An important component of a data network is an addressing scheme that allows devices connected to the network to communicate with each other. A common protocol used to assign network addresses in Internet Protocol (IP) networks is the Dynamic Host Configuration Protocol (DHCP). Typically, a device uses a DHCP client to obtain a network address by exchanging DHCP messages with a DHCP server.
As the number of devices connected to a data network increases, so does the number of DHCP messages. Because many of these messages are broadcast, they may be sent to every device on a network, not just the DHCP client attempting to obtain a network address and the DHCP server. Consequently, a large number of broadcast messages may needlessly consume network resources.
Security problems may also arise due to broadcast DHCP messages. For example, a rogue DHCP server may intercept a request for an address sent by a DHCP client and improperly reply to the request. As a result, the rogue server may disable the client by assigning it a non-functional network address. Malevolent devices may also be listening to broadcast DHCP messages to discover which network address is assigned to a device and later use its knowledge of the network address in a harmful way.
A conventional solution to these problems is to limit the number of broadcast messages allowed on a network link. A limit may reduce the amount of link bandwidth consumed by broadcast messages, but has the undesirable side effect of unintentionally discarding legitimate DHCP messages. Furthermore, a limit does not address the security problems described above.