DHCP on Cisco Router

Dynamic Host Configuration Protocol is the networking protocol to manage and automate the process of assigning the IP addresses in the network. Configuring the DHCP on a router or multilayer server does not involve only IP addresses, although it is also connected with other parameters like subnet masks, DNS servers, and IP gateway addresses.

Let's explain how the DHCP protocol operates. 

DHCP operates in a client-server model.For example, a device like a PC requests an IP address lease from the DHCP server when it connects to the network. Server DHCP is able to assign an IP address to the client device for a specific amount of time, known as the lease period.

The DORA process

This process is known as DORA from the abbreviations of four words: Discover, Offer, Request, and Acknowledge. It requires four steps:

Discover:

The client (PC) sends a broadcast message, 255.255.255.255, to find a DHCP server on the local network. The broadcast message is sent to all members of the local network from the client. If the DHCP server is located on another subnet, a gateway router must be configured with helper addresses to forward the DHCP message (broadcast) to the DHCP server. The source IP address is 0.0.0.0 in the protocol header. This is due to the fact that the PC host does not yet have an address.

DHCP DISCOVER (Client → Broadcast)

Source IP: 0.0.0.0 (The client doesn’t have an IP yet)

Destination IP: 255.255.255.255 (Broadcast to all devices on the network)

Source MAC: Client’s MAC address

Destination MAC: FF:FF:FF:FF:FF:FF (Broadcast MAC)

The client broadcasts a request for an IP address because it doesn't know the DHCP server's location.

Offer:

The DHCP server receives the broadcast message and responds, offering an IP address. The server does not only offer an IP address; it additionally offers network settings (DNS, gateway, subnet mask, etc.). This offer is for the specific period of time, usually. This period of time is called the lease duration. The DHCP server sends those offer packets to all the devices on the network using the same broadcast address of 255.255.255.255. The devices then have the option to accept or decline the offer.

DHCP OFFER (Server → Broadcast or Unicast)

Source IP: DHCP Server’s IP (e.g., 192.168.1.1)

Destination IP: 255.255.255.255 (Broadcast) or Client’s MAC (Unicast if supported)

Source MAC: Server’s MAC address

Destination MAC: Client’s MAC address

The DHCP server offers an IP address to the client along with a subnet mask, gateway, and DNS info.

Request:

 Theoretically, only the device with an attached MAC address to the original DHCP message (Discover) is able to accept the offer. This is due to the fact that MAC address information about the PC was stored in the message's header field. As a reminder to you, the Ethernet card's MAC address is a unique code that is physically burnt on it to identify the hardware.This message sent from the client confirms his intention to use the offered IP address. Putting together this point, the offer message was sent as a broadcast, but only one device was able to accept it and reply with a request.

DHCP REQUEST (Client → Broadcast)

Source IP: 0.0.0.0 (Client still doesn’t have an IP yet)

Destination IP: 255.255.255.255 (Broadcast)

Source MAC: Client’s MAC address

The client requests the offered IP, telling all DHCP servers that it accepts this particular offer.

Acknowledge:

The DHCP server receives confirmation from the PC that is ready to receive an IP address. Therefore, the DHCP server sends the acknowledgement that the IP address is assigned and can be used. From now on, the client (PC) can use this IP address in its network configuration. In the case when the server cannot assign an IP address, it may send a DHCP NAK (Negative Acknowledgement) instead.

DHCP ACKNOWLEDGE (Server → Broadcast or Unicast)

Source IP: DHCP Server’s IP

Destination IP: 255.255.255.255 (Broadcast) or Client’s new assigned IP (Unicast)

Source MAC: Server’s MAC address

Destination MAC: Client’s MAC address

The DHCP server confirms the lease, and the client can now use the assigned IP.

The main benefit and advantageous feature of the DHCP protocol is dynamic IP allocation. This makes it possible to use IP addresses efficiently. It ensures that the client's IP address can be changed and reconfigured automatically. An important feature of DHCP is the pool of addresses, which are predetermined (assigned by a network engineer). The leasing process of IP addresses from the pool is effective because the IP addresses can be returned for future usage when the lease expires.

