DHCP with the WLC

To get a brief overview about DHCP process in Wired Infrastructure, please see my previous post: DHCP Basics
In this post we will see the different DHCP operation on Cisco Wireless LAN Controller.
As we all know that we can use External or internal DHCP server for wireless clients via Cisco WLC.

Topology Diagram:


So first we will go through the configuration and functionality of external DHCP server for a WLAN.

External DHCP Server:

WLC can support two modes in case of External DHCP server.

  1. DHCP proxy
  2. DHCP Bridging

DHCP Proxy Mode:

To use the controller as a DHCP proxy, the DHCP proxy feature must be enabled on the controller. By default, this feature is enabled.

DHCP server must be configured on each WLC interface that requires DHCP services. A DHCP server can be configured on the management interface, AP-manager interface, and on dynamic interfaces.


To enable DHCP proxy and DHCP server configuration WLC interface:

Via GUI:

Enable DHCP Proxy


Enter DHCP IP for WLC Interface: (It just an example)

DHCP on Interface

Via CLI:

Enable DHCP Proxy

(WLC1) >config dhcp proxy enable
 (WLC1) >show dhcp proxy
 DHCP Proxy Behavior: enabled

Configure DHCP server IP on WLC Interface:


(WLC1) >config interface dhcp dynamic-interface <interface-name> primary <primary-server> secondary <secondary-server>
 (WLC1) >config interface dhcp dynamic-interface guest primary secondary
  • The DHCP proxy mode serves as a DHCP helper function to achieve better security and control over DHCP transaction between the DHCP server and the wireless clients.
  • In this mode Controller virtual IP address ( or depends on …what we have) as source IP address for all DHCP process for client means we will not see the exact DHCP server IP address in our packet capture.
  • When multiple offers are coming from external DHCP servers, the DHCP proxy normally selects the first one that comes in and sets the IP address of the server in the client data structure. As a result, all following transactions go through the same DHCP server until a transaction fails after retries. At this point, the proxy selects a different DHCP server for the client.
  • DHCP proxy is enabled by default. All controllers that will communicate must have the same DHCP proxy setting.
  • In this DHCP proxy mode, it is not only directing DHCP packets to the DHCP server, it is actually building new DHCP packets to forward to the DHCP server. All DHCP options which are present in the client’s DHCP packets are copied in the controller’s DHCP packets.

Packet flow:

  1. Client boots up and send DHCP Discover on all subnet broadcast.
  2. WLC unicast this packet to DHCP server(as configured on WLC interface)
  3. DHCP server send DHCP offer to WLC.
  4. WLC unicast DHCP offer to Client with source address as WLC virtual IP address.
  5. Client send DHCP request to WLC on Virtual address because Client think that this virtual IP is DHCP server address
  6. WLC unicast DHCP request to DHCP server which returned the first offer to the client.
  7. DHCP server send ACK to WLC
  8. WLC unicast ACK from virtual IP to the client.

Let see the packet capture from Client side:

DHCP Discover Packet:

ExtDHCPDiscover is the WLC Virtual Interface IP address
10.xx.xx.13 is the Client IP address.

DHCP Offer:


DHCP Request:





DHCP Bridge Mode

DHCP bridging mode provides an option to make controller’s role in DHCP transaction entirely transparent to the wireless clients.


To enable the DHCP bridging functionality on the controller, we must disable the DHCP proxy feature on the controller.

Via GUI:


Via CLI:

(WLC1) >config dhcp proxy disable
 (WLC1) >show dhcp proxy
 DHCP Proxy Behaviour: disabled

Packet Flow:

  1. Client send DHCP Discover on all subnet broadcast which is bridged by controller
  2. DHCP server send DHCP offer to Client
  3. Client send DHCP request to all subnet
  4. DHCP server send ACK to client in unicast packet

Let see the packet capture from Client Side:

DHCP Discover:


DHCP Offer:


10.xx.xx.254 is the Router Gateway IP address
10.xx.xx.13 is the client IP address
10.xx.xx.1 is the DHCP server IP address

DHCP Request:




Internal DHCP Server:

Internal DHCP is used for small office where external DHCP server is not possible to use.

Cisco recommend to use internal DHCP with less than 10 AP in network, if we have more AP then 10 then better to use external DCHP.

Internal DHCP provide IP to WLAN clients, directly connected APs.

Internal DHCP Server Configuration:

We must enable DHCP proxy on the controller to allow the internal DHCP server to function.

Via GUI:


Via CLI:

Enable DHCP Proxy

(WLC1) >config dhcp proxy enable
 (WLC1) >show dhcp proxy
 DHCP Proxy Behavior: enabled

*** For internal DHCP we must create a DHCP scope for specific interface and put the WLC management IP in interface primary DHCP server configuration box or Point DHCP override to the management interface IP address of our controller under WLAN > edit

How to Create DHCP Scope: Login to WLC GUI then goes to Controller >Internal DHCP Server >DHCP Scope > New

DHCP Scope

Assign DHCP Server :

On Dynamic Interface:

See the 2nd Pic of the post.

DHCP override to the management interface IP per WLAN.

