DISCOVERs from "unkown network segment" - suppress log messages?
Christina Siegenthaler
tina at ieu.uzh.ch
Sat Nov 26 10:21:53 UTC 2022
Hi John
> Am 25.11.2022 um 15:58 schrieb John W. Blue <john.blue at rrcic.com>:
>
> Tina,
>
> As I am sure you are aware DHCPDISCOVER is a broadcast message. If you are getting these from networks that you do not administrate it would seem to suggest there are engineering flaws with the segmentation of the network or the configuration of this new Huawei hardware.
>
> Based upon the wording of your email this extra traffic seems to coincide with the arrival of the new hardware so I would recommend you focus your troubleshooting efforts on that.
>
> Assuming your network is properly segmented then there is something in the Huawei config that is flipping WAN side broadcast traffic into your network.
You are correct. The problem is indeed the new hardware, but it is not „misconfigured“ as such, it simply doesn’t have the option to configure it to relay DHCP requests from different subnets to different DHCP servers - it can only relay all requests to all servers. Our network admins talked to Huawei, they confirmed that and we filed a feature request for this, but we’re still waiting…
Tina
>
> Good hunting.
>
> John
>
> Sent from Nine
>
> From: Christina Siegenthaler <tina at ieu.uzh.ch>
> Sent: Friday, November 25, 2022 8:34 AM
> To: dhcp-users at lists.isc.org
> Subject: DISCOVERs from "unkown network segment" - suppress log messages?
>
> Dear all
>
>
> Is there a possibility to suppress messages like this from being logged:
>
> Nov 25 15:13:46 ieu-dhcp1 dhcpd[23577]: DHCPDISCOVER from 00:07:32:xx:xx:xx via 10.xx.xx.1: unknown network segment
>
> ?
>
> Background is, we (unfortunately) got new network hardware (Huawei instead of Cisco), and now I get also DHCP requests from buildings and networks that do not belong to our department and that are not served by our DHCP server. This is usually not a problem since the server simply ignores those requests (though it logs them), but now there is a client in one of the other subnets which constantly sends DISCOVERS (about 200 per minute); they fill my log file and I’d like to get rid of them…
>
> I tried to add the MAC address of the rogue client to the config file with an „ignore booting“ statement, but the DISCOVERs still get logged.
>
>
> Thanks, Tina
>
>
>
>
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
---------------------------------------------------------------------------------
Dr. Tina Siegenthaler
IT support
Institute of Evolutionary Biology and Environmental Studies
University of Zurich
Winterthurerstr. 190
8057 Zürich
tel : ++41 44 6354891
email: tina at ieu.uzh.ch
---------------------------------------------------------------------------------
More information about the dhcp-users
mailing list