Subject: Re: dhcpd(8) _cannot_ be completely disabled on an interface
To: gabriel rosenkoetter <>
From: John Nemeth <>
List: tech-net
Date: 01/09/2002 19:00:09
On May 30, 11:07am, gabriel rosenkoetter wrote:
} Also, not so sure that it's a useful DoS to send DHCP responses to
} an unsuspecting "victim". Don't know how dhcpd behaves if it recieves
} a new connection from a machine it has already serviced. Seems like

     DHCP is a connectionless protocol.  It uses UDP.  However, a "new
connection" would be normal.  This could happen if a machine didn't
shutdown properly and didn't send a DHCPRELEASE.  Also, DHCP addresses
are leased for a specified period of time.  Beginning half way through
the lease, the client is supposed to send a DHCPREQUEST for its address
in order to renew the lease.  So, the condition you mention is a normal
part of the protocol.  When it happens, the server will respond with a
DHCPACK if the address is still available for the client to use, or it
will respond with a DHCPNAK if not, in which case the client has to
stop using the address and go through the entire process of obtaining
an address.

}-- End of excerpt from gabriel rosenkoetter