Hello ports@,

I am unable to get broadcast DHCP requests to be generated on openbsd
6.6 and 6.7 using the packaged versions of monitoring-plugins, which are
monitoring-plugins-2.2p8 and monitoring-plugins-2.2p9, respectively.

I have tested the package on a few different environments and it boils
down to this:

- unicast DHCP is working fine with something like: -i vio1 -v -t 3 -m
"52:54:00:f3:e9:cb" -r 10.10.0.10 -s 10.10.0.2 -u

- if the server runs something like
'/usr/local/libexec/nagios/check_dhcp -i vio1', which should be a
broadcast request:

  - packets will always exit through the first phsical ethernet
interface (e.g. vio0)

  - no reply received

- if the server runs something like
'/usr/local/libexec/nagios/check_dhcp -i vio0'

  - if the interface has no address, a packet will not be sent at all.
No local unicast addess needed with IPv4 broadcast DHCP client

  - if the interface has an address, no DHCP replies are ever received

Unicast-based DHCP monitoring works fine, but this type of monitoring
does not meet the criteria for rogue DHCP server detection.

Can anyone confirm/deny this before I get an opportunity to look at the
code?


Thanks,

-- 
Marcos Madeira

Reply via email to