Learn DHCP & DHCP DORA Process- Best Explanation

Today we are going to learn what DHCP is and how DHCP DORA process works in a computer network. DHCP full form Dynamic Host Configuration Protocol and it is used to assign TCP/IP (Transmission Control Protocol/Internet Protocol) settings to systems like computers dynamically if the automatic IP settings are enabled for them.

Suppose you boot up your laptop and connect to the internet. If you try to visit the website, you will not be able to connect to it until your laptop has an IP address. Like you cannot receive mail at your house without a delivery address. Similarly, your device too cannot download a web page without an IP address. That is, you cannot access the internet until your device has an IP address. So to make the internet accessible, an IP address needs to be assigned to your device by the network administrator. It can be done either manually or automatically.

If the network has only three laptops or hosts, the network administrator can go to every device and can set TCP IP settings manually on each host. However, if the number of hosts increases to 250, it would be practically difficult to configure TCP IP settings manually on each host. So instead of configuring 250 hosts, the network administrator configures one special host, which runs a service to lease IP addresses to all of the connected to 50 hosts. This special host is called a DHCP server.

Please note, our home router supports an embedded DHCP server. So when a laptop with automatic IP settings enabled, is connected to the internet, the laptop runs DHCP protocol. As a result, the DHCP server assigns an IP address to your laptop so that you can open without any issues. This process of obtaining an IP address from the DHCP server by the DHCP client is called the DHCP DORA process and involves the transmission of four DHCP messages, including Discover, Offer, Request and Acknowledgement. All of these 4 messages are Broadcasting messages.

The lease time is the duration till when a laptop can use the IP address which DHCP server has assigned to it. Once the lease time is over, the laptop has to request the DHCP server to renew its IP address. 

Note that the DHCP client is a service that runs in the background on our computers. We can see it in the task manager. DHCP client is incorporated in the operating systems and is also present in devices like network printers, Voice over IP phones, etc.

DHCP DORA Process-

  • Suppose we connect a computer to the internet at the time, it does not have an IP address. So the laptop or the DHCP client sends a discover message to the DHCP server. 
  • In response. The DHCP server sends an IP address in the offer message.
  •  DHCP client then asks the DHCP server to allocate the offered IP address with a request message. 
  • DHCP server then allocates the offered IP address to the DHCP client and sends an acknowledgment with acknowledgement message. On receiving the acknowledgement DHCP client configures the TCP IP settings in the operating system so that the laptop can access the internet. 

Now, before going into the details of the DHCP DORA process, it is essential to understand the format of the DHCP messages. DHCP message has a fixed length in the initial portion and a variable length tail portion.

Basic DHCP Message Format-

Operation Code-

It specifies whether the received message is a request or reply for request, it is set to one and for reply, it is set to two.

Hardware Type-

It denotes the type of hardware used for the local network. For Ethernet it is set to one.

Hardware address length-

specifies the length of hardware address or MAC address present in the message. For Ethernet, it is set to six.


 specify the number of relay agents or routers through which the message has traveled between the DHCP client and the DHCP server. DHCP client sets it to zero before transmission and is incremented at each relay agent.

Transaction ID-

It is a random 32 bit number generated by the DHCP client and is placed in the messages it sends a DHCP client then receives some reply from the DHCP server.
If they received a message that has the same transaction ID then it confirms that the received message is a reply of the message sent. So it is used to match replies with the requests.

Seconds field-

set by the client and represents the number of seconds elapsed since the DHCP process is started.


These are 16 bits in length. Out of 16 bit most 15 bits are reserved to zero and only one most significant bit called broadcast bit. It is used if the DHCP client does not know its IP address, or cannot process the incoming unicast ip datagrams. It tells the DHCP server to broadcast its reply.
In case of renewing the IP address, DHCP client knows its IP address and can accept unicast ip datagrams so it sets it to zero that is DHCP server reply with a unicast message. Unicast means that the message is received by the concerned device only, others do not receive it. 

Please note, Windows XP and Windows seven DHCP clients do not set the broadcast flag to one but Windows Vista clients too. So the broadcast flag can be either zero or one. Now client IP address. In case of renewing the IP address DHCP client knows its current IP address, so it fills this field with its current IP address. However, when the DHCP client is newly connected to the network, or in case of its initial IP configuration, it does not have any IP address. So it sets this field to zero. Your IP address is the field where the DHCP server fills the IP address that it offers to the DHCP client server IP address is the IP address of the next server to use in the bootstrap process. A DHCP server may return its own IP address in this field.

