Understanding DHCP: Who Am I On This Network? | CompTIA Study Guide

Show Notes

This episode of Technology Tap: CompTIA Study Guide dives into the essential networking concept of DHCP and the critical question every device asks on a network: 'Who am I?' Understanding DHCP is key for IT skills development, helping you assign IP addresses, manage subnet masks, and configure DNS settings efficiently. Whether you're preparing for your CompTIA exam or enhancing your technology education, this tech exam prep episode breaks down complex networking components into clear, digestible explanations. Join us as we explore how devices establish their identity on networks and troubleshoot connectivity challenges effectively.

We map the full DORA exchange and explain what each step means on the wire. Then we take on the headaches: APIPA addresses that scream “no server answered,” scopes that quietly run dry, and VLANs where broadcasts stop at the router. You’ll learn how to architect a central DHCP service with relay agents across subnets, tune lease durations for guests versus office gear, and avoid conflicts with smart exclusions. Real-world stories reveal how a rogue consumer router can hijack traffic, and we share practical defenses using DHCP snooping, trusted ports, and better inventory to shut down shadow IT before it bites.

Certification seekers get a rapid-fire quiz that cements the essentials: spotting 169.254.x.x, defining a scope, choosing the correct gateway role, and using DHCP snooping to stop unauthorized offers. We also connect the dots to the cloud: how virtual machines, VPCs, and Kubernetes pods receive identities dynamically so services discover each other and policies hold. Throughout, we keep it hands-on with ipconfig tips, quick checks to confirm routing and DNS, and a simple mental model for leases that makes troubleshooting second nature.

If this helped you think like a technician, tap follow, share it with a teammate who lives in ipconfig, and leave a quick review so more learners can find us. Got a DHCP war story or a tip that saves minutes under pressure? Drop it in the comments and let’s compare notes.

Art By Sarah/Desmond
Music by Joakim Karud
Little chacha Productions

Juan Rodriguez can be reached at
TikTok @ProfessorJrod
ProfessorJRod@gmail.com
@Prof_JRod
Instagram ProfessorJRod

Chapters

• 0:27: Welcome And Host Intro
• 1:10: Why Identity Comes Before Security
• 2:37: DHCP Fundamentals And Purpose
• 4:15: Core Settings: IP, Mask, Gateway, DNS
• 7:24: Leases And The DORA Exchange
• 8:58: When DHCP Fails And APIPA Hits
• 10:52: Scopes, Exhaustion, And VLANs
• 12:06: DHCP Relay Across Subnets
• 12:54: Rogue Servers And DHCP Snooping
• 16:40: Cloud And Containers Use DHCP Logic
• 17:30: Quiz: Four Certification Questions
• 19:45: Real‑World Lease Analogy
• 22:05: Closing: Check IP First, Always
• 24:06: Credits And Contact

