Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
hpenmetsa
Staff
Staff

Created on ‎11-11-2025 10:13 PM Edited on ‎11-11-2025 10:14 PM By Community Manager

Article Id 417414

Technical Tip: Understanding DHCP Lease Renewal States and Transitions

Description This article explains the DHCP Lease Renewal States and Transitions.
Scope FortiGate.
Solution

When a DHCP client (such as a FortiGate) renews its lease, it transitions through several well-defined DHCP states based on the DHCP protocol (RFC 2131) process. The renewal occurs without fully restarting the lease acquisition process unless the renewal fails.

 

The following are the typical DHCP states during a lease renewal :​

 

BOUND state:

The client already has a valid IP lease and is actively using it. It maintains normal network communication.

 

RENEWING state:

Triggered when 50% of the lease time (called T1) has expired. The client sends a DHCPREQUEST message directly (unicast) to the DHCP server that issued the lease, asking to renew it.

 

2025-10-23 17:08:52 timer 0xfd179a0(bind_lease -> state_renewing) will expire in 5 secs
2025-10-23 17:08:53 timer 0xfd179a0(bind_lease -> state_renewing) will expire in 4 secs
2025-10-23 17:08:54 timer 0xfd179a0(bind_lease -> state_renewing) will expire in 3 secs
2025-10-23 17:08:55 timer 0xfd179a0(bind_lease -> state_renewing) will expire in 2 secs
2025-10-23 17:08:56 fd 11 can be read now
2025-10-23 17:08:56 ###############3Receive packet:
len=42
2025-10-23 17:08:56 del hw header
2025-10-23 17:08:56 ether_type:0806
2025-10-23 17:08:56 hw addr from: 00:xx:xx:xx:xx:0x
2025-10-23 17:08:56 arp packet received, len:28
2025-10-23 17:08:56 A ARP packet is received.
2025-10-23 17:08:56 timer 0xfd179a0(bind_lease -> state_renewing) will expire in 1 secs
2025-10-23 17:08:57 timer 0xfd179a0 expired, take action
2025-10-23 17:08:57 T1 has expired, state renewing <------------------


If the server responds with a DHCPACK, the lease time resets, and the client returns to the BOUND state.

 

2025-10-23 17:08:57 ###############3Receive packet:len=351
2025-10-23 17:08:57 del hw header
2025-10-23 17:08:57 ether_type:0800
2025-10-23 17:08:57 hw addr from: 00:xx:xx:xx:xx:0x
2025-10-23 17:08:57 del ip udp header
2025-10-23 17:08:57 final dhcp message len:309
2025-10-23 17:08:57 DHCP Message received.
2025-10-23 17:08:57 parse dhcp options
2025-10-23 17:08:57 parse dhcp option buffer (69 bytes)
2025-10-23 17:08:57 option[53], len:1
2025-10-23 17:08:57 option[54], len:4
2025-10-23 17:08:57 option[51], len:4
2025-10-23 17:08:57 option[1], len:4
2025-10-23 17:08:57 option[3], len:4
2025-10-23 17:08:57 option[6], len:8
2025-10-23 17:08:57 option[58], len:4
2025-10-23 17:08:57 option[59], len:4
2025-10-23 17:08:57 option[224], len:17
2025-10-23 17:08:57 DHO_BROADCAST_ADDRESS option is missed
2025-10-23 17:08:57 DHCPACK received <-------------------------
2025-10-23 17:08:57 handle received dhcp options!
2025-10-23 17:08:57 lease ip:03F4380A
lease time: 300, renew: 150, rebind: 262  <----------------------- DHCPACK received and lease time resets back to 300 seconds
2025-10-23 17:08:57 Ack: expiry 300 secs renew: 150 secs rebind: 262 secs

If there is no response, the client waits for T2.


REBINDING state:

Begins when 87.5% (T2) of the lease time elapses without a reply. The client now broadcasts a DHCPREQUEST message to all available DHCP servers.

 