DHCP Override

Packet Flow:

  1. Client send DHCP discover on all subnet as broadcast
  2. WLC forward the DHCP discover via DHCP proxy to internal DHCP server ip address(Management interface IP of WLC)
  3. Internal DHCP server send DHCP offer to WLC proxy agent.
  4. WLC send unicast DHCP offer to client with source address of WLC management Interface IP.
  5. Client send DHCP request to WLC on management interface IP.
  6. WLC send unicast DHCP request to internal server via DHCP proxy
  7. Internal DHCP server sends DHCP ACK to DHCP proxy.
  8. WLC send unicast DHCP ACK to client

Just small Info in short to remember: Many guys like me have confusion between these two words:

A DHCP proxy server has a fully-functional DHCP client and DHCP server implementation in it. The client part requests addresses from another DHCP server and stores them in an internal address pool while the server part listens to DHCP requests from clients and uses this internal pool to lease the addresses.(like: Internal DHCP server)

A DHCP relay agent listens to the broadcast DHCP requests from clients and forward them to another DHCP server (usually per unicast).

*** In both DHCP relay and DHCP proxy cases the clients will never see the real DHCP server but rather will consider the intermediate element as their DHCP server.

Let’s see the packet capture from Client side:

DHCP Discover:


DHCP Offer:


DHCP Request:




10.xx.xx.26 is the client IP address.
10.xx.xx.254 is the Router Gateway IP address.



DHCP Basics

In this post we will learn about DHCP protocol messages and its functionality.

DHCP stands for Dynamic Host Configuration Protocol. DHCP provides an automated way to distribute and update IP addresses and other configuration information on a network. A DHCP server provides this information to a DHCP client through the exchange of a series of messages, known as the DHCP conversation or the DHCP transaction. If the DHCP server and DHCP clients are located on different subnets, a DHCP relay agent is used to facilitate the conversation.

Before going to the process through which DHCP achieves its goal, we first have to understand the different messages that are used in the process.


It is a DHCP message that marks the beginning of a DHCP interaction between client and server. This message is sent by a client that is connected to a local subnet. It’s a broadcast message that uses as destination IP address while the source IP address is


It is DHCP message that is sent in response to DHCPDISCOVER by a DHCP server to DHCP client. This message contains the network configuration settings for the client that sent the DHCPDISCOVER message.


This DHCP message is sent in response to DHCPOFFER indicating that the client has accepted the network configuration sent in DHCPOFFER message from the server.


This message is sent by the DHCP server in response to DHCPREQUEST received from the client. This message marks the end of the process that started with DHCPDISCOVER. The DHCPACK message is nothing but an acknowledgement by the DHCP server that authorizes the DHCP client to start using the network configuration it received from the DHCP server earlier.


This message is the exact opposite to DHCPACK described above. This message is sent by the DHCP server when it is not able to satisfy the DHCPREQUEST message from the client.


This message is sent from the DHCP client to the server in case the client finds that the IP address assigned by DHCP server is already in use.


This message is sent from the DHCP client in case the IP address is statically configured on the client and only other network settings or configurations are desired to be dynamically acquired from DHCP server.


This message is sent by the DHCP client in case it wants to terminate the lease of network address it has to be provided by DHCP server.


DHCP for process

Let’s check how DHCP works in wired environment with the help of Wire-Shark Packets:


As per the Wire-Shark output, we can see that 4 steps (4 types of packets) are there, called D.O.R.A (Discover, Offer, Request, ACK) process.

Let’s go in to deep….

Step 1: When the client computer boots up or is connected to a network, a DHCPDISCOVER message is sent from the client to the server. As there is no network configuration information on the client so the message is sent with as source address and as destination address. If the DHCP server is on local subnet then it directly receives the message or in case it is on different subnet then a relay agent connected on client’s subnet is used to pass on the request to DHCP server. The transport protocol used for this message is UDP and the port number used is 67. The client enters the initializing stage during this step.


Step2: When the DHCP server receives the DHCPDISCOVER request message then it replies with a DHCPOFFER message. This message contains all the network configuration settings required by the client. This message is sent as a broadcast ( message for the client to receive it directly or if DHCP server is in different subnet then this message is sent to the relay agent that takes care of whether the message is to be passed as unicast or broadcast. In this case also, UDP protocol is used at the transport layer with destination port as 68. The client enters selecting stage during this step.(In this I have Client on same subnet as DHCP server so it will not send to any the relay agent)


Step3: The client forms a DHCPREQUEST message in reply to DHCPOFFER message and sends it to the server indicating it wants to accept the network configuration sent in the DHCPOFFER message. If there were multiple DHCP servers that received DHCPDISCOVER then client could receive multiple DHCPOFFER messages. But, the client replies to only one of the messages by populating the server identification field with the IP address of a particular DHCP server. All the messages from other DHCP servers are implicitly declined. The DHCPREQUEST message will still contain the source address as as the client is still not allowed to use the IP address passed to it through DHCPOFFER message. The client enters requesting stage during this step.


Step 4: Once the server receives DHCPREQUEST from the client, it sends the DHCPACK message indicating that now the client is allowed to use the IP address assigned to it. The client enters the bound state during this step.


DHCP LEASE: (We can see the lease time in DHCP ACK packets, as per above screenshot) The IP address assigned by DHCP server to DHCP client is on a lease. After the lease expires the DHCP server is free to assign the same IP address to any other host or device requesting for the same.

A DHCP-enabled client obtains a lease for an IP address from a DHCP server. Before the lease expires, the DHCP server must renew the lease for the client or the client must obtain a new lease.

In the next post will see the DHCP process in Wireless (or DHCP with the WLC).