Transcript

Why Identity Comes Before Security

DHCP Fundamentals And Purpose

Core Settings: IP, Mask, Gateway, DNS

Leases And The DORA Exchange

SPEAKER_01 0:27

And welcome to Technology Tap. I'm Professor J. Rod. In this episode, DHCP, the complete story. Let's tap it. Welcome back. I'm Professor J. Rod, and this is Technology Tap. For those of you who don't know me, I'm a professor of cybersecurity, and I like helping students pass their A Plus, Denver Plus, and Security Plus exams. Also an author of the book Scamproof for Seniors, available on Amazon. It's actually now on sale. So get it while it's on sale. It's at uh$17.99 as of the day after Valentine's Day, 2026, in case you know listening to this in the far, far, far future. Let's see. You can follow me on Instagram at Professor J. Rod. You can follow me on TikTok at Professor J Rodd. You can follow me on YouTube, the Technology Tap Podcast. And I'm also on LinkedIn. Just look for me, Professor J. Rod. I'm there on LinkedIn. All right, let's begin. Today we're going to talk about something almost invisible until everything breaks. Not ransomware, not firewalls, not cloud security, not even DNS. We're talking about identity because before a computer can log in, before it can automate or authenticate to a domain, before it can reach Google, before it can download updates, before it can establish an encrypted HTTPS session, it must know one thing. Who am I on this network? And that identity is designed is assigned by something most users never see. Dynamic host configuration protocol. DHCP. Most students memorize Dora, discover, offer, request, acknowledge. But tonight we're not memorizing, we're understanding. We're going to break it down. What DHCP is, why it exists, how it works at the packet level, what each component means, what happens when it fails, how attackers abuse it, how enterprise design around it, and how COMTA tests it. Because networking begins with identity, and identity begins with DHCP. DHCP. DHCP stands for Dynamic Host Configuration Protocol. It's a network protocol that automatically assigns IP configuration settings to the device so they can communicate on an IP network. These settings include IP address, subnet mask, default gateway, DNS server, or lease duration. DHCP is a system that automatically gives your device its network identity so it can talk to other devices. Without DHCP, every device would need a manual configuration. Before DHCP, IP addresses were assigned manually. Imagine managing 400 student laptops, 200 office desktops, 150 printers, 300 VoIP phones. Each device required an IP address, subnet mask, gateway, DNS. And if you did a typo, it might cause an IP conflict. An IP conflict happens when two devices are assigned the same IP address. When that occurs, traffic cannot properly route and connectivity becomes unstable. DACP eliminates the manual chaos. And I remember doing that when I worked at a nonprofit back in 96, 97. You gotta keep track of every IP address in every device that I put. DACP distributes several critical components. First one is the IP address. An IP address is a logical numeric identifier assigned to a device on a network. In plain English, it is the device home address. You familiar with the example, right? 192.168.1.25. Enterprise example in a lab, it's gonna have a domain controller, right? It's gonna be 10.10.0.5, for example. Where the workstations are gonna be 10.10.0, you know, 100 through 200. Without an IP address, a device cannot communicate at layer 7 of the OSI model. Next, subnet mask. A subnet mask determines which portion of an IP address identifies the network and which identifies the host. It tells the device who is local and who is remote. Example, 192.168.1.25. Mask 255.255.2550. This means the device 192.168.1.1 through 254 are local. If the mask is wrong, the device miscalculates location and the traffic fails. Default gateway. The default gateway is the router address used to send traffic outside the local network. It's your exit door. So for example, your home router is for the most part is going to be 192.168.1.1. In almost all instances, it may you may have some instances where it's 0.1, but for the most part is 1.1. So your gateway is the IP address of your router. So if the gateway is wrong, you can ping local devices locally, but you will you cannot reach the internet because it needs the the IP address of your router. DNS server. A DNS server translates domain names into IP address. It's the internet's phone book. So you type google.com, DNS returns 142.250.90.78. That's Google's IP address. If DNS fails, you may still reach sites by IP, but not by name. And I think most sites don't let you do it by IP address anymore. They used to years back, but they don't let you, like if you put the IP address of like ESPN, they won't, it won't show up. Years ago it did. Now they don't, they don't, it doesn't work that way anymore. Alright, next lease. A lease, like an apartment lease, is the period of time a DHCP server allows a client to use an assigned IP address. It is a temporary rental agreement for identity. Alright, now let's see how DHCP works. When a device boots up, it has no IP address. Here's what happens. And we're using Dora, right? The Dora steps. D discover. The client sends a broadcast message.

unknown 7:41

Right?

When DHCP Fails And APIPA Hits

SPEAKER_01 7:42

Its source IP is 0.0.0 and its destination IP is 255.255.255.255. This means I don't know who I am. Is there a DHCP server? Next, we go to O, offer. The DHCP server responds with available IP address and configuration settings. Example, it says, I can give you one nine the IP address of 192.168.1.105. Next, we go to R, request. The client responds, I accept 192.168.1.105. At this moment, the device has identity. Now you have your IP address. What happens when DHCP fails? Let's walk into a real scenario. A student says the internet is not working. You open up a command prompt and type IP config, you will see an IP address of 169.254.15.22. What is wrong here? Well, you just have it a PIPA address, APIPA, which stands for automatic private IP addressing. It's a fallback mechanism where a device assigns itself a 169.254.x.x address if no DHCP server responds. In plain English, it means I asked for identity and no one answered. Now how do you fix it? Well, first thing you want to do is is the cable connected? Is the Wi-Fi connected? Is the switch port active? Is the VLAN correct? Is the DHCP server running? Is the DHCP scope exhausted? Right? You try to pretty much try to go in that order. You always try to do always follow the OSI model, right? Which is always physical layer, right? You always want to check to see if the cable is there. That's always number one. And then you just work down the OSI layers by Wi-Fi, switch, right? VLAN, right? You just keep going up on the OSI model. Alright, what is a scope? A DHCP scope is the range of IP address a DHCP server can assign. For example, you can have a scope of 192.168.100 to 192.168.1.150. This gives you 51 usable addresses. What if there are 52 devices connected? Well, 51 will get an address, 52 will get nothing. The scope has exhausted itself.