It is possible and common practice to exclude particular IP addresses from the pool for static allocation. It means that excluded IP addresses can be assigned in the form of static to individual devices such as routers, firewalls, DHCP, DNS, email, web and file servers, access points, and switches (for management purposes). It is not an exhaustive list of static addresses, as other network devices such as IoT, VoIP, VPN gateways, and specialist devices may benefit from having a static IP address.

It is important to mention that DHCP gives three different configuration techniques to allocate IP addresses to clients. These configurations are static*, automatic, and dynamic allocation.

Let's go explain these three modes.

Dynamic allocation refers to the process of allocating an IP address to a client, but it may change each time the device is re-connecting to the network. This allows for more efficient and flexible use of the IP address pool, and this configuration we discuss in that article.

Automatic allocation sets the IP address to be assigned permanently for an infinite time of lease.

In static allocation mode, the administrator preconfigures the server, manually assigning IP addresses to the MAC addresses of clients. Next, the DHCP server will always assign the same IP address to the same client based on the MAC address.

* Please, do not be confused between static IP addresses and static allocation modes. These are two different definitions. The static IP address is the manually assigned IP address by the network administrator. The static allocation mode of the DHCP server is the type of dynamically allocated IP address by the DHCP server to the client with the help of the network administrator who makes the decision to match the IP addresses from the pool to devices on the network using their MAC address.

Basic DHCP Server Configuration on a Cisco Router

The router's configuration for VLAN 10 must be completed as shown above. In the first global command, we exclude addresses that we do not wish to be used for dynamic allocation. As mentioned above in this article, we can exclude some IP addresses to utilise them later.

The second command generates the pool name. In this case, the name is VLAN10. On the third command, we provided the network IP address and subnet mask. Finally, the last two command lines define the default gateway and DNS server.

All of these five lines cover the Cisco router's fundamental DHCP settings. 

I have repeated the same DHCP configuration for the rest of the VLANs in our topology: VLAN 20, VLAN 30, and VLAN 40.

R1#conf t

R1(config)#ip dhcp excluded-address 10.1.20.1 10.1.20.100

R1(config)#ip dhcp pool VLAN20

R1(dhcp-config)#network 10.1.20.0 255.255.255.0

R1(dhcp-config)#default-router 10.1.20.254

R1(dhcp-config)#dns-server 10.1.20.254

R1#conf t

R1(config)#ip dhcp excluded-address 10.1.30.1 10.1.30.100

R1(config)#ip dhcp pool VLAN30

R1(dhcp-config)#network 10.1.30.0 255.255.255.0

R1(dhcp-config)#default-router 10.1.30.254

R1(dhcp-config)#dns-server 10.1.30.254

R1#conf t

R1(config)#ip dhcp excluded-address 10.1.40.1 10.1.40.100

R1(config)#ip dhcp pool VLAN40

R1(dhcp-config)#network 10.1.40.0 255.255.255.0

R1(dhcp-config)#default-router 10.1.40.254

R1(dhcp-config)#dns-server 10.1.40.254

Now we are ready to check the changes to DHCP service on the router R1.

R1#show ip dhcp pool

Pool VLAN10 :

Utilization mark (high/low) : 100 / 0

Subnet size (first/next) : 0 / 0

Total addresses : 254

Leased addresses : 1

Excluded addresses : 4

Pending event : none

1 subnet is currently in the pool

Current index IP address range Leased/Excluded/Total

10.1.10.1 10.1.10.1 - 10.1.10.254 1 / 4 / 254

Pool VLAN20 :

Utilization mark (high/low) : 100 / 0

Subnet size (first/next) : 0 / 0

Total addresses : 254

Leased addresses : 1

Excluded addresses : 4

Pending event : none

1 subnet is currently in the pool

Current index IP address range Leased/Excluded/Total

10.1.20.1 10.1.20.1 - 10.1.20.254 1 / 4 / 254

Pool VLAN30 :

Utilization mark (high/low) : 100 / 0

Subnet size (first/next) : 0 / 0

Total addresses : 254

Leased addresses : 1

Excluded addresses : 4

Pending event : none

1 subnet is currently in the pool

Current index IP address range Leased/Excluded/Total

10.1.30.1 10.1.30.1 - 10.1.30.254 1 / 4 / 254

Pool VLAN40 :

Utilization mark (high/low) : 100 / 0

Subnet size (first/next) : 0 / 0

Total addresses : 254

Leased addresses : 1

Excluded addresses : 4

Pending event : none

1 subnet is currently in the pool

Current index IP address range Leased/Excluded/Total

10.1.40.1 10.1.40.1 - 10.1.40.254 1 / 4 / 254

R1#

As well, we are able to check how the IP addresses are bound to the network devices.

