By Jeff Kabachinski, MS-T, BS-ETE, MCNE

Jeff KabachinskiThere’s a lot going on behind the scenes to facilitate network communication. Network devices check on client (ie, the node or host) and server access, and are controlling all manner of network connectivity. The Internet and enterprise networks that use TCP/IP as their network operating system have all the ways and means to manage connections and communications. Dynamic host configuration protocol (DHCP) is one such mechanism to facilitate Internet-like communication. Without it, Internet or network access would be difficult, if not impossible. DHCP function is also transparent to the end user.

Let’s take a look at DHCP and get an idea of what’s going on behind the curtain. DHCP is a communications protocol that manages a pool of Internet protocol (IP) addresses, the pool assigned by a network administrator, to be automatically assigned to clients as requested. The assignment is usually a lease to use a specific IP address for a predetermined amount of time. This is called dynamic allocation. If the lease is not renewed, the DHCP server reclaims the address and puts it back into the pool to be reallocated to another requesting client.

With automatic allocation, the DHCP server can also assign permanent IP addresses if so configured. In this case, the DHCP server keeps a table of past address assignments and reassigns the same IP address that the client previously had. The domain name system (DNS) servers keep tables of the mapping of URLs, IP addresses, and media access control (MAC) addresses. This is where the DHCP server address can be found. To avoid having to frequently update those tables, servers are generally assigned fixed addresses.

Before the advent of DHCP and its predecessor, BOOTP, assigning IP addresses and other configuration information had to be done at each machine manually. This entailed keeping a log of the MAC address (ie, the hardware address, usually Ethernet) and the IP address that they are mapped to. As networks grew, manually managing the IP address pool going from PC to PC in a facility became unsustainable.

Another way that DHCP can be used is to still allocate addresses manually, but from a central location and using DHCP to manage doling them out, a process also known as static allocation. Here, the network administrator prefills the table that maps the MAC address to the assigned IP address.


For the most part, DHCP follows a process known as DORA (Discover, Offer, Request, and Acknowledge) when allocating IP addresses and other necessary configuration information. It works as follows:

1) A user turns on a networked computer that is configured as a DHCP client.

2) The client computer broadcasts a DISCOVER request (DHCPDISCOVER) to search for DHCP servers that will answer. This is transmitted on the physical subnet to which the client is attached. It uses transmission control protocol (TCP) destination port number 67 by means of the connectionless routine (no ACK or handshaking) of the user datagram protocol (UDP). The client sends the DISCOVER message as a broadcast message, where the IP and MAC addresses are all digital ones (the numeral 1). It also lists its MAC address and zeroes for its IP address (since it doesn’t have one yet).

3) A router, if present, can direct the DISCOVER packet to the correct DHCP server for that hardware subnet.

4) DHCP servers receive the DISCOVER packet and determine an appropriate IP address to give to the client. This is done based on availability and usage policies preset on the server. The server temporarily reserves that address for the client and transmits an OFFER (or DHCPOFFER) packet on TCP port 68 that contains the allocated address information.

5) The client sends a REQUEST (or DHCPREQUEST) packet back to the chosen DHCP server’s OFFER, letting that server know that it intends to use the address. The DHCP servers that do not receive a REQUEST will time-out and return the held IP address back to their pool.

6) The server sends an ACK (or DHCPACK) packet, acknowledging and confirming that the client has been given a lease on the address for a server-specified period of time. The server can also configure the client’s DNS servers, Windows internet name service (WINS) servers, network time protocol (NTP) servers, and other services and configurations as predetermined.


You can see your assignments and allocations by using the DOS-like command of IPCONFIG. In Windows 7, press the windows key (usually to the left of the space-bar) and the letter r at the same time. This brings up the Run window. In the “open” field, type CMD to open a command window. Your user account control may pop up to see if you’re sure. Say yes.

At this point you’ll see a screen that looks suspiciously like the old DOS-based PC screen. It is in fact DOS-like, and some DOS commands still work.

The command we’re interested in here is IPCONFIG. By typing IPCONFIG_/ALL (where _= a space) you’ll see how all of your network interfaces are set up. You’ll see the MAC and IP addresses, whether you have DHCP enabled, if autoconfiguration is enabled, the subnet mask, default gateway address, the DHCP server and DNS servers, and more.

When the lease expires, the DHCP server will generally PING the newly expired IP address to see if it’s still in use. If not, it returns the IP address to the pool. Upon restarting, the client will need to reinitiate the DORA process. The client might ask to use the same IP address it had originally and will generally get it, unless it has already been doled out to another client.

To Learn More

There are several variations to the DORA process, all outlined in the DHCP specification (RFC 2131). The specification is only 45 pages long, and is where you can find all the details and relationships to other related specifications. In addition, Wikipedia has a good technical explanation, showing packet structure while stepping through the DORA process. The article also reviews security and what options are available in the DHCP protocol. 24×7

Jeff Kabachinski is the director of technical development for Aramark Healthcare Technologies in Charlotte, NC. For more information, contact [email protected].