unknown 10:28

Right?

Scopes, Exhaustion, And VLANs

DHCP Relay Across Subnets

Rogue Servers And DHCP Snooping

Cloud And Containers Use DHCP Logic

Quiz: Four Certification Questions

SPEAKER_01 10:28

So you won't get that last device will not get an IP address. Coptea loves this type of scenario. In large network, multiple VLANs exist. Broadcasters do not cross, broadcasts do not cross routers. DHCP relay agent. A DHCP relay agent forwards DHCP requests from one subnet to a D DHCP server on another subnet. Example, a university has a VLAN 10 for faculty, VLAN 20 for students, and VLAN 30 for admin. Each subnet forwards DHCP requests to a central server. Without relay agents, each subset would need its own DHCP server. So for in plain English, you can have one server, DHCP server, giving out IPs to different VLANs. So for example, the faculty could be 192.168.10.x, and X represents whatever number of the device. Where the other one could have 192.168.20.x. Or then 192.168.30.x. But you need a relay agent, the HCP relay agent, in order for it to work. There's a really a good, if you really want to know how it works and see it in real time, there's a program that we use, packet tracer, and you can set it up so that it you have one server giving different IP address. But you know, again, you got to put the relay agent in there. So that that's important. All right, let's talk about security risk. DHCP can be abused. You have rogue DHCP server. A rogue DHCP server is an unauthorized device that assigns IP address on a network. For example, an attacker plugs in a small router, it responds faster than the legitimate DHCP server. It assigns gateway, which is the attacker, and DNS, which is the malicious server. Now traffic flows through the attacker. This enables man in the middle attacks. And you can have a DHCP Snoop Bing as a defense. DHCP Snoop Bing is a switch security feature that allows only trusted ports to send DHCP responses, it blocks rogue DHCP servers. So let me give you an example of it's not really a rogue because it wasn't meant to be malicious, but it was wrong. At a job that I used to work at, not in the office that I worked at, in a different office. And if you know, you know, right? We had wire, you know, wireless first came out a long time ago. And Netflix, when Netflix started streaming, for those of you who are probably young enough not, you know, not to remember, Netflix used to be a DVD company in the beginning, right? They would send you the DVDs, and you didn't have to worry about sending it back. Like you whenever you finish, you send it back. But when they went to streaming, it was a huge thing, right? And then the company that I worked for did not initially did not want to do wireless. Matter of fact, past 2015, they did not have wireless in their in their facilities. So when Netflix streaming came out, of course, everybody wanted to be on it. So these guys in the other office that's not mine decided to chip in and buy a wireless router. And they put it under the floor. Because we had those floors, they called raised floors, where you can take out the tiles and run cable underneath on the floor. So they hid it in there and they connected it to the network. And they they they they didn't broadcast the name of it, right? Because you can hide the broadcast, you can hide the name, the SSID, you can hide that on a router. You can do it in your house too. So they hid it and they just gave each other the number. Nobody noticed that everybody was bringing in their personal laptops from home. And they were all watching Netflix on it, you know, while while they were working. And nobody, nobody noticed, nobody seemed to notice that they were doing this. And how they found out was they fired one of the guys and he snitched on all of them. He sniffed on all of them. But yeah, that's a big no-no. That's an example of a rogue DCP. Though they could have turned it on, the DACP, they probably was off. But if they would have turned it on, that's a that's a huge security risk. Huge. Alright, DHCP in the cloud. Even cloud systems use DACP logic. AWS virtual machines receive dynamic private IPs, Azore virtual networks assign address assign addresses dynamically. And containers in Kubernetes receive IPs dynamically also. The principles remained identity must be assigned before communication. Alright, let's go through our four questions and let's see how well you do. So, how do I do it? I ask the four questions, I redo the four choices, and then I do it again. Let's see if we can do four for four. Question one. A workstation receives 169.254.22.10. What is the most likely cause? A. DNS failure. B DHCP server unreachable. C default gateway failure or D NAT misconfigurations. I read it again. A workstation receives 169.254.22.10. What is the most likely cause? IP address of 169.254.22.10. What is the most likely cause? A DNS failure. B DHCP server unreachable. C default gateway failure or D NAT misconfiguration. I'll give you five seconds. Think about it. 5432 1 and the answer is B DHCP server unreachable. An IP address of 169.254.x.x indicates indicates a PIPA, which occurs when no DHCP server responds. Question number two. What does the DHCP scope define? A the DNS serverless B the router the routing table. C the range of IP address available for assignment or D the VLAN ID. What does the DHCP scope define? A the DNS serverless B the routing table. C the rate the range of IP address available for assignment or D the VLAN ID. I'll give you five seconds to think about it. 5, 4, 3, 2, 1. And the answer is C the range of IP address available for assignment. Alright, we're halfway there. Hopefully you're two for two. Question 3. Why is the default gateway necessary? A to resolve domain names. B to send traffic outside the local network. C to encrypt packets or D to prevent IP conflicts. I'll read it again. Why is the default gateway necessary? A to resolve domain names. B to send traffic outside the local network. C to encrypt packets and D to prevent IP conflicts. I'll give you five seconds to think about it. Five, four, three, two, one. And the correct answer is B to send traffic outside the local network. The default gateway routes traffic to external networks. And the last question is what prevents rogue DHCP servers? And choices are A NAT B STP, C DHCP snooping or DARP. Question four. What prevents rogue DHCP servers? A NAT B STP, C DHCP Snooping, or DARP? Well, I give you five seconds, but I don't think you need it because I didn't mention any of the other ones. It's DHCP snooping. C.

