How to configure DHCP RELAY AGENT on CISCO Routers

Dynamic Host Configuration Protocol helps us to address dynamically our hosts on the network. In fact, when a Host is configured to get its IP address dynamically, it will broadcast a DHCP REQUEST on the network searching for a DHCP SERVER.

The problem here is that our DHCP SERVER has to be on the same broadcast domain as the CLIENTS since routers do not forward broadcast packets. I suggest to start with the following architecture:

DessinRELAYOn the left side, we have our DHCP CLIENT. In the middle, our Router and on the right side the DHCP SERVER.

As our DHCP Client wants to get an IP address, it will send a DHCP Discover message which is a broadcast message. As the Router do not forward broadcast packets, this message will never reach the DHCP Server, and as a result: No IP address for our friend DHCP Client. This is not good. 🙁

To solve this problem, the DHCP Relay Agent feature is used on routers to forward DHCP messages to the DHCP Server, and when the DHCP Server respond, the Router will forward the replies to the Client.

Let’s see how it works:

Dessin2DISCOVER

The DHCP Client broadcasts a DHCP Discover message looking for a DHCP Server. When the Router Receives this message, and with the DHCP Relay Agent feature enabled, it will forward the message to the DHCP Server as a Unicast Packet.

The router will also add to this Unicast Packet a field called giaddr (Gateway IP address) in the DHCP Packet, this field will contains in our case the IP address 192.168.1.1 since the router receives the DHCP Discover message on the Fa0/0, and the source IP address of this Unicast packet will be also 192.168.1.1.

This field is required by the DHCP Server so it can know from which pool it has to select an IP address.

DHCPOFFER

One the DHCP Server receives the DHCP Discover message, it will respond by the DHCP OFFER Message; this message will be sent as a Unicast parcket to the router.

The router will forward the DHCP OFFER Message as a broadcast message.

DHCP REQUESTThe DHCP Client has verified the information in the DHCP Offer message, and sends a DHCP REQUEST as a broadcast message. The router will forward this message as Unicast packet to the DHCP SERVER. Note that once again, the giaddr field is added add contains the IP address 192.168.1.1.

DHCP ACK

As a response to the DHCP REQUEST message, the DHCP SERVER will send a DHCP ACK message to the router, and in turn, the router will broadcast this message on the Fa0/0. Finally, our DHCP Client has its IP address.

Let’s see how we can configure this, are you ready?

Configuration

LAB

We will use 3 routers to see the configuration.

Here is the basic configuration:

ROUTER(config)#int f0/0
ROUTER(config-if)#ip address 192.168.1.1 255.255.255.0
ROUTER(config-if)#no shutdown
ROUTER(config)#int f0/1
ROUTER(config-if)#ip address 192.168.2.1 255.255.255.0
ROUTER(config-if)#no shutdown
DHCP_CLIENT(config)#int f0/0
DHCP_CLIENT(config-if)#no shutdown
DHCP_SERVER(config)#int f0/0
DHCP_SERVER(config-if)#ip address 192.168.2.2 255.255.255.0
DHCP_SERVER(config-if)#no shutdown
DHCP_SERVER(config)#ip dhcp pool NET1
DHCP_SERVER(dhcp-config)#network 192.168.1.0 255.255.255.0
DHCP_SERVER(dhcp-config)#default-router 192.168.1.1
DHCP_SERVER(dhcp-config)#exit

As you can see, this is the basic configuration of every router. We have also configured the DHCP SERVER service. Now we have to configure the DHCP RELAY AGENT on the router:

ROUTER(config)#int f0/0
ROUTER(config-if)#ip helper-address 192.168.2.2
ROUTER(config-if)#exit

As you can see, the DHCP RELAY AGENT feature is enabled using the IP helper-address command. 192.168.2.2 is the IP address of the DHCP SERVER. And we enable the feature on the interface connected to the DHCP CLIENT. You can see the feature enabled on the interface fa0/0:

ROUTER#show ip int fa0/0
FastEthernet0/0 is up, line protocol is up (connected)
Internet address is 192.168.1.1/24
Broadcast address is 255.255.255.255
Address determined by setup command
MTU is 1500 bytes
  Helper address is 192.168.2.2
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound   access list is not set
Proxy ARP is enabled

Before configuring the interface of the DHCP CLIENT to get a dynamic IP address, we have to configure the Server to reach the network 192.168.1.0/24, because the source IP address of the DHCP messages will be 192.168.1.1/24. For this we’ll configure a static router:

DHCP_SERVER(config)#ip route 192.168.1.0 255.255.255.0 192.168.2.1

Last step is to configure the interface of the DHCP CLIENT for DHCP:

DHCP_CLIENT(config)#int f0/0
DHCP_CLIENT(config-if)#ip address dhcp
DHCP_CLIENT(config-if)#exit

Now, let’s see if the interface has an IP address:

DHCP_CLIENT#show ip int br
Interface             IP-Address     OK? Method Status               Protocol
FastEthernet0/0         192.168.1.8     YES DHCP   up                   up
FastEthernet0/1       unassigned     YES unset administratively down down

As you can see, our router has successfully received an IP address. This means that the Relay feature is working fine.

This is all that I have for you on DHCP RELAY AGENT feature. If you have any question, just leave a comment.

You may also like...

11 Responses

  1. fbyg says:

    awesome explanation!! Thanks

  2. Murat Emre Delikan says:

    Very helpfull for me thanks for sharing.

  3. Great explanation and diagrams. Thanks for sharing.

  4. Gajendra says:

    Great explanation. Simple and precise. Many thanks.

  5. prashant says:

    Very very thanks for provide me knowledge of dhcp with easy language

  6. JahBless says:

    i Like this! Thanks alot, took me some days to get this dhcp relay agent config work on my lab!

  7. tap says:

    when the router sends the dhcpoffer as broadcast then all clients will receive that frame then how the client decide whether it is meant for it? is it by looking at the ‘chaddr’ field in the dhcpoffer message? and the client whose mac addr matches the chaddr can process and rest all clients will drop.?

  8. Bubaz says:

    Verry googdd

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.