Flagging users who statically assign dhcp pool addresses

[Simon Hobson]

Troy Nissen wrote:
>I had an interesting question proposed to me today, and I am unsure 
>of the answer, so I thought I would post the question here.
>
>Is there a mechanism built into ISC DHCP that will flag a user if 
>they have statically assigned their leased ip to their system?

No.

The only time it would show anywhere would be if the lease is expired 
and the server wants to re-allocate the address. In that case, if you 
haven't disabled "ping before offer", and the device isn't configured 
(eg firewall) not to respond to pings, then you would get an 
abandoned lease which would appear in the logs and the lease database.

I imagine it wouldn't take too much work to write a script to read 
the leases from the lease file (and ppossibly the config file), and 
then query the network to see if any devices are there that shouldn't 
be. ARP lookups should be reliable on the local network (or any 
remote networks with systems you could delegate the task to), ping 
are a bit unreliable now that so many devices default to blocking 
them.