DHCP- rejecting DHCPINFORM and other requests from a particular subnet |
  |
DHCP- rejecting DHCPINFORM and other requests from a particular subnet |
 Aug 7 2009, 09:48 AM
Post
#1
|
|
|
Atomican Champion   |
As mentioned in my clonezilla thread, I have two dhcp servers running on the same physical network (required as part of clonezilla). After some tweaking and playing around they happliy co-exist and don't interfere with each other. However, I still get log entries as follows on the clonezilla server:
CODE Aug 7 09:30:04 clone dhcpd: DHCPINFORM from 192.168.1.183 via eth0: unknown subnet for client address 192.168.1.183 Aug 7 09:30:40 clone dhcpd: DHCPINFORM from 192.168.0.129 via eth1: not authoritative for subnet 192.168.0.0 Aug 7 09:30:43 clone dhcpd: DHCPINFORM from 192.168.0.129 via eth1: not authoritative for subnet 192.168.0.0 Aug 7 09:30:54 clone kernel: martian source 255.255.255.255 from 192.168.1.197, on dev eth0 Aug 7 09:30:54 clone kernel: ll header: ff:ff:ff:ff:ff:ff:00:13:72:ec:34:b7:08:00 Aug 7 09:30:54 clone dhcpd: DHCPINFORM from 192.168.1.197 via eth0: unknown subnet for client address 192.168.1.197 The server in question is setup as follows: Running dhcpd 3.11 eth0: gives out 192.168.3 addresses, but only to clients with specific vendor class identifiers (in other words, only gives addresses to PXE clients) eth1: gives out 192.168.0 addresses, but only in the range 192.168.0.205- 192.168.0.215 (again, for PXE related purposes, but on a different network) As you can see from the log, the server is still getting communication from clients that it can't service. From my reading, DHCPINFROM and martian source are not particularly bad things (as in, not deal breakers that are going to cause problems). So my question is- is there a way to completely ignore this kind of traffic, and is it worth doing so? As mentioned, it doesn't seem to be hurting anything, but I'd like to be sure. |
 |
 
|
|
Aug 7 2009, 10:42 AM
Post
#2
|
|
|
Banned Champion  |
It's absolutely fine, those messages are sent out as broadcast, so there isn't any problem with them being received..indeed, it's expected.
As long as your dhcp servers are not set to respond, it's all fine. I suppose you could firewall off the requests if you wanted to, but I wouldn't really see the point... -------------------- The most difficult subjects can be explained to the most slow-witted man if he has not formed any idea of them already; but the simplest thing cannot be made clear to the most intelligent man if he is firmly persuaded that he knows already, without a shadow of doubt, what is laid before him. - Tolstoy
|
|
|
|
|
Aug 7 2009, 11:09 AM
Post
#3
|
|
|
Atomican Champion |
QUOTE (TheSecret @ Aug 7 2009, 10:42 AM)  It's absolutely fine, those messages are sent out as broadcast, so there isn't any problem with them being received..indeed, it's expected. As long as your dhcp servers are not set to respond, it's all fine. I suppose you could firewall off the requests if you wanted to, but I wouldn't really see the point... Thanks, I figured as much. Haven't had to play around with dhcp in this way before so I thought I'd check. |
|
|
|
|
| Lo-Fi Version | Time is now: 26th May 2013 - 05:58 PM |
