๐ฏ Meet the Network's Digital Librarians
If routers are postal workers and NAT is a disguise artist, then DHCP and DNS are like the ultimate digital librarians who manage the network's address book. DHCP automatically assigns "home addresses" (IP addresses) to devices, while DNS translates "people's names" (domain names) into those addresses. Together, they make networking effortless for users!
๐ฏ Chapter Goals: Master DHCP automatic IP assignment, understand DNS name resolution, configure DHCP pools and DNS servers, learn how both services work together, and automate network configuration like a professional system administrator!
๐ DHCP: The Automatic Address Assigner
DHCP (Dynamic Host Configuration Protocol) is like a helpful apartment manager who automatically assigns addresses to new residents. Instead of manually configuring every device, DHCP does it automatically:
Why DHCP is Essential
Manual Configuration ProblemsTedious to configure every device individually
IP Address ConflictsDuplicate IPs cause network problems
Configuration ErrorsWrong subnet masks or gateways break connectivity
Mobility IssuesDevices need different settings in different networks
Scale ProblemsImpossible to manage thousands of devices manually
DHCP Benefits
๐ Administrative Benefits
- Automatic Configuration: No manual IP setup required
- Centralized Management: One place to control all settings
- Conflict Prevention: Server tracks assigned addresses
- Easy Changes: Update network settings from server
- Scalability: Works for networks of any size
๐ฅ User Benefits
- Plug and Play: Devices work immediately when connected
- Mobility: Laptops work in any DHCP-enabled network
- No Configuration: Users don't need technical knowledge
- Automatic Updates: Network changes happen transparently
- Reliability: Reduces user configuration errors
DHCP Information Provided
IP
IP Address
Unique address for the device on the network
SM
Subnet Mask
Defines network and host portions
GW
Default Gateway
Router IP for reaching other networks
DNS
DNS Servers
Servers for name-to-IP translation
The DHCP Process - DORA
New Laptop Joins Network (The DORA Dance)
๐ข
Discover: Client broadcasts "Anyone have an IP address for me?"
๐โโ๏ธ
Offer: DHCP server responds "I can offer you 192.168.1.100"
โ
Request: Client replies "Yes, I'll take 192.168.1.100 please!"
โ
Acknowledge: Server confirms "192.168.1.100 is yours for 24 hours"
๐
Client configures network settings and starts communicating
๐
Process repeats when lease expires or device reconnects
๐ง Memory Trick: DHCP DORA = Discover, Offer, Request, Acknowledge = Dora the Explorer finding her network address!
๐ DNS: The Name Translator
DNS (Domain Name System) is like a massive phone book that translates human-friendly names into computer-friendly numbers. Instead of remembering 172.217.9.46, you just type google.com:
Why DNS is Crucial
Human-Friendly NamesPeople remember names better than numbers
IP Address ChangesWebsites can change IPs without affecting users
Load BalancingOne name can map to multiple IP addresses
Service DiscoveryFind email servers, web servers, etc.
Internet FunctionalityMakes the web usable for normal people
DNS Hierarchy - The Library System
Root Servers
Top level: "."
13 root servers worldwide
TLD Servers
Top Level Domains
.com, .org, .net, .edu
Authoritative Servers
Domain Specific
google.com, cisco.com
DNS Record Types
A Record
Name to IPv4 address
AAAA Record
Name to IPv6 address
CNAME Record
Name to another name (alias)
MX Record
Mail server for domain
DNS Resolution Process
User Types "www.google.com" in Browser
๐ป
Browser checks local cache for www.google.com IP
๐
If not cached, asks local DNS resolver (usually ISP)
๐
Resolver queries root server: "Who handles .com?"
๐ข
Root server responds: "Ask TLD servers for .com"
๐
Resolver asks .com server: "Who handles google.com?"
๐
Gets authoritative servers for google.com
โ
Finally gets IP address: 172.217.9.46
๐
Browser connects to IP address, loads website
DNS Caching
Browser CacheBrowser remembers recent lookups for speed
Operating System CacheOS maintains DNS cache for all applications
Resolver CacheISP DNS servers cache popular websites
TTL (Time To Live)How long to cache each DNS record
๐ Fun Fact: DNS queries happen so fast (milliseconds) that you never notice the complex lookup process happening behind the scenes!
