<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFCC" text="#000000">
A rogue server can be e.g. some unauthorised router or a linux
system put up by a non technical person.<br>
<br>
The rogue server will receive the same discover message as they are
broadcast and be faster to answer so the PC will take the first
offer and ignore your authorised server. These things can be hard to
locate if you are not aware tat they may exist.<br>
<br>
But as said by Grace - IP169.254.x.x clearly indicates that no DHCP
server has responded.<br>
<br>
<div class="moz-cite-prefix">On 26/02/13 18:07, Héctor Herrera
wrote:<br>
</div>
<blockquote
cite="mid:CAOK04MZ2yoxNxeUc8sZtgZ_jhBd+fniNgDX-_up1abt57uvs5w@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>
<div>@Grace: The wired network it works. It has the IP
169.254.150.144. And I'm sure the cable works properly,
when I tried static IP configuration on my PC and on the
server, I can connect the server by SSH.<br>
<br>
</div>
@Sten: What do you mean by 'Rogue server'? <br>
</div>
About the logs, I have only information about listening in
eth0. Here's the log of /var/log/messages:<br>
<br>
Feb 26 11:46:42 communication-server kernel: [ 5842.440825]
eth0: link down<br>
Feb 26 11:46:54 communication-server kernel: [ 5853.997185]
eth0: link up, 100Mbps, full-duplex, lpa 0xCDE1<br>
Feb 26 11:47:47 communication-server kernel: [ 5907.387040]
ip_tables: (C) 2000-2006 Netfilter Core Team<br>
Feb 26 11:48:04 communication-server kernel: [ 5923.659054]
nf_conntrack version 0.5.0 (16139 buckets, 64556 max)<br>
Feb 26 11:48:04 communication-server kernel: [ 5923.659917]
CONFIG_NF_CT_ACCT is deprecated and will be removed soon.
Please use<br>
Feb 26 11:48:04 communication-server kernel: [ 5923.659922]
nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack
module option or<br>
Feb 26 11:48:04 communication-server kernel: [ 5923.659925]
sysctl net.netfilter.nf_conntrack_acct=1 to enable it.<br>
Feb 26 12:23:26 communication-server kernel: [ 8045.972235]
device eth0 entered promiscuous mode<br>
Feb 26 12:23:36 communication-server kernel: [ 8055.894186]
eth0: link down<br>
Feb 26 12:23:41 communication-server kernel: [ 8060.958909]
eth0: link up, 100Mbps, full-duplex, lpa 0xCDE1<br>
Feb 26 12:58:15 communication-server kernel: [10134.684416]
device eth0 left promiscuous mode<br>
<br>
<br>
</div>
Should I use eth0 on promiscuous mode? I've tried that, but
isn't working... And about the sniffing, my server listens for
any DHCP query on eth0, so I used ngrep -d eth0 (listen all the
traffic on eth0), and nothing...<br>
</div>
<div class="gmail_extra"><br>
<br>
<div class="gmail_quote">2013/2/26 Sten Carlsen <span dir="ltr"><<a
moz-do-not-send="true" href="mailto:stenc@s-carlsen.dk"
target="_blank">stenc@s-carlsen.dk</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFCC" text="#000000"> Just a thought: Rogue
DHCP server?<br>
<br>
Server logs, will contain info if discover is received.<br>
<br>
sniffing at the server to see if any discover packets
arrive.
<div>
<div class="h5"><br>
<br>
<div>On 26/02/13 16:57, Héctor Herrera wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">I had tested with static. It works.
Both cards (in the DHCP server) are working fine.
