DHCP (Dynamic Host Configuration Protocol) is a network protocol used to automatically assign IP addresses and other network configuration parameters to devices on a network.

When a device requires an IP address, a series of messages are broadcast across the network to firstly identify if there is an available DHCP service, and if there is, whether it can provide IP configuration data. This process is often called DORA, after the four stages it uses (Discover, Offer, Request Acknowledge)

The following steps outline how DHCP works:

  • DHCP discover: When a device is connected to a network, it sends a broadcast message requesting an IP address.
  • DHCP offer: DHCP server(s) on the network receive the DHCP discover message and respond with a DHCP offer message. This message includes an available IP address for the device, as well as other configuration parameters such as subnet mask, default gateway, and DNS server(s) IP addresses.
  • DHCP request: Once the device receives the DHCP offer, it sends a DHCP request message to the server(s), indicating that it wants to use the offered IP address configuration data.
  • DHCP acknowledgement: The DHCP server(s) then sends a DHCP acknowledgement message to the device, confirming that the IP address has been assigned to it. The device can then use the IP address and other network configuration parameters provided by the server(s) to connect to the network.

DHCP is designed to be a “plug-and-play” protocol that makes it easy to add new devices to a network without having to manually configure network settings.

Wireshark capture showing the DHCP DORA process

During the discover phase, the requesting device will issue a list of the items it would like to resolve in addition to an IP address. These will typically include the subnet mask, the default gateway IP address, and the DNS server IP address, but it might request other data as well.

Wireshark capture showing DHCP discover request list items

When a DHCP server responds with the DHCP offer, it will supply any of the data items requested which it has authority to do so.

Wireshark capture showing DHCP offer items

The requesting device will send a message back to the server requesting to lease the data offered by the server

Wireshark capture showing DHCP requested items

The server acknowledges the client request and sends the data to the client indicating that the process has now completed.

Wireshark capture showing DHCP acknowledged items

Lease times

During the DORA process, the server will inform the client of the duration it is allowed to use the provided data for, This is the lease time, and is configured by the network administrator.

When a DHCP server issues DHCP data, it reserves that IP address for the specified lease time and as such will not offer the same address to another device whilst the lease time is active.

When the lease time expires, the DHCP server may reclaim the IP address and assign it to another requesting device. The original device must then request a new IP address lease if it wants to continue using the network.

During the lease period, a device may request to extend the lease time so that it keeps the IP address it has been allocated. This extension request can occur at any point during the lease period, but it typically happens at the half-way point of the lease time.

When a DHCP renew request is recieved, the server will check to see if any other devices have specifically requested the reserved IP address, and assuming that none have, it will issue an acknowledgement with the lease-time reset.

This renewal process will continue so long as the device remains on the network. If the device leaves the network, then no extension requests will be received by the server and as such when the lease-time expires, the server will free-up the IP address for any other device to claim.

The DHCP lease time is an important parameter for network administrators to consider when configuring DHCP. A shorter lease time can help ensure that IP addresses are not wasted by devices that are no longer on the network, while a longer lease time can reduce the amount of DHCP traffic on the network and provide a more stable network environment.

APIPA address

An APIPA (Automatic Private IP Addressing) address is a self-assigned IP address that a device uses if it is unable to obtain an IP address from a DHCP server on the network.

APIPA addresses are any address within the following range – 169.254.0.1 to 169.254.255.254 with a subnet mask of 255.255.0.0.

If a device is unable to connect to a DHCP server or if the DHCP server is not available, it will automatically assign itself an APIPA address within this range.

APIPA addresses allow devices to communicate with each other on a local network segment without the need for a DHCP server or any other network configuration. However, APIPA addresses are not routable, which means that devices using APIPA addresses cannot communicate with devices on other network segments or on the Internet.

APIPA addresses may not be the most ideal way to configure a network, but they can be a useful fallback option for ensuring that devices can continue to communicate with each other even if there are problems with the network configuration.