I have a printer at work, for some reason the router refuses to assign a specific IP for that printer via DHCP reservation and I had to configure it with a static IP.
Sometimes the printer is off. I was wondering how would the network behave when I switch the printer on while its IP has already been taken by another device via the DHCP protocol?
Would that cause a conflict?
Would not this be used as a DoS attack?
Let's say I hate someone at work, all I need is to assign his IP to my machine and interrupt his work and keep doing that repeatedly.
Best Answer
I'll take a stab at this.
No matter what software you are running, the DHCP should be capable of two things:
If you run Windows Server, this link will help in creation of a Scope:
If you are running a Linux Server, you need to modify the contents in your dhcp configuration file for the scope:
This is a sample DHCP configuration file on Linux (both):
When you properly setup your DHCP server, you will have no conflicts, in which case you are receiving. You also have to set the maximum amount of clients you wish to distribute addresses to. In addition to the previous comment, you must also have a feasible subnet mask. i.e. Enabling a full 254 host address but assigning it a /27 (255.255.255.224) will only permit it to assign 30 hosts (excluding the broadcast and network address).
However, if you are using a home router, this should be simple by stating the IP Range you wish to use, by default, out-of-box-solutions will have this as standard:
What I suggest you do is revise your scope and reservation list, expand it to allow more clients to avoid conflicts (my experience shows that conflicts or DHCP authentication rejections are due to a lack of available addresses or the MAC addresses is wrongly inserted) and double check the MAC addresses assigned. You can also use Wireshark and filter with "dhcp" to see if the server and associating client are sending DHCP Discover, DHCP Offer, DHCP Request, DHCP Accept (DORA) packets. Another thing is to check the ARP requests being sent as DHCP is a layer 3 service (IP) and relies on layer 2 services (ARP) to do its job.
If it fails at Discover, it doesn't see the DHCP. If it fails at Offer, the DHCP doesn't have enough addresses to allocate.
Also make sure to have a look at the mistake of putting an address into a DHCP Restriction Pool. If it resides in a restriction pool (or on Home routers, MAC Filtering) then the DHCP Server will auto-decline/reject the DHCP Offer packet from being given to the association requesting client.
Key points: Check Range/Scope, Check Restrictions and add items only to Reservation if you want them on the network, restart your server (or if you can't, restart the service(don't reload)), re-associate the printer.
There are also several methods you can research online to avoid Rogue DHCP and MiTM attacks using a DHCP server.