• Animesh Gupta

What is DHCP?



DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to dynamically assign an Internet Protocol (IP) address to any device, or node, on a network so they can communicate using IP. DHCP automates and centrally manages these configurations rather than requiring network administrators to manually assign IP addresses to all network devices. DHCP can be implemented on small local networks as well as large enterprise networks.

DHCP will assign new IP addresses in each location when devices are moved from place to place, which means network administrators do not have to manually initially configure each device with a valid IP address or reconfigure the device with a new IP address if it moves to a new location on the network. Versions of DHCP are available for use in Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6).


How DHCP Works?

DHCP runs at the application layer of the Transmission Control Protocol/IP (TCP/IP) protocol stack to dynamically assign IP addresses to DHCP clients and to allocate TCP/IP configuration information to DHCP clients. This includes subnet mask information, default gateway IP addresses and domain name system (DNS) addresses.

DHCP is a client-server protocol in which servers manage a pool of unique IP addresses, as well as information about client configuration parameters, and assign addresses out of those address pools. DHCP-enabled clients send a request to the DHCP server whenever they connect to a network.

Clients configured with DHCP broadcast a request to the DHCP server and request network configuration information for the local network to which they're attached. A client typically broadcasts a query for this information immediately after booting up. The DHCP server responds to the client request by providing IP configuration information previously specified by a network administrator. This includes a specific IP address as well as for the time period, also called a lease, for which the allocation is valid. When refreshing an assignment, a DHCP client requests the same parameters, but the DHCP server may assign a new IP address based on policies set by administrators.



A DHCP server manages a record of all the IP addresses it allocates to network nodes. If a node is relocated in the network, the server identifies it using its Media Access Control (MAC) address, which prevents accidentally configuring multiple devices with the same IP address.

DHCP is not a routable protocol, nor is it a secure one. DHCP is limited to a specific local area network (LAN), which means a single DHCP server per LAN is adequate, or two servers for use in case of a failover. Larger networks may have a wide area network (WAN) containing multiple individual locations. Depending on the connections between these points and the number of clients in each location, multiple DHCP servers can be set up to handle the distribution of addresses. If network administrators want a DHCP server to provide addressing to multiple subnets on a given network, they must configure DHCP relay services located on interconnecting routers that DHCP requests have to cross. These agents relay messages between DHCP clients and servers located on different subnets.

DHCP lacks any built-in mechanism that would allow clients and servers to authenticate each other. Both are vulnerable to deception (one computer pretending to be another) and to attack, where rogue clients can exhaust a DHCP server's IP address pool.


History of DHCP


DHCP is an extension of a 1985 network IP management protocol, Bootstrap Protocol (BOOTP). DHCP is more advanced and DHCP servers can handle BOOTP client requests if any BOOTP clients exist on a network segment. Using one central BOOTP server to serve hosts on many IP subnets, BOOTP introduced the concept of a relay agent that allowed BOOTP packets to be forwarded across networks. BOOTP required a manual process to add configuration information for each client, however, and did not provide a mechanism for reclaiming IP addresses no longer in use.

©2019 Security Unleashed | New Delhi