Gateway IP Address Field-

In gateway IP address field, the relay agent fills the IP address of the interface at which it receives the messages from the DHCP client. The relay agent is a router that passes messages between the DHCP server and the DHCP client present on different subnets. If the server and client both are present on the same subnet, this field remains zero.

Client hardware address-

It maintains the MAC address of the DHCP client. Server Name and file fields can be used to carry DHCP options. It is called option overloading.

Options Field-

which are variable in length in different manners and contain the information about message type, client identifier, server identifier, requested IP address, IP address, lease time, subnet mask, DNS server IP address etc.

  • Message type represents whether the message is discovered, offered, requested or acknowledged.
  • Client identifier usually contains the client’s MAC address server identifier is the IP address of the DHCP server.
  • Requested IP address field contains the IP address which DHCP server offers to the DHCP client. 
  • IP address lease time represents the time till when the client can use the offered IP address. For example, eight hours.
  • Subnet mask for example 
  • DNS server IP address which contains the IP address of the DNS server. 

DHCP DORA Process in Details:-

 Now, we can start with the DHCP DORA process in detail. Suppose your laptop is connected to a network switch, and the switch is further connected to a network router. The router is connected to the Internet Service Provider so it provides access to the internet. A router has multiple interfaces, and each interface has a different IP address. A group of hosts or computers connected to one interface forms one subnet. So a router can form multiple subnets and act as a middleman if data needs to be routed from one subnet to another subnet.

Now, to access the internet, your laptop needs an IP address and that is provided by the DHCP server DHCP server can be present within the same subnet or it can be present in some other subnet as well. 

Starting with the first case that is when the DHCP server is present in the same subnet. In this case, the gateway IP address field of the DHCP packet remains zero because the relay agent will not be involved in the DHCP conversation.

Suppose the automatic IP settings are enabled on your laptop. So as soon as your laptop is connected to the network, the DHCP client runs the DHCP protocol and creates a discover message to find the DHCP server. As the client initially does not have an IP address. So it sets the client IP address field to zero and sets the broadcast flag to one. This flag tells the DHCP server to broadcast its reply.

The transaction ID is filled with a random 32 bit number. Your IP address field and server IP address field is filled by the DHCP server. So the DHCP client sets it to zero.

The client hardware address is filled with the computer’s MAC address. In the options field, the message type is set to one highlighting it to be a discover message and the client identifier field is usually filled with the laptop’s MAC address. 

This DHCP discover message from the application layer is then placed in a UDP segment in the transport layer. The client uses UDP port 68 and server uses UDP port 67. So, the source port is set to 68 and the destination port is set to 67. Here DHCP server is the destination and your computer that is DHCP client is the source.

UDP segment is then placed in an IP datagram in the network layer with the source IP address as zero because the source that is DHCP client does not have any IP address and destination IP address as the broadcast IP address because the client does not know the IP address of the DHCP server. The IP datagram is then placed in an Ethernet frame in the data link layer with destination MAC address as broadcast MAC address and source MAC address as the computer’s MAC address.

Finally, the Ethernet frame is transmitted by the DHCP client in the network using physical layer media.

The switch receives the frame and checks the destination MAC address. says it is a broadcast MAC address, the switch transmits the frame to all of its ports. DHCP server is also connected to one of its ports. So, it receives the transmitted frame.

On receiving the transmitted Ethernet frame, the DHCP server extracts the IP datagram from it. The broadcast destination IP address indicates that the IP datagram should be handled by the upper layer protocols. So the UDP segment is extracted from it, which then provides the Discover message.

The DHCP server that picks up an IP address from the DHCP scope and fills it in the your IP address field of the offer message.

It sends the server identifier option with its IP address and packs it in the DHCP offer message with the same transaction ID as the one present in the received discover message. Same transaction ID tells the DHCP client that the message it received is the reply for the message it has transmitted.

The message type is set to two highlighting it to be an offer message IP address lease time subnet mask, gateway IP address and DNS server IP address details are added in the options field.

The offer message is then placed inside a UDP segment. Since the offer message goes from the server to the client, the source port is set to 67 and the destination port is set to 68. It is then forwarded to IP datagram and finally to the Ethernet frame as the source is a server and destination is the client. So the source IP address and the source MAC address are set to the server IP address and server MAC address and destination addresses are the broadcast ones.

