09-09-2015 04:09 AM - edited 03-08-2019 01:42 AM
Hi,
Since last few days our network users have been complaining about no network access. When their computers are checked, they are found to be having fetched wrong DNS IPs (82.163.143.169 &
82.163.142.171) from the DHCP server, while these address do not belong to our network anywhere.
Why is this happening. Is this some kind of Security concern or something like that? Any feedback provided will be much appreciated .
Thanks
Solved! Go to Solution.
09-09-2015 04:40 AM
This problem is spread across the whole campus network. It is not just limited to a single distribution switch, but across users connected to different distribution switches.
What's the point?
If someone has spun up a rogue DHCP server and pumping stupid DHCP options, anything can happen.
Enable DHCP Snooping in the core switch and observer for any improvements.
09-09-2015 04:26 AM
Someone may have spun up a rogue DHCP server.
Security concern, you bet!
09-09-2015 04:34 AM
Hi Leo,
This problem is spread across the whole campus network. It is not just limited to a single distribution switch, but across users connected to different distribution switches.
09-09-2015 04:40 AM
This problem is spread across the whole campus network. It is not just limited to a single distribution switch, but across users connected to different distribution switches.
What's the point?
If someone has spun up a rogue DHCP server and pumping stupid DHCP options, anything can happen.
Enable DHCP Snooping in the core switch and observer for any improvements.
09-09-2015 04:51 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide