security impact of accepting dhcp declines

Alexandre Bezroutchko abb at scanit.be
Thu Oct 21 12:43:32 UTC 2010 

Thank you for the clarification.

On Thu, Oct 21, 2010 at 2:18 PM, Glenn Satchell
<glenn.satchell at uniq.com.au> wrote:
>
> On 10/21/10 22:51, Alexandre Bezroutchko wrote:
>>
>> Hello,
>>
>> I wonder if somebody could clarify how DHCP server will behave when
>> somebody tries to exhaust its pool by abusing DHCPDECLINE messages. The
>> manpages for dhcpcd.conf says the following:
>>
>> ...
>>       The declines keyword
>>
>>        allow declines;
>>        deny declines;
>>        ignore declines;
>>
>>       The DHCPDECLINE message is used by DHCP clients to  indicate
>>  that  the
>>       lease the server has offered is not valid.   When the server
>> receives a
>>       DHCPDECLINE  for  a  particular  address,  it  normally  abandons
>>  that
>>       address,  assuming that some unauthorized system is using it.
>> _Unfortu-
>> _ _nately, a malicious or buggy client can,  using  DHCPDECLINE  messages,
>> _ _completely exhaust the DHCP server's allocation pool_.   The server will
>>       reclaim these leases, but while the client is running through the
>> pool,
>>       it  may  cause serious thrashing in the DNS, and it will _also
>> cause the
>> _ _DHCP server to forget old DHCP client address allocations_.
>>
>>       The declines flag tells the DHCP server whether or not to honor
>> DHCPDE-
>>       CLINE messages.   If it is set to deny or ignore in a particular
>> scope,
>>       the DHCP server will not respond to DHCPDECLINE messages.
>> ...
>>
>> I don't get the part about trashing DNS. Does this refer to the case
>> when DNS updates are on?
>
> Yes. Each new request would result in a new DNS entry being added, then removed when it is declined. This only matters if the dhcp server is doing dynamic DNS updates.
>
>> And the statement about reclaiming these leases, but forgetting old DHCP
>> client allocations... Will DHCP server start throwing away existing
>> leases when the pool get exhausted?
>
> The DHCP server will offer all the current expired leases on a least-recently-used basis. Then it will start trying abandoned leases, and after that it will say "no more leases".
>
> As it offers each expired lease, it will re-write the lease entry with the client it was offered to and then as abandoned when it is declined, and in doing so will lose the information about which device had been last assigned that address. Part of RFC 2131 specifies that a DHCP server must remember the client it previously gave a lease to, so that it can offer them the same IP address if they ever come back again (provided that it is free of course).
>
>> Any input and/or reference to the official docs relevant to my question
>> are greatly appreciated.
>
> The DHCP RFCs contain the theory about how a DHCP server should operate (see the lists in the doc subdirectory of the source distribution). The man pages describe the behaviour of the server: dhcpd and dhcpd.conf are the main ones.
>
>> Best regards,
>> Alexandre Bezroutchko
>> www.gremwell.com <http://www.gremwell.com>
>
> --
> regards,
> -glenn
> --
> Glenn Satchell                            |  Miss 9: What do you
> Uniq Advances Pty Ltd, Sydney Australia   |  do at work Dad?
> mailto:glenn.satchell at uniq.com.au         |  Miss 6: He just
> http://www.uniq.com.au tel:0409-458-580   |  types random stuff.
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list