โ๏ธ DHCP Configuration on Cisco Routers
Basic DHCP Server Configuration
Scenario: Configure DHCP for 192.168.1.0/24 network
Router(config)#
service dhcp
# Enable DHCP service on router
Router(config)#
ip dhcp pool LAN-POOL
# Create DHCP pool named LAN-POOL
Router(dhcp-config)#
network 192.168.1.0 255.255.255.0
# Define network range for pool
Router(dhcp-config)#
default-router 192.168.1.1
Router(dhcp-config)#
dns-server 8.8.8.8 8.8.4.4
Router(dhcp-config)#
domain-name company.local
# Set domain name for clients
Router(dhcp-config)#
lease 7
# Set lease time to 7 days
Router(dhcp-config)#
exit
Excluding IP Addresses
Reserve addresses for servers and network equipment
Router(config)#
ip dhcp excluded-address 192.168.1.1 192.168.1.10
# Exclude .1 through .10 for static devices
Router(config)#
ip dhcp excluded-address 192.168.1.100 192.168.1.110
# Exclude .100 through .110 for servers
Router(config)#
ip dhcp excluded-address 192.168.1.200
# Exclude single address (.200)
Multiple DHCP Pools
Different pools for different networks/VLANs
Router(config)#
ip dhcp pool SALES-POOL
Router(dhcp-config)#
network 192.168.10.0 255.255.255.0
Router(dhcp-config)#
default-router 192.168.10.1
Router(dhcp-config)#
dns-server 192.168.100.10 8.8.8.8
Router(dhcp-config)#
domain-name sales.company.com
Router(dhcp-config)#
exit
Router(config)#
ip dhcp pool ENGINEERING-POOL
Router(dhcp-config)#
network 192.168.20.0 255.255.255.0
Router(dhcp-config)#
default-router 192.168.20.1
Router(dhcp-config)#
dns-server 192.168.100.10 8.8.8.8
Router(dhcp-config)#
domain-name eng.company.com
DHCP Relay Configuration
Forward DHCP requests to remote DHCP server
Router(config)#
interface fastethernet 0/0
# Interface connected to clients needing DHCP
Router(config-if)#
ip helper-address 192.168.100.10
# Forward DHCP broadcasts to server at 192.168.100.10
Router(config-if)#
ip helper-address 192.168.100.11
# Add redundant DHCP server
๐ก DHCP Relay: Routers don't forward broadcasts by default. Use ip helper-address to forward DHCP requests across subnets to centralized DHCP servers!
๐ DNS Configuration on Cisco Routers
Basic DNS Server Configuration
Configure router as simple DNS server for local names
Router(config)#
ip dns server
# Enable DNS server functionality
Router(config)#
ip host web-server 192.168.1.100
Router(config)#
ip host mail-server 192.168.1.110
Router(config)#
ip host file-server 192.168.1.120
Router(config)#
ip host printer 192.168.1.150
DNS Client Configuration
Configure router to use DNS servers for name resolution
Router(config)#
ip domain-lookup
# Enable DNS lookups (usually enabled by default)
Router(config)#
ip name-server 8.8.8.8
# Primary DNS server (Google DNS)
Router(config)#
ip name-server 8.8.4.4
Router(config)#
ip name-server 192.168.100.10
# Local company DNS server
Router(config)#
ip domain-name company.local
# Default domain for incomplete names
DNS Testing and Troubleshooting
Router#
nslookup google.com
Translating "google.com"...domain server (8.8.8.8) [OK]
Name: google.com
Address: 172.217.9.46
Router#
ping google.com
Translating "google.com"...domain server (8.8.8.8) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.217.9.46, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/32 ms
Router#
show hosts
Default domain is company.local
Name/address lookup uses domain service
Name servers are 8.8.8.8, 8.8.4.4, 192.168.100.10
Cached addresses:
google.com (temp, OK) 172.217.9.46
web-server (perm, OK) 192.168.1.100
mail-server (perm, OK) 192.168.1.110
Advanced DNS Features
DNS forwarding and caching configuration
Router(config)#
ip dns primary company.local soa ns1.company.local admin.company.local
# Configure as primary DNS for company.local domain
Router(config)#
ip dns view default
Router(config-dns-view)#
dns forwarder 8.8.8.8
# Forward unknown queries to Google DNS
Router(config-dns-view)#
exit
๐ DHCP & DNS Verification Commands
DHCP Verification
Router#
show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.1.50 0100.1b63.0a15.25 Sep 24 2025 02:15 PM Automatic
192.168.1.51 0100.1b63.0a15.26 Sep 24 2025 02:18 PM Automatic
192.168.1.52 0100.1b63.0a15.27 Sep 24 2025 02:20 PM Automatic
Router#
show ip dhcp pool
Pool LAN-POOL :
Utilization mark (high/low) : 100 / 0
Subnet size (first/next) : 0 / 0
Total addresses : 254
Leased addresses : 3
Pending event : none
1 subnet is currently in the pool :
Current index IP address range Leased addresses
192.168.1.53 192.168.1.1 - 192.168.1.254 3
Router#
show ip dhcp conflict
IP address Detection method Detection time VRF
192.168.1.25 Ping Sep 17 2025 02:15 PM
Router#
debug ip dhcp server packet
DHCPD: DHCPDISCOVER received from client 0100.1b63.0a15.28 on interface FastEthernet0/0.
