DHCP Relay Agent


In networks with multiple subnets, it is not feasible to place DHCP servers on each of the subnets where clients are physically located. For a multi-segmented network, the best configuration is to place the DHCP servers in a central location. For this configuration to work effectively, DHCP messages must be able to cross IP routers. The problem is that DHCP traffic is mostly comprised of broadcast type messages which routers do not forward across interfaces. The solution is using a DHCP Relay Agent. Routers that are RFC 1542 compliant have the ability to act as DHCP Relay Agents. In addition, Windows Server Routing and Remote Access (RRAS) services also provides the ability to run DHCP Relay Agent Services.

The process of obtaining an IP lease from a DHCP server can be broken down into four phases: DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, AND DHCPACK.

When a router configured as a Relay Agent receives a DHCP broadcast, it converts it to unicast packet with destination MAC/IP address of the configured DHCP server, and source MAC/IP of the router itself.

 

DHCPDISCOVER

The DHCP client sends the DHCPDISCOVER message, containing the MAC address of the DHCP client, to the broadcast IP address (255.255.255.255) and the MAC-level broadcast address (FF-FF-FF-FF-FF-FF). The DHCP Relay Agent receives and processes the DHCPDISCOVER packet.

As established in RFC 1542, the DHCP Relay Agent can forward the packet to either an IP broadcast, multicast, or unicast address. In practice, DHCP Relay Agents forward DHCPDISCOVER messages to unicast IP addresses which correspond to DHCP server(s). Before forwarding the original DHCPDISCOVER message, the DHCP Relay Agent makes the following changes to the packet:

  • Increments the Hop Count field in the DHCP header. The DHCP Hop Count field is separate from the Time to Live (TTL) field in the IP header and is used to indicate on how many networks this DHCPDISCOVER has existed as a broadcast. When the configured maximum Hop Count is exceeded, the DHCPDISCOVER is silently discarded. This value can be configured when using a Microsoft DHCP Relay Agent. The default value is 4.
  • Updates the Relay IP Address field (Gateway IP Address field, GIADDR) in the DHCP header. When the DHCP client sends the DHCPDISCOVER message, the Relay IP Address field is set to 0.0.0.0. If the Relay IP Address is 0.0.0.0, the DHCP Relay Agent records the IP address of the interface on which the DHCPDISCOVER message was received. If the Relay IP Address is not 0.0.0.0, the DHCP Relay Agent does not modify it.
  • Changes the source IP address of the DHCPDISCOVER message to the IP address of the interface on which the broadcasted DHCPDISCOVER was received.
  • Changes the destination IP address of the DHCPDISCOVER message to the configured unicast address of the DHCP server.

The DHCP Relay Agent sends the DHCPDISCOVER message as a unicasted IP packet rather than as an IP and MAC-level broadcast. If the DHCP Relay Agent is configured with multiple DHCP servers, it sends each DHCP server a copy of the DHCPDISCOVER message.

 

Type: UDP
Source IP: 0.0.0.0
Source Port: 68
Destination IP: 255.255.255.255
Destination Port: 67

 

DHCPOFFER

When responding to the DHCP client’s request for an IP address, the DHCP server uses the Relay IP Address field in the following ways:

  • The Relay IP Address and the subnet masks of the server’s configured scopes are compared through a logical AND comparison to find a scope whose network ID matches the network ID of the Relay IP Address. When a match is found, the DHCP server allocates an IP address from that scope.
  • When sending the offer back to the client, the DHCP server sends the DHCPOFFER message to the Relay IP Address as the destination IP address.
Once received by the DHCP Relay Agent, the Relay IP Address is used to determine which interface to which the DHCPOFFER message is to be forwarded. It then forwards the DHCPOFFER message on the interface where the DHCPDISCOVER message originated from.

 

Type: UDP
Source IP: DHCP Server’s IP
Source Port: 67
Destination IP: DHCP Relay Agent IP
Destination Port: 68

DHCPREQUEST

The DHCP client sends the DHCPREQUEST message, containing the MAC address of the client, to the IP broadcast address (255.255.255.255) and to the MAC broadcast address (FF-FF-FF-FF-FF-FF). The DHCP Relay Agent receives this packet and forwards it as a unicast IP packet to the configured DHCP server or servers.

 

Type: UDP
Source IP: 0.0.0.0
Source Port: 68
Destination IP: 255.255.255.255
Destination Port: 67

DHCPACK

The DHCP server initially sends the DHCPACK message to the Relay IP Address, as it did with the DHCPOFFER message. When the DHCP Relay Agent receives the DHCPACK message, it places the message back on the subnet where the DHCPREQUEST originated from.

 

Type: UDP
Source IP: DHCP Server’s IP
Source Port: 67
Destination IP: DHCP Relay Agent IP
Destination Port: 68
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: