DISCOVERs from "unkown network segment" - suppress log messages?
Darren Ankney
darren.ankney at gmail.com
Fri Nov 25 15:23:54 UTC 2022
Since the log messages say: via 10.xx.xx.1: unknown network segment, I
assume that the 10.xx.xx.xx/xx subnet is not one you are concerned
with. If that is, indeed, the case, I suggest adding a firewall rule
either on the server itself or further upstream to block traffic from
that subnet (or just the 10.xx.xx.1 host) to UDP port 67. The "via
10.xx.xx.1" indicates that the traffic is being relayed, so it should
be unicast and not difficult to add to the firewall.
On Fri, Nov 25, 2022 at 9:34 AM Christina Siegenthaler <tina at ieu.uzh.ch> wrote:
>
> Dear all
>
>
> Is there a possibility to suppress messages like this from being logged:
>
> Nov 25 15:13:46 ieu-dhcp1 dhcpd[23577]: DHCPDISCOVER from 00:07:32:xx:xx:xx via 10.xx.xx.1: unknown network segment
>
> ?
>
> Background is, we (unfortunately) got new network hardware (Huawei instead of Cisco), and now I get also DHCP requests from buildings and networks that do not belong to our department and that are not served by our DHCP server. This is usually not a problem since the server simply ignores those requests (though it logs them), but now there is a client in one of the other subnets which constantly sends DISCOVERS (about 200 per minute); they fill my log file and I’d like to get rid of them…
>
> I tried to add the MAC address of the rogue client to the config file with an „ignore booting“ statement, but the DISCOVERs still get logged.
>
>
> Thanks, Tina
>
>
>
>
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
More information about the dhcp-users
mailing list