Summary: if you have C5 guests with dhclient "bad udp checksum" issues then this entry on the host will fix it: iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM --checksum-fill Detail: If anyone else is seeing this... Feb 11 19:22:11 mercury dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x63be132a) Feb 11 19:22:56 mercury last message repeated 3 times Feb 11 19:23:12 mercury dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x63be132a) Feb 11 19:23:12 mercury dhclient: 5 bad udp checksums in 5 packets Feb 11 19:23:20 mercury dhclient: DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x63be132a) Feb 11 19:23:51 mercury last message repeated 2 times Feb 11 19:24:09 mercury last message repeated 2 times Feb 11 19:24:09 mercury dhclient: 5 bad udp checksums in 5 packets The client eventually expires the lease and goes back to DISCOVER state and then gets an IP address. This only seems to happen with C5 (RH5?) guests on a KVM host. C6 guests don't have the problem. Googling also shows Debian with issues, and the problem may be in the ISC code base. The work-around is to add an iptables entry on the host: iptables -A POSTROUTING -t mangle -p udp --dport bootpc -j CHECKSUM --checksum-fill With this in place dhclient on C5 guests can happily renew their address Feb 12 00:02:02 mercury dhclient: DHCPREQUEST on eth0 to 10.0.0.134 port 67 (xid=0x63be132a) Feb 12 00:02:02 mercury dhclient: DHCPACK from 10.0.0.134 (xid=0x63be132a) Feb 12 00:02:02 mercury dhclient: bound to 10.0.0.135 -- renewal in 16918 seconds. Feb 12 04:44:00 mercury dhclient: DHCPREQUEST on eth0 to 10.0.0.134 port 67 (xid=0x63be132a) Feb 12 04:44:00 mercury dhclient: DHCPACK from 10.0.0.134 (xid=0x63be132a) Feb 12 04:44:00 mercury dhclient: bound to 10.0.0.135 -- renewal in 18447 seconds. -- rgds Stephen