I have 2 DHCP servers available on my network, one is an active VPN gateway, which I'm trying to connect my Linux client. By default, the client receives an IP address from the non-VPN server. How do I configure the client to use a specific DHCP server?
1
-
Which DHCP client are you using on your Linux system? There are several.– grawity_u1686Commented Sep 26, 2023 at 20:56
Add a comment
|
2 Answers
On the wrong DHCP server create a rule that blocks port 67 and 68 for the MAC address of the device you don't want to have an IP assigned.
OR
On your PC block outbound and inbound packets on 67 and 68 to or from the mac address of the incorrect DHCP server.
answered Sep 27, 2023 at 13:40
The DHCP protocol allows for multiple DHCP servers on the same network, so a client's DHCP Discover packet may receive more than one DHCP Offer packet in response (one from each server), and the client must pick one to respond to with its DHCP Request packet. However, the standard doesn't specify how the client should pick. It's left as an implementation detail, and every DHCP client implementation may be different. So you'll have to check the documentation or source code of the DHCP client you are using to see if, and how, your particular DHCP client software lets you pick.
I've known more than one DHCP client implementation that would always pick the Offer with the longer list of DHCP Options (that is, the one trying to remotely configure more settings on the client), under the assumption it comes from a more sophisticated corporate DHCP server and is more likely to be "correct". The thinking was that in most cases, multiple Offers isn't intentional, and it meant someone accidentally started up Internet Sharing on a Windows PC or Mac on the corporate LAN, or plugged in their own unauthorized wireless router into the company LAN. Those "accidental" DHCP servers are less likely to want to set a bunch of client settings via DHCP, so their Offers are less likely to be the ones you want to accept as compared to the one with lots of Options. So you might be able to fix this from the server end by configuring the VPN server's DHCP server to set lots of DHCP Options, like telling you what WINS and LDAP and NTP servers to use.
