DHCP Relay

The purpose of a DHCP relay is to enable the distribution of IP addresses and configuration information from a centralized DHCP server to client devices located on different subnet or VLAN. It acts as an intermediary between the DHCP client and server, forwarding DHCP messages between them. This intermediary device is called Relay Agent.

In this scenario we are going to need a layer 3 switch and we are going to use Cisco 3600. DHCP Relay can be configured either on router or at least layer 3 switch. On L3 switch we need to configure two Switch Virtual Interfaces (SVI) for VLAN 5 and for VLAN 10. Interface F0/0 facing DHCP server is assigned VLAN 10 and F0/1 VLAN 5.

On SVI VLAN 5 we configure ip helper-address 192.168.2.254 command. When a client device in one VLAN sends a DHCP broadcast message to obtain an IP address, the DHCP relay agent configured on a Layer 3 device (such as a router or switch), intercepts the broadcast and forwards it as a unicast message to the specified DHCP server. This is necessary because DHCP broadcast messages do not traverse between VLANs by default. The “ip helper-address” command is applied on the interface that is facing the VLAN where the DHCP requests are originating from. It tells the device to forward DHCP packets received on that interface to the specified DHCP server.

dhcp relay wireshark

Those captured DHCP messages are on VLAN 5 before they get processed Relay agent. As you can see, src IP is 0.0.0.0 because there is none assigned yet, and it is broadcast message that cannot be routed if there is no DHCP relay configuration.

dhcp relay wireshark

The discover message has destination MAC address built from f letters only, which is layer 2 destination broadcast. Message also displays DHCP uses UDP which means it does not guarantee delivery, which is why client sends multiple broadcasts sometimes. Port 68 is assigned for DHCP clients and 67 as destination port for the server. The messages going opposite direction the ports get swapped.

dhcp relay wireshark

These are the DHCP messages forwarded by relay agent because we no longer see source IP as four zeros and 192.168.2.254 is IP address of DHCP server as displayed on thumbnail. MAC addresses on layer 2 are pointing on LAN only and since here we are using layer 3 switch and Inter- VLAN routing, DHCP server forwards frames to MAC address of the f0/0 switch interface. That switch later uses it’s own MAC address of interface f0/1 and finally MAC address of the DHCP client.