extension to my other post:<br><br>Assume I have thousands of printers and maybe some ot that printers have this behavior. So I dont know exact what printer it will be in future? Its like a time bomb. My home ist more the CISCO side and there I could for example do DHCP Snooping where I can also set an amount of maximum dhcp requests per client per switch-port.<br>
<br>But instead of configuring the security thousand time on the switch side I want to do it on the central side - the server. So I look for an automatism that trigger some action in case of too much dhcp requests from a client. <br>
<br>Hope you understand me now.<br><br>thanx a lot,<br>cheers,<br><br>ps: I know that so many packets are also bad for the LAN but this is another story :-) (departement)<br><br><br><div class="gmail_quote">2011/2/3 Jürgen Dietl <span dir="ltr"><<a href="mailto:juergen.dietl@googlemail.com">juergen.dietl@googlemail.com</a>></span><br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Hello Alex,<br><br>no you are not dumb. I did a mistake in understanding and sorry for that. The client gets only ONE IP Address but this 590.000 times. So I have a very big log file etc. and the cpu usage is also very high.<br>
<br>Concerning the ip-table proposal:<br><br>Is there a way to ignore a special amount of packets with ip table? I dont want to block all the packets from the client. Can you maybe post an example for IP-Tables?<div class="im">
<br><br>thanx a lot,<br>
cheers,<br>Juergen<br><br><br></div><div class="gmail_quote">2011/2/3 Alex Bligh <span dir="ltr"><<a href="mailto:alex@alex.org.uk" target="_blank">alex@alex.org.uk</a>></span><div><div></div><div class="h5"><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div><br>
<br>
--On 3 February 2011 10:41:11 +0100 Jürgen Dietl <<a href="mailto:juergen.dietl@googlemail.com" target="_blank">juergen.dietl@googlemail.com</a>> wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
Till somebody powered off the printer the dhcp server got 590.000 dhcp<br>
requests. Of course the pool was empty.<br>
</blockquote>
<br></div>
Perhaps I am being a bit dumb here, but if the same device re-requests<br>
an IP address, isn't it going to get the same entry from the pool (assuming<br>
mac address and client-id are the same). If not, can you not segregate<br>
it by assigning it a fixed IP? I am taking it configuring the printer<br>
with a fixed IP is not an option.<br>
<br>
If your dhcp server never needs to talk to the printer at all, you<br>
can just ignore dhcp packets using ip tables filtering based<br>
on MAC address. That would work well if you configured it with a static IP.<br>
<br>
-- <br><font color="#888888">
Alex Bligh</font><div><div></div><div><br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a href="mailto:dhcp-users@lists.isc.org" target="_blank">dhcp-users@lists.isc.org</a><br>
<a href="https://lists.isc.org/mailman/listinfo/dhcp-users" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a></div></div></blockquote></div></div></div><br>
</blockquote></div><br>