duplicate mac addresses requesting dhcp server
Simon Hobson
dhcp1 at thehobsons.co.uk
Wed Oct 18 09:10:54 UTC 2006
Gilbert Coles wrote:
>I've got a query regarding duplicate MAC addresses requesting an IP address
>from dhcpd.
>
>Consider a scenario where pc1 has mac1 and asks the dhcp server for a lease
>for ip1. The dhcp server is dynamically allocating IPs from a pool
>and so it assigns the lease for ip1. If another pc2 comes along with
>its MAC address spoofed to mac1 and asks the dhcp server for an ip
>(not necessarily ip1) will the server assign a lease to pc2?
Probably. Will it get offered the same address - well that depends on
the Client-ID.
>Now if the dhcp server is configured to reserve a fixed-address ip1 to mac1
>and pc1 comes along and is given its ip, will pc2, with its mac
>spoofed to mac1 be given the fixed-address ip1?
Yes.
>So my question is: does the dhcp server contain logic to check the leases
>file entry assigned to mac1 before actually serving another request
>coming from apparently the same mac1?
You mean, can it tell the difference between a client with the real
Mac address and another client that simply claims to have that same
Mac address ? The answer to that is NO, it receives a packet with a
Mac address in it, and as long as the client has correctly spoofed
the MAC then the server can't tell.
Obviously, the fact that you have two devices with the same mac
address is going to cause you problems irrespective of whether they
get the same address or not.
I'll also throw in that IF a Client-ID is supplied by the client,
then this is used as the first choice of identifier. So if pc2
supplied a different Client-ID it would be treated by the dhcp server
as a different client irrespective of MAC address for the purposes of
allocating dynamic leases.
More information about the dhcp-users
mailing list