My question is that I have 100 linux computers that are connected to a linux server in a subnet and they use DHCP to obtain their IPs. The problem is that If some one from client make its own DHCP Server.this make two dhcp servers on the LAN.tHEN WHAT HAPPENED? I want all systems to get the IPs from main DHCP Server and reject any other DHCP How i can manage it ???

The problem is that I am not really sure how can I configure the SERVER and clients of DHCP to select only ONE main DHCP Server for IPs,and no one canot make any DHCP Server so how can I configure them??

Can someone help me???

If two DHCP-Server share the same network the one who comes first, marks first. Say the one that faster gives out the answer for the request will win and set the ip of the client.

Thinking about it i don't come up with any configuration options that would prevent a rogue server to send out dhcp-offers. So the best way to keep people from setting up their own dhcp is to not give them any administration privileges. Which can be quite hard if you have someone come along with their own labtop or similar.

there are a lot of tools now a days that check for rogue dhcp servers. Try arpwatch or similar.

Also consider that DHCP-Broadcast normaly stops at physical network boundries, namely switches (?HUBS?). If you have switches that use broadcast redirect you might also have the option to restrictid this redirect with a mac filter. That would keep the rogue server out of most network segments. BUt it still would linger around in one...

If you have some programming skil you might think about using a dhclient on the dhcp server and look if it gets the dhcp-offer from the right server. Whith the right configuration you should not get any ip through dhcp when no other dhcp is running.

There are definetly more solutions to this problem, but those are the ones that came to my mind. Just do a search with "rogue dhcp" and see if you find something useful for you.

Greetings Zhjim

First of all keep one thing always in mind that one can setup a DHCP server only and only when his computer have a static IP configured. If that fellow is getting IP from your server he cannot setup his own DHCP server.

Also you can reserve IP address according for mac address of each NIC this will prevent you from any person coming with laptop getting an IP from your DHCP server.

So do not allow them to configure IP manually.


I am also finding out what else can be done.


Wairt for my next reply.

there is another requirement for administration rites in the network also. i bind ip with mac address. but how i can control that no one itself assign static ip to system which will same as assigned by dhcp server on the network...???

If all 100 computer users are logging in with their account, there is no question of that user will assign a static IP to the computer.

Because if a user is logging in with a account which is no administrative or he is not member of administrativr groups he cannot assign an IP to the computer.

So reserving IP with mac address must work.

Just because a host has a dynamic IP doesn't cause the DHCP process to not bind to that interface. Static vs dynamic doesn't matter.

As far as fixes, unless your switches have some packet filtering options there is no real way to totally block this.

Any machine that is in the same broadcast domain as the rouge DHCP server will potentially get an invalid lease if another host is running a DHCP server.

You may also want to scan for rouge DHCP servers so you can track them down before they become a larger problem.

There are tools like nmap, and dhcping that can help in doing this.

For example

for i in `seq 1 254`; do dhcping -s 192.168.0.$i -t1 ;grep "Got answer from"; done

Will check for DHCP servers from 192.168.0.1 - 192.168.0.254. It has a timeout of 1 second so it will take about 4 minutes to complete a /24 subnet.

You could modify this to email you if it detects another server. Then add to cron, and run every hour or something.

This is PERFECT! I was looking all over the place for something simple to help me find rogue DHCP servers. Thanks!