Home > Security and SD-WAN > DHCP > Configuring DHCP Relay

Configuring DHCP Relay

Table of contents
No headers

Dynamic Host Configuration Protocol (DHCP) allows a client device to automatically obtain the information for services and configuration necessary to operate on a given network. To initiate this protocol, the client first sends out a broadcast packet called a DHCP Discover, contextualized below:



DHCP Discovers are restricted to a broadcast domain and cannot be routed. However, it is unnecessary to have a DHCP server for each subnet. DHCP relay agents (aka. iphelper) can be used to send these DHCP Discover packets to an appropriate DHCP server in a different broadcast domain using unicast.

In the following example, there are two VLANs behind a Layer 3 networking device which limits the broadcast domain. Because the client resides on VLAN 20 and is configured for a address space, its DHCP discover packets cannot traverse the routing hop to the DHCP server on VLAN 10, which is configured for a address space:



However, the DHCP Discover from the client can reach the DHCP server if the routing device is configured to act as a DHCP relay between VLAN 10 and VLAN 20 in the above example.

The Cisco Meraki MX Security Appliance supports the ability to configure DHCP relay on a per-subnet basis. For example, an MX in this example network should have the following configuration:

dhcp relay.PNG

Note: The MX must have VLANs enabled in order to relay DHCP to another server.

Note: The DHCP server configured must be in a subnet configured on the MX, including directly-connected VLANs, static routes, and subnets participating in AutoVPN. DHCP servers sitting behind a 3rd-party VPN peer are not supported.

Note: If multiple relay servers are configured, the MX will forward DHCP requests to them all simultaneously.

To enable DHCP relay:

  1. Navigate to Security & SD-WAN > Configure > DHCP
  2. Locate the subnet in the list that should have DHCP relay enabled.
  3. For Client addressing, change the drop-down menu to Relay DHCP to another server.
  4. In the DHCP server IP box that appears, enter the IP address of the DHCP server that should serve this subnet.
  5. At the bottom of the page, click Save Changes.


See Configuring DHCP services on the MX Security Appliance and Using Packet Capture to Troubleshoot Client-side DHCP Issues for more information about DHCP. 

Last modified



This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 1476

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community