DHCP Relay Agent – Windows Server 2003

DHCP – Relay Agent for Windows Server 2003

Instead of deploying a DHCP server on every subnet, discover how to install and configure a DHCP relay agent.  By far the hardest part of mastering the DHCP relay agent is installing it.  Once you have found the relay agent, configuring it to listen for DHCPDiscover packets, is the proverbial piece of cake.

Tutorial for DHCP Relay Agent


DHCP Relay Agent – Concept

DHCPDiscover packets, like all broadcasts, cannot pass across routers.  In fact that was a lie, if you have a modern Router which is RFC 1542 compliant, then you can forward the DHCPDiscover packets to a DHCP server in a different subnet.  In this instance, the Router acts as a Relay Agent.

Relay Agent – Installation DHCP Relay Agent Configuraton Routing and Remote Access

It is rare for Microsoft to remove functionality, but while NT 4.0 Workstations could act as DHCP Relay agents, XP and W2K Pro cannot.  So you need to install the relay agent on a Windows Server 2003. 

What is not obvious is where you find the relay agent, the answer is in Routing and Remote Access.  When you think about it, the relay agent is a type of router, hence the RRAS location to install and configure the DHCP Relay agent makes sense.

As I say once you find and install the Relay Agent, configuring is easy, all you need to do is tell the router or DHCP relay agent the IP address of the real DHCP servers.  Just right-click the DHCP Relay Agent, and then select properties from the shortcut menu.

Trap: you forget to add an interface.  See that ‘ISP’ interface in the screen shot is Enabled.  See policy for relay agent in DHCP server 2012.

Relay Agent – In Action

Let us turn this tutorial to see how the Relay Agent works.  What happens is the Relay agent intercepts DHCPDiscover packets from clients and then unicasts to the DHCP on their behalf.  The secret of successful relaying is to create the appropriate scope on the DHCP server.  The first time it worked I thought that it was a miracle that the client got the correct IP address.  On reflection, I realized that the Relay Agent adds the Source IP address when it contacts DHCP.  So now I understand how the server knows, from its list of scopes, which subnet to offer an IP address.

Guy Recommends: SolarWinds Network Topology Mapper (NTM)SolarWinds Network Topology Mapper

NTM will produce a neat diagram of your network topology.  But that’s just the start;Network Topology Mapper can create an inventory of the hardware and software of your machines and network devices.  Other neat features include dynamic update for when you add new devices to your network.  I also love the ability to export the diagrams to Microsoft Visio.

Finally, Guy bets that if you test drive the Network Topology Mapper then you will find a device on your network that you had forgotten about, or someone else installed without you realizing!

Download your 14 day free trial ofSolarWinds Network Topology Mapper

Hop Count

How many routers lie between your client and its DHCP server?  Each router would represent 1 hop, so calculate the maximum hop count that you need and configure the Relay Agent accordingly.  From the Routing and Remote Access interface, navigate to the IP Routing, DHCP Relay Agent, right-click the Interface, not the server, and check the  Hop Count threshold.

Boot Threshold

The boot threshold setting is for the cautious (or paranoid).  Such people would have a DHCP server AND a Relay Agent on the SAME subnet.  In these circumstances, you should consider how long the Relay Agent should wait for the main DHCP server to respond.  To do this adjust the Boot threshold.

Conflict Detection DHCP Conflict Detection Server Ping

Where you have relay agents, especially if you configure more than one, there is a possibility of duplicate IP addresses.  The conflict detection feature means that the DHCP server checks by pinging the proposed address lease before actually issuing it.  Naturally, if the server receives a reply that IP address is not offered.

Conflict Detection is a property of the DHCP server as a whole and not of individual scopes.  To set the threshold, right-click the server icon, properties, then Advanced (Tab).


If all else fails, then clients give themselves an Automatic IP address in the range 169.254.x.y where x and y are two random numbers between 1 and 254.

Whilst APIPA is a sign of failure, the fact that the client has a valid IP address means that it can keep on polling to see if a DHCP server has come back online.  In NT 4.0 days, a client would end up with a address if there were no DHCP server, and then you needed to reboot to obtain a valid IP address.

Summary and Challenges.

When you set up a relay agent there are a number of other factors to consider, check your, Hop Count, Boot Threshold, and conflict Detection.  My tutorial compares the difficulty of installation with ease of configuring.


If you like this page then please share it with your friends


Related DHCP Server topics