DHCP Explained

DHCP (Dynamic Host Configuration Protocol)

To connect to a network and the internet, every device needs an IP address. Imagine a network administrator working at a massive university having to manually type a unique IP address into 10,000 different student laptops. It would be impossible.

DHCP solves this problem. It is a network management protocol that automatically and dynamically assigns IP addresses and network configuration parameters to devices the moment they connect to a network.

How DHCP Works: The D.O.R.A. Process

When you connect your phone to a new Wi-Fi network, it goes through a 4-step invisible conversation with the DHCP server known as DORA:

1. Discover: Your phone shouts out a broadcast message to the entire network: "Are there any DHCP servers out there? I need an IP address!"
2. Offer: The DHCP server hears the shout, checks its pool of available IP addresses, and replies: "Yes, I am here! I can offer you the IP address 192.168.1.50."
3. Request: Your phone formally replies to the server: "Great! I formally request to lease the IP address 192.168.1.50."
4. Acknowledge (ACK): The server officially logs the assignment and replies: "Acknowledged. That IP is yours to use for the next 24 hours."

Static vs. Dynamic IPs

• Dynamic IP (DHCP): The IP address is temporarily "leased" to the device. If the device leaves the network, the IP address goes back into the pool to be given to someone else later. This saves huge amounts of IP addresses.
• Static IP: The administrator manually assigns a permanent IP address to a device that never changes. This is typically reserved for critical servers, printers, or network hardware that other devices always need to find at the exact same address.

Security Risks of DHCP

Because DHCP requests are broadcasted openly, attackers can perform DHCP Spoofing. An attacker sets up a fake ("Rogue") DHCP server on the network. When your phone asks for an IP, the fake server replies first, giving your phone a valid IP but secretly altering the routing info. All your traffic is then routed directly through the hacker's computer (a classic Man-in-the-Middle attack).

DHCP Scopes and IP Conflicts

When a network administrator sets up a DHCP server, they define a Scope. A scope is simply the specific range of IP addresses the server is allowed to hand out (e.g., from 192.168.1.100 to 192.168.1.200).

What Causes an IP Conflict?

An IP conflict occurs when two devices on the same network are accidentally using the exact same IP address. This completely breaks network connectivity for both devices. This usually happens due to poor configuration:

1. An administrator manually assigns a Static IP (e.g., 192.168.1.150) to a printer.
2. However, they forgot to remove .150 from the DHCP server's scope pool.
3. Later, an employee's laptop connects. The DHCP server happily offers the laptop .150.
4. Now both the printer and the laptop have the exact same address, causing a massive traffic collision.