ISC DHCPv6-BIND9 DDNS update problem
Simon
dhcp1 at thehobsons.co.uk
Thu Jun 9 14:50:34 UTC 2022
Mirsad Goran Todorovac <mirsad.todorovac at alu.unizg.hr> wrote:
> It seems that I have identified the culprit. Our subnet has 6 rogue DHCPv6 servers according to this nmap scan:
Yeah, that would do it. Time to get out the clue bat, or “clue by four”, and start some user education :D
But more seriously, on a network of any size, and especially if using RAs to trigger use of DHCP for address assignment, your network infrastructure should at the very least alert you to rogue DHCP servers - and preferably block them (by filtering the packets) at the edge switch ports. Without that, as you’ve experienced, anyone can start up a rogue service - whether accidentally or maliciously.
The same applies to RAs - without rogue detection and isolation, anyone can break your network and/or hijack traffic.
Regards, Simon
More information about the dhcp-users
mailing list