The DHCP relay service enables the forwarding of DHCP broadcast messages to network segments that a client computer is not directly connected to. It allows a single DHCP server to be shared across different logical network segments separated by a firewall. Unlike handling IP addresses, the DHCP relay service sends unicast messages rather than broadcast messages.
−
LAN IP/subnet: 192.168.4.1/24
+
When a client needs a DHCP-assigned IP address, it broadcasts a request to the network attached to its interface. The DHCP relay service on the firewall intercepts this request on an interface connected to the same network, such as LAN 192.168.2.0/24. The relay service then unicasts the request to all configured DHCP servers in the LAN and receives an IP address offer from a DHCP server (e.g., 192.168.4.1) that has a range of addresses configured for the client's network segment (e.g., 192.168.2.0/24). This offer is forwarded to the client. If the client accepts the offer, it acknowledges the DHCP address and assigns it to its interface immediately.