[c-nsp] DHCP Binding Expiration

Church, Charles cchurc05 at harris.com
Mon Feb 9 12:53:43 EST 2009


Aren't those BOOTP clients that don't understand the concept of an
expiration? 

Chuck 

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Justin Shore
Sent: Monday, February 09, 2009 12:51 PM
To: Manaf Al Oqlah
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] DHCP Binding Expiration


Manaf Al Oqlah wrote:
> Hi all,
> 
> I am configuring a Cisco 7600 router as DHCP server for my broadband
clients. I am using DHCP snooping and ARP inspection for security
reasons and the leased time expiration is set for 30 minutes and no
excluded-address is configured. The problem is that I still can see
some clients IP addresses lease expiration are Infinite in the DHCP
binding! what could be the reason for this behavior and could be this
some sort of attack!! 

I get them too.  I never have figured out what causes them.  So far it 
hasn't been a big deal for me.

BTW, I'd recommend not using the IOS DHCP server for anything that more 
than convenience at a very small site.  I would highly recommend 
deploying a server-based DHCP server like ISC DHCPd.  Lots more bells a 
whistles to work with.  Plus you can have redundancy with the 
server-based solution.  The IOS DHCP server is a fairly stripped down 
implementation.  I don't think it was intended to be used in large 
environments like a SP's broadband network.

Justin
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list