DHCPD: Sending DHCPOFFER of 192.168.1.54 to client 0100.1b63.0a15.28 (255.255.255.255).
DHCPD: broadcasting BOOTREPLY to client 0100.1b63.0a15.28.
DNS Verification
Router#
show ip dns view
DNS View default parameters:
Forwarder list: 8.8.8.8
Domain lookup is enabled
Domain name: company.local
Domain list: company.local
Domain name-servers: 8.8.8.8, 8.8.4.4, 192.168.100.10
Router#
show hosts
Default domain is company.local
Name/address lookup uses domain service
Name servers are 8.8.8.8, 8.8.4.4, 192.168.100.10
Host Flag Age Type Address(es)
google.com (temp, EX) 0 IP 172.217.9.46
web-server (perm, OK) 0 IP 192.168.1.100
mail-server (perm, OK) 0 IP 192.168.1.110
cisco.com (temp, OK) 23 IP 72.163.4.185
Router#
debug ip dns view
DNS View debugging is on
DNS: received query for 'google.com' from 192.168.1.50
DNS: forwarding query for 'google.com' to 8.8.8.8
DNS: received response for 'google.com': 172.217.9.46
DNS: sending response for 'google.com' to 192.168.1.50
Common Issues and Solutions
Problem: Clients not getting DHCP addresses
Devices show 169.254.x.x (APIPA) addresses
Check These:
โ DHCP service enabled (service dhcp)
โ DHCP pool configured with correct network
โ No IP conflicts or pool exhaustion
โ Interface not shutdown
โ DHCP relay configured if server is remote
Problem: DNS resolution not working
Ping by IP works, but ping by name fails
Investigate:
โ DNS servers configured and reachable
โ Domain lookup enabled (ip domain-lookup)
โ Name servers responding (test with nslookup)
โ DNS cache corrupted (clear host cache)
โ Firewall blocking DNS traffic (port 53)
๐ ๏ธ Hands-On DHCP & DNS Labs
Lab 1: Basic DHCP Configuration
- Network Setup:
- Configure router with LAN interface 192.168.1.1/24
- Add multiple PCs set to obtain IP automatically
- Create realistic office network topology
- Document planned IP address allocation
- DHCP Configuration:
- Enable DHCP service on router
- Create DHCP pool for LAN network
- Configure gateway, DNS servers, domain name
- Exclude addresses for static devices
- Testing and Verification:
- Connect PCs and verify automatic IP assignment
- Check DHCP bindings and pool utilization
- Test connectivity and internet access
- Verify DNS resolution working correctly
Lab 2: Multiple DHCP Pools and VLANs
- VLAN Setup:
- Configure switch with multiple VLANs
- Set up router-on-a-stick inter-VLAN routing
- Create Sales (VLAN 10) and Engineering (VLAN 20)
- Add PCs to different VLANs for testing
- Multiple DHCP Pools:
- Create separate DHCP pools for each VLAN
- Configure different domain names per department
- Set appropriate default gateways
- Use different DNS servers if available
- Advanced Testing:
- Verify VLAN isolation and inter-VLAN routing
- Test DHCP working in all VLANs
- Confirm different domain names assigned
- Monitor pool utilization per VLAN
Lab 3: DHCP Relay and Centralized Server
- Multi-Site Setup:
- Create topology with multiple remote sites
- Configure central DHCP server at main site
- Set up WAN links between sites
- Document addressing scheme for all sites
- DHCP Relay Configuration:
- Configure ip helper-address on remote routers
- Set up centralized DHCP pools for all sites
- Test DHCP relay functionality
- Add redundant DHCP servers
- Failover Testing:
- Test DHCP server failure scenarios
- Verify backup server takes over
- Monitor DHCP relay performance
- Document disaster recovery procedures
Lab 4: DNS Server and Integration
- Internal DNS Setup:
- Configure router as internal DNS server
- Create local host entries for servers
- Set up DNS forwarding to external servers
- Configure internal domain name
- DHCP-DNS Integration:
- Configure DHCP to provide DNS settings
- Test automatic DNS configuration on clients
- Verify internal and external name resolution
- Set up DNS caching and performance monitoring
- Troubleshooting Practice:
- Create DNS resolution problems
- Practice systematic troubleshooting
- Use debug commands effectively
- Document solutions and best practices
๐ฏ Enterprise Challenge: Build a complete DHCP/DNS infrastructure with redundancy, different policies per department, and integration with Active Directory!
