El vie, 07-04-2017 a las 11:11 -0400, NetAdmin escribió:
> El 07/04/2017 a las 10:23 a.m., Arley Consuegra Roselló escribió:
> > En esta semana he estado presentando problemas con la asignación
> > dinámica de las direcciones ip.
> > Tengo mi ISC-DHCP-SERVER 4.3.1 sobre debian 8 repartiendo ips en el
> > rango 192.168.0.0/24
> > y algunas pcs( con windows) están perdiendo sus direcciones y tomando
> > otras en el rango 169.254.0.0/16
> >
> > Hice un scan con el nmap y me devuelve
> >
> > Nmap scan report for 192.168.0.22
> > Host is up (-0.100s latency).
> > PORT STATE SERVICE
> > 67/udp open|filtered dhcps
> > MAC Address: 00:1F:E2:07:37:87 (Hon Hai Precision Ind. Co.)
> >
> > Nmap scan report for 192.168.0.200
> > Host is up (0.0026s latency).
> > PORT STATE SERVICE
> > 67/udp open|filtered dhcps
> > MAC Address: 08:00:27:3C:84:1F (Cadmus Computer Systems)
> >
> > En esas pcs no hay ningún dhcp montado.
> > ¿¿¿¿Alguna idea.???
> Esto me lo ha clarificado todo jaja:
>
> Inbound Scan
>
> Typically this traffic is related to normal DHCP operation and is not an
> attack on your network. DHCP (Dynamic Host Configuration Protocol) is
> how your computer gets its unique IP address. When a system starts up
> on a network it must first request an IP address (assume it is not using
> a static IP address), and it does this by broadcasting a request to the
> DHCP server:
>
> UDP 0.0.0.0:68 -> 255.255.255.255:67
>
> since the requesting system doesn't have an IP address (why it is
> asking) it uses 0.0.0.0 and since its new to the network it doesn't know
> where the DHCP server is, so it broadcasts the request to the entire
> network (255.255.255.255). On some networks you will see these requests
> bounce off of your firewall (depending on your provider's network
> configuration and if your router/firewall logs these requests), or your
> firewall/router might log this traffic between it and your providers
> DHCP server when it is getting or renewing its WAN IP address.
>
> The DHCP server then responds with something like:
>
> UDP 192.168.1.1:67 -> 255.255.255.255:68
>
> This is typically a DHCP offer. NOTE it has to be broadcasted
> (255.255.255.255) as the requesting system doesn't yet have an IP
> address (its contained in the offer). The data in this transmission
> contains the IP and other network configuration information that the
> requesting system needs to connect to the network (lease time, Subnet
> Mask, etc). Again on some networks you will see these bounce off of
> your firewall (depending on your provider's network configuration and if
> your router/firewall logs these), or your firewall/router might log this
> traffic between it and your providers DHCP server when it is getting or
> renewing its WAN IP address.
>
> Sometimes you will see something like:
>
> UDP 192.168.1.101:67 -> 192.168.1.1:68
>
> as a request, followed by a reply
>
> UDP 192.168.1.1:68 -> 192.168.1.101:67
>
> These are typically IP renewal requests, where a system has an IP
> address and is asking to renew it (ie get the lease extended), or if its
> not possible to renew the IP address to receive a new IP address from
> the DHCP server. Since the requesting system knows where the DHCP
> server is and it already has a current IP address the requests don't
> need to use 0.0.0.0 and 255.255.255.255.
>
> Parece que cerraste el server dhcp y no dejaste abierto el 67 provocando
> que tus PC clientes no puedan renovar el ip. Abre el 68 en los clientes
> si los tienes cerrado tambien
> ______________________________________________________________________
> Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba.
> Gutl-l@jovenclub.cu
> https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l
Revisaré el firewall de las pcs clientes, pues en el server el 67 esta
abierto.
iptables -A INPUT -i br0 --protocol udp --dport 67 --jump ACCEPT
Gracias por las respuetas.
--
Ing. Arley Consuegra Roselló.
Administrador de red de la
UEB MATHISA Granma.
______________________________________________________________________
Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba.
Gutl-l@jovenclub.cu
https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l
