security impact of accepting dhcp declines

[Alexandre Bezroutchko]

Hello,

I wonder if somebody could clarify how DHCP server will behave when somebody
tries to exhaust its pool by abusing DHCPDECLINE messages. The manpages for
dhcpcd.conf says the following:

...
      The declines keyword

       allow declines;
       deny declines;
       ignore declines;

      The DHCPDECLINE message is used by DHCP clients to  indicate  that
 the
      lease the server has offered is not valid.   When the server receives
a
      DHCPDECLINE  for  a  particular  address,  it  normally  abandons
 that
      address,  assuming that some unauthorized system is using it.  *
Unfortu-
*       *nately, a malicious or buggy client can,  using  DHCPDECLINE
 messages,
*       *completely exhaust the DHCP server's allocation pool*.   The server
will
      reclaim these leases, but while the client is running through the
pool,
      it  may  cause serious thrashing in the DNS, and it will *also cause
the
*       *DHCP server to forget old DHCP client address allocations*.

      The declines flag tells the DHCP server whether or not to honor
DHCPDE-
      CLINE messages.   If it is set to deny or ignore in a particular
scope,
      the DHCP server will not respond to DHCPDECLINE messages.
...

I don't get the part about trashing DNS. Does this refer to the case when
DNS updates are on?

And the statement about reclaiming these leases, but forgetting old DHCP
client allocations... Will DHCP server start throwing away existing leases
when the pool get exhausted?


Any input and/or reference to the official docs relevant to my question are
greatly appreciated.

Best regards,
Alexandre Bezroutchko
www.gremwell.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20101021/97b7963b/attachment.html>