Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term BootP

Training Camp • Cybersecurity Glossary

What is BootP?

The Bootstrap Protocol (RFC 951) that lets a diskless client get its IP address and boot file from a server over UDP ports 67/68—DHCP's predecessor.

Glossary > Network Security > BootP

BootP — The Bootstrap Protocol (RFC 951) that lets a diskless client get its IP address and boot file from a server over

Understanding BootP

BootP (Bootstrap Protocol) is a legacy network protocol, defined in RFC 951, that lets a client machine automatically obtain its IP address, gateway, and boot file location from a server at startup. It runs over UDP using server port 67 and client port 68, and is the direct predecessor of DHCP.

When a diskless workstation or thin client powers on, it broadcasts a BOOTREQUEST containing its MAC address. A BootP server matches that MAC to a static entry in its configuration and returns a BOOTREPLY with the assigned IP address, subnet mask, default gateway, and often the filename of a boot image to fetch via TFTP. Unlike DHCP, BootP assignments are static and manually mapped; there is no concept of address leasing or dynamic pool allocation. DHCP was designed as a backward-compatible extension of the BootP message format.

From a security standpoint, BootP is unauthenticated and broadcast-based, so a rogue BootP server can answer requests and feed clients malicious gateway or boot-file settings, enabling man-in-the-middle attacks or unauthorized network boot. Because it predates modern protections, environments still running it should restrict it with DHCP snooping, port security, and segmentation, or migrate to DHCP with authentication and option-82 controls.

For example, a network engineer studying for the CCNA may encounter BootP when configuring PXE network booting of bare-metal servers: the server broadcasts a BootP/DHCP request, receives an IP and the path to a bootstrap loader on a TFTP server, then downloads the operating system installer. Recognizing the UDP 67/68 exchange helps administrators troubleshoot why a device fails to obtain network boot parameters.

Learn More About BootP:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →