Redhat DHCP errors caused by unknown machine.

Barry Brimer lists at brimer.org
Thu Apr 23 13:26:19 UTC 2009


If you want to actually find the machine .. give the machine a reserved 
lease, and use an iptables firewall to redirect all of its web traffic to 
a static web page that indicates that this is an unknown system, and to 
call phone number XXXX to have this problem resolved.  Also, once you give 
it an address .. if it is a Windows machine, you could use nmblookup -A 
<IP Address> which may give you more information about it .. or if you 
like, you could nmap it at that point.  It may also be helpful to give 
this machine a non-routable address to make sure it can't get anywhere 
once it received a lease from you.  I could be wrong, but I believe this 
machine is trying to netboot as well.  You might also be interested in 
trying the script mentioned at 
<http://www.linuxdynasty.org/howto-find-the-port-on-a-switch-that-a-host-belongs-to-the-easy-way-part-2.html> 
to find out where this machine is plugged into so you can play follow the 
cable.

HTH,
Barry

On Thu, 23 Apr 2009, Kevin Krieser wrote:

>
> On Apr 23, 2009, at 5:53 AM, ~~~0Pen ~~~ S0uRce ~~~ wrote:
>
>> On Thu, Apr 23, 2009 at 4:04 PM, <Andrew.Bridgeman at corusgroup.com> wrote:
>> 
>>> 
>>> 
>>> Every Minute it says "dhcpd BOOTREQUEST from 00:18:b1:??:??:??  via 
>>> Bond0:
>>> BOOTP from dynamic client and no dynamic leases.
>>> 
>>> 
>> the reason is very clear that there is no free IP Address available for 
>> your
>> clients,the range which you defined in dhcpd.conf file is used by your 
>> other
>> clients,now you have to increase the range of ip addresses in dhcpd.conf
>> file.
>> 
>> parameter is some thing like
>> 
>> range  10.0.0.1       10.0.0.10; before
>> range 10.0.0.1         10.0.0.15 after
>> 
>> if you have bounded your clients with their MAC address then review the
>> dhcpd.conf file !!
>> 
>> correct me if i am wrong guys !!
>> 
>
> I understood that he was actually trying to find the computer, and not just 
> fix the error.  There may be some rogue system on the network trying to gain 
> an IP address.
>
> Normally, you would probably use a managed switch to track down the segment 
> where it is present.
>
> Maybe someone has an illicit wifi AP on the network, and someone close tries 
> to join?
>
> Maybe someone has changed their MAC address bound to a card?
>
> Maybe someone has a virtual machine installed on their computer?
>
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
> !DSPAM:49f05f81194191841410696!
>
>




More information about the redhat-list mailing list