Looking for active dhcp servers on lan?



  • Hi,
    I got a problem with some routers in switch mode on the internal lan network.
    our lan-nic has a static ip  x.x.1.1  and dhcp-range  x.x.1.100-250.
    one client had received a different ip - x.x.3.3 - there is a router mode switch, someone has mistakenly skip the wan port and put uplink-cable on the switch side of his router. the error is now sporadically because of the usual race condition, who will answer first….and I cant filter the dhcp servers  - they are inside hanging on some unsmart switches...

    my idea is to check periodically on lan-nic for other dhcp-servers to avoid collisions.

    is it possible with dhcpd on lan? did anyone try something like that or is inside of pfsense already a solution?



  • I'm not sure what the question is, but if I were you I'd remove the other DHCP server sitting on your LAN.



  • I can't - only after I can say who is using it. its a student dorm
    there are dhclient and dhcping - but only in freebsd ports and I didnt found a direct url for such packages -

    does anybody tried to install?



  • I added dhcp_probe to the packages available for manual install, which is useful for this purpose. Run 'pkg install dhcp_probe', then you can pick up from the instructions here starting with step 8.
    https://www.net.princeton.edu/software/dhcp_probe/INSTALL.dhcp_probe.txt

    other info here.
    https://www.net.princeton.edu/software/dhcp_probe/

    But in a student dorm, or any similar type of residential network, having only managed switches where DHCP snooping can be configured to block rogue DHCP servers is the only possible way you're going to have a reasonably stable network. We work with a lot of such networks, and they'd be broken more often than not without DHCP snooping on the switches.


  • Rebel Alliance Global Moderator

    Why would students plug their routers into the network via lan side of their soho routers so the dhcp server is exposed to the dorm/school network?  Are they just stupid??  Maybe just stoned?

    Yeah in such a network, wild west where everyone just plugs in anything not running a fully managed switch where you can filter nonsense is going to be a nightmare.



  • @johnpoz:

    Why would students plug their routers into the network via lan side of their soho routers so the dhcp server is exposed to the dorm/school network?  Are they just stupid??  Maybe just stoned?

    You wouldn't believe how many idiots plug their routers in backwards and leave them that way for extended periods. Not just dorm networks, apartments, condos, you name it. Why? Hell if I know, before I got involved with a lot of networks like that I never would have believed how often that happens.



  • @cmb:

    @johnpoz:

    Why would students plug their routers into the network via lan side of their soho routers so the dhcp server is exposed to the dorm/school network?  Are they just stupid??  Maybe just stoned?

    You wouldn't believe how many idiots plug their routers in backwards and leave them that way for extended periods. Not just dorm networks, apartments, condos, you name it. Why? Hell if I know, before I got involved with a lot of networks like that I never would have believed how often that happens.

    And then there's the #$%^& who does it intentionally.