Manualshelf

3Com Switch 8800 Advanced Software V5 Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 9400sl 4-Port 10-GbE Module
721722723724725726727728729730
730 CHAPTER 50: DHCP SERVER CONFIGURATION
Configuring the DHCP
Server Security
Functions
This configuration is necessary to secure DHCP services on the DHCP server.
Configuration
Prerequisites
Before performing this configuration, you have finished the configuration tasks of
the DHCP server.
Enabling Unauthorized
DHCP Server Detection
There are unauthorized DHCP servers on networks, which reply DHCP clients with
wrong IP addresses.
With this feature enabled, when receiving a DHCP message with the siaddr field
not being 0 from a client, the DHCP server will record the value of the siaddr field
in the message and the receiving interface. The administrator can use this
information to check out any DHCP unauthorized servers.
To enable unauthorized DHCP server detection, use the following commands:
n
With the unauthorized DHCP server detection enabled, the device puts a record
once for each DHCP server. The administrator needs to find unauthorized DHCP
servers from the log information.
Configuring IP Address
Conflict Detection
To avoid IP address conflicts, the DHCP server checks whether the address to be
assigned is in use via sending ping packets.
The DHCP server pings the IP address to be assigned using ICMP. If the server gets
a response within the specified period, the server will ping another IP address;
otherwise, the server will ping the IP addresses once again until the specified
number of ping packets are sent. If still no response, the server will assign the IP
address to the requesting client (The DHCP client probes the IP address by sending
gratuitous ARP packets).
To configure IP address conflict detection, use the following commands:
59 Rebinding (T2) Time Value expired hex
66 TFTP server name tftp-server ascii
67 Bootfile name bootfile-name ascii
Table 32 Description of common options
Option
Corresponding Name in
RFC
Corresponding
command Command option
To do... Use the command... Remarks
Enter system view system-view -
Enable unauthorized DHCP
server detection
dhcp server detect Required
Disabled by default
To do... Use the command... Remarks
Enter system view system-view -