Broadcast destination addresses are used because the broadcast flag of the Discover message was set to one by the DHCP client. The Ethernet frame then moves from the DHCP server to the DHCP client. DHCP clients decapitate the received frame along the TCP IP network layers till the offer message is received or dead in the network may contain more than one DHCP server. So the client’s discover message may be received by multiple DHCP servers. In such a case, the DHCP client can receive multiple offer messages. Typically a DHCP client accepts the offer which it receives first. However, if the client does not receive any offer in response to the Discover message, the client times out and retransmits the Discover message once the DHCP client has selected an offer, it creates a request message where it fills the server identifier option with the IP address of the selected DHCP server and the requested IP address option with the IP address received from the your IP address field of the offer message.

Laptops MAC address is maintained in that client identifier option. The message type is set to three highlighting it to be a request message. The message is then broadcasted within the same subnet.

As the message is going from the client to the server. So UDP source port is set to 68 and UDP destination port is set to 67. Source IP address and source MAC address is the client IP and MAC address. Destination IP and destination MAC address are the broadcast addresses.

Note that till now IP address is not confirmed for the DHCP client. That’s why the source IP address is set to zero in the IP packet.

A client selects only one offer message out of multiple received offer messages, so to notify the servers whose offers are rejected. The request message is broadcasted.

Server identify field which contains the IP address of the selected DHCP server, notify the other servers that they offer is rejected.

The rejected DHCP servers then return the offered IP address to their IP address pool so that they can be allocated to other clients. The selected DHCP server then forms an acknowledgement message with your IP address field set to the offered IP address. The rest of the information containing IP address lease time, subnet mask, default gateway and DNS server IP address are maintained in the options field. The message is then broadcasted. DHCP client receives the message the client MAC address maintained in the client hardware address field tells the client that it is the intended destination. 

Now, the DHCP server has acknowledged the TCP IP settings so the client can figure these settings in the operating system. Now, the computer has an IP address along with other TCP IP settings. So it is ready to open the web pages without any issues.

Moving to the second case, that is DHCP server is present in some other subnet. In such a case, the relay agent acts as a middleman between the DHCP client and the DHCP server discover message from the client is received by the relay agent as the relay agent knows the IP address of the DHCP server. So it unicast the received a message to the DHCP server and fills the gateway IP address field with the IP address of the interface at which the relay agent has received the message. gateway IP address gives information to the DHCP server about the subnet where the DHCP client is present.

The DHCP server then reply with the unicast offer message to the relay agent. With an  offered IP address based on the subnet information. The router that broadcasts the reply within the subnet. DHCP client receives the offer message and then broadcasts the request message requesting to allocate the offered IP address. Router again unicast this message to the DHCP server. The server unicast acknowledgement message to the router, the router that broadcasts it within the subnet. DHCP client on receiving the acknowledgement message configures the TCP IP settings and becomes ready to load the web pages.

So to obtain the initial IP configuration settings, “Discover”, “Offer”, “Request” and “Acknowledgement” messages are triggered.


However, if the DHCP server finds that the IP address requested in the request message has been allocated to some other client or the client has moved to some other subnet. The server replies with a negative acknowledgement message. The client then restarts the IP configuration process if the client has an IP address and does not need it anymore.

For example, in case of graceful shutdown, or client has moved to some other subnet, the client triggers a release message to the DHCP server to release the IP address and cancel the remaining lease after receiving the acknowledgement message. 

If the client finds that the acknowledged IP address is already assigned to some other client, by using address resolution protocol(ARP), the client triggers a decline message and restarts the IP configuration process. 

If TCP IP settings are manually configured on a host and the host needs some additional configuration parameters, the host triggers a DHCP inform message to the DHCP server. The server provides the information with an acknowledgement message but this acknowledgement message contains an empty IP address field because the client already has a manually configured IP address. 

Therefore, a total of eight DHCP messages are involved in that DHCP DORA process. These are the messages which help your device to fulfill all the prerequisites needed to connect to the internet and comes under Dynamic Host Configuration Protocol process.

If you have learned something from this article then please share your feedback.


1 thought on “Learn DHCP & DHCP DORA Process- Best Explanation”

Leave a Comment


Enjoy this blog? Please spread the word :)