DMVPN spoke nodes establish a tunnel with a preconfigured DMVPN next hop server (NHS) (hub node) and exchange IP packets with
the NHS before an IP address is configured on the tunnel interface. This allows the DHCP client on the spoke and the DHCP
relay agent or the DHCP server on the NHS to send and receive the DHCP messages. A DHCP relay agent is any host that forwards
DHCP packets between clients and servers.
When the tunnel on a spoke is in the UP state or becomes active, the spoke establishes a tunnel with the preconfigured hub
node. The tunnel formation may include setting up IP Security (IPsec) encryption for the tunnel between the spoke and the
hub. DHCP receives the GRE tunnel interface UP notification only after the spoke establishes a tunnel with the hub. The DHCP
client configured on the spoke must exchange the DHCP IP packets with the hub (DHCP relay agent or server) to obtain an IP
address for the GRE tunnel interface. Therefore, the spoke-to-hub tunnel must be in active state before the GRE tunnel interface
UP notification is sent to the DHCP server or the relay agent.
IP packets that are broadcast on the DMVPN spoke reach the DMVPN hub. The spoke broadcasts a DHCPDISCOVER message to the
DHCP relay agent on the DMVPN hub, before the spoke has an IP address on the GRE tunnel interface. By using the DHCPDISCOVER
message, DHCP unicasts the offer back to the client. The hub cannot send IP packets to the spoke before the hub receives a
Next Hop Resolution Protocol (NHRP) registration from the spoke. The DHCP relay agent configured on the DMVPN hub adds mapping
information to the DHCP client packets (DHCPDISCOVER and DHCPREQUEST).
Depending on whether the hub is a DHCP server or a DHCP relay agent, the mapping is handled differently.
If the hub is a DHCP server, the Non-Broadcast Multiple Access (NBMA) address is known and a temporary mapping is created
on the hub. The hub then unicasts a reply to the spoke.
If the hub is a DHCP relay agent, the server behind the relay assigns the address. To preserve the NBMA address of the spoke,
the address is attached to the DHCP message. When the reply is received, the NBMA address is fetched from the message. The
address is sent to the spoke to create the mapping.
The NHRP registration sent by the spoke is suppressed until DHCP obtains an address for the GRE tunnel interface. Hence allows
reliable exchange of standard DHCP messages.