And also I tried to catch with a sniffer in the
network between Win7 and my DHCP server, and I got
nothing :(<br>
</div>
<div class="gmail_extra"> <br>
<br>
<div class="gmail_quote">2013/2/26 Łukasz
Siemiradzki <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:lukasz.siemiradzki@gmail.com"
target="_blank">lukasz.siemiradzki@gmail.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">
<div>Hello!<br>
Are you sure that your problem lies on
DHCP level? Have you tested the
connectivity between windows 7 client and
the dhcp server using static addresses?<br>
</div>
<div>If so and there is connectivity - can
you start sniffer (i.e. wireshark) on
Win7, configure it to listen on an active
interface and gather data?<br>
</div>
<div>BR<br>
ŁS<br>
</div>
</div>
<div class="gmail_extra">
<div>
<div><br>
<br>
<div class="gmail_quote">2013/2/26
Héctor Herrera <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:hherreraa@gmail.com"
target="_blank">hherreraa@gmail.com</a>></span><br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div dir="ltr">
<div>
<div>Well, I assume the trouble
here is Win7. But, why? That's
my question. I don't
understand why Win7 isn't
asking the DHCP server for an
IP address. (Or maybe is the
DHCP server the trouble? I
don't really understand it,
that's why isn't so clear my
question)<br>
<br>
</div>
I'm trying to collect
information in the network
between my Win7 test machine and
the server. The network is dead,
I haven't received any
information. And I'm renewing
all the connections in Win7
(ipconfig /renew).<br>
<br>
</div>
BTW, I tried with both ethernet
interfaces for the IP information
(I configured the server on eth0
and eth1), without good results. I
dunno what else can I do. Do you
have any ideas?<br>
</div>
<div class="gmail_extra"> <br>
<br>
<div class="gmail_quote">2013/2/26
Oskar Berggren <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:oskar.berggren@gmail.com"
target="_blank">oskar.berggren@gmail.com</a>></span><br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex"> You
started with "unable to send
IP addresses to Win7" but with
your<br>
latest info it seems like the
proper question is the
reverse: "why<br>
can't win7 send DHCP requests
to my DHCP server?".<br>
<br>
Is Win7 configured to use
DHCP?<br>
If you use wireshark or
tcpdump on Win7 and on the
DHCP server, do you<br>
see any DHCPDISCOVER from the
Win7 machine?<br>
<br>
/Oskar<br>
<br>
<br>
2013/2/26 Héctor Herrera <<a
moz-do-not-send="true"
href="mailto:hherreraa@gmail.com"
target="_blank">hherreraa@gmail.com</a>>:<br>
<div>
<div>> That´s the
trouble, I haven't any
information about Windows
7 asking for an<br>
> IP to my server.<br>
><br>
> This is my
dhcpd.conf. It's really
basic because I want,
first of all, the<br>
> service working:<br>
><br>
> option domain-name "<a
moz-do-not-send="true"
href="http://galatea.cl"
target="_blank">galatea.cl</a>";<br>
> option
domain-name-servers
8.8.8.8, 200.62.222.222;<br>
> option routers
192.168.1.1;<br>
> default-lease-time
600;<br>
> max-lease-time 7200;<br>
> server-identifier
192.168.1.1;<br>
> #ddns-update-style
none;<br>
> authoritative;<br>
> log-facility local7;<br>
><br>
> subnet 192.168.1.0
netmask 255.255.255.0 {<br>
> range
192.168.1.15
192.168.1.100;<br>
> }<br>
><br>
> I have some rules on
iptables too:<br>
><br>
> Generated by
iptables-save v1.4.8 on
Tue Feb 26 11:48:15 2013<br>
> *nat<br>
> :PREROUTING ACCEPT
[4:312]<br>
> :POSTROUTING ACCEPT
[0:0]<br>
> :OUTPUT ACCEPT [0:0]<br>
> -A PREROUTING -s <a
moz-do-not-send="true"
href="http://192.168.0.0/24"
target="_blank">192.168.0.0/24</a>
-p tcp -m tcp --dport 80
-j REDIRECT<br>
> --to-ports 3128<br>
> -A PREROUTING -s <a
moz-do-not-send="true"
href="http://192.168.1.0/24"
target="_blank">192.168.1.0/24</a>
-p tcp -m tcp --dport 80
-j REDIRECT<br>
> --to-ports 3128<br>
> COMMIT<br>
> # Completed on Tue
Feb 26 11:48:15 2013<br>
> # Generated by
iptables-save v1.4.8 on
Tue Feb 26 11:48:15 2013<br>
> *filter<br>
> :INPUT ACCEPT
[27:2066]<br>
> :FORWARD ACCEPT [0:0]<br>
> :OUTPUT ACCEPT
[13:1324]<br>
> -A INPUT -i eth1 -p
tcp -m state --state NEW
-m tcp --dport 3128 -j
ACCEPT<br>
> COMMIT<br>
> # Completed on Tue
Feb 26 11:48:15 2013<br>
><br>
> I don't have any
other information. As I
said, the logs doesn't
show me<br>
> information about
Win7. Oh, and Win7 hasn't
active the Firewall
Service.<br>
><br>
><br>
> 2013/2/26 Steven Carr
<<a
moz-do-not-send="true"
href="mailto:sjcarr@gmail.com"
target="_blank">sjcarr@gmail.com</a>><br>
>><br>
>> Can you see the
requests coming in to the
DHCP server from the
Windows<br>
>> 7 client? and can
you also perform a packet
capture on the Windows 7<br>
>> machine to see if
it is receiving the
responses from the DHCP
server.<br>
>> If you can upload
the logs (sanitised) and
the packet capture then I<br>
>> can have a look.<br>
>><br>
>> Steve<br>
>><br>
>><br>
>> On 26 February
2013 13:10, Héctor Herrera
<<a
moz-do-not-send="true"
href="mailto:hherreraa@gmail.com"
target="_blank">hherreraa@gmail.com</a>>
wrote:<br>
>> > Greetings to
all!<br>
>> ><br>
>> > I have an
issue with DHCP and Win7.
