Actually, according the the dhcrelay man page for ISC dhcpd 2.0(beta), the relay listens on UDP port 67 for DHCP broadcast requests. The ISC dhcrelay agent can also be told to bind to particular interfaces, rather than all of them. This, plus whatever ipfwadm/ipfilter equivalent you have, ought to be enough to secure dhcrelay as well as any other service can be secured. Get ISC dhcpd v2.0(beta) at ftp://ftp.isc.org/isc/dhcp/. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of David Gillett > Sent: Monday, March 01, 1999 5:14 PM > To: [EMAIL PROTECTED] > Subject: Re: dhcp > > > On 28 Feb 99, at 19:40, Matt Farwell wrote: > > > Does anyone know which ports and protocols are used in the DHCP > > process? If it matters we are running microsoft dhcp server. Even a > > reference to a place that I could find this info would be great. > > My list (compiled from various sources) shows DHCP using port 546 on > client, 547 on server, and 647 for "failover". It's shown under both > TCP and UDP. > Note, though, that I think this probably refers mainly to lease > renewal traffic. The initialization stuff uses broadcasts, and so you > need to enable DHCP relay on a dual-homed host to serve multiple > subnets, and I'm not sure how to mix a firewall with that. > > > David G > - > [To unsubscribe, send mail to [EMAIL PROTECTED] with > "unsubscribe firewalls" in the body of the message.] > - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
