I'm having trouble understanding something. Say a DHCP client boots and sends the initial DHCP Discovery message as a broadcast. The only DHCP server is on a different subnet and the message has to cross a router enabled for DHCP relay agent. The Discovery message contains the source address of 0.0.0.0 and the destination address of 255.255.255.255 and the client's MAC address. When the Discovery message hits the router, it should strip off the layer 2 MAC address from the packet and encapsulate it with the MAC address of the interface that connects to the other subnet. Then the message goes on to the DHCP server. When the server sends out the DHCPOFFER message, it is as a unicast and contains a verification of the senders MAC address and it's own IP address as well as other lease information. If the original sender's MAC address was stripped off, how can the server know it? Also, does the router contain a list of MAC addresses in cache (I know it keeps layer 3 network information in the routing tables) so that the message can be routed to the specific sender? Sorry to seem confused here, but as much research as I've done on relay agents, I can't find the specific answer to this question. Thanks a bunch.