the Routing and Remote Access service instructs the DHCP Client service to obtain 10 IP
addresses from a DHCP server when the first PPP client connects. The Routing and Remote Access service uses
the first IP address obtained from DHCP for the Internal interface, which is a logical interface that represents
the connections to all PPP-based clients. Subsequent addresses are assigned to TCP/IP-based PPP clients as
they connect. After the PPP client disconnects, the now-unassigned IP address is reused for a future PPP
connection.
The remote access server uses the IP addresses from these leases to configure PPP clients, but discards all
options contained in the leases.
When all 10 IP addresses are used, the Routing and Remote Access service obtains another block of 10 IP
addresses from the DHCP server.
With a Windows NT 4.0based remote access server, DHCP-allocated addresses are recorded and reused
when the remote access service is restarted. In Windows Server 2003 and Windows 2000 Server, the Routing
and Remote Access service releases all DHCP-allocated IP addresses by using DHCPRelease messages each
time the service is stopped.
If the DHCP server becomes unavailable, the DHCP Client service on the Routing and Remote Access server
assigns APIPA addresses to TCP/IP-based PPP clients. APIPA addresses for remote access connectivity work
only if the network to which the remote access client is attached is also using APIPA addresses (which is not a
recommended configuration). If the local network is not using APIPA addresses, remote access clients can only
obtain point-to-point remote access connectivity.
The Routing and Remote Access service uses a specific LAN interface to obtain DHCP-allocated IP addresses
for remote access clients. You can select which LAN interface to use on the IP tab of the Properties dialog box
of a server in the Routing and Remote Access snap-in. If the Routing and Remote Access server has more
than one LAN interface installed, the Routing and Remote Access Server Setup Wizard prompts you to select
the LAN interface.
Options for PPP Clients
Although the remote access server running Windows Server 2003 discards all options from the leases it
obtains from the DHCP server, PPP clients do receive specific configuration information, such as WINS server
and DNS server assignments, from the settings of the remote access server as part of the negotiation of the
PPP connection. However, clients running Windows 2000, Windows XP, or Windows Server 2003 can receive
additional configuration information from the DHCP server, by using a DHCPInform message after the
connection has been established. These options are available only if the VPN server has the DHCP Relay Agent
routing protocol component configured with the IP address of the DHCP server.
The following three figures show the three steps of the remote access server obtaining leases from the DHCP
server.
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

22/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

First, when the first PPP client connects to the remote access server, the remote access server obtains 10 IP
addresses from the DHCP server as shown in the following figure.
Remote Access Server Obtains IP Addresses

Next, the remote access server uses Internet Protocol Control Protocol (IPCP) to configure the IP address of the
client, as well as assign the DNS server and WINS server settings that are configured on the selected interface
of the remote access server, as shown in the following figure.
Remote Access Server Configures PPP Client

After the remote access client has an IP address, it sends a unicast DHCPInform message to request options
from the DHCP server to the remote access server. The remote access server must also be configured with the
DHCP Relay Agent routing protocol component. The remote access server, acting in its role as a DHCP relay
agent, then sends the DHCPInform message to the DHCP server. The DHCP server responds with the options in
a DHCPAck message, which is sent back to the remote access server. Finally, the DHCP relay agent on the
remote access server sends the DHCPAck message to the remote access client, as shown in the following
figure.
PPP Client Obtains DHCP Options

The following table lists the DHCP options that are requested by the client in the DHCPInform message.
DHCP Options Requested in DHCPInform Message

Code

Description

Subnet mask

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

23/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

DNS servers

15

DNS domain name

43

Vendor-specific information

44

WINS/NBNS servers

249

Classless static routes

DHCP Relay Agents


A DHCP relay agent is a hardware device or software program that can pass DHCP or BOOTP messages
between DHCP clients and servers, according to the RFC 2131 specification for DHCP. DHCP relay agents act as
proxies, forwarding messages from a subnet to one or more DHCP servers. Some DHCP messages are sent as
broadcasts, so without relay agents and the ability to pass DHCP and BOOTP messages across routers, every
subnet on a network must have its own DHCP server.
Most routers support acting as a DHCP relay agent. Alternatively, if a router cannot function as a DHCP relay
agent, a computer that can function as a DHCP relay agent must be configured on each subnet to which the
router is connected.
In cases where it is impractical or impossible to configure routers to act as a DHCP relay agent, you can
configure a computer running Windows Server 2003 or Windows 2000 Server, to act as a relay agent by
enabling the Routing and Remote Access service and installing the DHCP Relay Agent routing protocol
component.

How Relay Agents Work

The following figure shows how Client C on Subnet 2 obtains a DHCP address lease from DHCP Server 1 on
Subnet 1.
Using a Relay Agent

1. DHCP Client C broadcasts a DHCPDiscover message on Subnet 2 as a UDP datagram over well-known
UDP port 67, which is the port reserved and shared for BOOTP and DHCP server communication.
2. The relay agent, in this case a DHCP relay-enabled router, examines the Gateway IP Address field (also
known as the giaddr field) in the DHCP message header. If the field has an IP address of 0.0.0.0, the
agent fills the Gateway IP Address field with the IP address assigned to the interface on which the
DHCPDiscover was received, and forwards the DHCPDiscover message as a unicast message to the
technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

24/25

1/28/14

How DHCP Technology Works: Dynamic Host Configuration Protocol (DHCP)

DHCP server on Subnet 1.


3. When DHCP Server 1 receives the DHCPDiscover message, it examines the Gateway IP Address field to
determine if the packet was relayed. The DHCP server then determines whether it can supply an IP
address lease to clients on the subnet indicated by the address in the Gateway IP Address field.
For example, if the Gateway IP Address field has an IP address of 192.168.45.2, the DHCP server checks
its DHCP scopes for a scope range that includes 192.168.45.2 (the gateway IP address in the packet). To
find a match, the DHCP server determines whether the IP address 192.168.45.2 matches the network ID
of each scope. It determines the network ID of each scope by ANDing any IP address in the scope with
its corresponding subnet mask. In this case, the DHCP server checks to see which scope includes
addresses for Subnet 2. If a scope exists that matches this criterion, the DHCP server selects an available
address from the matched scope to use in an IP address lease offer response to the client.
4. DHCP Server 1 sends a DHCPOffer message directly to the relay agent identified in the Gateway IP
Address field.
5. The relay agent relays the DHCPOffer message to the DHCP client.
Depending on the value of the Broadcast flag in the DHCPOffer message (which was copied from the
DHCPDiscover message), the DHCP relay agent either unicasts or broadcasts the DHCPOffer message.
6. By using a similar process, a DHCPRequest message is relayed from client to server, and a DHCPAck
message is relayed from server to client.
For more information about the DHCP relay agent, see How the DHCP Relay Agent Works in How Unicast IPv4
Routing Protocols and Services Work.

Community Additions
2014 Microsoft. All rights reserved.

technet.microsoft.com/en-us/library/cc780760(v=ws.10).aspx

25/25

Das könnte Ihnen auch gefallen