F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Network Management Configuration Guide-6PW100
179
then an IP address from the specified address pool. If no IP address is available in this address pool,
address allocation fails, and the DHCP server does not assign the client any IP address from other
address pools.
Only an extended address pool can be applied on the interface. The address pool to be referenced must
already exist.
To apply an extended address pool on an interface:
Ste
p
Command
Remarks
379. Enter system view.
system-view N/A
380. Enter interface view.
interface interface-type
interface-number
N/A
381. Apply an extended
address pool on the
interface.
dhcp server apply ip-pool
pool-name
Optional.
By default, the DHCP server has no extended
address pool applied on its interface, and
assigns an IP address from a common address
pool to a requesting client.
502BConfiguring the DHCP server security functions
1219BConfiguration prerequisites
Before you perform this configuration, complete the following configurations on the DHCP server:
1. Enable DHCP.
2. Configure the DHCP address pool.
1220BEnabling unauthorized DHCP server detection
Unauthorized DHCP servers on a network may assign wrong IP addresses to DHCP clients.
With unauthorized DHCP server detection enabled, the DHCP server checks whether a DHCP request
contains Option 54 (Server Identifier Option). If yes, the DHCP server records in the option the IP address
of the DHCP server that assigned an IP address to a requesting DHCP client and records the receiving
interface. The administrator can use this information to check for unauthorized DHCP servers.
To enable unauthorized DHCP server detection:
Ste
p
Command
Remarks
382. Enter system view.
system-view N/A
383. Enable unauthorized DHCP server detection. dhcp server detect Disabled by default.
With the unauthorized DHCP server detection enabled, the device logs each detected DHCP server once.
The administrator can use the log information to find unauthorized DHCP servers.
1221BConfiguring IP address conflict detection
Before assigning an IP address, the DHCP server pings that IP address.
• If the server receives a response within the specified period, it selects and pings another IP address.
• If it receives no response, the server continues to ping the IP address until a specific number of ping
packets are sent. If still no response is received, the server assigns the IP address to the requesting
client. (The DHCP client probes the IP address by sending gratuitous ARP packets.)