Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm having a few issues with DNS/DHCP, I'll ask about these one at a time.
bind 9.9.7-P1, dhcpd 4.2.5-P1, Slackware 64, 14.1
First, old leases seem to hang around forever in /var/state/dhcp/dhcpd.leases, example below. Those listed are from back in March. None of the computers in the lease file are currently connected. Why are they hanging around?
Should static IPs be in there? If so, something is not working.
/var/state/dhcp/dhcpd.leases
Code:
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.2.5-P1
lease 192.168.0.101 {
starts 6 2015/03/07 11:46:52;
ends 0 2015/03/08 11:46:52;
tstp 0 2015/03/08 11:46:52;
cltt 6 2015/03/07 11:46:52;
binding state free;
hardware ethernet 00:16:17:46:70:69;
uid "\001\000\026\027Fpi";
}
lease 192.168.0.104 {
starts 2 2015/03/17 17:01:10;
ends 3 2015/03/18 17:01:10;
tstp 3 2015/03/18 17:01:10;
cltt 2 2015/03/17 17:01:10;
binding state free;
hardware ethernet c8:9c:dc:6e:24:e8;
uid "\001\310\234\334n$\350";
}
Static IPs should NOT be in dhcp files. If you have a static ip, other protocols will probably apply unless someone has set up static ips by mac address. Mac addresses can be changed & faked, so I wouldn't regard that as secure.
you use default lease time but you should use max lease time (max-lease-time) and min lease time (min-lease-time). from what i understand, default lease time is more of a suggestion while min and max will be forced onto the client.
as for the dhcpd file, i am not sure that isnt just a historical list. i dont think that reflects leases that are currently working.
Static IPs should NOT be in dhcp files. If you have a static ip, other protocols will probably apply unless someone has set up static ips by mac address. Mac addresses can be changed & faked, so I wouldn't regard that as secure.
This dhcpd serves computers on the local LAN, so not too much worry about spoofing MAC addresses.
If static IPs are not to be configured in dhcpd.conf then where are they to be configured?
baldur_1 - yes, I'm beginning to realize it is mostly a history, but does it ever get purged/reduced/reset? Does it grow forever?
no, last time i looked i believe what it does is hold the last ip address of a computer that gets one. so there should be about one entry per mac address. it will also create new files periodically. from what i see from mine it creates a new file every few months and with each new file it records the last ip per mac address as it looks on mine.
oh, and one other thing about the static ips, i believe what business kid was suggesting is you should set it on the device rather than let it be given by the dhcp server so hard code the ip address. if you have your dhcp server to serve only inside your network and not to the outside nic, that should not be a big security concern though. i have been having my dhcp assign static ips by mac and have not had any issues.
to me unless i am missing something, the security reason you would worry about is someone spoofing a mac and getting special access by that mac which if you do not do then you should not have to worry about unless you were on like a large business like network.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.