Renewal of IP address assigned by DHCP runs shorter than the lease time
922
Created On 02/01/23 01:31 AM - Last Modified 10/30/25 20:59 PM
Question
In System Logs, we can find the renewal activity of IP address assigned over DHCP more frequently than the lease time of the current IP address.
What is the reason why this activity is observed?
For example, DHCP renewal activity is found every 30 minutes though the lease time is 1 hour (60 minutes).
2022/10/23 15:00:47 info dhcp ethern if-upda 0 DHCP client (ip-10-20-30-40) assigned IP: 10.20.30.40 on interface: ethernet1/1 for lease time of: 0 days 1h:00m:00s from server: 10.20.30.1. Subnet mask:255.255.255.0 Gateway:10.20.30.1 DNS1:10.20.30.2 2022/10/23 15:30:48 info dhcp ethern if-upda 0 DHCP client (ip-10-20-30-40) assigned IP: 10.20.30.40 on interface: ethernet1/1 for lease time of: 0 days 1h:00m:00s from server: 10.20.30.1. Subnet mask:255.255.255.0 Gateway:10.20.30.1 DNS1:10.20.30.2
Environment
- All PAN-OS versions
- All Firewall models
Answer
It is expected behavior in accordance with the default definition in RFC 2131 .
4.4.5 Reacquisition and expiration
The client maintains two times, T1 and T2, that specify the times at
which the client tries to extend its lease on its network address.
T1 is the time at which the client enters the RENEWING state and
attempts to contact the server that originally issued the client's
network address.
==snip==
At time T1 the client moves to RENEWING state and sends (via unicast)
a DHCPREQUEST message to the server to extend its lease. The client
sets the 'ciaddr' field in the DHCPREQUEST to its current network
address. The client records the local time at which the DHCPREQUEST
message is sent for computation of the lease expiration time. The
client MUST NOT include a 'server identifier' in the DHCPREQUEST
message.
==snip==
Times T1 and T2 are configurable by the server through options. T1
defaults to (0.5 * duration_of_lease). T2 defaults to (0.875 *
duration_of_lease). Times T1 and T2 SHOULD be chosen with some
random "fuzz" around a fixed value, to avoid synchronization of
client reacquisition.
The client maintains two times, T1 and T2, that specify the times at
which the client tries to extend its lease on its network address.
T1 is the time at which the client enters the RENEWING state and
attempts to contact the server that originally issued the client's
network address.
==snip==
At time T1 the client moves to RENEWING state and sends (via unicast)
a DHCPREQUEST message to the server to extend its lease. The client
sets the 'ciaddr' field in the DHCPREQUEST to its current network
address. The client records the local time at which the DHCPREQUEST
message is sent for computation of the lease expiration time. The
client MUST NOT include a 'server identifier' in the DHCPREQUEST
message.
==snip==
Times T1 and T2 are configurable by the server through options. T1
defaults to (0.5 * duration_of_lease). T2 defaults to (0.875 *
duration_of_lease). Times T1 and T2 SHOULD be chosen with some
random "fuzz" around a fixed value, to avoid synchronization of
client reacquisition.