Loading learning content...
When you connect a device to a network, something remarkable happens in milliseconds: without any human intervention, your device negotiates with a server it has never communicated with before, obtains a unique network address, and configures itself to participate in network communication.
This negotiation follows a precise four-message protocol known as DORA: Discover, Offer, Request, Acknowledge.
DORA represents one of the most elegant solutions in network protocol design—solving the bootstrap problem (how does a device without an address communicate to get an address?) while handling multiple servers, client preferences, and failure recovery gracefully.
Understanding DORA isn't just academic. Network engineers troubleshoot DHCP issues constantly—devices failing to get addresses, lease storms, slow network joins—and all these problems trace back to understanding what happens (or fails to happen) during the DORA exchange.
By the end of this page, you will understand each message of the DORA process in detail: its purpose, packet structure, timing considerations, and failure modes. You'll also learn how lease renewal works and why it's designed as an optimization over repeating the full DORA process.
The DORA process enables a client without any IP configuration to obtain a valid address from a server. The four messages work as a two-phase commit: the first two messages (Discover/Offer) locate available servers and collect offers; the second two messages (Request/Acknowledge) finalize the selection and confirm the assignment.
Why Four Messages Instead of Two?
A simpler protocol might have the client broadcast a request and the server respond with an address. Two messages, done. But this simpler approach fails in real networks:
The four-message exchange handles all these scenarios elegantly.
| Message | Direction | Transport | Purpose |
|---|---|---|---|
| DISCOVER | Client → All Servers | Broadcast (255.255.255.255) | Client announces need for address; solicits offers |
| OFFER | Server → Client | Unicast or Broadcast | Server proposes an address and configuration parameters |
| REQUEST | Client → All Servers | Broadcast | Client accepts specific offer; notifies all servers of choice |
| ACK | Server → Client | Unicast or Broadcast | Server confirms assignment; client can now use the address |
The REQUEST message is broadcast—not unicast to the selected server—so that ALL servers on the network learn which offer was accepted. Servers whose offers were not selected can release those addresses back to their pools. This prevents address exhaustion from unaccepted offers.
The DHCP Discover message is the client's announcement that it needs network configuration. Since the client has no IP address, it cannot send unicast traffic—it must broadcast to reach any DHCP server on the local network.
The Bootstrap Problem:
DHCP Discover elegantly solves the network bootstrap problem:
The solution: broadcast at Layer 2. The client sends an Ethernet frame to the broadcast MAC address (FF:FF:FF:FF:FF:FF), containing a UDP packet from 0.0.0.0:68 to 255.255.255.255:67. Every device on the Layer 2 network receives this frame, and any DHCP server processes it.
| Layer | Field | Value | Explanation |
|---|---|---|---|
| Ethernet | Destination MAC | FF:FF:FF:FF:FF:FF | Broadcast to all devices |
| Ethernet | Source MAC | Client's MAC | Client's hardware address (e.g., AA:BB:CC:DD:EE:FF) |
| IP | Source IP | 0.0.0.0 | Client has no IP yet |
| IP | Destination IP | 255.255.255.255 | Limited broadcast (all hosts on local network) |
| UDP | Source Port | 68 | DHCP client port |
| UDP | Destination Port | 67 | DHCP server port |
| DHCP | Op | 1 (BOOTREQUEST) | This is a client-to-server message |
| DHCP | xid | Random 32-bit | Transaction ID to match responses |
Key DHCP Discover Options:
DHCP messages include an options field that carries additional parameters. Important Discover options include:
Timing Considerations:
If no Offer is received within a timeout period (typically 1-4 seconds), the client retransmits the Discover. Retransmission uses exponential backoff with randomization to prevent synchronized broadcast storms when many clients start simultaneously (as might happen after a power restoration).
1234567891011121314151617181920212223242526272829303132333435
DHCP Message Structure (Discover)================================== 0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| op (1) | htype (1) | hlen (6) | hops (0) |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| xid |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| secs | flags |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| ciaddr (0.0.0.0) |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| yiaddr (0.0.0.0) |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| siaddr (0.0.0.0) |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| giaddr (0.0.0.0) |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| chaddr (client hardware address - 16 bytes) || ... |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| sname (server name - 64 bytes, empty) || ... |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| file (boot file - 128 bytes, empty) || ... |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| options (variable length) || Magic Cookie: 99.130.83.99 (0x63825363) || Option 53: DHCP Message Type = 1 (Discover) || Option 55: Parameter Request List (1,3,6,15,...) || Option 255: End |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+Upon receiving a valid Discover, a DHCP server responds with an Offer message proposing an IP address and configuration parameters. The server selects an address from its available pool (or uses a reservation if one exists for the client's MAC address).
Address Selection Process:
Offer Message Characteristics:
| Field | Value | Purpose |
|---|---|---|
| yiaddr (your IP address) | Proposed client IP | The IP address being offered (e.g., 192.168.1.100) |
| siaddr (server IP address) | DHCP server IP | Identifies which server is making the offer |
| Option 54 (Server Identifier) | DHCP server IP | Used by client in subsequent Request |
| Option 51 (Lease Time) | Seconds | How long the address is valid (e.g., 86400 = 24 hours) |
| Option 1 (Subnet Mask) | Mask value | Network mask (e.g., 255.255.255.0) |
| Option 3 (Router) | Gateway IP | Default gateway address |
| Option 6 (DNS Servers) | DNS IP list | Name server addresses |
Broadcast vs Unicast Response:
The Offer can be sent as broadcast or unicast:
Server Competition:
When multiple DHCP servers exist, each responds independently with its own Offer. The client collects offers (typically waiting a short period for additional offers to arrive) and then selects one based on:
The client's selection is communicated via the Request broadcast, ensuring all servers know the outcome.
