El vie, 07-04-2017 a las 11:11 -0400, NetAdmin escribió: > El 07/04/2017 a las 10:23 a.m., Arley Consuegra Roselló escribió: > > En esta semana he estado presentando problemas con la asignación > > dinámica de las direcciones ip. > > Tengo mi ISC-DHCP-SERVER 4.3.1 sobre debian 8 repartiendo ips en el > > rango 192.168.0.0/24 > > y algunas pcs( con windows) están perdiendo sus direcciones y tomando > > otras en el rango 169.254.0.0/16 > > > > Hice un scan con el nmap y me devuelve > > > > Nmap scan report for 192.168.0.22 > > Host is up (-0.100s latency). > > PORT STATE SERVICE > > 67/udp open|filtered dhcps > > MAC Address: 00:1F:E2:07:37:87 (Hon Hai Precision Ind. Co.) > > > > Nmap scan report for 192.168.0.200 > > Host is up (0.0026s latency). > > PORT STATE SERVICE > > 67/udp open|filtered dhcps > > MAC Address: 08:00:27:3C:84:1F (Cadmus Computer Systems) > > > > En esas pcs no hay ningún dhcp montado. > > ¿¿¿¿Alguna idea.??? > Esto me lo ha clarificado todo jaja: > > Inbound Scan > > Typically this traffic is related to normal DHCP operation and is not an > attack on your network. DHCP (Dynamic Host Configuration Protocol) is > how your computer gets its unique IP address. When a system starts up > on a network it must first request an IP address (assume it is not using > a static IP address), and it does this by broadcasting a request to the > DHCP server: > > UDP 0.0.0.0:68 -> 255.255.255.255:67 > > since the requesting system doesn't have an IP address (why it is > asking) it uses 0.0.0.0 and since its new to the network it doesn't know > where the DHCP server is, so it broadcasts the request to the entire > network (255.255.255.255). On some networks you will see these requests > bounce off of your firewall (depending on your provider's network > configuration and if your router/firewall logs these requests), or your > firewall/router might log this traffic between it and your providers > DHCP server when it is getting or renewing its WAN IP address. > > The DHCP server then responds with something like: > > UDP 192.168.1.1:67 -> 255.255.255.255:68 > > This is typically a DHCP offer. NOTE it has to be broadcasted > (255.255.255.255) as the requesting system doesn't yet have an IP > address (its contained in the offer). The data in this transmission > contains the IP and other network configuration information that the > requesting system needs to connect to the network (lease time, Subnet > Mask, etc). Again on some networks you will see these bounce off of > your firewall (depending on your provider's network configuration and if > your router/firewall logs these), or your firewall/router might log this > traffic between it and your providers DHCP server when it is getting or > renewing its WAN IP address. > > Sometimes you will see something like: > > UDP 192.168.1.101:67 -> 192.168.1.1:68 > > as a request, followed by a reply > > UDP 192.168.1.1:68 -> 192.168.1.101:67 > > These are typically IP renewal requests, where a system has an IP > address and is asking to renew it (ie get the lease extended), or if its > not possible to renew the IP address to receive a new IP address from > the DHCP server. Since the requesting system knows where the DHCP > server is and it already has a current IP address the requests don't > need to use 0.0.0.0 and 255.255.255.255. > > Parece que cerraste el server dhcp y no dejaste abierto el 67 provocando > que tus PC clientes no puedan renovar el ip. Abre el 68 en los clientes > si los tienes cerrado tambien > ______________________________________________________________________ > Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba. > Gutl-l@jovenclub.cu > https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l
Revisaré el firewall de las pcs clientes, pues en el server el 67 esta abierto. iptables -A INPUT -i br0 --protocol udp --dport 67 --jump ACCEPT Gracias por las respuetas. -- Ing. Arley Consuegra Roselló. Administrador de red de la UEB MATHISA Granma. ______________________________________________________________________ Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba. Gutl-l@jovenclub.cu https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l