duplicate mac addresses requesting dhcp server

[Simon Hobson]

Gilbert Coles wrote:

>I've got a query regarding duplicate MAC addresses requesting an IP address
>from dhcpd.
>
>Consider a scenario where pc1 has mac1 and asks the dhcp server for a lease
>for ip1. The dhcp server is dynamically allocating IPs from a pool 
>and so it assigns the lease for ip1. If another pc2 comes along with 
>its MAC address spoofed to mac1 and asks the dhcp server for an ip 
>(not necessarily ip1) will the server assign a lease to pc2?

Probably. Will it get offered the same address - well that depends on 
the Client-ID.

>Now if the dhcp server is configured to reserve a fixed-address ip1 to mac1
>and pc1 comes along and is given its ip, will pc2, with its mac 
>spoofed to mac1 be given the fixed-address ip1?

Yes.

>So my question is: does the dhcp server contain logic to check the leases
>file entry assigned to mac1 before actually serving another request 
>coming from apparently the same mac1?

You mean, can it tell the difference between a client with the real 
Mac address and another client that simply claims to have that same 
Mac address ? The answer to that is NO, it receives a packet with a 
Mac address in it, and as long as the client has correctly spoofed 
the MAC then the server can't tell.

Obviously, the fact that you have two devices with the same mac 
address is going to cause you problems irrespective of whether they 
get the same address or not.


I'll also throw in that IF a Client-ID is supplied by the client, 
then this is used as the first choice of identifier. So if pc2 
supplied a different Client-ID it would be treated by the dhcp server 
as a different client irrespective of MAC address for the purposes of 
allocating dynamic leases.