Dhcp¶
16 cards — 🟢 3 easy | 🟡 4 medium | 🔴 3 hard
🟢 Easy (3)¶
1. What are the four steps of the DHCP handshake (DORA), and what transport protocol do they use?
Show answer
Discover, Offer, Request, Acknowledge — all four messages use UDP. The client sends on port 68, the server listens on port 67.Name origin: DORA is the mnemonic for the handshake. The client starts at 0.0.0.0 and broadcasts to 255.255.255.255.
Fun fact: DHCP (RFC 2131, 1997) replaced BOOTP, which replaced RARP — each generation added more configuration capability.
2. At what percentage of lease time does a DHCP client begin unicast renewal (T1)?
Show answer
At 50% of the lease time (T1). If that fails, at 87.5% (T2) the client begins broadcast rebinding to any available server.Under the hood: for a 24-hour lease, T1 fires at 12 hours (unicast to original server), T2 at 21 hours (broadcast to any server).
Gotcha: if both renewals fail, the client releases its IP at lease expiry and restarts DORA, briefly losing connectivity.
3. What three essential network parameters does a DHCP server typically provide beyond just an IP address?
Show answer
Subnet mask (option 1), default gateway/router (option 3), and DNS servers (option 6). Additional common options include domain name, NTP servers, and lease time.Fun fact: DHCP has 255 option codes across various RFCs. Option 150 (TFTP for Cisco phones) and option 66 (TFTP server) are common in VoIP.
Ref: https://www.iana.org/assignments/bootp-dhcp-parameters/
🟡 Medium (4)¶
1. Why are DHCP relay agents needed, and what field does the relay agent set to help the server pick the correct scope?
Show answer
DHCP uses broadcast, and broadcasts do not cross routers. A relay agent receives the broadcast, sets the giaddr (gateway IP address) field to its own IP on that subnet, and forwards the request as unicast to the DHCP server. The server uses giaddr to determine which pool to allocate from.2. Why does the DHCP REQUEST message use broadcast instead of unicast?
Show answer
Because there may be multiple DHCP servers that sent offers. The broadcast REQUEST tells all servers which offer was accepted, so the others can release their reserved addresses back to the pool.3. Why is using DHCP reservations preferred over static IP configuration on servers?
Show answer
DHCP reservations (MAC-to-IP bindings) keep all IP assignments in one system — the DHCP server — instead of splitting between DHCP for dynamic clients and static configs on individual hosts. This provides a single source of truth for IP management.4. What are the two main approaches to DHCP redundancy, and what is the downside of split scope?
Show answer
Split scope divides the pool between two servers (e.g., 60/40) with no inter-server communication. Active failover shares state between servers so both can serve the full pool. The downside of split scope is that if one server fails, its portion of the pool is unavailable until it returns.🔴 Hard (3)¶
1. How should DHCP lease times be chosen for different environments, and why?
Show answer
Match lease time to device turnover: guest WiFi 1-4 hours (high turnover, reclaim fast), office 8-24 hours (stable devices), server VLAN 7-30 days (stability, fewer renewals), lab/test 1-2 hours (frequent reprovisioning). Too short wastes bandwidth on renewals; too long exhausts the pool when devices leave.2. On a Cisco router, what does the "ip helper-address" command do, and what is the caveat about its scope?
Show answer
It configures the interface as a DHCP relay agent, forwarding broadcast DHCP requests to the specified server IP via unicast. The caveat is that ip helper-address forwards not just DHCP but also TFTP, DNS, TACACS, and other UDP services. If you only want DHCP relayed, use "ip forward-protocol" to limit which protocols are forwarded.3. What elements make up a well-designed DHCP scope, and why are exclusion ranges important?