dhcpd: wrong config or bug?
dear forum!
i have a problem understanding the acting of my dhcp_server. the problem: a never-before-used-network-card tries to get a ip-address from the dhcp_server. and the server OFFERS one even if the config denies to do that. ok .. the log-file-entries: dhcpd: DHCPDISCOVER from xx:xx:xx:xx:xx:xx via eth0 dhcpd: DHCPOFFER on yy.yy.yy.yy to xx:xx:xx:xx:xx:xx via eth0 in fact, there are no pools in the dhcpd.conf-file. i want a 1:1 relation between mac-address and ip-address. so there are some subnets and host-paragraphs in the config-file. but the above mentioned xx:xx:xx:xx:xx:xx - mac-address is not in the config. any ideas why the server offered an ip-address? thx in advance gottfried |
Here's my config file. It assigns fixed ips for mac addresses it recognises, otherwise it hands out addresses in the range 192.168.0.101 to 192.168.0.104
subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.101 192.168.0.104; default-lease-time 86400; max-lease-time 86400; option ip-forwarding on; option routers 192.168.0.1; option broadcast-address 192.168.0.255; option subnet-mask 255.255.255.0; option domain-name-servers 4.3.2.1, 1.2.3.4; } host PC1 { hardware ethernet 00:50:FC:89:AD:8A; fixed-address 192.168.0.2; } host PC2 { hardware ethernet 00:0E:A6:8E:01:A6; fixed-address 192.168.0.22; } host PC3 { hardware ethernet 00:02:3F:81:CC:DE; fixed-address 192.168.0.3; } host PC4 { hardware ethernet 22:BE:94:3B:10:59; fixed-address 192.168.0.4; } host PC6 { hardware ethernet 00:00:E2:89:E1:CC; fixed-address 192.168.0.44; } host PC7 { hardware ethernet 00:80:5F:9B:81:51; fixed-address 192.168.0.5; } |
thx!
my config is very similar to yours. with the main difference, that i don't have a range to hand out ips for mac-addresses not mentionend in the config. because that's exactly what i do not want: workstations in my network which i haven't declared in the conf. |
It looks like you want to prevent unauthorised users from connecting. Is this correct? If so, this isn't the way to do it - they can just come along with a static ip (ie one they have chosen themselves) and connect that way. What you need is a set of firewall rules designed only to allow known clients and to, deny all others.
|
yes, you are right and it's part of strategie to do it the way described. but for not it's very important to me to know why the dhcpd acts the way he does.
|
ok. my fault. in a nutshell: i have 2 dhcp-servers (one for backup) and the backup was using the wrong conf-file. mea culpa ;)
thx for help! |
All times are GMT -5. The time now is 07:14 AM. |