To assign 10.5.2.100 static IP address for the existing DHCP client (shown in the lease table as item
#0):
[admin@MikroTik] ip dhcp-server lease> print
Flags: X - disabled, H - hotspot, D - dynamic
# ADDRESS MAC-ADDRESS EXPIRES-AFTER SERVER STATUS
0 D 10.5.2.90 00:04:EA:C6:0E:40 1h48m59s switch bound
1 D 10.5.2.91 00:04:EA:99:63:C0 1h42m51s switch bound
[admin@MikroTik] ip dhcp-server lease> add copy-from=0 address=10.5.2.100
[admin@MikroTik] ip dhcp-server lease> print
Flags: X - disabled, H - hotspot, D - dynamic
# ADDRESS MAC-ADDRESS EXPIRES-AFTER SERVER STATUS
1 D 10.5.2.91 00:04:EA:99:63:C0 1h42m18s switch bound
2 10.5.2.100 00:04:EA:C6:0E:40 1h48m26s switch bound
[admin@MikroTik] ip dhcp-server lease>
DHCP Alert
Home menu level: /ip dhcp-server alert
Description
To find any rogue DHCP servers as soon as they appear in your network, DHCP Alert tool can be
used. It will monitor ethernet for all DHCP replies and check, whether this reply comes from a valid
DHCP server. If reply from unknown DHCP server is detected, alert gets triggered:
[admin@MikroTik] ip dhcp-server alert>/log print
00:34:23 dhcp,critical,error,warning,info,debug dhcp alert on Public:
discovered unknown dhcp server, mac 00:02:29:60:36:E7, ip 10.5.8.236
[admin@MikroTik] ip dhcp-server alert>
When the system alerts about a rogue DHCP server, it can execute a custom script.
As DHCP replies can be unicast, rogue dhcp detector may not receive any offer to other dhcp
clients at all. To deal with this, rogue dhcp server acts as a dhcp client as well - it sends out dhcp
discover requests once a minute
Property Description
alert-timeout ( none | time ; default: none ) - time, after which alert will be forgotten. If after that
time the same server will be detected, new alert will be generated
• none - infinite time
interface ( name ) - interface, on which to run rogue DHCP server finder
invalid-server ( read-only: text ) - list of MAC addresses of detected unknown DHCP servers.
Server is removed from this list after alert-timeout
on-alert ( text ) - script to run, when an unknown DHCP server is detected
valid-server ( text ) - list of MAC addresses of valid DHCP servers
Notes
All alerts on an interface can be cleared at any time using command: /ip dhcp-server alert
reset-alert <interface>
Page 489 of 695
Copyright 1999-2007, MikroTik. All rights reserved. Mikrotik, RouterOS and RouterBOARD are trademarks of Mikrotikls SIA.
Other trademarks and registred trademarks mentioned herein are properties of their respective owners.
To Next Page
Loading...
General