DISCOVERs from "unkown network segment" - suppress log messages?

Christina Siegenthaler tina at ieu.uzh.ch
Wed Nov 30 07:53:41 UTC 2022 

Am 29.11.2022 um 17:23 schrieb Simon <dhcp1 at thehobsons.co.uk>:
> 
> Christina Siegenthaler <tina at ieu.uzh.ch> wrote:
> 
>> Since I know that the rogue client is supposed to get a fixed IP address (and which one), I added a pool to that subnet declaration containing just this one IP, plus a host declaration for the rogue client with a „fixed-address“ statement giving it the fixed IP it’s supposed to get from the other DHCP server, plus, just to be safe, an "ignore booting" statement as well.
>> 
>> 
>> Looks like this:
>> 
>> 
>> ####################
>> # Ignore these
>> ####################
>> 
>> subnet 10.65.xx.0 netmask 255.255.254.0 {
>>       pool { range 10.65.xx.61 10.65.xx.61;
>>               ignore booting; }
>> }
>> 
>> host ignore_me_1 { hardware ethernet 00:07:32:xx:xx:xx; ignore booting; fixed-address 10.65.xx.61; }
> 
> Being pedantic, you don’t need the pool - and in the general case, you should NOT have any fixed-address assignment which is also in any pool. If you do, then it’s entirely possible to hand out the address dynamically to one client, and also via the host declaration to another - causing some “interesting” effects in the network.
> 
> This should be sufficient :
> subnet 10.65.xx.0 netmask 255.255.254.0 {
>  ignore booting;
> }
> host ignore_me_1 { hardware ethernet 00:07:32:xx:xx:xx; ignore booting; fixed-address 10.65.xx.61; }


You’re right, of course, I don’t know what I was thinking…  I removed the pool and it still works fine, no messages are logged for this particular host. However, it does not work without the „fixed-address“ statement, because in this case, I’ll get a message saying „no free leases“; „ignore booting“ in the subnet and/or host declaration alone clearly does not suffice.

And thus, all other hosts in that subnet still show with either that (in case of DISCOVERs) or „unknown lease“ (REQUEST). Would have been nice to get rid of those, too, especially since the REQUESTs are being sent every 10mins per client, even though the DHCP admin says their default lease time is 4h. Oh my.



Tina

> 
> 
> Simon
> 
> -- 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list