I'm working with Debian
6.0.6, and<br>
>> > I''m<br>
>> > trying to
mount a DHCP server on it
(DHCP ver. 4.1.1). But I'm
unable to<br>
>> > send IP
addresses to Win7
machines. I tried with
other OS (specifically<br>
>> > Arch<br>
>> > Linux and
WinXP), and the server
sends IP addresses to
them, but with<br>
>> > Win7... I
cannot<br>
>> ><br>
>> > May someone
knows how to handle it?
And if it so, can someone
send some<br>
>> > information?<br>
>> ><br>
>> > Thanks to
all!<br>
>> ><br>
>> > P.D: Sorry
about the English, it
isn't my first language :P<br>
>> ><br>
>> > --<br>
>> > Saludos<br>
>> ><br>
>> > Héctor
Herrera Anabalón<br>
>> > Egresado
ICCI UNAP<br>
>> > Servicio
Arquitectura Galatea -
Oficina Técnica <a
moz-do-not-send="true"
href="http://www.galatea.cl"
target="_blank">http://www.galatea.cl</a><br>
>> > Miembro
USoLIX Victoria<br>
>> > Registered
User #548600
(LinuxCounter.net)<br>
>> ><br>
>> >
_______________________________________________<br>
>> > dhcp-users
mailing list<br>
>> > <a
moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org"
target="_blank">dhcp-users@lists.isc.org</a><br>
>> > <a
moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
>>
_______________________________________________<br>
>> dhcp-users
mailing list<br>
>> <a
moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org"
target="_blank">dhcp-users@lists.isc.org</a><br>
>> <a
moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
><br>
><br>
><br>
><br>
> --<br>
> Saludos<br>
><br>
> Héctor Herrera
Anabalón<br>
> Egresado ICCI UNAP<br>
> Servicio Arquitectura
Galatea - Oficina Técnica
<a moz-do-not-send="true"
href="http://www.galatea.cl" target="_blank">http://www.galatea.cl</a><br>
> Miembro USoLIX
Victoria<br>
> Registered User
#548600 (LinuxCounter.net)<br>
><br>
>
_______________________________________________<br>
> dhcp-users mailing
list<br>
> <a
moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org"
target="_blank">dhcp-users@lists.isc.org</a><br>
> <a
moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org" target="_blank">dhcp-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><span><font
color="#888888"><br>
</font></span></div>
</div>
</blockquote>
</div>
<span><font color="#888888"><br>
<br clear="all">
<br>
-- <br>
<div>Saludos</div>
<div><br>
<font size="4"><b>Héctor
Herrera Anabalón</b></font><br>
Egresado ICCI UNAP</div>
<div>Servicio Arquitectura
Galatea - Oficina Técnica <a
moz-do-not-send="true"
href="http://www.galatea.cl"
target="_blank">http://www.galatea.cl</a></div>
<div>Miembro USoLIX Victoria</div>
<div>Registered User #<span>548600
(</span><span>LinuxCounter.net)</span></div>
</font></span></div>
<br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org"
target="_blank">dhcp-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<br>
</div>
</div>
"Omnes homines natura scire desiderant"<br>
Aristotelis </div>
<br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org"
target="_blank">dhcp-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div>Saludos</div>
<div><br>
<font size="4"><b>Héctor Herrera Anabalón</b></font><br>
Egresado ICCI UNAP</div>
<div>Servicio Arquitectura Galatea - Oficina
Técnica <a moz-do-not-send="true"
href="http://www.galatea.cl" target="_blank">http://www.galatea.cl</a></div>
<div>Miembro USoLIX Victoria</div>
<div>Registered User #<span>548600 (</span><span>LinuxCounter.net)</span></div>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
dhcp-users mailing list
<a moz-do-not-send="true" href="mailto:dhcp-users@lists.isc.org" target="_blank">dhcp-users@lists.isc.org</a>
<a moz-do-not-send="true" href="https://lists.isc.org/mailman/listinfo/dhcp-users" target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a></pre>
</blockquote>
<br>
</div>
</div>
<span class="HOEnZb"><font color="#888888">
<pre cols="72">--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
</pre>
</font></span></div>
<br>
_______________________________________________<br>
dhcp-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/dhcp-users"
target="_blank">https://lists.isc.org/mailman/listinfo/dhcp-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div>Saludos</div>
<div><br>
<font size="4"><b>Héctor Herrera Anabalón</b></font><br>
Egresado ICCI UNAP</div>
<div>Servicio Arquitectura Galatea - Oficina Técnica <a
moz-do-not-send="true" href="http://www.galatea.cl"
target="_blank">http://www.galatea.cl</a></div>
<div>Miembro USoLIX Victoria</div>
<div>Registered User #<span>548600 (</span><span>LinuxCounter.net)</span></div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
dhcp-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/dhcp-users">https://lists.isc.org/mailman/listinfo/dhcp-users</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
</pre>
</body>
</html>