-   Linux - Networking (
-   -   Help - (Linux - DHCP Server) (

pm010537 08-25-2006 12:24 PM

Help - (Linux - DHCP Server)

I am new to this forum; but I guess better late then never:); I work as network SQA engineer (carrier ethernet).

I have a question regarding configuring a DHCP server on Linux box. I would like to know whether I can configure an invalid scope/range? Invalid might be or a loopback or a Multicast IP. I tried on Windows, Cisco, Extreme, Juniper and couple of other free wares but none of them allowed me to configure invalid scope; when I try to do that it returns an error saying it is invalid. Windows does have a feature that allows you to configure Multicast scope but then it has got its own limitations and hence not able to use it either. So my only hope is Linux.

Any help in this matter will be greatly appreciated:)


btmiller 08-26-2006 10:38 PM

I've never been able to get ISC's dhcpd to run with a scope other than one encompassing the IP of one of the Ethernet cards in my system. Their might be some sort of specialized DHCP server that will do it, but I don't know of any. Why do you want to do this anyhow? It seems counterintuitive and maybe if we knew what you're trying to do we could suggest a better way.

pm010537 08-28-2006 10:56 PM

I am trying to do this in order to verify that our ethernet switch does not respond to an invalid IP assigned by a DHCP; in other words when a DHCP server assigns an invalid IP the client (ethernet switch) should reply back with DHCPNACK. Yes it is counterintuitive, but I have to test that the box does respond in a proper manner if a hacker plans to do it or a nefarious DHCP server assigns one.


ARC1450 08-29-2006 12:00 PM

Wouldn't it just be easier to lock the switch down to MAC ID's on certain ports and only allowing certain addresses through instead of making sure invalid DHCP is going through? I mean, if someone manages to put an unauthorized DHCP server on your network, better to lock down the entire network that try to just fire off DHCPNACK's. And if your switch is locked to allowing only certain MACs to connect, that should be a moot point anyways.

All times are GMT -5. The time now is 08:03 PM.