โก DHCP & DNS Best Practices
DHCP Design Principles
Plan Address SpaceReserve ranges for static devices, servers, and future growth
Lease DurationBalance between stability and flexibility (7 days typical)
RedundancyDeploy multiple DHCP servers for high availability
MonitoringTrack pool utilization and lease conflicts
DNS Performance Optimization
Caching StrategyOptimize TTL values for balance of performance and updates
Forwarder SelectionUse fast, reliable external DNS servers
Local ResolutionHost frequently accessed internal resources locally
MonitoringTrack DNS query response times and failures
Security Considerations
DHCP Security Risks
Rogue DHCP servers and DHCP starvation attacks
Mitigation Strategies:
โ Enable DHCP snooping on switches
โ Configure trusted DHCP server interfaces
โ Monitor for unexpected DHCP servers
โ Use DHCP reservations for critical devices
โ Implement network access control (NAC)
DNS Security Concerns
DNS poisoning and information disclosure
Protection Methods:
โ Use secure DNS servers (DNS over HTTPS/TLS)
โ Implement DNS filtering for malicious domains
โ Regular cache clearing and monitoring
โ Split DNS for internal/external resolution
โ Consider DNSSEC for critical domains
Troubleshooting Methodology
DHCP Troubleshooting Steps:
1. Check service is enabled (show running | include dhcp)
2. Verify pool configuration (show ip dhcp pool)
3. Check for conflicts (show ip dhcp conflict)
4. Monitor bindings (show ip dhcp binding)
5. Debug DHCP process (debug ip dhcp server)
DNS Troubleshooting Steps:
1. Test basic connectivity (ping DNS server IP)
2. Check DNS configuration (show hosts)
3. Test name resolution (nslookup domain)
4. Verify forwarders (show ip dns view)
5. Debug DNS queries (debug ip dns view)
Integration with Other Services
Active DirectoryIntegrate DHCP with Windows AD for centralized management
IPAM SolutionsUse IP Address Management tools for large networks
Network MonitoringIntegrate with SNMP monitoring systems
AutomationUse scripts and APIs for configuration management
Advanced DHCP Features
DHCP Options for Specific Applications
Router(dhcp-config)#
option 42 ip 192.168.1.200
Router(dhcp-config)#
option 150 ip 192.168.1.210
# TFTP server for IP phones
DHCP Reservations for Specific Devices
Router(config)#
ip dhcp pool PRINTER-RESERVATION
Router(dhcp-config)#
host 192.168.1.150 255.255.255.0
Router(dhcp-config)#
client-identifier 01aa.bbcc.ddee.ff
# Reserve specific IP for device with MAC aa:bb:cc:dd:ee:ff
๐ Chapter Summary
- DHCP Purpose: Automatically assigns IP addresses and network configuration to devices
- DORA Process: Discover, Offer, Request, Acknowledge - the four-step DHCP negotiation
- DHCP Configuration: Create pools, exclude addresses, set options like gateway and DNS
- DHCP Relay: ip helper-address forwards DHCP requests across subnets
- DNS Function: Translates human-readable names into IP addresses
- DNS Hierarchy: Root servers, TLD servers, authoritative servers work together
- DNS Configuration: Set name servers, domain names, and local host entries
- Integration: DHCP provides DNS settings automatically to clients
๐ฏ Address Book Mastery Achieved! You now understand the foundation services that make networks user-friendly. DHCP and DNS are the invisible helpers that make networking "just work" for everyone!
๐ DHCP & DNS Mastery Quiz
1. What are the four steps of the DHCP process? Discover (client broadcasts request), Offer (server offers IP), Request (client accepts offer), Acknowledge (server confirms assignment)
2. What information does DHCP typically provide to clients? IP address, subnet mask, default gateway, DNS servers, domain name, and lease duration
3. How do you exclude addresses from DHCP assignment? Use "ip dhcp excluded-address" command to reserve IPs for static devices like servers and routers
4. What is DHCP relay and when is it needed? ip helper-address forwards DHCP broadcasts across subnets when DHCP server is on different network than clients
5. How does DNS resolution work step-by-step? Client checks cache, queries local resolver, resolver queries root servers, TLD servers, then authoritative servers
6. What's the difference between A and CNAME records? A records map names to IPv4 addresses; CNAME records create aliases that point to other names
7. How do you configure a router as both DHCP server and DNS forwarder? Enable dhcp service with pools, enable dns server, configure name-servers for forwarding
8. What causes the 169.254.x.x addresses on clients? APIPA (Automatic Private IP Addressing) when DHCP server unavailable - indicates DHCP failure
๐ Brilliant! You've mastered the essential services that make networks user-friendly. DHCP and DNS are the foundation of modern network automation!
Comments