Configuring The Dhcp Server Security Functions; Configuration Prerequisites; Enabling Unauthorized Dhcp Server Detection; Configuring Ip Address Conflict Detection - HP 4800G Series Configuration Manual

Table of Contents

Only an extended address pool can be applied on the interface. The address pool to be referenced

must already exist.

Configuring the DHCP Server Security Functions

This configuration is necessary to secure DHCP services on the DHCP server.

Before performing this configuration, complete the following configurations on the DHCP server:

Configure the DHCP address pool

Unauthorized DHCP servers may exist on networks, and they reply DHCP clients with wrong IP

With this feature enabled, upon receiving a DHCP request, the DHCP server will record the IP address

of the DHCP server which assigned an IP address to the DHCP client and the receiving interface. The

administrator can use this information to check out any unauthorized DHCP servers.

Follow these steps to enable unauthorized DHCP server detection:

Enter system view

Enable unauthorized DHCP

server detection

With the unauthorized DHCP server detection enabled, the device puts a record once for each DHCP

server. The administrator needs to find unauthorized DHCP servers from the log information.

To avoid IP address conflicts, the DHCP server checks whether the address to be assigned is in use by

sending ping packets.

The DHCP server pings the IP address to be assigned using ICMP. If the server gets a response within

the specified period, the server will select and ping another IP address; otherwise, the server will ping

the IP addresses once again until the specified number of ping packets are sent. If still no response is

received, the server will assign the IP address to the requesting client (The DHCP client probes the IP

address by sending gratuitous ARP packets).

Use the command...

dhcp server detect

Disabled by default.

Table of Contents