unknown 19:06

Right?

Real‑World Lease Analogy

Closing: Check IP First, Always

SPEAKER_01 19:06

NAT, it's network time, network address translation, and STP is STP is a spanning tree protocol. Almost forgot it. And then ARP is address resolution protocol. So the answer is C D HTP Snooping. DACP Snooping allows switches to trust only specific ports for DHCP responses. Now that's kind of like the book response. Let me give you my version of DHCP. Right? And this is I like to do this for my exam. Not for my exam, for my when I teach A plus or networking or hardware. Though I applied for a job at Penn State, they did not like they did not like this when I said this. They just didn't understand what I was trying to accomplish. But anyway, you have a party, you invite me to a party, right? And I go into your house and I say, Hey, what do I need? Let me let me log into your Wi-Fi. The two things I need to get into your Wi-Fi are to get on the internet, just on the regular internet, right? Is an IP address, right? And a MAC address. The MAC address, I get it from the device, from the manufacturer, the IP address. I have to get it from the router. In this case, in your house, the router in your house, right? If it was in a business, it would be a DHCP server. So you give me the username and password, I log in. I have an IP address from your router. Now, two hours later, you ask me to get some soda, I go to the bodega, right? I play with the bodega cat, I talk to the bodega guy, I buy some soda, I come back in. Do I get do I have the same IP address that I had before I left? What do you think? And the answer is yes, I would have the same IP address. Because I was only gone two hours. I was actually only gone 20 minutes, but it was two hours since I've been there. Right? The end of the day, I leave, blah, blah, right? Everything, we have a good time. Let's say my IP address was 192.168.100.15. Right? So I'm gone, or 1.15, right? 192.168.1.15. So then I leave. And you tell me that it's a party coming back in a month, two months for me to come back. Alright. Month later I come back, two months later I come back. You have another party, I'm there. My question is do I would I have the same IP address? And do I have to? Log in again to your Wi-Fi. Well, I'll answer it this way to log in back to your Wi-Fi. I don't I don't it should automatically log me in if everything is the same. If you do not change the router, you do not change the password. If I have the same device, the same phone, I should not, I should automatically log in.

unknown 22:21

Right?