R1#show ip dhcp binding

IP address Client-ID/ Lease expiration Type

Hardware address

10.1.10.101 000C.85AB.ED1A -- Automatic

10.1.20.101 00D0.582C.A207 -- Automatic

10.1.30.101 0060.4769.24CD -- Automatic

10.1.40.101 0000.0C28.5D96 -- Automatic

We can check any IP address conflict with our IP address pool:

R1#show ip dhcp conflict

Finally, for this simple router setup, we have access to a configuration file where more information about the DHCP IP pool is stored. 

Some lines have been omitted for clarity.

!

ip dhcp excluded-address 10.1.10.1 10.1.10.100

ip dhcp excluded-address 10.1.20.1 10.1.20.100

ip dhcp excluded-address 10.1.30.1 10.1.30.100

ip dhcp excluded-address 10.1.40.1 10.1.40.100

!

ip dhcp pool VLAN10

network 10.1.10.0 255.255.255.0

default-router 10.1.10.254

dns-server 10.1.10.254

ip dhcp pool VLAN20

network 10.1.20.0 255.255.255.0

default-router 10.1.20.254

dns-server 10.1.20.254

ip dhcp pool VLAN30

network 10.1.30.0 255.255.255.0

default-router 10.1.30.254

dns-server 10.1.30.254

ip dhcp pool VLAN40

network 10.1.40.0 255.255.255.0

default-router 10.1.40.254

dns-server 10.1.40.254

!

!

Configuring IP-helper relay on the Cisco router.

As shown in the topology below, I added a simple network with an L2 layer switch and router. To transfer packets between networks, I set up static routing on both routers, R1 and R2. 

According to this topology, we made the decision that the DHCP router for all networks is located on router 1 (R1). The DHCP configurations for the VLANs were uncomplicated, as we exercised it above. But how can we connect the added 192.168.20.24 network to the DHCP server located on router 1?

DHCP services on Cisco routers also support multiple subnets using the concept of DHCP relay agents or IP helper addresses, enabling centralised management even in complex networks.

The helper IP address is the address where the DHCP service is located. In our exercise, it is a router 1. Therefore, we enter the IP address of router 1 of the interface connected with router 2. 

Please be focused for the moment. The helper is set on router 2, as this router is a gateway in the 192.168.20.0 /24 network.

R2(config)#int g0/0

R2(config-if)#ip helper-address 172.16.50.1

Now, we need only to update our DHCP service on router 1 by adding a new pool. I use exactly the same method as I did for the VLANs. Be conscious that the default router and DNS settings refer to the gateway IP address of  192.168.20.0 /24 network.

R1(config)#ip dhcp excluded-address 192.168.20.1 192.168.20.100

R1(config)#ip dhcp pool CLIENT

R1(dhcp-config)#network 192.168.20.0 255.255.255.0

R1(dhcp-config)#default-router 192.168.20.1

R1(dhcp-config)#dns-server 192.168.20.1

R1(dhcp-config)#end

Summary: 

The dynamic Host Configuration Protocol (DHCP) is a network protocol that manages and automates the process of assigning IP addresses to the hosts in the network. It operates in client-server models. The client requests an IP address, and the server assigns from a preterminated pool of addresses.

In a tiny network, such as this one, we can use the router's DHCP service. Even if the network is later expanded (scalability), we can utilise the router to send a DHCP broadcast message to the other network requesting an IP address.

To download the Packet Tracer file for this exercise, click on : ROAS + DHCP

Another lab with a simple DHCP configuration here: DHCP LAB.