detect 2 DHCP Servers on network?

Harkisoon, Sharan W. HARKISOONSW at gru.com
Thu Aug 17 21:45:05 CEST 2006

Previous message: Good Linux and Mac Client
Next message: how to display 3d statusmap?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I don't mean to be off topic, but rogue DHCP servers can be easily
avoided using switches that support layer-3 ACL's to block dhcp server
replies from user ports on switches that support it (all new cisco
switches including the 2950's/3550's/37xx's and even smc,dlink,allied
telesyn support this).  A cisco feature called "dhcp snooping" also
prevents rogue dhcp servers.  Food for thought.  

-----Original Message-----
From: nagios-users-bounces at lists.sourceforge.net
[mailto:nagios-users-bounces at lists.sourceforge.net] On Behalf Of Carl
Friend
Sent: Thursday, August 17, 2006 1:17 PM
To: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] detect 2 DHCP Servers on network?


   Hari Sekhon wrote:

> [...] raise the warning code if more than 1 offer was received [...]

   The pitfall here is that if you're running redundant DHCP servers
it's possible to receive two offers.  ISC DHCPD can function in this
way.  A regular client would see the first offer, accept it, and ignore
the second one; the monitoring script would have to be aware of the
network architecture to account for that.

   One thing you could do is record the IP address(es) of your real DHCP
server(s) and if you see anything come in from *anywhere else* raise the
alarm.

+----------------------------------------------+-----------------------+
| Carl Richard Friend (UNIX Sysadmin)          | Natick, Massachusetts |
| Minicomputer Collector / Enthusiast          |            01760-2098 |
| mailto:carl_friend at mathworks.com             +-----------------------+
| http://users.rcn.com/crfriend/museum         |  ICBM: 42:18N 71:21W  |
+----------------------------------------------+-----------------------+

------------------------------------------------------------------------
-
Using Tomcat but need to do more? Need to support web services,
security? Get stuff done quickly with pre-integrated technology to make
your job easier Download IBM WebSphere Application Server v.1.0.1 based
on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Good Linux and Mac Client
Next message: how to display 3d statusmap?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list