Credits And Contact

SPEAKER_01 22:22

Am I gonna have the same IP 192.168.1.15? Probably not. Right? Because as I said, it was based on a lease system, right? And usually I think at home it's set up like three or four days. So three or four days after I left your house, that IP address 192.168.1.15 was recalled back to your router. Your router took it back, and it's able to give that to another device. So let's say I left, and then four days later, five days later, your cousin comes and he logs into your Wi-Fi. The router could assign him that number 192.168.1.15. And he won't have it until he leaves, until he disconnects from that network. Right? So I will probably, when I visit you a month or two months later, probably not gonna have the same IP address. But if everything stays the same, I should be able to log in automatically. That's how it is. That's how it works. That's the simple man. That's the very, very simple. Like I said, I did that when I for Penn State. They did not like that. I think the bodega part they didn't like, they didn't understand that. So I think that threw them off. Alright, let's wrap this up. Closing. Before authentication, before encryption, before firewalls, before logging, before cloud sync, there's identity. Every troubleshooting journey in networking begins with one question. Does this device have a valid IP address? Because before Windows can be fixed, before updates can be downloaded, and before the cloud can connect, before the security can protect anything, the machine must speak. And if you want to know where to check, actually, there's a simple way. If you go to the command line now, I'm gonna explain how to get it to the command line, but if I if I'm explaining it to you, then you're not that high up in IT, right? You still need a lot, a lot of practice if you don't know how to get into the command line. Anyway, you do start, run, type CMD like cash money dollar, and then you should have a black screen with your C users and then whatever the name that you logged in as. Right? That's this is a command prompt, and you'll see it on the left hand side. It should say upper left hand side, it should say command prompt. If you type the word IP config, Ip C O N F I G and you hit enter, you should get a whole bunch of stuff, right? You should look for the one that says Ethernet Adapter Ethernet, and then there you should see your IP address, your subnet mask, and your default gateway. Now your default gateway should be 192.168.1.1. It may not be, but for the most part, for the most people listening to this, that's what your IP address for your default gateway should be. Now, if you take that number and you open up a browser and you type that number in 192.168.1.1, it should bring you to your router admin page. If it doesn't, if you get if you get an error, your connection is not private, click on advance and then click on proceed to 192.168.1.1. I know it says unsafe, therefore, just click on it anyway. And then you should get into your login to your network settings or your router settings, via there. That's a good, you know. So then you can go in there. Try not, you know, and how do you get should have a login page, and then the login will be found on your router, like in the back, somewhere in the back, like on a sticker, right? So that's how that's how you would get into that. But this should tell you a lot. If you go back to the IP config, it should tell you a lot. And now, if you type in IP config space forward slash, all you even get more stuff. And again, if you go back to Ethernet Adapter Ethernet, you will see your subnet mask, your lease. How long is your lease? So your lease obtained and your lease expires. So it should tell you. I guess mine is like eight days, right? It's also a good way to see if your ISP is using is testing IPv6, IPv6. Mine is Verizon. Is actually I have Ryzen is currently testing IPv6, but you would also see that the DHCP is enabled. You would also see your physical address, which is your back address. Remember, in Comptea, they like to trick you with this physical address, hardware address, and MAC address all mean the same thing. They all mean the same thing. What else? You have your subnet mass, IP address, right? It's it's IPv4 address, right? That's what it is. Your subnet mass, lease obtained, lease expired, default gateway DHCP server, which is your router, which makes sense. On your company, DHCP server is probably a different IP address, right? And your DNS server is the same as your router if you're at home, right? 192.168.1.1. At work, it might be different. You might have 8.8.8.8, which is Google's DNS server. You might have that. But yeah, that's how DHCP, that's how this is DHCP, and and that's how we get the name from. Alright, so thank you for listening. All right, this is Technology Tap. And I'm Professor J-Rod, and remember think like a technician and keep tapping into technology. Until next time. This has been a presentation of Little Cha Cha Productions Art by Sarah, music by Joe Kim. We're now part of the Pod Match Network. You can follow me at TikTok at Professor Jrod at J R O D, or you can email me at Professor Jrodj R O D at Gmail.com