What is DHCP (Dynamic Host Configuration Protocol)?
DHCP (Dynamic Host Configuration Protocol) is a network management protocol used to dynamically assign an Internet Protocol (IP) address to any device on a network so it can communicate. DHCP automates and centrally manages these configurations rather than requiring network administrators to assign IP addresses manually to all network devices. Small local networks and large enterprise networks can both implement DHCP.
DHCP assigns new IP addresses in each location when devices move to a new location on the network. This means network administrators don't have to manually configure each device with a valid IP address or reconfigure the device with a new IP address if it moves to a new location.
Versions of DHCP are available for IPv4 and IPv6. IPv6 became an industry standard in 2017 -- nearly 20 years after its specifications were first published. While the IPv6 adoption rate was initially slow, 48% of Google users made inquiries using IPv6 as of April 2025.
How DHCP works
DHCP runs at the application layer of the TCP/IP stack. It dynamically assigns IP addresses and allocates TCP/IP configuration information to DHCP clients. The configuration information includes the following:
DHCP is a client-server protocol. Servers manage a pool of unique IP addresses and information about client configuration parameters. The servers assign addresses from those address pools. DHCP-enabled clients send requests to the DHCP server when they connect to a network.
Clients configured with DHCP can broadcast requests for their local network's configuration information to the DHCP server. A client typically broadcasts this query immediately after booting up. The DHCP server responds to the client request by providing IP configuration information previously specified by a network administrator. This includes a specific IP address and a lease -- the time the allocation is valid.
A DHCP client requests the same parameters when it refreshes its address assignment. However, the DHCP server might assign a new IP address based on policies set by administrators. It's also possible to configure DHCP clients on an Ethernet interface.
A DHCP server manages a record of all the IP addresses it allocates to network nodes. The server identifies a relocated node using its media access control address. This prevents the accidental configuration of multiple devices with the same IP address. Configuring a DHCP server also requires the creation of a configuration file, which stores network information for clients.
DHCP is not a routable protocol. It's limited to a specific local area network, which means a single DHCP server per LAN is adequate. However, it might be beneficial to use two servers in case of a failover. Larger networks might have a wide area network (WAN) that contains multiple individual locations. Depending on the connections between these points and the number of clients per location, teams can set up multiple DHCP servers to handle address distribution. Users can work with a command line as they manage numerous DHCP servers or DHCP servers in a WAN. Users should recognize that starting, stopping and restarting can affect how the daemon runs.
If network administrators want a DHCP server to provide addressing to multiple subnets on a network, they must configure DHCP relay services located on interconnecting routers that DHCP requests must cross. These agents relay messages between DHCP clients and servers located on different subnets.
Components of DHCP
Numerous components make up DHCP:
- DHCP server. This is a network device -- typically either a server or router -- that runs on the DHCP service. The DHCP server holds IP addresses and related configuration information.
- DHCP client. This is a device, such as a computer or phone, that connects to a network and communicates with a DHCP server.
- DHCP relay. The relay manages requests between DHCP clients and servers. Typically, organizations use relays when they have large or complex networks.
Other components include the IP address pool, subnet, lease and DHCP communications protocol.
Static vs. dynamic DHCP leases
Static devices, such as web servers and switches, have permanent IP addresses. With dynamic DHCP, a client doesn't own the IP address assigned to it, but instead leases it for a period of time. Every time a device with a dynamic IP address powers on, it must communicate with the DHCP server to lease another IP address. Wireless devices are examples of clients assigned dynamic IP addresses when they connect to a network.
In a dynamic DHCP setup, a client might have to terminate its IP address before it can reconnect to the network with a different one. DHCP lease times vary depending on how long a user needs an internet connection at a particular location. Devices release their IP addresses when their lease expires. Then, if they're staying online, they request a renewal. The DHCP server might assign a new address rather than renew an old one.
The typical dynamic DHCP lease cycle is as follows:
- A client acquires an IP address lease by requesting one from the DHCP server.
- If a client already has an IP address from an existing lease, it must refresh its IP address when it reboots after being shut down and contact the DHCP server for an IP address reallocation.
- Once a lease is active, the client is bound to the lease and the address.
- When the lease expires, a client contacts the server that initially granted the lease to renew it so it can keep using the IP address.
- If a client moves to a different network, its dynamic IP address is terminated, and it requests a new IP address from the new network's DHCP server.
DHCP and IoT devices
Ordinary electronic devices can also use DHCP, including Request for Comments 8415 -- the draft version released in November 2018. Typically, when ordinary electronic devices use DHCP, their manufacturers want them to be part of the internet of things (IoT). DHCP connects devices, such as refrigerators and lawn sprinkler systems, to the internet using a Manufacturer Usage Description, suggested by the Internet Engineering Task Force.
DHCP security
The disadvantage of DHCP is that it's not inherently secure. If malicious actors access the DHCP server, they can wreak havoc. DHCP lacks any built-in mechanism that enables clients and servers to authenticate each other. Both are vulnerable to deception and to attack, where rogue clients can exhaust a DHCP server's IP address pool.
One key DHCP vulnerability is man-in-the-middle attacks. In an MitM attack, an attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other.
Multiple memory corruption vulnerabilities have also affected DHCP servers. In these attacks, bad actors target the Windows DHCP server. When successful, the attacks can lead to a full compromise of Microsoft Active Directory. One such vulnerability, patched by Microsoft, was CVE-2019-0725 Windows DHCP Server Remote Code Execution Vulnerability.
Also, if the DHCP server does not have a backup and the server fails, so do the devices it serves.
History of DHCP
DHCP is an extension of the 1985 Bootstrap Protocol (BOOTP), a network IP management protocol. DHCP is more advanced; its servers can handle BOOTP client requests if any BOOTP clients exist on a network segment.
Using one central BOOTP server to serve hosts on many IP subnets, BOOTP introduced the concept of a relay agent that enabled BOOTP packet forwarding across networks. However, BOOTP required a manual process to add configuration information for each client without providing a mechanism for reclaiming IP addresses no longer in use.
