Question about dhcp-client-identifier

Simon Hobson dhcp1 at
Wed Aug 22 13:38:52 UTC 2007

Darren wrote:

>  > In both cases the devices will not work properly, wouldn't it be
>>  better for them to be very broken so that the problem is less subtle
>>  and less hard to diagnose ?
>Yes - we would definitely like the clients to be completely broken -
>basically, we don't want there to be two devices with the same mac to be
>able to get two different ips, period!  It makes it awfully hard to
>figure out who had what ip address when if two people have the same mac
>and continue that way indefinitely.

Yes, my mistake - it's OK to have two IPs on one MAC (it was late at 
night !). I guess in this case each device would simply ignore & 
discard packets that didn't have the correct IP address.

I'm guessing that if they have the same IP address then each will get 
packets for sessions that particular client doesn't have open - what 
happens then ? I'm guessing that for TCP streams a RST will be sent 
to close the connection - thus neither device will be able to fold a 
connection open. That's nice and broken and sure to bring users to 
the helpdesk !

>  > Also, I believe it's planned for a future version to allow the admin
>>  to specify the key - so you could change it from the current (fixed)
>>  setting of "pick first ( client_id, hardware)" to just "hardware".
>This is ideal!  If we could specify to key on hardware, would that not
>force the DHCP server to do one of the following depending on condition:
>2) if the two devices are in separate physical networks, prevent one of
>them from obtaining an IP due to: one-lease-per-client true; setting.  I
>would expect this behavior as the DHCP server would see both as the same
>client and would deny an IP for one of the requests from the separate

No, if they are in two different networks then the second device will 
get it's address and the lease for the first device will be 
terminated (see man dhcpd.conf). The first device will not know this 
and so will continue to use it's address until it's time to renew it.

At this point things get interesting !

I'm not entirely sure, but I think the server will do it's 
ping-before-offer check and find the address in use - which means it 
then marks the address as abandoned. I'm not sure if it will NAK the 
clients request or just ignore it.

Eventually the first device will get a new address and the process 
will repeat. A similar thing will happen in the second subnet.

After enough time, you will run out of available addresses - and have 
a fun time trying to figure out why !

More information about the dhcp-users mailing list