Technology Briefing: DHCP - Page 1

Dec 14, 2001

Gerald Williams

Anyone who maintains an IP-based network knows the headaches. Each device on the network, including routers, printers, firewalls, and workstations requires a unique IP address. As networks expand, most network managers find that they quickly run out of addresses. In addition, maintaining tables of IP addresses takes time. Managers must add subnets to increase the number of IP addresses, and they need to update their tables of IP addresses. Changes to the infrastructure also force the manager to reassess and reassign IP addresses. Further, the increase in mobile computers and remote connections can force a continual expansion of IP addresses.

An Easier Way
Dynamic Host Configuration Protocol (DHCP) offers a solution. Using DHCP, network managers can create a flexible, self-configuring network. DHCP works on the principal that most users and devices do not need a constant connection with the server. When a user logs onto the network, the server assigns an IP address to that device. This IP address remains in effect for a period of time and, if it is not active when that time expires, the server releases the IP address. The server can then reassign that address to another device.

In general, DHCP networks support a mix of three modes of operation to allocate IP addresses.

  • Manual -- network administrators assign IP addresses for each group of devices on a network. When a device requires IP services, it polls the servers to get its IP address. Managers can use this to "share" an IP address between multiple devices that never access the server at the same time. This also allows managers to reserve specific IP addresses for devices.
  • Automatic -- each device gets an IP address from the server when it first contacts the server. The IP address, however, remains with that device, and the server does not release it for use by another device. This is useful for initially configuring a static network.
  • Dynamic -- when a device connects with the server, it receives an IP address that remains in effect for a pre-set time period. When the time expires, the device or workstation must request another IP address. This represents the most flexible use of DHCP.

How It Works
Under DHCP, each device or workstations that connects to the network requests an IP address from the server. The process of negotiating this address includes:

  • DHCPDiscover -- As a device or workstation connects to the network, it broadcasts a request for an IP address. This request is sent after a random delay to avoid simultaneous submissions from multiple devices on the network.
  • DHCPOffer -- The server receives the DHCPDiscover message and responds with an IP address. Multiple DHCPOffers can be generated if more than one server resides on the network.
  • DHCPRequest -- The device or workstations receives the DHCPOffer and generates the DHCPRequest message for the IP address it selects. As a checkpoint, DHCP also can verify that the IP address is not currently in use.
  • DHCPack -- The server responds to the DHCPRequest with a message that sets the parameters of the session. This information includes the length of time (lease time) that the IP address will remain active. The device or workstation now operates using the assigned IP address.

The Gotcha
DHCP, in theory, seems simple. However, it takes time to set up a DHCP-based network. Older devices may not support DHCP. In some cases, these devices only support BOOTP, an older, simplified version of DHCP. Although many DHCP-enabled servers can support these devices, managers will need to configure the server. In other cases, some devices require a permanent IP address, and these must be identified and assigned. Some network managers prefer to manually assign IP addresses to routers, printers and other "permanent" devices.

In addition, managers using dynamic allocation techniques must take time to calculate the proper lease time for the IP addresses. The server verifies each connection when the lease time reaches the halfway point. If a network supports multiple remote sessions that last a relatively short amount of time, the lease time can be set minutes. This ensures that IP addresses will be released and available for subsequent users. For more stable networks, a lease time can be set for several hours or days. The lease time can effect network performance, so the manager must consider this parameter carefully.

Additional Resources on CIN
Each Technology Briefing acts as a reference on individual technologies and products, providing a knowledge base and guide to IT decision-makers in purchasing and deployment. Click here to reach a collection of previous Technology Briefings. Topics include: Firewalls, WLANs, network storage and others.

You can also go to the Great Docs section to find these Technology Briefings and other informative resources and documents on training and staffing, e-mail and Internet usage policies, a guide to project management and other topics.

Managers also need to consider the impact of service interruptions. Scheduled server maintenance or server failures can create havoc in a DHCP configuration. Longer lease times generally recover better from interruptions, but managers can implement multiple servers that share a pool of IP addresses to help resolve the problem. Managers can implement servers that share all available IP addresses, or they can select a subset of addresses to share among servers. Each approach requires that the servers synchronize their database of IP assignments, and this requires server processing.

Security also presents a problem. Firewalls, for example, generally allow managers to configure a list of acceptable IP addresses. If these addresses are dynamically assigned, it is more difficult to determine whether the device connecting to the network is authorized. Similarly, DHCP does not specify links to authentication programs, so managers may encounter difficulties implementing these types of security.

Page 1 of 2


0 Comments (click to add your comment)
Comment and Contribute

Your comment has been submitted and is pending approval.



 (click to add your comment)

Comment and Contribute

Your name/nickname

Your email


(Maximum characters: 1200). You have characters left.