How to troubleshoot DHCP issues

Common DHCP server configurations

To begin, administrators must understand their DHCP infrastructure. There are two basic DHCP server deployments:

1. Centralized DHCP servers and relay agents in enterprise networks on different network segments from clients.
2. A DHCP server in smaller environments on the same network segments as clients.

Centralized DHCP servers and relay agents in an enterprise network

Clients broadcast a DHCP Request when they need an IP address. Network devices, such as routers, often block broadcast communications. However, it's possible to configure RFC 1542-compliant routers and servers as DHCP relay agents.

Relay agents forward requests to the enterprise DHCP server across network segments. Take care to ensure relay agents are properly configured. Client devices don't obtain a valid address from a DHCP server on a remote segment from misconfigured relay agents.

DHCP server on a local network device

The second type of DHCP configuration is common on small remote branches or in-home networks. The DHCP server runs on a local network device, such as a wireless router, that connects the site to the internet. Home networks often use this design.

This configuration is advantageous because the DHCP server is local to the site and continues to function even if enterprise network connectivity fails. Users at these locations retain IP address settings for access to the internet, network servers and cloud-based SaaS applications.

However, this might strain the server's scope. DHCP servers host one or more scopes. A DHCP scope is a pool of IP addresses and related settings, such as a subnet mask or default gateway, that the server can offer to clients. A local DHCP server might only have 50 or 100 addresses available. The large number of internet-connected devices, such as desktops, laptops, phones, tablets and IoT devices, can easily cause the server's scope to run out of addresses.

The DHCP lease generation process

Understanding the DHCP lease generation process client devices use to acquire an IP address configuration from the DHCP server is critical. The process consists of the following four steps, initiated by the client:

1. DHCP Discover. The client broadcasts a query to find a DHCP server.
2. DHCP Offer. The DHCP server broadcasts an IP address configuration offer.
3. DHCP Request. The client broadcasts a formal request for the offered IP address configuration.
4. DHCP Acknowledge. The DHCP server acknowledges the request, and the client uses the configuration.

How to diagnose DHCP errors

Configuring user devices as DHCP clients varies by device type. The network administrator should have instructions for the specific device. This article assumes the wired or wireless network connection is good and the problem is DHCP-specific.

Begin troubleshooting DHCP problems on the client device. The first step in diagnosing DHCP is to examine the device's IP address and network settings. Sometimes, the problem stems from an incorrect IP address configuration. Verify it uses DHCP and not a manually configured static IP address.

If the device is configured for DHCP and has an IP address, check settings such as the address, subnet mask, default router and DNS servers against the expected configurations for that network segment. Use commands like ifconfig (macOS), ipconfig (Windows) and ip addr (Linux) to display IP address settings.

If a device can't lease an IP address via DHCP, it uses one via Automatic Private IP Addressing (APIPA) from the address range 169.254.x.y, as shown below.

Clients with an APIPA address are strong indicators of DHCP problems. The following issues cause DHCP errors and compel a device to use a self-assigned IP address:

• The DHCP server failed.
• The DHCP server leased all available addresses.
• The network to the server failed.
• There is a misconfigured DHCP relay agent.
• MAC address filtering is enabled, and the new device isn't included in the server's configuration. This feature only leases IP addresses from the DHCP server to specified MAC addresses.

Common DHCP errors and how to fix them

The following are some of the most common DHCP errors:

1. No assigned address.
2. Assigned address but no connectivity.
3. Address is valid but missing DHCP options.

Error 1. No assigned address

The following are the most common reasons a client doesn't have an assigned IP address. Verify the following items to diagnose the problem:

• DHCP server failure. Ensure the DHCP server is functional. Check log files, and restart the service if necessary.
• No available addresses. To ensure the DHCP server has available addresses, check the service's statistics.
• Network failure. Check network connectivity between the client and DHCP server functions correctly.

If other devices on the subnet receive or renew their addresses, the server and the network function properly. If this is the case, verify that the DHCP server's scope still has addresses available.

Also, check for a network problem in the location to which the failing device connects. Misconfigured switch ports or a disconnected switch from the subnet might cause issues. If the device is portable, move it to a better network connection, and try to get a DHCP address. If this fails, something in the device configuration itself is incorrect, not the network or the DHCP server.

If the devices don't work correctly in a new installation, investigate network configuration mistakes. These mistakes prevent DHCP relay agents from passing DHCP traffic. Also, confirm that MAC address filtering is correct if used.

The most challenging step is checking network connectivity because many issues can cause a failure. Start troubleshooting by assigning a static address to one device. Use that device to verify basic network connectivity to the DHCP server with ping and traceroute. If that works, verify that network devices can relay DHCP packets and there aren't any blocking firewall rules. Look for simple things, such as typographical mistakes in addresses.

Some malware creates DoS attacks by consuming all DHCP addresses. Each request uses a different MAC address, so examine the switch forwarding table. This process leads to the port that has the most MAC addresses, and you can identify the infected device.

Error 2. Assigned address but no connectivity

What if DHCP servers assign an address, but the device can't communicate with other devices? The following reasons could cause this issue:

• Conflicting addresses. An IP address might conflict with another device using the same address.
• Misconfigured DHCP scope. Misconfigured scopes might lease incorrect IP addresses.
• Rogue DHCP server. Rogue servers can hand out duplicate addresses or addresses outside the business's address range.

To find conflicting IP addresses, identify the MAC address of the devices using the same IP address. Next, find the switch ports connecting each device. A good network management system helps with this process. One of the devices likely has a manually assigned address from the DHCP address range. A best practice is to use separate address ranges for devices with static addresses.

Reserved IP addresses on DHCP provide consistent settings to specific clients. Windows DHCP services include a feature to identify duplicate IP addresses before leasing them to clients.

Rogue DHCP servers are unauthorized DHCP servers that hand out addresses. These might be malicious wireless access points, unofficial wireless access points or even VMs configured as DHCP servers. Rogue DHCP servers offer addresses from the same or a different address range. Conduct network sleuthing with packet capture tools to identify rogue server locations. Then, remove the rogue server from the network or disable DHCP on it.

Some network equipment vendors provide DHCP snooping tools to detect rogue DHCP servers. They might help identify and remove unauthorized DHCP servers.

Error 3. Address is valid but missing DHCP options

Sometimes, clients might have a valid address, but the DHCP options aren't configured correctly. Many services, such as VoIP phones, need multiple DHCP options set up. DHCP options provide additional information to the endpoint for the following:

• Default gateways (option 3).
• DNS requests (option 6).
• Identifying Trivial FTP servers from which to download a device configuration (option 66).

The troubleshooting steps typically focus on confirming the DHCP scope contains the proper options. Watch for typographical errors or out-of-date settings.

DHCP troubleshooting guide

As with all network troubleshooting, a methodical approach works best. Gather facts, confirm settings and perform tests to verify if a component works. Sometimes, it's necessary to use packet captures to check that DHCP exchanges happen correctly or to identify rogue DHCP servers.

Use this quick DHCP troubleshooting guide to identify common errors and their causes.

Editor's note: This article was originally written by Terry Slattery and expanded by Damon Garn.

Terry Slattery is an independent consultant who specializes in network management and network automation. He founded Netcordia and invented NetMRI, a network analysis appliance that provides visibility into the issues and complexity of modern router- and switch-based IP networks.

Damon Garn owns Cogspinner Coaction and provides freelance IT writing and editing services. He has written multiple CompTIA study guides, including the Linux+, Cloud Essentials+ and Server+ guides, and contributes extensively to TechTarget Editorial, The New Stack and CompTIA Blogs.