2025-10-23 17:11:27 Allocate a new timer
2025-10-23 17:11:27 Registered timer 0xfd179a0 will expiry in 6 secs
2025-10-23 17:11:27 timer 0xfd179a0(send_request -> send_request) will expire in 6 secs
2025-10-23 17:11:28 timer 0xfd179a0(send_request -> send_request) will expire in 5 secs
2025-10-23 17:11:29 timer 0xfd179a0(send_request -> send_request) will expire in 4 secs
2025-10-23 17:11:30 timer 0xfd179a0(send_request -> send_request) will expire in 3 secs
2025-10-23 17:11:31 timer 0xfd179a0(send_request -> send_request) will expire in 2 secs
2025-10-23 17:11:32 timer 0xfd179a0(send_request -> send_request) will expire in 1 secs
2025-10-23 17:11:33 timer 0xfd179a0 expired, take action
2025-10-23 17:11:33 Sending request!
2025-10-23 17:11:33 Send a packet out.
2025-10-23 17:11:33 add hw header
2025-10-23 17:11:33 dst hw addr: 00:xx:xx:xx:xx:0x
2025-10-23 17:11:33 src hw addr: 00:0x:0x:0x:xx:0x
2025-10-23 17:11:33 add ip udp header
2025-10-23 17:11:33 dhcpcd_send_packet,274:result:590, ifinde:11
2025-10-23 17:11:33 unregister timer:0xfd179a0
2025-10-23 17:11:33 register timer func=0x934e20 arg=0xfd56660 name=send_request -> send_request
2025-10-23 17:11:33 Allocate a new timer
2025-10-23 17:11:33 Registered timer 0xfd483e0 will expiry in 12 secs
2025-10-23 17:11:33 timer 0xfd483e0(send_request -> send_request) will expire in 12 secs
2025-10-23 17:11:34 timer 0xfd483e0(send_request -> send_request) will expire in 11 secs
2025-10-23 17:11:35 timer 0xfd483e0(send_request -> send_request) will expire in 10 secs
2025-10-23 17:11:36 timer 0xfd483e0(send_request -> send_request) will expire in 9 secs
2025-10-23 17:11:37 timer 0xfd483e0(send_request -> send_request) will expire in 8 secs
2025-10-23 17:11:38 timer 0xfd483e0(send_request -> send_request) will expire in 7 secs
2025-10-23 17:11:39 timer 0xfd483e0(send_request -> send_request) will expire in 6 secs
2025-10-23 17:11:40 timer 0xfd483e0(send_request -> send_request) will expire in 5 secs
2025-10-23 17:11:41 timer 0xfd483e0(send_request -> send_request) will expire in 4 secs
2025-10-23 17:11:42 timer 0xfd483e0(send_request -> send_request) will expire in 3 secs
2025-10-23 17:11:43 timer 0xfd483e0(send_request -> send_request) will expire in 2 secs
2025-10-23 17:11:44 timer 0xfd483e0(send_request -> send_request) will expire in 1 secs
2025-10-23 17:11:45 timer 0xfd483e0 expired, take action
2025-10-23 17:11:45 Sending request!
2025-10-23 17:11:45 Send a packet out.

 

If any server replies with a DHCPACK, the lease is renewed and the client returns to the BOUND state.


2025-10-24 07:16:34 timer 0xfd483e0(send_request -> send_request) will expire in 29 secs
2025-10-24 07:16:34 fd 11 can be read now
2025-10-24 07:16:34 ###############3Receive packet:
len=351
2025-10-24 07:16:34 del hw header
2025-10-24 07:16:34 ether_type:0800
2025-10-24 07:16:34 hw addr from: 00:xx:xx:xx:xx:0x
2025-10-24 07:16:34 del ip udp header
2025-10-24 07:16:34 final dhcp message len:309
2025-10-24 07:16:34 DHCP Message received.
2025-10-24 07:16:34 parse dhcp options
2025-10-24 07:16:34 parse dhcp option buffer (69 bytes)
2025-10-24 07:16:34 option[53], len:1
2025-10-24 07:16:34 option[54], len:4
2025-10-24 07:16:34 option[51], len:4
2025-10-24 07:16:34 option[1], len:4
2025-10-24 07:16:34 option[3], len:4
2025-10-24 07:16:34 option[6], len:8
2025-10-24 07:16:34 option[58], len:4
2025-10-24 07:16:34 option[59], len:4
2025-10-24 07:16:34 option[224], len:17
2025-10-24 07:16:34 DHO_BROADCAST_ADDRESS option is missed
2025-10-24 07:16:34 DHCPACK received <-----
2025-10-24 07:16:34 handle received dhcp options!
2025-10-24 07:16:34 lease ip:03F4380A
lease time: 300, renew: 150, rebind: 262  <----- Lease renewed.
2025-10-24 07:16:34 Ack: expiry 300 secs renew: 150 secs rebind: 262 secs
2025-10-24 07:16:34 binding lease

 

INIT:

If no reply arrives before the lease expires or is invalidated by DHCPNAK, the client moves to INIT to start the discovery process from scratch.

 

The client sends a DHCPDISCOVER to start a new lease process.

 

In the below debugs, receiving a DHCPNAK from the server moves the client back to the INIT state, clearing its previous lease and starting a full discovery cycle again (via DHCPDISCOVER).​

 

2025-10-23 17:13:31 timer 0xfd179a0(send_discover -> send_discover) will expire in 6 secs
2025-10-23 17:13:31 fd 11 can be read now
2025-10-23 17:13:31 ###############3Receive packet:
len=342
2025-10-23 17:13:31 del hw header
2025-10-23 17:13:31 ether_type:0800
2025-10-23 17:13:31 hw addr from: x0:xx:xx:Dx:xx:6x
2025-10-23 17:13:31 del ip udp header
2025-10-23 17:13:31 final dhcp message len:300
2025-10-23 17:13:31 DHCP Message received.
2025-10-23 17:13:31 parse dhcp options
2025-10-23 17:13:31 parse dhcp option buffer (60 bytes)
2025-10-23 17:13:31 option[53], len:1
2025-10-23 17:13:31 DHO_DHCP_SERVER_IDENTIFIER option is missed
2025-10-23 17:13:31 DHO_SUBNET_MASK option is missed
2025-10-23 17:13:31 DHO_BROADCAST_ADDRESS option is missed
2025-10-23 17:13:31 DHCPNAK received <-----DHCPNAK is received, and the client starts from the Discoverprocess to get an IP address.
2025-10-23 17:13:31 DHCPNAK in wrong transaction.
2025-10-23 17:13:31 timer 0xfd179a0(send_discover -> send_discover) will expire in 6 secs
2025-10-23 17:13:32 timer 0xfd179a0(send_discover -> send_discover) will expire in 5 secs

 

DHCP client debugs:

 

diagnose debug application dhcpc -1
diagnose debug console timestamp enable
diagnose debug enable
224
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.