How to find DHCP server IP Address ??

How to find DHCP server IP Address ??

Post by Matt Pearc » Fri, 20 Sep 2002 13:38:28



Hi all,

Just trying to setup ipfilter and I believe I need to add an allow rule for
the dhcp server to get through on.  now my problem arises that the ISP Tech
support say that they dont know what it is and probably wouldnt give it out
if they did.  So my question is :- Is there any way to find out what the
address is so I can enter it into my firewall rules.  Alternatively is there
another way to setup the firewall rules, I would prefer to set them up with
the DHCP server addy in there though.

TIA.

Matt.

 
 
 

How to find DHCP server IP Address ??

Post by Magnu » Fri, 20 Sep 2002 14:36:40



> Hi all,

> Just trying to setup ipfilter and I believe I need to add an allow rule
> for
> the dhcp server to get through on.  now my problem arises that the ISP
> Tech support say that they dont know what it is and probably wouldnt give
> it out
> if they did.  So my question is :- Is there any way to find out what the
> address is so I can enter it into my firewall rules.  Alternatively is
> there another way to setup the firewall rules, I would prefer to set them
> up with the DHCP server addy in there though.

> TIA.

> Matt.

When you use DHCP for your client, you will probably log all the commucation
with the DHCP server in /var/db/dhclient.leases.

In that file, search for an entry saying:
option dhcp-server-identifier

BTW: I have noticed that the DHCP server is not static from my ISP.

/Magnus

 
 
 

How to find DHCP server IP Address ??

Post by Bliste » Fri, 20 Sep 2002 15:35:44



> Hi all,

> Just trying to setup ipfilter and I believe I need to add an allow rule
> for the dhcp server to get through on.  now my problem arises that the
> ISP Tech support say that they dont know what it is and probably wouldnt
> give it out if they did.  So my question is :- Is there any way to find
> out what the address is so I can enter it into my firewall rules.
> Alternatively is there another way to setup the firewall rules, I would
> prefer to set them up with the DHCP server addy in there though.

> TIA.

> Matt.

My understanding of DHCP is that the client machine sends out a UDP
broadcast on port 67 and the DHCP server responds back with a UDP
broadcast on port 68.  It's fairly broad but you might want to allow
traffic on UDP/68.  If the server's located on your network, you can also
limit the source IP to your local network.  Most routers don't pass
broadcast traffic unless specifically configured to do so.
 
 
 

How to find DHCP server IP Address ??

Post by Steve Burto » Fri, 20 Sep 2002 16:55:01




>>Hi all,

>>Just trying to setup ipfilter and I believe I need to add an allow rule
>>for the dhcp server to get through on.  now my problem arises that the
>>ISP Tech support say that they dont know what it is and probably wouldnt
>>give it out if they did.  So my question is :- Is there any way to find
>>out what the address is so I can enter it into my firewall rules.
>>Alternatively is there another way to setup the firewall rules, I would
>>prefer to set them up with the DHCP server addy in there though.

>>TIA.

>>Matt.

> My understanding of DHCP is that the client machine sends out a UDP
> broadcast on port 67 and the DHCP server responds back with a UDP
> broadcast on port 68.  It's fairly broad but you might want to allow
> traffic on UDP/68.  If the server's located on your network, you can also
> limit the source IP to your local network.  Most routers don't pass
> broadcast traffic unless specifically configured to do so.

Ah, but note that DHCP traffic is a special case on many routers, Ciscos for example,

specifically to allow DHCP relaying. These routers watch for broadcast
by port and forward it to a particular IP (the IP-helper on Ciscos).

Steve.

 
 
 

How to find DHCP server IP Address ??

Post by Matt Pearc » Fri, 20 Sep 2002 16:54:23


Thanks guys, will have a play with that :-)

Matt.


Quote:> Hi all,

> Just trying to setup ipfilter and I believe I need to add an allow rule
for
> the dhcp server to get through on.  now my problem arises that the ISP
Tech
> support say that they dont know what it is and probably wouldnt give it
out
> if they did.  So my question is :- Is there any way to find out what the
> address is so I can enter it into my firewall rules.  Alternatively is
there
> another way to setup the firewall rules, I would prefer to set them up
with
> the DHCP server addy in there though.

> TIA.

> Matt.

 
 
 

How to find DHCP server IP Address ??

Post by Anssi Saar » Fri, 20 Sep 2002 19:35:27



> Just trying to setup ipfilter and I believe I need to add an allow rule for
> the dhcp server to get through on.  now my problem arises that the ISP Tech
> support say that they dont know what it is and probably wouldnt give it out
> if they did.  So my question is :- Is there any way to find out what the
> address is so I can enter it into my firewall rules.

Sure, at least if you use dhclient as your dhcp client, seems to be
the default in FreeBSD. It puts the data in /var/db/dhclient.leases,
as "option dhcp-server-identifier xxx.yyy.zzz.www". In my case, the
dhcp server has the same address as the gateway.

Anyway, as far as I know, when you setup the network initially, a stateful rule
for udp should cover it, like this:

ipfw add check-state
ipfw add allow udp from me to any keep-state

I also get some messages from the dhcp server every three hours, AFAIK
for lease renewal. The source address is the dhcp server, port 67 and
target is 255.255.255.255 port 68. I allow these with another rule, although
I'm not sure if there's any point, since apparently blocking these doesn't
stop my lease from getting renewed.

 
 
 

1. Fallback hard coded IP address when DHCP server not found.?

I am working on an embedded product based on
RedHat Linux 7.2

The system does not have any user accessible input
device.  Our customers configure it by hooking it
up to a network, and uploading script and data files
using FTP.  (  Telnet, rlogin, ssh, etc. are disabled.)

The customer's networks, over which we have
absolutely no control,  can be anything between a full
blown TCP network with DHCP and DNS servers to
just a cross-conect cable between our system and a
laptop, via a small intranet with or without DHCP
services.

The system may also be disconnected from the
network after the customization files are uploaded.
( It may then be reconnected to a different network,
in which case old DHCP cached data may cause
problems)

The problem I am trying to solve is to set up a single
boot configuration that would work on all this scenarios.

This is what I need, in pseudo-C-odish:

   if (link detected in ethernet port)
   {
         attempt to obtain a DHCP lease;  
         if (DHCP server found)
         {
               enable eth0 using IP
                   address from DHCP server;
         }
        else   /* no DHCP */
        {
              delete any cached data from
                  previous DHCP lease;
              enable eth0 using hard-coded IP
                  address, netmask, etc.;
        }
   }
   else   /* no link */
   {
         delete any cached data from
             previous DHCP lease;
         disable eth0;
   }

Rebooting the system to switch scenarios is not
acceptable, due to the time delay it will add until
the point were the main application starts to run.

Any pointers will be appreciated.
And yes, I am looking into man pages,  the various
rc.x hierarchies, etc.
Unfortunately I must solve this problem soon and,
as a novice Linux administrator, I find the amount of
information I need to absorb overwhelming, to say
the least.

Thanks,

Roberto Waltman

2. samba PDC and client

3. How do I find out my real IP address behind DHCP server?

4. KDE 1.1.2 locks up when draging windows

5. 3com 905b gets Ip address by using DHCP from NT DHCP server

6. Problem with Aliases??

7. Unable to find IP address / host name lookup failure with DHCP (dhclient)

8. background (hidden) processes

9. How to find ip address on a linux machine with Dhcp

10. Finding DHCP Server Address

11. dhcp server and static ip address...

12. Help: Mandriva 2005: Ethernet card won't get IP address from DHCP server

13. Can I get 2 diff. IP addresses from a DHCP server?