[ietf86-tech] DHCP 10.x.x.x in Tower 2 Wired

Warren Kumari warren at kumari.net
Sun Mar 10 21:32:19 PDT 2013 

On Mar 10, 2013, at 11:39 PM, Warren Kumari <warren at kumari.net> wrote:

> 
> On Mar 10, 2013, at 11:09 PM, "Bjoern A. Zeeb" <bzeeb-lists at lists.zabbadoz.net> wrote:
> 
>> Hi,
>> 
>> coming back to my room I got a 10.x.x.x address from DHCP.  Most
>> likely if I had to guess Hotel stuff, which we need to track down;
>> it'll be hard to "fix" this without real PVLANs.   I'll see if I can
>> catch a packet to find at least the tether source;  renewing the least
>> 8 times helped to get a 130.129.12x.xxx address.   This is wired in
>> Tower 2 btw.   Could of course also be a private gateway in one of the
>> rooms.
> 
> Just sent mail -- should now be fixed…

And after some awesome testing from Bjoern we found and fixed some other odd DHCP leakages…

   from {
        ip-protocol udp;
        source-port bootps;
    }
    then {
        count Discard_Rogue_DHCP_UDP_Port;
        discard;
    }

is now applied as well. 

I *really* need to get some sleep, but call me if there are issues…

g'night,
W


> 
>> 
>> 
>> 03:03:36.802428 28:37:37:3f:e5:84 > b8:8d:12:07:b1:b0, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)
>>    10.0.1.1.67 > 10.0.1.84.68: [udp sum ok] BOOTP/DHCP, Reply, length 300, xid 0x7ac94c9d, secs 4, Flags [none] (0x0000)
>> 	  Your-IP 10.0.1.84
>> 	  Client-Ethernet-Address b8:8d:12:07:b1:b0
>> 	  Vendor-rfc1048 Extensions
>> 	    Magic Cookie 0x63825363
>> 	    DHCP-Message Option 53, length 1: ACK
>> 	    Server-ID Option 54, length 4: 10.0.1.1
>> 	    Lease-Time Option 51, length 4: 86400
>> 	    Subnet-Mask Option 1, length 4: 255.255.255.0
>> 	    Default-Gateway Option 3, length 4: 10.0.1.1
>> 	    Domain-Name-Server Option 6, length 4: 10.0.1.1
>> 	    END Option 255, length 0
>> 	    PAD Option 0, length 0, occurs 26
>> 
>> 
>> If we can track that ethernet address down to a specific VLAN that might be
>> helpful.   
> 
> Room 2319 -- the mac seems to be an Airport…
> 
> W
> 
> 
>> Just to be specifc, what is 28:37:37:3f:e5:84 or where is it?
>> 
>> the *b1:b0 is my laptop.
>> 
>> 
>> /bz
>> 
>> -- 
>> Bjoern A. Zeeb                                  Charles Haddon Spurgeon:
>> "Friendship is one of the sweetest joys of life.  Many might have failed
>>  beneath the bitterness of their trial  had they not found a friend."
>> _______________________________________________
>> ietf86-tech mailing list
>> ietf86-tech at daedelus.com
>> http://www.daedelus.com/mailman/listinfo/ietf86-tech
>> 
> 
> --
> "Build a man a fire, and he'll be warm for a day. Set a man on fire, and he'll be warm for the rest of his life." -- Terry Pratchett
> 
> 

--
I don't think the execution is relevant when it was obviously a bad idea in the first place.
This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. 
   ---maf

Warren Kumari
warren at kumari.net

More information about the ietf86-tech mailing list