Some DHCP servers perform conflict detection before offering an address by sending an ICMP Echo Request (ping) to the proposed address. If a response is received, the address is in use (possibly statically configured), and the server marks it as unavailable and selects a different address. This adds latency but prevents conflicts.
After receiving one or more Offers, the client broadcasts a DHCP Request to accept a specific offer. This message serves multiple crucial purposes in the DORA process.
Why the Request is Essential:
Request Message Contents:
The Request message includes critical information to identify both the accepted offer and the accepting client:
Why Broadcast?
The DHCP Request is broadcast even though the client knows the server's address. This broadcast serves as an implicit DHCPDECLINE to all other servers: by including the Server Identifier of the accepted server, other servers know their offers were not selected and can release those addresses back to their pools.
Without this broadcast, rejected servers would hold addresses in a pending state until an offer timeout, reducing pool efficiency.
SELECTING: Client is responding to received Offers during initial address acquisition.
Characteristics:
Server Processing:
Example Scenario:
Client receives offers from Server A (192.168.1.100) and Server B (192.168.1.150)
Client broadcasts REQUEST with:
- Server Identifier = Server A's IP
- Requested IP = 192.168.1.100
Server A: Receives matching request → sends ACK
Server B: Sees different server identifier → releases 192.168.1.150 to pool
The DHCP Acknowledgment (ACK) is the final message of the DORA process, confirming that the requested address is now assigned to the client. Upon receiving the ACK, the client performs final validation and then configures its network interface.
ACK Message Contents:
The ACK includes all the configuration parameters the client needs:
Client Post-ACK Behavior:
After receiving the ACK, the client performs several validation and configuration steps:
Conflict Detection (ARP Probe):
Interface Configuration:
Lease Recording:
Gratuitous ARP (Optional):
Instead of ACK, the server may send a DHCP NAK (Negative Acknowledgment) if: (1) the requested address is no longer available, (2) the client moved to a different subnet, (3) the server's configuration changed, or (4) the lease expired during the transaction. Upon receiving NAK, the client must abandon any cached address and restart DORA from the Discover phase.
A DHCP lease is not a one-time assignment—it's a contract with a lifecycle. Understanding the lease timers is essential for designing reliable DHCP infrastructure and troubleshooting lease-related issues.
The Three Lease Timers:
| Timer | Default Value | Trigger | Action |
|---|---|---|---|
| Lease Time | Configured (e.g., 86400s = 24 hours) | Lease granted | Total duration client can use address |
| T1 (Renewal) | 50% of lease (Option 58) | Halfway through lease | Begin unicast renewal to original server |
| T2 (Rebinding) | 87.5% of lease (Option 59) | Renewal failed | Begin broadcast renewal to any server |
Timer Calculation Example:
For a 24-hour (86400 second) lease:
| Event | Time | What Happens |
|---|---|---|
| Lease Start | 0h | Client receives ACK, uses address |
| T1 | 12h | Client unicasts REQUEST to original server |
| Renewal Success | 12h | T1 and T2 reset; new 24h lease from now |
| T1 (if failed) | 12h | Request unanswered, retry with backoff |
| T2 | 21h | Switch to broadcast REQUEST (any server) |
| Rebind Success | 21h | New server takes over lease, timers reset |
| Lease Expiration | 24h | Address becomes invalid; restart DORA |
The Renewal Optimization:
Renewal (at T1) attempts unicast to the original server because:
Rebinding (at T2) uses broadcast because:
Choose lease duration based on network dynamics: Short leases (1-4 hours) for high-turnover environments like cafés or conferences; medium leases (8-24 hours) for offices; long leases (days/weeks) for stable infrastructure. Remember: T1 fires at 50%, so even a 24-hour lease causes renewal traffic every 12 hours.
The DORA process includes robust error handling mechanisms for various failure scenarios. Understanding these mechanisms is essential for troubleshooting.
DHCP Decline:
When a client receives an ACK but detects that the assigned address is already in use (via ARP probe), it sends a DHCPDECLINE message:
DHCP Release:
Clients can proactively release their address before lease expiration by sending a DHCPRELEASE:
ipconfig /release on Windows)When debugging DHCP issues, capture traffic on both client and server (or relay agent). Look for: DISCOVER without OFFER (server not receiving or responding), OFFER without REQUEST (client not receiving offers or selecting different server), REQUEST without ACK (server rejecting request). The xid field correlates messages in the same transaction.
We've completed a deep examination of the DORA process—the fundamental message exchange that enables automatic network configuration. Let's consolidate the key takeaways:
What's Next:
With the DORA process understood, the next page explores DHCP message types and options in greater detail—the extensible mechanism that allows DHCP to deliver not just addresses but dozens of configuration parameters including DNS, NTP, TFTP boot servers, and vendor-specific options.
You now understand the DORA process that powers billions of network connections worldwide. This knowledge enables you to troubleshoot DHCP issues systematically, design resilient DHCP infrastructure, and understand how devices bootstrap their network configuration automatically.