R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101
129
Enabling unauthorized DHCP server detection
Unauthorized DHCP servers on a network may assign wrong IP addresses to DHCP clients.
With unauthorized DHCP server detection enabled, the DHCP server checks whether a DHCP request
contains Option 54 (Server Identifier Option). If yes, the DHCP server records the IP address in the option,
which is the IP address of the DHCP server that assigned an IP address to the DHCP client and records
the receiving interface. The administrator can use this information to check for unauthorized DHCP
servers.
Follow these steps to enable unauthorized DHCP server detection:
To do… Use the command…
Remarks
Enter system view system-view —
Enable unauthorized DHCP server
detection
dhcp server detect
Required
Disabled by default.
NOTE:
W
ith the unauthorized DHCP server detection enabled, the device logs each detected DHCP server once.
The administrator can use the log information to find unauthorized DHCP servers.
Configuring IP address conflict detection
With IP address conflict detection enabled, the DHCP server pings each IP address to be assigned by
using ICMP. If the server receives a response within the specified period, it selects and pings another IP
address. If it receives no response, the server continues to ping the IP address until the specified number
of ping packets are sent. If still no response is received, the server assigns the IP address to the requesting
client (The DHCP client probes the IP address by sending gratuitous ARP packets).
Follow these steps to configure IP address conflict detection:
To do… Use the command…
Remarks
Enter system view system-view —
Specify the number of ping packets dhcp server ping packets number
Optional
One ping packet by default.
The value 0 indicates that no ping
operation is performed.
Configure a timeout waiting for
ping responses
dhcp server ping timeout
milliseconds
Optional
500 ms by default.
The value 0 indicates that no ping
operation is performed.
Enabling handling of Option 82
With Option 82 handling enabled, when the DHCP server receives a request with Option 82, it adds
Option 82 into the response.
If the server is configured to ignore Option 82, it will assign an IP address to the client without adding
Option 82 in the response message.
1. Configuration prerequisites
Before performing this configuration, complete the following configuration on the DHCP server: