[c-nsp] dai / dhcp snooping bug
Gert Doering
gert at greenie.muc.de
Mon Aug 10 15:37:31 EDT 2015
Hi,
On Mon, Aug 10, 2015 at 06:31:16AM -0700, Mike wrote:
> I've loaded SE7 and - suprise - same problem, so it's not fixed. I have
> a directly connected device I can cause to refresh it's dhcp lease, and
> sure enough, a refresh doesn't do it, but a reboot of that device which
> casues a new round of dhcp discovery, does in fact work. A packet
> capture seems to confirm the unicast case failing - a client with an
> existing lease renewing will use unicast to the dhcp server, whereas a
> client starting up will use broadcast to find servers, and both the
> 'discover' and 'request' phases in that case are broadcast destination.
> That was painful.
Wild idea... put an ACL into place that will block the unicast renewal?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 291 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20150810/c94df8c9/attachment.sig>
More information about the cisco-nsp
mailing list