Impose time limit per client or prefer new client over old client

Simon Hobson dhcp1 at thehobsons.co.uk
Mon Oct 20 18:26:57 UTC 2014


Bob Miller <bob at computerisms.ca> wrote:

> I have a dhcp server set with a small pool of addresses configured for
> 10 minute leases, the idea being that as people come and go they have
> access to the network.  I am finding some people are camping on their
> connections, so that new leases are not available as new people show
> up.  
> 
> I am looking to limit the use of these campers, either by only allowing
> a certain number of lease renewals before imposing a refusal for a time,
> or better such that when a new request is made, the oldest connection is
> booted.
> 
> I have been searching on google and the man page for a while now, but I
> find no such option.

That's because there is no such option - it goes against the normal design gaols of DHCP which is to provide stable addressing to clients. If you look back through the archives you will find a few threads lately on similar requirements which may give you some ideas.

On your ideas, the first thing to remember is that the DHCP server does not filter the network - it provides addresses to the clients. Once the address is given out, in practical terms there is no way for the server to "boot a client off" - all it can do is refuse to renew a lease when the client tries to renew it.

I think the only way you might achieve your requirements would be to write a script which monitors goings on and externally blocks clients. Possibly watch the logs, and block clients by MAC address for a while. You might be able to get fail2ban to do it for you without much work.



More information about the dhcp-users mailing list